CVE-2026-26200: Critical Heap Overflow in HDF5 Library Exposes Systems to Crash and Potential Code Execution Vulnerabilities AegironFebruary 20, 2026February 20, 202612 mins0 CVE-2026-26200 — HDF5 Heap Buffer Overflow Vulnerability CVE: CVE-2026-26200Short Name: HDF5 H5T__conv_struct_opt Heap OverflowSeverity: HighCVSS v3.1 Score:…continue reading..
CVE-2026-26960: Critical Hardlink Escape Flaw in Node-Tar Enables Arbitrary File Write Outside Extraction Directory Vulnerabilities AegironFebruary 20, 2026February 20, 202610 mins0 node-tar – Arbitrary File Write / Read via Hardlink Escape Field Value CVE ID CVE-2026-26960 Affected Component…continue reading..
CVE-2026-27475: Critical SPIP Deserialization Flaw Exposes Websites to Remote Code Execution Vulnerabilities AegironFebruary 20, 2026February 20, 20269 mins0 SPIP – Insecure Deserialization Leading to Remote Code Execution Field Value CVE ID CVE-2026-27475 Affected Product SPIP…continue reading..
CVE-2026-27194: Critical RCE Flaw in D-Tale Exposes Servers to Remote Code Execution via Malicious Filter Payloads Vulnerabilities AegironFebruary 20, 2026February 20, 20269 mins0 D-Tale – Remote Code Execution (RCE) Field Value CVE ID CVE-2026-27194 Affected Product D-Tale (Python package: dtale)…continue reading..
CVE-2026-26980: Critical SQL Injection in Ghost CMS Exposes Databases to Unauthenticated Remote Attackers Vulnerabilities AegironFebruary 20, 2026February 20, 202611 mins0 Ghost CMS – Unauthenticated Database Arbitrary Read (SQL Injection) Vulnerability Overview CVE ID: CVE-2026-26980Product: Ghost CMSVulnerability Type:…continue reading..
CVE-2026-26064 / CVE-2026-26065: calibre Path Traversal Flaw Enables Arbitrary File Write and Windows RCE via Startup Folder Abuse Vulnerabilities AegironFebruary 20, 2026February 20, 20269 mins0 Product Overview — calibre Product Name: calibreVendor: Kovid GoyalPlatform: Windows, macOS, LinuxPrimary Function: e-Book management, conversion, editing,…continue reading..
CVE-2026-2409: Critical SQL Injection Flaw Discovered in Delinea Cloud Suite — Privileged Access Data at Risk Vulnerabilities AegironFebruary 20, 2026February 20, 202611 mins0 CVE-2026-2409 CVE ID: CVE-2026-2409Product: Delinea Cloud Suite (on-premises)Vulnerability Type: SQL Injection (Argument Injection)CVSS Score: 9.3 (Critical)Severity: CRITICALExploitability:…continue reading..
Critical Authentication Bypass Flaws (CVE-2025-30410–30416) Expose Acronis Cyber Protect Backup Servers to Full Remote Takeover Vulnerabilities AegironFebruary 20, 2026February 20, 202611 mins0 Vulnerability Overview CVE IDs: CVE-2025-30410, CVE-2025-30411, CVE-2025-30412, CVE-2025-30413, CVE-2025-30414, CVE-2025-30415, CVE-2025-30416Affected Product: Acronis Cyber Protect (on-prem) and…continue reading..
Critical Security Alert: Hardcoded SSH Keys and Database Credentials Expose RUCKUS Network Director to Full System Takeover (CVE-2025-67305 & CVE-2025-67304) Vulnerabilities AegironFebruary 20, 2026February 20, 202611 mins0 RUCKUS Network Director (RND) – Hardcoded SSH Keys & Hardcoded Database Credentials Executive Summary Product: RUCKUS Network…continue reading..
Critical Better-Auth Flaw Lets Attackers Create API Keys Without Login, Enabling Full Account Takeover CyberSecurity News CyberDefenderFebruary 20, 2026February 20, 20266 mins0 A high-severity security vulnerability in the widely used Better-Auth authentication framework has been disclosed — one that…continue reading..
