CVE CyberSecurity Database News

Feb 10, 2026 Windows Microsoft Exploit

CVE-2026-20841 - Critical Command Injection in Windows Notepad App Explained (with Exploit Example)

In early 2026, security researchers unearthed a severe vulnerability in the trusted Windows Notepad App—CVE-2026-20841. This vulnerability is about _improper neutralization_ of special characters—

Feb 10, 2026 Windows Microsoft Mac Exploit

CVE-2026-21517 - Elevating Privileges with Link Following Flaw in Windows App for Mac

In early 2026, a serious vulnerability was uncovered in the Windows App for Mac, tracked as CVE-2026-21517. This bug falls under the category of "

Feb 9, 2026 JSON Web Token

CVE-2026-1529 - Escalating Access in Keycloak via Editable Invitation Tokens

Recently, a security flaw was discovered in Keycloak, the popular open-source Identity and Access Management solution. This vulnerability, tracked as CVE-2026-1529, could let an attacker

Feb 5, 2026

CVE-2025-15341 - Exploiting Incorrect Default Permissions in Tanium Benchmark – Exploit Details, Code Snippet & Fixes

In February 2025, a new vulnerability was assigned the identifier CVE-2025-15341, which relates to incorrect default permissions in Tanium Benchmark. Tanium's Benchmark tool

Feb 4, 2026 Exploit

CVE-2025-22873 - Directory Escape in `os.Root` via Trailing "../" — Explanation and Exploit Details

In early 2025, security researchers identified CVE-2025-22873, a vulnerability affecting some filesystem interfaces in the Go programming language and related libraries. This bug allowed attackers