CVE Brief - February 8, 2026

Sunday, February 8, 2026 Archive

Archived Security Snapshot

Critical vulnerabilities, curated daily for security professionals

🎯 SSCV Profile

See how vulnerabilities affect your specific environment

CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework

Select your system profile:

Risk scores will be adjusted based on your selected environment

Archived Security Brief

Sunday's vulnerability disclosures include 5 critical CVEs (CVSS 9.0+), a 71% decrease from Saturday's 17 critical findings. High-priority vulnerabilities remain steady at 78, a modest 2% decline from the prior day's 80. All 16 actively exploited KEV entries carry CVSS 9.5 scores, affecting infrastructure from Cisco Unified Communications Manager and Broadcom VMware vCenter Server to Microsoft Office and multiple SmarterTools SmarterMail instances. Notable critical disclosures include CVE-2025-15027 targeting WordPress (CVSS 9.8) and CVE-2020-37095 affecting Cyberoam Authentication Client (CVSS 9.8). Patch availability currently stands at 0%, meaning no vendor-supplied fixes are available for these disclosures and organizations should prioritize compensating controls.

5 critical CVEs disclosed, down 71% from Saturday's 17 critical findings
78 high-priority CVEs (CVSS 7.0-8.9), a 2% decrease from the prior day
16 actively exploited (KEV) vulnerabilities spanning Cisco, Broadcom VMware, Microsoft Office, SmarterTools SmarterMail, Zimbra, and GitLab
0% patch availability across all disclosed CVEs — no vendor fixes currently released
Affected systems include WordPress, Cisco Unified Communications Manager, VMware vCenter Server, GNU InetUtils, Sangoma FreePBX, and Vite

Immediate action: Organizations running Cisco Unified Communications Manager, VMware vCenter Server, Microsoft Office, SmarterTools SmarterMail, Zimbra, GitLab, or Sangoma FreePBX should assess exposure immediately given active exploitation across all 16 KEV entries. With 0% patch availability, implement network segmentation, access restrictions, and monitoring for indicators of compromise as interim mitigations until vendor patches are released.

💡 Tip: Swipe CVE cards left to ⭐ star, right to ❌ remove

CISA Known Exploited Vulnerabilities

⚠️ CISA KEV URGENT

CVE-2026-20045

9.5 📝

Cisco Unified Communications Manager January 20, 2026

⏰ Federal Deadline: February 10, 2026 (3 days remaining)

Cisco Unified Communications Products Code Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-68645

9.5 📝

Synacor Zimbra Collaboration Suite (ZCS) January 21, 2026

⏰ Federal Deadline: February 11, 2026 (4 days remaining)

Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-34026

9.5

Versa Concerto January 21, 2026

⏰ Federal Deadline: February 11, 2026 (4 days remaining)

Versa Concerto Improper Authentication Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-31125

9.5

Vite Vitejs January 21, 2026

⏰ Federal Deadline: February 11, 2026 (4 days remaining)

Vite Vitejs Improper Access Control Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-54313

9.5

Prettier eslint-config-prettier January 21, 2026

⏰ Federal Deadline: February 11, 2026 (4 days remaining)

Prettier eslint-config-prettier Embedded Malicious Code Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2024-37079

9.5 📜 Late Disclosure

Broadcom VMware vCenter Server January 22, 2026

⏰ Federal Deadline: February 12, 2026 (5 days remaining)

Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2018-14634

9.5 📜 Late Disclosure

Linux Kernal January 25, 2026

⏰ Federal Deadline: February 15, 2026 (8 days remaining)

Linux Kernel Integer Overflow Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2025-52691

9.5 📝

SmarterTools SmarterMail January 25, 2026

⏰ Federal Deadline: February 15, 2026 (8 days remaining)

SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2026-23760

9.5

SmarterTools SmarterMail January 25, 2026

⏰ Federal Deadline: February 15, 2026 (8 days remaining)

SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2026-24061

9.5 📝

GNU InetUtils January 25, 2026

⏰ Federal Deadline: February 15, 2026 (8 days remaining)

GNU InetUtils Argument Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2026-21509

9.5 📝

Microsoft Office January 25, 2026

⏰ Federal Deadline: February 15, 2026 (8 days remaining)

Microsoft Office Security Feature Bypass Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2021-39935

9.5 📜 Late Disclosure

GitLab Community and Enterprise Editions February 2, 2026

⏰ Federal Deadline: February 23, 2026 (16 days remaining)

GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2025-64328

9.5

Sangoma FreePBX February 2, 2026

⏰ Federal Deadline: February 23, 2026 (16 days remaining)

Sangoma FreePBX OS Command Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2019-19006

9.5 📜 Late Disclosure

Sangoma FreePBX February 2, 2026

⏰ Federal Deadline: February 23, 2026 (16 days remaining)

Sangoma FreePBX Improper Authentication Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2025-11953

9.5 📝

React Native Community CLI February 4, 2026

⏰ Federal Deadline: February 25, 2026 (18 days remaining)

React Native Community CLI OS Command Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2026-24423

9.5

SmarterTools SmarterMail February 4, 2026

⏰ Federal Deadline: February 25, 2026 (18 days remaining)

SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

Critical Vulnerabilities

CVE-2025-15027

9.8 📝

WordPress is vulnerable Feb 8, 2026

The JAY Login & Register plugin for WordPress allows unauthenticated privilege escalation to administrator by exploiting the 'jay_login_register_ajax_create_final_user' function.

CVSS Base 9.8

→

CRS Select profile

CVE-2020-37095

9.8 📝 📜 Late Disclosure

Cyberoam Authentication Authentication Client Feb 7, 2026

Buffer overflow in Cyberoam Authentication Client 2.1.2.7 allows remote attackers to execute arbitrary code by overwriting SEH memory via a crafted server address.

CVSS Base 9.8

→

CRS Select profile

CVE-2020-37159

9.8 📝 📜 Late Disclosure

Parallaxis Cuckoo Cuckoo Clock Feb 7, 2026

Parallaxis Cuckoo Clock 5.0 is vulnerable to a buffer overflow in alarm scheduling, enabling shellcode execution via EIP and EBP register overwrites.

CVSS Base 9.8

→

CRS Select profile

CVE-2020-37161

9.8 📝 📜 Late Disclosure

Wedding Slideshow Wedding Slideshow Studio Feb 7, 2026

Wedding Slideshow Studio 1.36 contains a buffer overflow in the registration name field, allowing attackers to execute arbitrary system commands via a malicious payload.

CVSS Base 9.8

→

CRS Select profile

CVE-2020-37162

9.8 📝 📜 Late Disclosure

the registration Wedding Slideshow Studio Feb 7, 2026

A stack-based buffer overflow in Wedding Slideshow Studio 1.36 allows attackers to execute arbitrary code by supplying a malicious 1608-byte registration key.

CVSS Base 9.8

→

CRS Select profile

High Priority Updates

CVE-2026-2103

7.1

Infor SyteLine ERP February 8, 2026

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys

CVSS Base 7.1

→

CRS Select profile

CVE-2026-25628

8.5

search engine and February 8, 2026

Qdrant is a vector similarity search engine and vector database

CVSS Base 8.5

→

CRS Select profile

CVE-2025-15100

8.8 📝

WordPress is vulnerable February 8, 2026

The JAY Login & Register plugin for WordPress is vulnerable to privilege escalation. All versions up to and including version 2 are affected by this flaw.

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2058

7.3

HP of the February 8, 2026

A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be

CVSS Base 7.3

→

CRS Select profile

CVE-2020-37107

7.5 📜 Late Disclosure

FTP Multiple Products February 8, 2026

Core FTP LE 2

CVSS Base 7.5

→

CRS Select profile

CVE-2020-37155

7.5 📜 Late Disclosure

FTP Multiple Products February 8, 2026

Core FTP Lite 1

CVSS Base 7.5

→

CRS Select profile

CVE-2026-2088

7.3

HP Multiple Products February 8, 2026

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2020-37141

8.2 📜 Late Disclosure

HP script through February 8, 2026

AMSS++ version 4

CVSS Base 8.2

→

CRS Select profile

CVE-2026-2113

7.3

HP of the February 8, 2026

A security vulnerability has been detected in yuan1994 tpadmin up to 1

CVSS Base 7.3

→

CRS Select profile

CVE-2020-37147

7.1 📜 Late Disclosure

HP script to February 8, 2026

ATutor 2

CVSS Base 7.1

→

CRS Select profile

CVE-2025-13523

7.7

Mattermost Multiple Products February 8, 2026

Mattermost Confluence plugin version <1

CVSS Base 7.7

→

CRS Select profile

CVE-2026-2013

7.3

HP Multiple Products February 8, 2026

A vulnerability was identified in itsourcecode Student Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2014

7.3

HP Multiple Products February 8, 2026

A security flaw has been discovered in itsourcecode Student Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2018

7.3

HP Multiple Products February 8, 2026

A flaw has been found in itsourcecode School Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2057

7.3

HP Multiple Products February 8, 2026

A vulnerability was detected in SourceCodester Medical Center Portal Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2059

7.3

HP Multiple Products February 8, 2026

A vulnerability has been found in SourceCodester Medical Center Portal Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2060

7.3

HP Multiple Products February 8, 2026

A vulnerability was found in code-projects Simple Blood Donor Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2073

7.3

HP Multiple Products February 8, 2026

A vulnerability was determined in itsourcecode School Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2083

7.3

HP Multiple Products February 8, 2026

A security flaw has been discovered in code-projects Social Networking Site 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2087

7.3

HP Multiple Products February 8, 2026

A flaw has been found in SourceCodester Online Class Record System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2089

7.3

HP Multiple Products February 8, 2026

A vulnerability was found in SourceCodester Online Class Record System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2114

7.3

HP Multiple Products February 8, 2026

A vulnerability was detected in itsourcecode Society Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2115

7.3

HP Multiple Products February 8, 2026

A flaw has been found in itsourcecode Society Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2116

7.3

HP Multiple Products February 8, 2026

A vulnerability has been found in itsourcecode Society Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2117

7.3

HP Multiple Products February 8, 2026

A vulnerability was found in itsourcecode Society Management System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2132

7.3

HP Multiple Products February 8, 2026

A security flaw has been discovered in code-projects Online Music Site 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2133

7.3

HP Multiple Products February 8, 2026

A weakness has been identified in code-projects Online Music Site 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-2136

7.3

HP Multiple Products February 8, 2026

A flaw has been found in projectworlds Online Food Ordering System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-25580

8.6

Pydantic Multiple Products February 8, 2026

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI

CVSS Base 8.6

→

CRS Select profile

CVE-2026-2137

8.8

Tenda TX3 up February 8, 2026

A vulnerability has been found in Tenda TX3 up to 16

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2138

8.8

Tenda TX9 up February 8, 2026

A vulnerability was found in Tenda TX9 up to 22

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2139

8.8

Tenda TX9 up February 8, 2026

A vulnerability was determined in Tenda TX9 up to 22

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2140

8.8

Tenda TX9 up February 8, 2026

A vulnerability was identified in Tenda TX9 up to 22

CVSS Base 8.8

→

CRS Select profile

CVE-2026-25732

7.5 📝

NiceGUI NiceGUI Python-based UI framework February 8, 2026

A security vulnerability in the NiceGUI Python-based UI framework could allow attackers to compromise the integrity of web-based user interfaces.

CVSS Base 7.5

→

CRS Select profile

CVE-2026-25640

7.1

Pydantic Multiple Products February 8, 2026

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI

CVSS Base 7.1

→

CRS Select profile

CVE-2019-25302

7.8 📜 Late Disclosure

Launch Launch Manager February 8, 2026

Acer Launch Manager 6

CVSS Base 7.8

→

CRS Select profile

CVE-2019-25305

7.8 📜 Late Disclosure

jswpbapi Multiple Products February 8, 2026

JumpStart 0

CVSS Base 7.8

→

CRS Select profile

CVE-2026-2084

7.2

D-Link DIR February 8, 2026

A weakness has been identified in D-Link DIR-823X 250416

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2085

7.2

D-Link DWR February 8, 2026

A security vulnerability has been detected in D-Link DWR-M921 1

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2120

7.2

D-Link DIR February 8, 2026

A vulnerability was identified in D-Link DIR-823X 250416

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2129

7.2

D-Link DIR February 8, 2026

A vulnerability was found in D-Link DIR-823X 250416

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2142

7.2

D-Link DIR February 8, 2026

A weakness has been identified in D-Link DIR-823X 250416

CVSS Base 7.2

→

CRS Select profile

CVE-2019-25299

7.1 📜 Late Disclosure

RimbaLinux AhadPOS February 8, 2026

RimbaLinux AhadPOS 1

CVSS Base 7.1

→

CRS Select profile

CVE-2026-2066

8.8 📝

UTT 进取 520W 1 (Router) February 8, 2026

A critical security weakness has been identified in the UTT 进取 520W 1 router, potentially allowing for remote unauthorized access.

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2067

8.8 📝

UTT 进取 520W 1 (Router) February 8, 2026

A security vulnerability in the UTT 进取 520W 1 router could lead to unauthorized system access or configuration changes.

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2068

8.8 📝

UTT 进取 520W 1 (Router) February 8, 2026

A vulnerability has been detected in the UTT 进取 520W 1 router that could facilitate unauthorized administrative actions.

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2070

8.8 📝

UTT 进取 520W 1 (Router) February 8, 2026

A vulnerability found in the UTT 进取 520W 1 router could allow an attacker to bypass security measures and gain unauthorized access.

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2071

8.8 📝

UTT 进取 520W 1 (Router) February 8, 2026

The UTT 进取 520W 1 router contains a vulnerability that could be exploited to gain unauthorized control over the device.

CVSS Base 8.8

→

CRS Select profile

CVE-2026-2086

8.8

UTT Multiple Products February 8, 2026

A vulnerability was detected in UTT HiPER 810G up to 1

CVSS Base 8.8

→

CRS Select profile

CVE-2026-25635

8.6

book Multiple Products February 8, 2026

calibre is an e-book manager

CVSS Base 8.6

→

CRS Select profile

CVE-2026-25593

8.4 📝

OpenClaw OpenClaw personal AI assistant February 8, 2026

A high-severity vulnerability in the OpenClaw personal AI assistant could allow attackers to gain unauthorized access to personal data or system functions.

CVSS Base 8.4

→

CRS Select profile

CVE-2026-23989

8.2

Arch Multiple Products February 8, 2026

REVA is an interoperability platform

CVSS Base 8.2

→

CRS Select profile

CVE-2026-25636

8.2

book Multiple Products February 8, 2026

calibre is an e-book manager

CVSS Base 8.2

→

CRS Select profile

CVE-2020-37163

8.2 📜 Late Disclosure

Infor Multiple Products February 8, 2026

QuickDate 1

CVSS Base 8.2

→

CRS Select profile

CVE-2019-25266

7.8 📜 Late Disclosure

Framework Multiple Products February 8, 2026

Wondershare Application Framework Service 2

CVSS Base 7.8

→

CRS Select profile

CVE-2019-25292

7.8 📜 Late Disclosure

Monitor Multiple Products February 8, 2026

Alps HID Monitor Service 8

CVSS Base 7.8

→

CRS Select profile

CVE-2019-25293

7.8 📜 Late Disclosure

App Multiple Products February 8, 2026

BlueStacks App Player 2

CVSS Base 7.8

→

CRS Select profile

CVE-2019-25304

7.8 📜 Late Disclosure

SecurOS Multiple Products February 8, 2026

SecurOS Enterprise 10

CVSS Base 7.8

→

CRS Select profile

CVE-2026-25634

7.8 📝

iccDEV iccDEV libraries and tools February 8, 2026

A security vulnerability in the iccDEV libraries and tools for ICC color management could lead to unauthorized system manipulation or data compromise.

CVSS Base 7.8

→

CRS Select profile

CVE-2026-25731

7.8

book Multiple Products February 8, 2026

calibre is an e-book manager

CVSS Base 7.8

→

CRS Select profile

CVE-2025-70963

7.6

Gophish Multiple Products February 8, 2026

Gophish <=0

CVSS Base 7.6

→

CRS Select profile

CVE-2026-25644

7.5 📝

DataHub DataHub open-source metadata platform February 8, 2026

A vulnerability in the DataHub open-source metadata platform could allow for unauthorized access to sensitive metadata or system functions.

CVSS Base 7.5

→

CRS Select profile

CVE-2026-25762

7.5 📝

AdonisJS AdonisJS Framework February 8, 2026

AdonisJS framework contains a high-severity vulnerability that may compromise application integrity. Technical details suggest a flaw within the core TypeScript-first web framework architecture.

CVSS Base 7.5

→

CRS Select profile

CVE-2020-37109

7.5 📜 Late Disclosure

aSc Multiple Products February 8, 2026

aSc TimeTables 2020

CVSS Base 7.5

→

CRS Select profile

CVE-2020-37122

7.5 📜 Late Disclosure

Password Multiple Products February 8, 2026

SpotFTP-FTP Password Recover 2

CVSS Base 7.5

→

CRS Select profile

CVE-2020-37135

7.5 📝 📜 Late Disclosure

AMSS++ AMSS++ February 8, 2026

AMSS++ version 4 is affected by a high-severity vulnerability. This late-disclosure entry indicates a significant security flaw within the application's core logic.

CVSS Base 7.5

→

CRS Select profile

CVE-2020-37146

7.5 📝 📜 Late Disclosure

ACE Security WiP-90113 HD Camera February 8, 2026

ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability. Unauthenticated attackers can remotely retrieve sensitive configuration files from the device.

CVSS Base 7.5

→

CRS Select profile

CVE-2020-37157

7.5 📝 📜 Late Disclosure

DBPower C300 HD Camera February 8, 2026

DBPower C300 HD Camera contains a configuration disclosure vulnerability. Unauthenticated attackers can retrieve sensitive credentials via an unprotected configuration backup endpoint.

CVSS Base 7.5

→

CRS Select profile

CVE-2025-68621

7.4

Arch Multiple Products February 8, 2026

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases

CVSS Base 7.4

→

CRS Select profile

CVE-2026-2090

7.3

Record Multiple Products February 8, 2026

A vulnerability was determined in SourceCodester Online Class Record System 1

CVSS Base 7.3

→

CRS Select profile

CVE-2026-25754

7.2

AdonisJS Multiple Products February 8, 2026

AdonisJS is a TypeScript-first web framework

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2080

7.2

UTT Multiple Products February 8, 2026

A vulnerability has been found in UTT HiPER 810 1

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2118

7.2

UTT Multiple Products February 8, 2026

A vulnerability was determined in UTT HiPER 810 1

CVSS Base 7.2

→

CRS Select profile

CVE-2026-2143

7.2

D-Link Multiple Products February 8, 2026

A security vulnerability has been detected in D-Link DIR-823X 250416

CVSS Base 7.2

→

CRS Select profile

CVE-2019-25298

7.1 📜 Late Disclosure

Infor Multiple Products February 8, 2026

html5_snmp 1

CVSS Base 7.1

→

CRS Select profile

CVE-2019-25300

7.1 📜 Late Disclosure

Globitek Multiple Products February 8, 2026

thejshen Globitek CMS 1

CVSS Base 7.1

→

CRS Select profile

CVE-2019-25303

7.1 📜 Late Disclosure

TheJshen Multiple Products February 8, 2026

TheJshen ContentManagementSystem 1

CVSS Base 7.1

→

CRS Select profile

CVE-2020-37154

7.1 📜 Late Disclosure

candidate Multiple Products February 8, 2026

eLection 2

CVSS Base 7.1

→

CRS Select profile

Archived Security Snapshot

🎯 SSCV Profile

📊 Archived Security Brief

Section Navigation

⚠️ CISA Known Exploited Vulnerabilities

🚨 Critical Vulnerabilities

⚠️ High Priority Updates

⭐ Starred CVEs

Archived Security Brief

CISA Known Exploited Vulnerabilities

Critical Vulnerabilities

High Priority Updates