Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 23 February 2026
RSS107 vulnerabilities published on 23 February 2026
Severity:
ZIA Admin UI allows access to unauthorized data
CVE-2026-22568
Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to access or ret...
2.7
ZIA Admin UI allows unauthorized backend function execution
CVE-2026-22567
Improper validation of user-supplied input in the ZIA Admin UI could allow an authenticated administrator to initiate backend functions through specif...
2.7
AliasVault App on Android/iOS: Unauthorized Access to Backup Files
CVE-2026-2974
A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file shared_prefs/aliasva...
2.0
Xingfuggz BaykeShop: Cross-Site Scripting in Sidebar Template
CVE-2026-3041
A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/arti...
4.8
07FLYCMS, 07FLY-CMS, and 07FlyCRM allow remote code execution
CVE-2026-2965
A security flaw has been discovered in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.9. The affected element is an unknown function of the file /admin/Sy...
4.8
Adobe Flash Player: Attackers can bypass security restrictions
CVE-2026-27163
Rejected reason: This CVE was assigned in error....
Grafana-PCP Plugin: Denial of Service and Data Exposure
ALSA-2026:3040
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scrip...