CVE Vulnerabilities - 13 February 2026

This vulnerability was never actually present in Apache HTTP Server, so no action is necessary. It was mistakenly listed as a potential issue. No update or patch is required.

Apache HTTP Server may allow an attacker to exploit misconfigured features when an empty User-Agent header is received. This could potentially lead to unexpected behavior or security issues. Upgrade t...

Apache HTTP Server is affected. An attacker could potentially execute malicious code on the server without needing a password. This could allow the attacker to access sensitive data or take control of...

This vulnerability was not actually a problem, as it was never confirmed to exist. The CVE ID was removed from the list of known vulnerabilities. No action is needed.

A vulnerability report for a piece of software was removed because it was never actually a problem. This means you don't need to worry about it.

A bug in the Linux kernel's NVMe over TCP driver could cause data corruption or system crashes if a malicious or malformed network packet is received. This issue has been fixed in a recent update, so ...

A bug in the Linux kernel's netfilter system could cause catchall elements to fail to be restored after an operation is aborted. This could lead to a chain being freed prematurely, causing issues with...

Apache Struts, a web application framework, has a vulnerability that allows an attacker to inject malicious code. This could allow unauthorized access to sensitive data or take control of the system. ...

A security weakness in some WordPress plugins allows attackers to bypass the login process and access restricted areas of the site. If not addressed, this could allow malicious users to gain unauthori...

A security issue in WordPress allows unauthorized users to view and manage posts that were not approved by administrators. This can lead to unauthorized content being published or sensitive informatio...

Apache Log4j is missing a required configuration setting that can expose sensitive data. If not fixed, attackers might access and use this data. Update your Apache Log4j configuration to include the m...

Apache HTTP Server may expose passwords in error messages. This affects Apache HTTP Server versions prior to 2.4.32. If exploited, an attacker could potentially steal sensitive information. Update to ...

WordPress's user registration feature doesn't properly handle invalid input, allowing attackers to manipulate the registration process. This could potentially allow an attacker to create unauthorized ...

A widely-used WordPress plugin has a bug that lets anyone access user accounts without a password. This means that anyone can view and edit user information and settings. To stay safe, update the plug...

A security issue in a WordPress plugin allows attackers to upload and execute arbitrary files on a website. This could allow them to install malware or take control of the site. To fix this, update th...

Adobe Acrobat Reader does not properly check information it receives, allowing an attacker to potentially manipulate user input and cause unexpected behavior. This could lead to a security risk for us...

A critical security issue in GIMP allows attackers to corrupt files when opening malicious PSP files. This could lead to crashes or potentially allow hackers to take control of your computer. Update G...

Adobe Illustrator has a flaw that can allow hackers to run unauthorized code on a computer. This could happen when importing certain image files. Update your Illustrator software to the latest version...