CVE Vulnerabilities - 18 February 2026

The NLTK software can extract malicious zip files, which can then run code on your system. This can lead to access to your files and network, and potentially allow an attacker to keep access even afte...

Dell RecoverPoint for Virtual Machines stores sensitive credentials in a way that allows unauthorized access to the underlying operating system. This means an attacker could gain access to sensitive a...

A weakness in the Tsinghua Unigroup Electronic Archives System could allow an attacker to execute malicious code remotely. This means that a hacker could potentially access sensitive information or di...

A security issue in OpenClaw allows attackers to escape from Docker containers and access sensitive host data if they can influence the Docker configuration. This could lead to unauthorized access to ...

A critical vulnerability allows an attacker to execute malicious code on your website without a password. This can happen if the attacker tricks the system into downloading and installing a fake updat...

An attacker can exploit this vulnerability to extract MajorDoMo admin passwords and gain unauthorized access to the admin panel. The vulnerability is caused by poor coding practices in the commands_se...

MajorDoMo's web interface allows hackers to execute arbitrary system commands without needing a password. This could allow an attacker to access sensitive data or take control of the system. Update Ma...

The MajorDoMo admin panel has a security flaw that allows anyone to execute arbitrary code without needing a password. This could allow an attacker to take control of the system. To fix this, update t...

If you use ChaosPro 2.0, an attacker can create a special configuration file that could let them take control of your Windows XP computer. This could happen if you open the file or if someone tricks y...

A security flaw in MailCarrier 2.51 makes it possible for an attacker to send a malicious command that can take control of your server. This can happen if an attacker sends a specially crafted message...

A bug in the WMV to AVI Converter software allows hackers to potentially take control of your computer. This happens when the program receives too much data at once, which can lead to unauthorized act...

The Ayukov NFTP client 1.71 has a security issue that allows hackers to send a fake file command to the client, potentially allowing the hacker to access your system and run unauthorized software. Thi...

The Aida64 software has a bug in its CSV logging feature that could allow an attacker to run unauthorized code on your system. This could happen if an attacker can trick you into opening a specially c...

Slyde packages can execute arbitrary code when installed or required, allowing an attacker to take control of a project. This is a serious issue for projects that install untrusted packages. To fix th...

The Scholars Tracking System's admin user management pages are not secure. Hackers could use this weakness to access or change sensitive user information, including passwords. To protect your system, ...

An attacker can inject malicious SQL code into the print_membership_card.php feature, potentially exposing sensitive data or allowing unauthorized access to the system. This is a serious security risk...

A security issue has been found in the default settings of some UTT HiPER 810 routers. If not changed, a hacker could potentially access the router's root account remotely. It's essential to change th...

ZoneMinder, a security camera software, allows hackers to execute unauthorized system commands if they can manipulate user input. This means an attacker could potentially delete files, install malware...

A weakness in ZoneMinder's image view feature could let attackers run unauthorized commands on the system. This could lead to sensitive information being stolen or the system being taken over. Update ...

An attacker can exploit a weakness in certain IP phone models to execute malicious code with super user privileges. This affects multiple models, including the GXP1610, GXP1615, GXP1620, GXP1625, GXP1...

The Huggingface SmolAgents version 1.24.0 has a security flaw that allows attackers to trick the system into making unauthorized network requests. This could potentially lead to malicious attacks. We ...

A security issue in Graylog Web Interface version 2.2.3 allows an attacker to use a stolen session token to access the application and compromise an account. This could happen if an attacker gains acc...

The YayMail plugin for WooCommerce on WordPress can let attackers with Shop Manager access make changes to site settings, potentially making them administrators. This could be used to let attackers cr...

GitLab's internal network may be exposed to unauthorized access if webhooks are enabled, allowing hackers to make requests to internal systems. This could lead to sensitive data being stolen or compro...

A security flaw in OpenText Directory Services allows hackers to execute unauthorized code on your system, potentially causing harm. If left unpatched, this could lead to system crashes or unauthorize...