CVE Vulnerabilities - 27 February 2026

PSI Probe: Denial of Service via Unhandled Session Expire Request

CVE-2026-3269 GHSA-rx6w-2w6h-r346

A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/ma...

7.3

SAP BusinessObjects may leak sensitive data

CVE-2025-15567

Insufficient protection mechanisms in the Health Module may lead to partial information disclosure....

5.1

Snowflake JDBC Driver: Uncontrolled Resource Consumption through SdkProxyRoutePlanner

CVE-2026-3293 GHSA-gx6c-pv62-9mcf

A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowf...

6.3

Keycloak REST Services: Weak Authentication Registration Possible

CVE-2025-12150 GHSA-7g5x-9c4v-4w5r

A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and ...

3.1

VMware Workstation 25H1 and below may leak confidential info from host

CVE-2026-22717

Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM ...

2.7

Vim fails to handle wide terminals with multi-byte characters

CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a st...

2.2

Canarytoken Self-Attack Possible with Older Versions

CVE-2026-28355

Canarytokens help track activity and actions on a network. Versions prior to `sha-7ff0e12` have a Self Cross-Site Scripting vulnerability in the "PWA"...

1.3

CVE Withdrawal: This vulnerability is no longer a concern

CVE-2026-2647

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....

Vulnerability Report Rejected

CVE-2026-27583