Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.0

    HIGH
    CVE-2026-21221

    Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 8.2

    HIGH
    CVE-2026-21900

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, ... Read more

    Affected Products : cryptolib
    • Published: Jan. 10, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Memory Corruption

  • 8.2

    HIGH
    CVE-2026-22023

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, ... Read more

    Affected Products : cryptolib
    • Published: Jan. 10, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Cryptography

  • 6.3

    MEDIUM
    CVE-2026-22024

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, ... Read more

    Affected Products : cryptolib
    • Published: Jan. 10, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Memory Corruption

  • 8.2

    HIGH
    CVE-2026-22026

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, ... Read more

    Affected Products : cryptolib
    • Published: Jan. 10, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2026-22697

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, ... Read more

    Affected Products : cryptolib
    • Published: Jan. 10, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Memory Corruption

  • 6.3

    MEDIUM
    CVE-2026-22025

    CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, ... Read more

    Affected Products : cryptolib
    • Published: Jan. 10, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Cryptography

  • 7.5

    HIGH
    CVE-2026-20965

    Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products : windows_admin_center
    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 7.8

    HIGH
    CVE-2026-20949

    Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 7.8

    HIGH
    CVE-2026-20948

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 8.8

    HIGH
    CVE-2026-20947

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 7.8

    HIGH
    CVE-2026-20946

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 4.6

    MEDIUM
    CVE-2025-29943

    Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.... Read more

    Affected Products :
    • Published: Jan. 16, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Memory Corruption

  • 6.3

    MEDIUM
    CVE-2025-14017

    When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification ... Read more

    Affected Products : curl
    • Published: Jan. 08, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Misconfiguration

  • 8.4

    HIGH
    CVE-2026-20944

    Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 7.0

    HIGH
    CVE-2026-20943

    Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 7.8

    HIGH
    CVE-2026-20941

    Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Jan. 13, 2026
    • Modified: Jan. 16, 2026

  • 7.8

    HIGH
    CVE-2025-33206

    NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service.... Read more

    Affected Products : nsight_graphics
    • Published: Jan. 14, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2026-23498

    Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1.... Read more

    Affected Products : shopware
    • Published: Jan. 14, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Misconfiguration

  • 8.4

    HIGH
    CVE-2021-47775

    YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 ... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 16, 2026
    • Vuln Type: Memory Corruption
Showing 20 of 4334 Results