CVEDatabase.com Logo

SearchCVE Vulnerabilities withAI-Powered Remediation Guidance

Powerful Analysis Tools

Everything you need to secure your infrastructure

Bulk Analysis

Batch process CVEs instantly with EPSS & KEV status.

Patch Tuesday

Monthly security update highlights and critical patch analysis.

AI-Powered Remediation

Intelligent remediation guidance with tailored patch recommendations.

Export Options

Download reports in JSON, CSV, and Markdown formats.

JIRA Integration

Copy to JIRA format with action items and steps.

GitHub Issues

Create GitHub issues with formatted reports.

CVE Trends & Highlights

Timeframe:
#1
CVE-2025-10878
CRITICAL

A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 before 2026-01-26. The username and password paramet...

Feb 3
10.0CVSS
#2
CVE-2025-68121
CRITICAL

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the re...

Feb 5
10.0CVSS
#3
CVE-2026-22769
CRITICAL

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an...

Feb 17
10.0CVSS
#4
CVE-2026-21718
CRITICAL

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication req...

5 days ago
10.0CVSS
#5
CVE-2026-2760
CRITICAL

Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115....

Feb 24
10.0CVSS
#6
CVE-2026-2761
CRITICAL

Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird ...

Feb 24
10.0CVSS
#7
CVE-2026-2768
CRITICAL

Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird ...

Feb 24
10.0CVSS
#8
CVE-2026-2776
CRITICAL

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox...

Feb 24
10.0CVSS
#9
CVE-2026-2778
CRITICAL

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33,...

Feb 24
10.0CVSS
#10
CVE-2026-26222
CRITICAL

Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remoting endpoints over TCP and HTTP/SOAP via Altec.RDCHo...

Feb 24
10.0CVSS
#11
CVE-2026-20127
CRITICAL

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly...

6 days ago
10.0CVSS
#12
CVE-2025-59818
CRITICAL

This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.

Feb 4
10.0CVSS
#13
CVE-2026-26333
CRITICAL

Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default Object...

Feb 13
10.0CVSS
#14
CVE-2026-25641
CRITICAL

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the ...

Feb 6
10.0CVSS
#15
CVE-2026-25893
CRITICAL

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an un...

Feb 9
10.0CVSS
#16
CVE-2026-26216
CRITICAL

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks param...

Feb 12
10.0CVSS
#17
CVE-2026-1731
CRITICAL

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code executi...

Feb 6
9.9CVSS
#18
CVE-2026-27702
CRITICAL

Budibase is a low code platform for creating internal tools, workflows, and admin panels. Prior to version 3.30.4, an unsafe `eval()` vulnerability in...

6 days ago
9.9CVSS
#19
CVE-2026-0488
CRITICAL

An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorize...

Feb 10
9.9CVSS
#20
CVE-2022-50981
CRITICAL

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is n...

Feb 2
9.8CVSS

Latest from the Blog

View All
The Weekly Cybersecurity Brief: February 27th, 2026
newsFebruary 27, 2026

The Weekly Cybersecurity Brief: February 27th, 2026

Dell RecoverPoint zero-day enables root persistence in the wild, critical patches for Ivanti EPMM and Google Chrome, breaches at Figure Technology Solutions and PayPal, and why backup and recovery systems are becoming prime targets.

Read More
Why Old CVEs Are Still Your Biggest Security Risk
analysisFebruary 16, 2026

Why Old CVEs Are Still Your Biggest Security Risk

There's a comforting myth in cybersecurity: that the most dangerous threats are the newest ones. What actually causes breaches, ransomware, and long, awkward incident calls is something far less exciting — old vulnerabilities that never got fixed.

Read More
The Weekly Cybersecurity Brief: February 13th, 2026
newsFebruary 13, 2026

The Weekly Cybersecurity Brief: February 13th, 2026

Six actively exploited Microsoft zero-days hit February Patch Tuesday, critical CVEs in SAP CRM, Catalyst, and Apache Druid demand immediate patching, and Anywhere Real Estate discloses a 17,000-record ERP breach.

Read More
NIST NVD • CISA KEV • EPSS