Monitor vulnerabilities that affect your stack. Sign up free to get alerts when software you use is affected.

CVE Vulnerabilities - 22 February 2026

RSS

59 vulnerabilities published on 22 February 2026

Severity:
itsourcecode Student Management System allows attackers to inject malicious code
CVE-2026-2939
A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /add_student/ of the ...
4.8
YiFang CMS 2.0.5: Unvalidated Input Allows Cross-Site Scripting
CVE-2026-2934
A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/D_friendLinkGroup.php ...
4.8
YiFang CMS update function can be tricked by hackers
CVE-2026-2933
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/D_adManage.php of the component Ex...
4.8
YiFang CMS: Unauthorized Code Execution via Malicious Input
CVE-2026-2932
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/D_adPosition.php o...
4.8
SapneshNaik Student Management System: Remote Code Injection Risk
CVE-2026-2943
A vulnerability was identified in SapneshNaik Student Management System up to f4b4f0928f0b5551a28ee81ae7e7fe47d9345318. This impacts an unknown functi...
5.3
WordPress Conditional CAPTCHA Plugin Allows Redirect to Malicious Sites
CVE-2026-1369
The Conditional CAPTCHA WordPress plugin through 4.0.0 does not validate a parameter before redirecting the user to its value, leading to an Open Redi...
4.3
FunAdmin Password Recovery Allows Attackers to Guess Passwords
CVE-2026-2895 GHSA-fmr2-m7gc-577w
A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Mem...
2.9
Skvadrik Re2c 4.4 Null Pointer Crash
CVE-2026-2903
A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulati...
4.8
funadmin: Hackers can execute malicious code in funadmin
CVE-2026-2897 GHSA-rfh7-7v27-6p9r
A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vulnerability affects unknown code of the file app/backend/view/index/ind...
1.9
21 Feb 2026 All days 23 Feb 2026