CVE Vulnerabilities - 18 February 2026

The NVIDIA NeMo Framework's ASR Evaluator tool is vulnerable to a security risk. If a malicious user provides specially crafted input, it could lead to unauthorized access to the system, data theft, o...

NVIDIA NeMo Framework has a critical weakness that lets hackers take control of a network. This could allow them to access sensitive data, disrupt operations, and even steal sensitive information. If ...

The NVIDIA NeMo Framework can load and run code from a file sent by an attacker, which could allow them to take control of the system, access sensitive information, or make unauthorized changes. This ...

The NVIDIA Megatron Bridge tutorial has a security weakness that could be exploited by an attacker to inject malicious code. This could potentially allow the attacker to execute unauthorized code, acc...

The NVIDIA Megatron Bridge tutorial is vulnerable to a security threat that could allow hackers to inject malicious code, potentially leading to unauthorized access to systems, data theft, or system c...

An attacker could inject malicious data into the NVIDIA NeMo Framework, potentially leading to unauthorized code execution and other security risks. This means that an attacker could take control of t...

A security issue has been found in Admesh versions up to 0.98.5. If exploited, it could allow an attacker with local access to cause the program to crash or potentially execute malicious code. Since t...

A weakness in niklasso minisat allows an attacker to access unauthorized data on the same computer. This vulnerability is serious because it could allow an attacker to read sensitive information. If y...

This vulnerability affects the Linux version of HPE Aruba ClearPass OnGuard Software. A local attacker could exploit this weakness to run any code they want with superuser privileges, potentially allo...

A security feature is turned off without a warning on Fedora Linux versions 6.12 and above, potentially allowing an attacker to access sensitive information and run unauthorized code. This affects Fed...

fabric.js applies `escapeXml()` to text content during SVG export (`src/shapes/Text/TextSVGExportMixin.ts:186`) but fails to apply it to other user-controlled string values that are interpolated into ...

The OpenClaw software for macOS has a security issue that could allow an attacker to inject malicious commands when accessing your keychain. This is a risk because it allows a user-controlled input to...

InvoicePlane's logo upload feature in version 1.7.0 allows attackers to inject malicious code, potentially leading to unauthorized data changes, creation of backdoors, and full system compromise. To p...

A security issue in minimatch can cause it to take a long time or freeze if it's given a very long glob pattern with many consecutive wildcards and a character that's not in the search string. This ca...

Go Ethereum, a popular Ethereum client, has a flaw in its cryptography that could allow an attacker to access a sensitive key. This could lead to unauthorized access to your node and potentially allow...

A malicious message sent to a Go Ethereum node can cause it to shut down. This could allow an attacker to disrupt the node's operation. To fix this issue, update to Go Ethereum version 1.16.9 or 1.17....

A malicious message sent to Go Ethereum can cause a device to run out of memory, making it unavailable. This issue affects users of Go Ethereum and can be fixed by updating to version 1.17.0. To prote...

An attacker can remove any module from a MajorDoMo installation without logging in, which can lead to data loss and disruption of the system. This is a serious problem because it can be exploited by a...

A security issue in InvoicePlane's Edit Invoices function allows hackers to inject malicious code into the application. This could allow them to modify important data, create backdoors, and take contr...

InvoicePlane, a self-hosted invoicing app, has a security flaw that allows hackers to upload malicious code, potentially altering data or taking control of the application. To fix, update to the lates...

The Bematech MP-4200 TH printer's web interface has a weakness that can be exploited by hackers to crash the printer's web service. This means the printer may stop working until it's restarted. Users ...

The WMV to AVI MPEG DVD WMV Convertor is prone to crashing if an attacker enters an extremely long string in the license field. This could be used to disrupt the application and potentially gain unaut...

FileOptimizer 14.00.2524 is vulnerable to a configuration file attack that can cause the application to crash. This could happen if an attacker intentionally makes changes to the FileOptimizer32.ini f...

An attacker can access sensitive system files by sending a specially crafted HTTP request. This can happen if you're using gSOAP 2.8 and haven't taken steps to prevent it. To protect your system, upda...

The iSmartViewPro app on iOS devices can crash if a user pastes a very long string into the camera ID field. This can happen if an attacker tricks a user into entering a long string, causing the app t...