Common Vulnerabilities and Exposures (CVE)

CVE-2025-11537

Feb 10, 2026 10:53:28 UTC

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. A...

CVE-2026-24343

Feb 10, 2026 10:22:47 UTC

Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes t...

CVE-2026-23901

Feb 10, 2026 10:22:44 UTC

Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1.*, 2.* before 2.0.7. Users are recommended to upgrade to version 2.0.7 or later, which fixes the issue. Prior to Shiro 2.0.7, code paths...

CVE-2025-15569

Feb 10, 2026 10:02:09 UTC

A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local access. Th...

CVE-2026-25656

Feb 10, 2026 09:58:55 UTC

A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user. This coul...

CVE-2026-25655

Feb 10, 2026 09:58:54 UTC

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, poten...

CVE-2026-23720

Feb 10, 2026 09:58:53 UTC

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This ...

CVE-2026-23719

Feb 10, 2026 09:58:51 UTC

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This co...

CVE-2026-23718

Feb 10, 2026 09:58:50 UTC

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This ...

CVE-2026-23717

Feb 10, 2026 09:58:48 UTC

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This ...

CVE-2026-23716

Feb 10, 2026 09:58:47 UTC

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This ...

CVE-2026-23715

Feb 10, 2026 09:58:46 UTC

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This...

CVE-2026-22923

Feb 10, 2026 09:58:45 UTC

A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process...

CVE-2025-40936

Feb 10, 2026 09:58:43 UTC

A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258), Solid Edge (All versions < V226.00 Update 03). The affected applications contains an out of bounds read vulnerability while parsing sp...

CVE-2025-40772

Feb 10, 2026 09:58:40 UTC

A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications are vulnerable to stored Cross-Site Scripting (XSS), allowing an attacker to inject malicious code that can be executed by other us...