📅 Weekly CVE Roundup
February 2 - February 8, 2026
🔴 Critical & High Severity Vulnerabilities
These are the most dangerous vulnerabilities disclosed this week. Prioritize patching these.
CVE-2026-25142 is a critical sandbox escape vulnerability in SandboxJS library versions before 0.8.27. Attackers can use the __lookupGetter__ method t...
Feb 2Signal K Server versions before 1.5.0 contain a command injection vulnerability in the set-system-time plugin that allows authenticated users with wri...
Feb 2This SQL injection vulnerability in Martcode Software's Delta Course Automation allows attackers to execute arbitrary SQL commands on the database. Al...
Feb 4A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without proper authentication, leading to stored cross-site scriptin...
Feb 2MagicINFO 9 Server versions below 21.1090.1 contain hardcoded database credentials, allowing attackers to authenticate and manipulate the database. Th...
Feb 2The User Profile Builder WordPress plugin before version 3.15.2 has an improper password reset mechanism that allows unauthenticated attackers to rese...
Feb 2CVE-2026-20418 is a critical out-of-bounds write vulnerability in Thread protocol implementations that allows remote attackers to execute arbitrary co...
Feb 2CVE-2022-50981 allows unauthenticated remote attackers to gain full administrative access to affected devices because they ship without a default pass...
Feb 2This vulnerability in vLLM allows attackers to leak heap memory addresses by sending invalid images to the multimodal endpoint, which reduces ASLR ent...
Feb 2A stack-based buffer overflow vulnerability in ELECOM wireless LAN access point devices allows remote attackers to execute arbitrary code by sending s...
Feb 3This CVE describes a Local File Inclusion vulnerability in the lollms-webui application that allows attackers to execute arbitrary Python code remotel...
Feb 2In lunary-ai/lunary version 1.2.2, a privilege escalation vulnerability allows users with 'viewer' role to hijack other user accounts by obtaining pas...
Feb 2This CVE describes a privilege escalation vulnerability in MediaTek wlan STA drivers where missing bounds checks allow local attackers to gain elevate...
Feb 2This vulnerability in h2o-3 allows remote attackers to write arbitrary data to any file on the server, potentially leading to remote code execution an...
Feb 2The NixOS Odoo package exposes the database manager without authentication, allowing unauthorized actors to delete or download the entire database and...
Feb 2This CVE describes a heap buffer overflow vulnerability in wlan (wireless LAN) components that allows remote attackers to execute arbitrary code witho...
Feb 2The SportsPress WordPress plugin has a Local File Inclusion vulnerability in all versions up to 2.7.26. Authenticated attackers with contributor-level...
Feb 4CVE-2026-24788 is an OS command injection vulnerability in RaspAP raspap-webgui that allows authenticated users to execute arbitrary commands on the u...
Feb 2An unauthenticated attacker can upload arbitrary files to MagicInfo9 Server, leading to remote code execution and privilege escalation. This affects M...
Feb 2This vulnerability allows local privilege escalation on macOS systems running Native Access. A low-privileged user can exploit DYLIB injection in the ...
Feb 2This vulnerability allows an unauthenticated remote attacker to hijack existing user sessions and gain full administrative access to affected devices....
Feb 2OpenClaw (formerly Clawdbot) versions prior to 2026.1.29 contain a command injection vulnerability in the Docker sandbox execution mechanism. Authenti...
Feb 2OpenList Frontend versions before 4.1.10 contain a path traversal vulnerability in file operation handlers that allows authenticated attackers to bypa...
Feb 2This SQL injection vulnerability in AKCE Software's SKSPro allows attackers to execute arbitrary SQL commands on the database. All SKSPro installation...
Feb 2A stack-based buffer overflow vulnerability in libsoup allows remote attackers to execute arbitrary code or crash applications by sending specially cr...
Feb 2This vulnerability allows unauthenticated attackers to trigger resource-intensive text generation operations and manipulate server state in the lollms...
Feb 2A vulnerability in fog-kubevirt allows remote attackers to perform Man-in-the-Middle attacks by intercepting communications between Satellite and Open...
Feb 2This vulnerability in foreman_kubevirt disables SSL certificate verification by default when connecting to OpenShift without an explicitly set CA cert...
Feb 2This vulnerability in jsPDF allows attackers to inject arbitrary PDF objects, including JavaScript actions, through user-controlled input to specific ...
Feb 2OpenList Frontend versions before 4.1.10 have TLS certificate verification disabled by default for storage communications, allowing Man-in-the-Middle ...
Feb 2CVE-2025-9974 is an OS command injection vulnerability in the unified WEBUI application of Nokia ONT/Beacon devices. Authenticated attackers with low ...
Feb 2A stored XSS vulnerability in FacturaScripts allows attackers to inject malicious JavaScript into the Observations field, which executes when administ...
Feb 2CVE-2026-20409 is an out-of-bounds write vulnerability in the imgsys component that allows local privilege escalation. Attackers with initial System p...
Feb 2This CVE describes a use-after-free vulnerability in the cameraisp component that could allow local privilege escalation. Attackers with System privil...
Feb 2CVE-2026-20412 is an out-of-bounds write vulnerability in the cameraisp component that allows local privilege escalation. Attackers with initial Syste...
Feb 2This vulnerability allows attackers to bypass code signature verification in Native Access's XPC service on macOS through PID reuse attacks. An attack...
Feb 2This vulnerability allows attackers to execute arbitrary code by exploiting insecure DLL loading in Roland Cloud Manager. Attackers can plant maliciou...
Feb 3This vulnerability allows a local attacker with physical USB access to cause a full device reset by using an invalid reset file. It affects devices th...
Feb 2This vulnerability allows a privileged user in IBM WebSphere Application Server Liberty to upload a zip archive containing path traversal sequences, w...
Feb 2This CVE describes a reflected cross-site scripting (XSS) vulnerability in AKCE Software's SKSPro product. Attackers can inject malicious scripts into...
Feb 3This vulnerability allows remote denial of service attacks against mobile devices with affected MediaTek modems. An attacker can crash the system by c...
Feb 2This vulnerability in MediaTek modems allows remote denial of service through improper input validation. Attackers can crash affected devices by conne...
Feb 2This vulnerability in MediaTek modems allows remote denial of service via system crash when a device connects to a malicious base station. Attackers c...
Feb 2This vulnerability in MediaTek modems allows remote denial of service through improper input validation. An attacker can crash the system by connectin...
Feb 2This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers ca...
Feb 2This vulnerability allows remote denial of service attacks against devices with affected MediaTek modems. An attacker can crash the system by connecti...
Feb 2This vulnerability in MediaTek wlan AP/STA firmware allows remote attackers within wireless range to cause denial of service by making the system unre...
Feb 2This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers ca...
Feb 2This vulnerability allows remote attackers to cause a system crash (denial of service) in affected modem devices by connecting to a rogue base station...
Feb 2This vulnerability in MediaTek modems allows remote denial of service through improper input validation. An attacker can crash the system by connectin...
Feb 2This CVE describes a PHP Local File Inclusion vulnerability in the Talemy Spirit Framework WordPress plugin. Attackers can exploit improper filename c...
Feb 2This vulnerability allows authenticated users in lunary-ai/lunary to delete prompts belonging to other organizations through ID manipulation. The appl...
Feb 2This vulnerability in huggingface/text-generation-inference allows unauthenticated attackers to trigger resource exhaustion by exploiting unbounded ex...
Feb 2CVE-2022-50977 allows unauthenticated remote attackers to disrupt operations by switching between multiple configuration presets via HTTP requests. Th...
Feb 2This vulnerability allows unauthenticated remote attackers to disrupt operations by switching between multiple configuration presets via Modbus TCP. I...
Feb 2This vulnerability allows remote attackers to bypass authentication on EFM ipTIME A8004T routers via improper authentication in the Hidden Hiddenlogin...
Feb 2The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 exposes the ModelBuilder HMAC signing key in cleartext via the DescribeTrainingJob API. Thi...
Feb 2This stored XSS vulnerability in the LatePoint WordPress plugin allows unauthenticated attackers to inject malicious scripts into customer profile fie...
Feb 3The Form Maker by 10Web WordPress plugin allows unauthenticated attackers to upload malicious SVG files containing JavaScript code due to weak file ex...
Feb 3An OS command injection vulnerability in ELECOM WRC-X1500GS-B and WRC-X1500GSA-B wireless routers allows authenticated attackers to execute arbitrary ...
Feb 3The Library Viewer WordPress plugin before version 3.2.0 contains a reflected cross-site scripting (XSS) vulnerability where unsanitized parameters ar...
Feb 2The Form Maker WordPress plugin has a stored XSS vulnerability in versions up to 1.15.35. Unauthenticated attackers can inject malicious JavaScript in...
Feb 3This CVE describes a local privilege escalation vulnerability in mlflow versions before 3.4.0 where temporary directories for Python virtual environme...
Feb 2OpenTelemetry-Go SDK versions v1.20.0 through v1.39.0 on macOS/Darwin systems are vulnerable to path hijacking attacks. An attacker with local access ...
Feb 2🏢 Most Affected Vendors
🐛 Common Vulnerability Types
📋 All CVEs This Week
CVE-2026-25142 is a critical sandbox escape vulnerability in SandboxJS library versions before 0.8.27. Attackers can use...
Signal K Server versions before 1.5.0 contain a command injection vulnerability in the set-system-time plugin that allow...
This SQL injection vulnerability in Martcode Software's Delta Course Automation allows attackers to execute arbitrary SQ...
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without proper authentication, leading...
MagicINFO 9 Server versions below 21.1090.1 contain hardcoded database credentials, allowing attackers to authenticate a...
The User Profile Builder WordPress plugin before version 3.15.2 has an improper password reset mechanism that allows una...
CVE-2026-20418 is a critical out-of-bounds write vulnerability in Thread protocol implementations that allows remote att...
CVE-2022-50981 allows unauthenticated remote attackers to gain full administrative access to affected devices because th...
This vulnerability in vLLM allows attackers to leak heap memory addresses by sending invalid images to the multimodal en...
A stack-based buffer overflow vulnerability in ELECOM wireless LAN access point devices allows remote attackers to execu...
This CVE describes a Local File Inclusion vulnerability in the lollms-webui application that allows attackers to execute...
In lunary-ai/lunary version 1.2.2, a privilege escalation vulnerability allows users with 'viewer' role to hijack other ...
This CVE describes a privilege escalation vulnerability in MediaTek wlan STA drivers where missing bounds checks allow l...
This vulnerability in h2o-3 allows remote attackers to write arbitrary data to any file on the server, potentially leadi...
The NixOS Odoo package exposes the database manager without authentication, allowing unauthorized actors to delete or do...
This CVE describes a heap buffer overflow vulnerability in wlan (wireless LAN) components that allows remote attackers t...
The SportsPress WordPress plugin has a Local File Inclusion vulnerability in all versions up to 2.7.26. Authenticated at...
CVE-2026-24788 is an OS command injection vulnerability in RaspAP raspap-webgui that allows authenticated users to execu...
An unauthenticated attacker can upload arbitrary files to MagicInfo9 Server, leading to remote code execution and privil...
This vulnerability allows local privilege escalation on macOS systems running Native Access. A low-privileged user can e...
This vulnerability allows an unauthenticated remote attacker to hijack existing user sessions and gain full administrati...
OpenClaw (formerly Clawdbot) versions prior to 2026.1.29 contain a command injection vulnerability in the Docker sandbox...
OpenList Frontend versions before 4.1.10 contain a path traversal vulnerability in file operation handlers that allows a...
This SQL injection vulnerability in AKCE Software's SKSPro allows attackers to execute arbitrary SQL commands on the dat...
A stack-based buffer overflow vulnerability in libsoup allows remote attackers to execute arbitrary code or crash applic...
This vulnerability allows unauthenticated attackers to trigger resource-intensive text generation operations and manipul...
A vulnerability in fog-kubevirt allows remote attackers to perform Man-in-the-Middle attacks by intercepting communicati...
This vulnerability in foreman_kubevirt disables SSL certificate verification by default when connecting to OpenShift wit...
This vulnerability in jsPDF allows attackers to inject arbitrary PDF objects, including JavaScript actions, through user...
OpenList Frontend versions before 4.1.10 have TLS certificate verification disabled by default for storage communication...
CVE-2025-9974 is an OS command injection vulnerability in the unified WEBUI application of Nokia ONT/Beacon devices. Aut...
A stored XSS vulnerability in FacturaScripts allows attackers to inject malicious JavaScript into the Observations field...
CVE-2026-20409 is an out-of-bounds write vulnerability in the imgsys component that allows local privilege escalation. A...
This CVE describes a use-after-free vulnerability in the cameraisp component that could allow local privilege escalation...
CVE-2026-20412 is an out-of-bounds write vulnerability in the cameraisp component that allows local privilege escalation...
This vulnerability allows attackers to bypass code signature verification in Native Access's XPC service on macOS throug...
This vulnerability allows attackers to execute arbitrary code by exploiting insecure DLL loading in Roland Cloud Manager...
This vulnerability allows a local attacker with physical USB access to cause a full device reset by using an invalid res...
This vulnerability allows a privileged user in IBM WebSphere Application Server Liberty to upload a zip archive containi...
This CVE describes a reflected cross-site scripting (XSS) vulnerability in AKCE Software's SKSPro product. Attackers can...
This vulnerability allows remote denial of service attacks against mobile devices with affected MediaTek modems. An atta...
This vulnerability in MediaTek modems allows remote denial of service through improper input validation. Attackers can c...
This vulnerability in MediaTek modems allows remote denial of service via system crash when a device connects to a malic...
This vulnerability in MediaTek modems allows remote denial of service through improper input validation. An attacker can...
This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rog...
This vulnerability allows remote denial of service attacks against devices with affected MediaTek modems. An attacker ca...
This vulnerability in MediaTek wlan AP/STA firmware allows remote attackers within wireless range to cause denial of ser...
This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rog...
This vulnerability allows remote attackers to cause a system crash (denial of service) in affected modem devices by conn...
This vulnerability in MediaTek modems allows remote denial of service through improper input validation. An attacker can...
This CVE describes a PHP Local File Inclusion vulnerability in the Talemy Spirit Framework WordPress plugin. Attackers c...
This vulnerability allows authenticated users in lunary-ai/lunary to delete prompts belonging to other organizations thr...
This vulnerability in huggingface/text-generation-inference allows unauthenticated attackers to trigger resource exhaust...
CVE-2022-50977 allows unauthenticated remote attackers to disrupt operations by switching between multiple configuration...
This vulnerability allows unauthenticated remote attackers to disrupt operations by switching between multiple configura...
This vulnerability allows remote attackers to bypass authentication on EFM ipTIME A8004T routers via improper authentica...
The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 exposes the ModelBuilder HMAC signing key in cleartext via th...
This stored XSS vulnerability in the LatePoint WordPress plugin allows unauthenticated attackers to inject malicious scr...
The Form Maker by 10Web WordPress plugin allows unauthenticated attackers to upload malicious SVG files containing JavaS...
An OS command injection vulnerability in ELECOM WRC-X1500GS-B and WRC-X1500GSA-B wireless routers allows authenticated a...
The Library Viewer WordPress plugin before version 3.2.0 contains a reflected cross-site scripting (XSS) vulnerability w...
The Form Maker WordPress plugin has a stored XSS vulnerability in versions up to 1.15.35. Unauthenticated attackers can ...
This CVE describes a local privilege escalation vulnerability in mlflow versions before 3.4.0 where temporary directorie...
OpenTelemetry-Go SDK versions v1.20.0 through v1.39.0 on macOS/Darwin systems are vulnerable to path hijacking attacks. ...
This CVE describes an out-of-bounds write vulnerability in imgsys (likely MediaTek image processing subsystem) that allo...
Docker Desktop for Windows installer has permission assignment vulnerabilities allowing low-privileged attackers to gain...
This CVE describes an out-of-bounds write vulnerability in the imgsys component due to missing bounds checks. It allows ...
This CVE describes a use-after-free vulnerability in the imgsys component that allows local privilege escalation. An att...
This CVE describes a backdoor vulnerability in the EFM ipTIME A8004T router's debug interface. Attackers can remotely ma...
A cross-site scripting vulnerability in the email function of Cybozu Garoon allows attackers to inject malicious scripts...
This vulnerability allows an unauthenticated attacker on the same network segment to disrupt operations by switching bet...
An unauthenticated attacker on the same Controller Area Network (CAN) bus can disrupt operations by rapidly switching be...
This vulnerability allows authenticated WordPress users with Contributor-level access or higher to inject malicious scri...
This SQL injection vulnerability in JeecgBoot 3.9.0 allows remote attackers to execute arbitrary SQL commands through th...
A memory leak vulnerability in xmllint's interactive shell allows local denial-of-service attacks. When users input only...
Multiple reflected cross-site scripting (XSS) vulnerabilities in Subrion CMS v4.2.1 installation module allow attackers ...
This vulnerability in Amazon SageMaker Python SDK disables TLS certificate verification when importing Triton Python mod...
A cross-site scripting vulnerability in the Message function of Cybozu Garoon allows attackers to inject malicious scrip...
This vulnerability in LibreChat allows attackers to exploit an unrestricted fork function to create numerous content for...
This vulnerability in the imgsys component allows memory corruption due to improper locking. It enables local denial of ...
A stored cross-site scripting vulnerability in Tendenci CMS allows attackers to inject malicious scripts into the Jobs m...
A stored cross-site scripting (XSS) vulnerability in Tendenci CMS v15.3.7 allows attackers to inject malicious scripts i...
This reflected XSS vulnerability in FacturaScripts allows attackers to inject malicious scripts into error messages that...
This vulnerability allows authenticated WordPress users with Contributor-level access or higher to inject malicious scri...
The Mail Mint WordPress plugin is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to 1.19.2, allowing...
This vulnerability allows unauthorized remote access to the crontab endpoint in Zhong Bang CRMEB versions up to 5.6.3. A...
A reachable assertion vulnerability in Open5GS SGWC component allows remote attackers to cause denial of service by send...
This vulnerability in Open5GS allows remote attackers to trigger a reachable assertion in the CreateBearerRequest handle...
CVE-2026-1738 is a reachable assertion vulnerability in Open5GS SGWC component that allows remote attackers to cause den...
A null pointer dereference vulnerability in Free5GC's Policy Control Function (PCF) allows remote attackers to cause den...
This CVE describes an out-of-bounds write vulnerability in PCIe drivers that could allow local privilege escalation. Att...
The SimpleDirectoryReader component in llama_index.core versions before 0.12.41 has a memory management flaw where it lo...
This HTTP request smuggling vulnerability in SoupServer allows remote attackers to send specially crafted requests that ...
A stored cross-site scripting (XSS) vulnerability exists in Talishar's in-game chat system where the playerID parameter ...
The WP ULike WordPress plugin has an Insecure Direct Object Reference vulnerability that allows authenticated attackers ...
The Spectra Gutenberg Blocks plugin for WordPress has an information disclosure vulnerability that allows unauthenticate...
Signal K Server versions prior to 2.20.3 on Windows systems contain a path traversal vulnerability in the applicationDat...
An improper input verification vulnerability in Cybozu Garoon allows attackers to modify portal settings without proper ...
This vulnerability allows remote attackers to upload arbitrary files to the EFM ipTIME A8004T router via the VPN service...
This XSS vulnerability in MediaWiki's ApiSandbox.js allows attackers to inject malicious scripts into web pages viewed b...