CVE Vulnerabilities - 13 February 2026

A bug in the TON Virtual Machine can cause it to behave unexpectedly if a specific condition occurs. This can lead to a denial of service within a contract. Update to version 2025.04 or later to fix t...

A weakness in the way TON Virtual Machine handles certain smart contract instructions can cause the system to run out of memory, leading to a crash of the validator node and a disruption to the TON bl...

A flaw in the TON Blockchain's virtual machine can cause the entire network to become unavailable if a malicious transaction is sent. This could be done by an attacker to disrupt the network. To fix t...

Vim's integration with NetBeans has a security flaw that can be exploited by a malicious NetBeans server. This could allow the server to execute unauthorized commands on the Vim system. Update to Vim ...

The BACnet Stack library for embedded systems doesn't check file paths, allowing hackers to write files to any directory. This could lead to unauthorized access or data tampering. Update to version 1....

A security issue in free5GC v4.0.1 can cause a denial of service to remote attackers. This happens when the system incorrectly handles a specific type of request, leading to service degradation. To st...

A security issue affects the free5GC UPF component. An attacker could send a specially crafted message, causing the system to crash. Upgrade to a fixed version of free5GC to prevent this issue.

A security weakness in the free5GC system can cause it to crash when receiving a specific type of request. This can prevent the system from functioning, making it unavailable to users. To protect agai...

A security update is available for osbuild-composer, a tool used in Red Hat's build process. If left unpatched, a potential security issue could allow unauthorized access to sensitive data. Update you...

A critical security issue has been found in the osbuild-composer tool, which is used to build and compose operating systems. If exploited, an attacker could gain unauthorized access to the system, pot...

OpenSourcePOS version 3.4.1 has a security weakness that lets hackers inject malicious code into the system. This could allow them to take control of your point of sale system. You should update to th...

An attacker can manipulate Avro schemas to inject malicious code into your system. This affects all versions of Apache Avro Java SDK up to 1.11.4 and version 1.12.0. To fix this, update to version 1.1...

WWW::OAuth for Perl may generate weak encryption keys, compromising the security of authentication and authorization processes. This could allow an attacker to intercept or manipulate sensitive inform...

The PixelYourSite PRO plugin for WordPress has a security flaw that lets attackers inject malicious code into website pages. This means that if a user visits a page with the injected code, it could ru...

The PixelYourSite plugin for WordPress has a security flaw that allows attackers to inject malicious code into pages, which can be executed when users visit those pages. This can lead to unauthorized ...

The sqlparse library can crash when formatting a long list of tuples. This can happen when querying databases with complex data. Affected users should update sqlparse to the latest version to prevent ...

A security update for OpenShift 18.0 affects a library used by the platform. If exploited, this vulnerability could allow an attacker to execute arbitrary code on the system. Red Hat has released a pa...

The Yokogawa Vnet/IP Interface Package in certain versions may crash if it receives specially designed packets. This could lead to downtime or require a restart of the affected system. If you're using...

A vulnerability in the Yokogawa Vnet/IP Interface Package can cause a critical software component to crash if it receives a specially designed packet. This affects certain versions of the package used...

A flaw in the Vnet/IP software stack of certain Yokogawa products can cause them to crash if they receive specially designed network traffic. This could disrupt normal operation of these products. Aff...

The Vnet/IP Interface Package, used in Yokogawa's CENTUM VP R6 and R7 systems, may crash if it receives a specially crafted packet. This could disrupt system operation. Update the Vnet/IP software to ...

A security issue in Yokogawa's Vnet/IP Interface Package can allow an attacker to crash the software by sending specially crafted network packets. If this happens, the affected system may become unava...

rPGP's encrypted data protection may not work as expected, potentially exposing sensitive information if an unauthorized person accesses it. This is because rPGP doesn't always detect when encrypted d...

A security issue in Cloudflare Agents' AI Playground site allows attackers to create malicious links that steal user chat history and access sensitive information. To fix this, update to Cloudflare Ag...

A weakness in IObit Unlocker version 1.3.0.11 can be exploited by an attacker to crash the program, making it unavailable to use. This could potentially allow an attacker to disrupt the normal functio...