Common Vulnerabilities and Exposures (CVE)

CVE-2026-2350

Feb 19, 2026 23:14:23 UTC

Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.

CVE-2026-2605

Feb 19, 2026 23:13:38 UTC

Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS.

CVE-2026-1292

Feb 19, 2026 23:10:23 UTC

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.

CVE-2026-2408

Feb 19, 2026 23:09:51 UTC

Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension.

CVE-2026-2435

Feb 19, 2026 23:09:41 UTC

Tanium addressed a SQL injection vulnerability in Asset.

User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText applicati...

CVE-2026-24392

Feb 19, 2026 21:44:23 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nabil Lemsieh HurryTimer hurrytimer allows Stored XSS.This issue affects HurryTimer: from n/a through <= 2.14.2.

CVE-2026-25000

Feb 19, 2026 21:43:00 UTC

Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through <= 1.2.0.

CVE-2026-25308

Feb 19, 2026 21:39:25 UTC

Missing Authorization vulnerability in wp.insider Simple Membership simple-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Membership: from n/a through <= 4.6.9.

CVE-2026-27056

Feb 19, 2026 21:39:14 UTC

Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through <= 3.2.8.

CVE-2026-25311

Feb 19, 2026 21:38:28 UTC

Missing Authorization vulnerability in 10up Autoshare for Twitter autoshare-for-twitter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Autoshare for Twitter: from n/a through <= 2.3.1.

CVE-2026-25314

Feb 19, 2026 21:37:25 UTC

Missing Authorization vulnerability in WP Messiah TOP Table Of Contents top-table-of-contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TOP Table Of Contents: from n/a through <= 1.3.31.

CVE-2026-23542

Feb 19, 2026 21:35:26 UTC

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.10.

CVE-2026-23544

Feb 19, 2026 21:32:54 UTC

Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection.This issue affects Valenti: from n/a through <= 5.6.3.5.

CVE-2026-25319

Feb 19, 2026 21:32:50 UTC

Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita Elementor Site Library zita-site-library allows Cross Site Request Forgery.This issue affects Zita Elementor Site Library: from n/a through <= 1.6.6.

Page: 205