CVE Vulnerabilities - 16 February 2026

MindsDB's file upload feature has a security flaw that could let attackers trick the server into making unintended requests. This could happen remotely, without needing direct access to the server. Up...

A security issue exists in OpenCC JFlow, a workflow management tool, that can be exploited by an attacker to inject malicious XML code remotely. This could potentially lead to unauthorized data access...

A security issue in Smoothwall Express allows attackers to inject malicious code into the browser of users who access the preferences page, potentially leading to unauthorized access or data theft. Th...

The Smoothwall Express web interface has multiple security weaknesses that allow hackers to inject malicious code into users' web browsers. This could lead to unauthorized access to sensitive informat...

Attackers can inject malicious scripts into Smoothwall Express 3.1-SP4-polar-x86_64-update9 by sending a specially crafted web request, potentially allowing them to take control of user sessions or st...

Smoothwall Express 3.1-SP4-polar-x86_64-update9 has a security weakness that lets hackers inject malicious code into legitimate websites. Unprotected users may have their browsers hijacked, allowing u...

Smoothwall Express's admin interface has a security flaw that could allow hackers to inject malicious code into the system, potentially taking control of administrator sessions. This issue affects adm...

An attacker can inject malicious scripts into Smoothwall Express by manipulating user input, potentially allowing them to execute arbitrary JavaScript in users' browsers. This could lead to unauthoriz...

The Smoothwall Express firewall's web interface has a security flaw that allows hackers to inject malicious code into users' web browsers without needing a password. This could lead to unauthorized ac...

A security issue in Smoothwall Express 3.1-SP4 allows hackers to inject harmful code into websites visited by users who interact with the affected system. This could lead to unauthorized actions being...

Smoothwall Express has a security flaw that allows hackers to inject malicious code into users' browsers if they visit a specially crafted website. This can lead to unauthorized access to sensitive in...

An attacker can trick users into running malicious code in their web browser, potentially stealing sensitive session data. This happens when the system doesn't properly filter certain inputs. To prote...

An attacker can inject malicious scripts into the web interface of Smoothwall Express, potentially allowing them to control users' browsers. This can happen when an attacker sends specially crafted re...

Smoothwall Express has a security flaw that allows hackers to inject malicious scripts into your web browser if you fill out certain forms on the Smoothwall Express website. This could allow the hacke...

An attacker can inject malicious scripts into Smoothwall Express by sending a specially crafted request to the time.cgi endpoint. This can allow the attacker to run code in users' browsers without the...

The Smoothwall Express web interface has a security weakness that allows hackers to inject malicious code into a user's web browser if they submit a specially crafted request. This could potentially a...

A flaw in the Smoothwall Express configuration tool allows hackers to inject malicious scripts into user browsers. This can happen when a user visits a specially crafted webpage. To protect your syste...

An attacker can inject malicious scripts into the Smoothwall Express proxy configuration page, potentially allowing them to steal data or take control of users' browsers. This happens when a user acce...

Kubysoft's node procedure endpoint can inject malicious scripts into users' browsers, allowing attackers to steal sensitive info or take control of user sessions. This happens when malicious data is p...

An attacker can inject malicious code into LigeroSmart's dashboard by manipulating certain inputs, potentially allowing them to steal sensitive information or take control of user sessions. This vulne...

A weakness in LigeroSmart's index page makes it possible for hackers to inject malicious code into the page, potentially allowing them to steal sensitive information or take control of your system. Th...

A vulnerability in LigeroSmart's ticket search function allows an attacker to inject malicious code. This could happen when a user interacts with the system in a specific way. Update to the latest ver...

Pretix, a ticketing software, can mistakenly reveal sensitive information about its system configuration through emails, potentially exposing database passwords or API keys. Users of the software can ...

Versions of Mattermost up to 11.1.2, 10.11.9, and 11.2.1 contain a security flaw that allows attackers to steal sensitive information like passwords and two-factor authentication secrets. Affected use...

A security weakness in CSKefu's file upload feature allows an attacker to inject malicious code, potentially causing harm to your website or customers. This weakness can be exploited remotely, so it's...