CVE Vulnerabilities - 15 February 2026

OPNsense 19.1 is affected by a security issue that allows attackers to inject malicious code into users' web browsers. This can happen if an attacker sends a specially crafted request to a specific pa...

The Micca KE700 car alarm system sends sensitive information, like authentication details, in plain text over the air. This makes it possible for an attacker with the right equipment to intercept and ...

A security issue in OPNsense 19.1 allows an attacker to inject malicious scripts into the browsers of other users who view firewall rule pages. This can happen if an attacker is authenticated and subm...

A vulnerability in OPNsense's system settings allows attackers to inject malicious scripts that can be executed when an authenticated user views the settings. This means that if an attacker can trick ...

An attacker can inject malicious scripts into OPNsense 19.1's diag_backup.php endpoint, allowing them to execute code in the context of an administrator session. This could enable unauthorized access ...

ArangoDB's web admin interface has a weakness that allows attackers to inject malicious scripts into users' browsers, potentially stealing sensitive information or taking control of the user's session...