CVE Vulnerabilities - 16 February 2026

The WhatsApp bridge in Nanobot is set to accept connections from any device without a password, allowing an unauthorized person to take control of your WhatsApp account and send messages, read your me...

Concierge::Sessions versions 0.8.1 to 0.8.4 generate session IDs that can be easily guessed by attackers, potentially allowing them to access systems. This is because the software uses insecure method...

The Maypole library for Perl generates session IDs in a way that could allow an attacker to guess or predict them. This is a security risk because an attacker might be able to hijack user sessions or ...

A weakness in EFM iptime A6004MX allows hackers to upload any file they want without restrictions. This could be used to spread malware or disrupt the service. Users should update their software as so...

A security issue exists in Lintsinghua DeepAudit versions up to 3.0.3 that allows attackers to trick the server into performing unauthorized actions. This could potentially lead to malicious activitie...

A security issue in the Wavlink WL-WN579A3's wireless settings interface allows a hacker to execute unauthorized commands remotely. This can happen if you're using an outdated version of the device's ...

A security flaw in the Wavlink WL-WN579A3's wireless settings page can let hackers execute commands on the device from anywhere, potentially allowing them to harm the network or steal data. This is a ...

A security flaw in the Wavlink WL-WN579A3's login system allows an attacker to execute unauthorized commands from a remote location. This could potentially be used to take control of the device. We re...

A security weakness in Open5GS version 2.7.6 and earlier could allow an attacker to cause the system to malfunction in unpredictable ways. This means that an attacker could potentially crash the syste...

The WowRevenue plugin for WordPress has a security flaw that allows users with limited access to install unauthorized plugins on a site, potentially allowing malicious code to be executed. This is a p...

A security issue affects the settings function in the JingDong JD Cloud Box AX6600's software. This allows an attacker to access and potentially control the device remotely, which could lead to unauth...

Malicious Markdown files can be uploaded and executed in Markdown Preview Enhanced, potentially allowing an attacker to run arbitrary code on a victim's system. This could lead to unauthorized access ...

A security flaw in Ingress Nginx allows attackers to inject code and access sensitive Secrets in the cluster. This is a concern for any cluster using Ingress Nginx, as it can lead to unauthorized acce...

A security flaw in the JingDong JD Cloud Box AX6600 allows an attacker to access sensitive areas of the system remotely. This could potentially allow an attacker to take control of the system. We reco...

A security flaw in the JingDong JD Cloud Box AX6600 allows an attacker to gain elevated access to the device from anywhere on the internet. This could potentially allow hackers to control the device o...

A security issue in the libvpx library used by Firefox and Thunderbird can cause the browser to crash. This affects older versions of Firefox and Thunderbird, and can be fixed by updating to the lates...

Some versions of Firefox and Thunderbird are vulnerable to a bug that could cause the browser to crash or behave unexpectedly. This issue affects users of older versions of these browsers, making them...

A remote attacker can inject malicious commands into the Comfast CF-N1 V2's CGI interface, potentially allowing them to execute arbitrary system commands. This could lead to unauthorized access or dat...

The Comfast CF-N1 V2 has a security flaw that allows an attacker to execute malicious code remotely. This could potentially allow an attacker to take control of the device or disrupt its operation. It...

A vulnerability in the Wavlink WL-WN579A3 router's wireless settings allows an attacker to remotely execute commands. This could lead to unauthorized access and potentially allow hackers to control th...

A security flaw in the Wavlink WL-WN579A3 Wi-Fi router could allow an attacker to remotely take control of the device. This can happen if an attacker sends a special request to the router, which can b...

ENOVIAvpm Web Access, a software used by project management teams, has a security weakness that could allow hackers to inject malicious code into users' web browsers. This could lead to unauthorized a...

An unknown part of the Intelbras VIP 3260 Z IA's system can be tricked into revealing weak passwords. This could happen from anywhere, not just on the local network. To protect your system, update the...

Attackers can execute arbitrary code when opening a specially crafted workspace in Code Runner, a Visual Studio Code extension. This allows them to potentially steal data, install malware, or take con...

If you use SOLIDWORKS eDrawings, be aware that a security flaw in versions 2025 to 2026 could allow someone to trick your computer into running malicious code when you open a specially created file. T...