News & Sicurezza

CVE ID : CVE-2025-15572 Published : Feb. 10, 2026, 3:32 p.m. | 49 minutes ago Description : A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-11004 Published : Feb. 10, 2026, 3:31 p.m. | 50 minutes ago Description : The Simplicity Device Manager Tool has a Reflected XSS (Cross-site-scripting) vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, and availability of the system that has Simplicity Device Manager tool running in the background. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Fixed SAP Security Patch Day Fixed SAP CRM and SAP S/4HANA SAP’s February 2026 Security Patch Day delivered fixes that SAP urges customers to prioritize to reduce exposure across core enterprise workloads. ... Read more Published Date: Feb 10, 2026 (1 hour, 27 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-24328 CVE-2026-24327 CVE-2026-24326 CVE-2026-24325 CVE-2026-24324 CVE-2026-24323 CVE-2026-24322 CVE-2026-24321 CVE-2026-24320 CVE-2026-24319 CVE-2026-24312 CVE-2026-23689 CVE-2026-23688 CVE-2026-23687 CVE-2026-23686 CVE-2026-23685 CVE-2026-23684 CVE-2026-23681 CVE-2026-0509 CVE-2026-0508 CVE-2026-0505 CVE-2026-0490 CVE-2026-0488 CVE-2026-0486 CVE-2026-0485 CVE-2026-0484 CVE-2025-12383 CVE-2025-0059

ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload The cybersecurity sector has been impacted by the sudden appearance of “React2Shell” (CVE-2025-55182), a critical vulnerability affecting Next.js and React Server Components. Following its public disc ... Read more Published Date: Feb 10, 2026 (1 hour, 32 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-55182

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security Systems Computer Industry and Trade Inc. ZEUS PDKS allows SQL Injection.This issue affects ZEUS PDKS: from <1.0.5.10 through 10022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Tracking System allows Exploitation of Trusted Identifiers.This issue affects Dinibh Patrol Tracking System: through 10022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2025-7347 Published : Feb. 10, 2026, 3:16 p.m. | 1 hour, 5 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Tracking System allows Exploitation of Trusted Identifiers.This issue affects Dinibh Patrol Tracking System: through 10022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-7636 Published : Feb. 10, 2026, 3:16 p.m. | 1 hour, 5 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security Systems Computer Industry and Trade Inc. ZEUS PDKS allows SQL Injection.This issue affects ZEUS PDKS: from Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-15571 Published : Feb. 10, 2026, 3:16 p.m. | 1 hour, 5 minutes ago Description : A security vulnerability has been detected in ckolivas lrzip up to 0.651. This vulnerability affects the function ucompthread of the file stream.c. Such manipulation leads to null pointer dereference. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2026-1603 Published : Feb. 10, 2026, 3:09 p.m. | 1 hour, 12 minutes ago Description : An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2026-1602 Published : Feb. 10, 2026, 3:07 p.m. | 1 hour, 14 minutes ago Description : SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense eva ... Read more Published Date: Feb 10, 2026 (2 hours, 19 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-24858 CVE-2026-21509 CVE-2025-68947 CVE-2025-61155 CVE-2025-8088