| CVE ID | Exploitable | Vendor | Product | Vulnerability | Date added |
|---|---|---|---|---|---|
| CVE-2026-20127 | True | Cisco | Catalyst SD-WAN Controller and Manager | Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability | 2026-02-25 00:00:00 |
| CVE-2022-20775 | True | Cisco | SD-WAN | Cisco SD-WAN Path Traversal Vulnerability | 2026-02-25 00:00:00 |
| CVE-2026-25108 | True | Soliton Systems K.K | FileZen | Soliton Systems K.K FileZen OS Command Injection Vulnerability | 2026-02-24 00:00:00 |
| CVE-2025-68461 | True | Roundcube | Webmail | RoundCube Webmail Cross-site Scripting Vulnerability | 2026-02-20 00:00:00 |
| CVE-2025-49113 | True | Roundcube | Webmail | RoundCube Webmail Deserialization of Untrusted Data Vulnerability | 2026-02-20 00:00:00 |
| CVE-2026-22769 | True | Dell | RecoverPoint for Virtual Machines (RP4VMs) | Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability | 2026-02-18 00:00:00 |
| CVE-2021-22175 | True | GitLab | GitLab | GitLab Server-Side Request Forgery (SSRF) Vulnerability | 2026-02-18 00:00:00 |
| CVE-2026-2441 | True | Chromium | Google Chromium CSS Use-After-Free Vulnerability | 2026-02-17 00:00:00 | |
| CVE-2008-0015 | True | Microsoft | Windows | Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability | 2026-02-17 00:00:00 |
| CVE-2024-7694 | True | TeamT5 | ThreatSonar Anti-Ransomware | TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability | 2026-02-17 00:00:00 |
| CVE-2020-7796 | True | Synacor | Zimbra Collaboration Suite | Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability | 2026-02-17 00:00:00 |
| CVE-2026-1731 | True | BeyondTrust | Remote Support (RS) and Privileged Remote Access (PRA) | BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability | 2026-02-13 00:00:00 |
| CVE-2025-40536 | True | SolarWinds | Web Help Desk | SolarWinds Web Help Desk Security Control Bypass Vulnerability | 2026-02-12 00:00:00 |
| CVE-2025-15556 | True | Notepad++ | Notepad++ | Notepad++ Download of Code Without Integrity Check Vulnerability | 2026-02-12 00:00:00 |
| CVE-2024-43468 | True | Microsoft | Configuration Manager | Microsoft Configuration Manager SQL Injection Vulnerability | 2026-02-12 00:00:00 |
| CVE-2026-20700 | True | Apple | Multiple Products | Apple Multiple Buffer Overflow Vulnerability | 2026-02-12 00:00:00 |
| CVE-2026-21514 | True | Microsoft | Office | Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability | 2026-02-10 00:00:00 |
| CVE-2026-21519 | True | Microsoft | Windows | Microsoft Windows Type Confusion Vulnerability | 2026-02-10 00:00:00 |
| CVE-2026-21533 | True | Microsoft | Windows | Microsoft Windows Improper Privilege Management Vulnerability | 2026-02-10 00:00:00 |
| CVE-2026-21510 | True | Microsoft | Windows | Microsoft Windows Shell Protection Mechanism Failure Vulnerability | 2026-02-10 00:00:00 |
AVET INS is an owner of VULNDBASE brand and website. This product uses data from the NVD API but is not endorsed or certified by the NVD. See NVD page for more information. CVE is a registered trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE site. CWE is a registered trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE page. KEV (Known Exploited Vulnerabilities) is a catalog maintained by CISA. EUVD is the official EU repository for timely, curated cybersecurity vulnerability intelligence and remediation guidance run by ENISA. DORA (Digital Operational Resilience Act) is and EU directive.
Copyright AVET INS 1997 - 2026