Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-02-03
CVE-2026-21855 - Tarkov Data Manager Plugin
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting (XSS) vulnerability in the toast notification system allows any attacker to execute arbitrary JavaScript in the context of a victim's browser session by crafting a malicious URL. A series of fix commits on 02 January 2025 fixed this and other vulnerabilities.
PLUGIN
Tarkov Data Manager
CVE-2026-21855
Risk Score
Threat Entry
Updated 2026-02-23
CVE-2026-0670 - MediaWiki - ProofreadPage Extension Plugin
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting (XSS).This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39.
PLUGIN
MediaWiki - ProofreadPage Extension
CVE-2026-0670
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21679 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow in CIccLocalizedUnicode::GetText(). This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21679
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-21678 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow vulnerability in IccTagXml(). This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21678
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21680 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer dereference vulnerability. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
PLUGIN
iccDEV
CVE-2026-21680
Risk Score
Threat Entry
Updated 2026-01-08
CVE-2026-22539 - QC 60/90/120 Plugin
As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6.
PLUGIN
QC 60/90/120
CVE-2026-22539
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21504 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap buffer overflow in the ToneMap parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21504
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21503 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to a null pointer passed to memcpy() in CIccTagSparseMatrixArray. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21503
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-21506 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to Null pointer dereference in CIccProfileXml::ParseBasic(), leading to denial of service. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21506
Risk Score
Threat Entry
Updated 2026-01-12
CVE-2026-21505 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21505
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21502 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21502
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21501 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the calculator parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21501
Risk Score
Threat Entry
Updated 2026-02-23
CVE-2026-0669 - MediaWiki - CSS extension Plugin
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39.
PLUGIN
MediaWiki - CSS extension
CVE-2026-0669
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21500 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the XML calculator macro expansion. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21500
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21499 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21499
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21498 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML calculator parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21498
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21497 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via an unknown tag parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21497
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21496 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the signature parser. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21496
Risk Score
Threat Entry
Updated 2026-01-09
CVE-2026-21495 - iccDEV Plugin
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to division by zero in the TIFF Image Reader. This issue has been patched in version 2.3.1.2.
PLUGIN
iccDEV
CVE-2026-21495
Risk Score
Threat Entry
Updated 2026-02-24
CVE-2026-0668 - MediaWiki - VisualData Extension Plugin
Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45.
PLUGIN
MediaWiki - VisualData Extension
CVE-2026-0668
Risk Score