Exploit Intelligence Platform

CVE-2026-21358 5.5 MEDIUM EPSS 0.00

Adobe Indesign < 20.5.2 - Out-of-Bounds Write

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-122 Feb 10, 2026

CVE-2026-21357 7.8 HIGH EPSS 0.00

Adobe Indesign < 20.5.2 - Out-of-Bounds Write

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-122 Feb 10, 2026

CVE-2026-21335 7.8 HIGH EPSS 0.00

Adobe Substance 3D Designer < 15.1.2 - Out-of-Bounds Write

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-787 Feb 10, 2026

CVE-2026-21334 7.8 HIGH EPSS 0.00

Adobe Substance 3D Designer < 15.1.2 - Out-of-Bounds Write

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-787 Feb 10, 2026

CVE-2026-21328 7.8 HIGH EPSS 0.00

Adobe After Effects < 25.6.4 - Out-of-Bounds Write

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-787 Feb 10, 2026

CVE-2026-21327 7.8 HIGH EPSS 0.00

Adobe After Effects < 25.6.4 - Out-of-Bounds Write

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-787 Feb 10, 2026

CVE-2026-21318 7.8 HIGH EPSS 0.00

Adobe After Effects < 25.6.4 - Out-of-Bounds Write

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-787 Feb 10, 2026

CVE-2026-21312 7.8 HIGH EPSS 0.00

Adobe Audition < 25.6 - Out-of-Bounds Write

Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CWE-787 Feb 10, 2026

CVE-2026-21259 7.8 HIGH EPSS 0.00

Microsoft Office Excel - Privilege Escalation

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

CWE-122 Feb 10, 2026

CVE-2026-21248 7.3 HIGH EPSS 0.00

Windows Hyper-V - Buffer Overflow

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CWE-122 Feb 10, 2026

CVE-2026-21246 7.8 HIGH EPSS 0.00

Microsoft Graphics Component - Privilege Escalation

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CWE-122 Feb 10, 2026

CVE-2026-21245 7.8 HIGH EPSS 0.00

Windows Kernel < unknown - Privilege Escalation

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CWE-122 Feb 10, 2026

CVE-2026-21244 7.3 HIGH EPSS 0.00

Windows Hyper-V - Buffer Overflow

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CWE-122 Feb 10, 2026

CVE-2026-21239 7.8 HIGH EPSS 0.00

Windows Kernel < - Privilege Escalation

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CWE-122 Feb 10, 2026

CVE-2026-21236 7.8 HIGH EPSS 0.00

Windows Ancillary Function Driver - Buffer Overflow

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CWE-122 Feb 10, 2026

CVE-2025-32008 8.6 HIGH EPSS 0.00

Intel AMT/Standard Manageability <3: User Apps - DoS

Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (low) impacts.

CWE-787 Feb 10, 2026

CVE-2025-27243 6.0 MEDIUM EPSS 0.00

Intel(R) Ethernet Controller E810 <1.7.8.x - DoS

Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

CWE-787 Feb 10, 2026

CVE-2026-23715 7.8 HIGH EPSS 0.00

Simcenter Femap, Nastran <V2512 - RCE

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.

CWE-787 Feb 10, 2026

CVE-2026-2259 3.3 LOW 1 Writeup EPSS 0.00

aardappel lobster <2025.4 - Memory Corruption

A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsing. The manipulation leads to memory corruption. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2f45fe860d00990e79e13250251c1dde633f1f89. Applying a patch is the recommended action to fix this issue.

CWE-119 Feb 10, 2026

CVE-2026-24320 3.1 LOW EPSS 0.00

SAP NetWeaver - Memory Corruption

Due to improper memory management in SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker could exploit logical errors in memory management by supplying specially crafted input containing unique characters, which are improperly converted. This may result in memory corruption and the potential leakage of memory content. Successful exploitation of this vulnerability would have a low impact on the confidentiality of the application, with no effect on its integrity or availability.

CWE-113 Feb 10, 2026

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps