CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

433 matches found

The Hacker News•added 2026/03/02 10:36 a.m.•4 views

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 CVSS score: 8.8, a high-severity security feature bypass affecti...

8.8CVSS7.5AI score0.2798EPSS

Exploits10

Talos Blog•added 2026/02/10 11:54 p.m.•6 views

Microsoft Patch Tuesday for February 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for February 2026, which includes 59 vulnerabilities affecting a range of products, including two that Microsoft marked as "Critical". CVE-2026-21522 is a critical elevation of privilege vulnerability affecting Microsoft ACI Confidential...

8.8CVSS6.8AI score0.2798EPSS

Exploits18

NVD•added 2026/02/10 6:16 p.m.•5 views

CVE-2026-21513

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS0.2798EPSS

Exploits0References4

Cvelist•added 2026/02/10 5:51 p.m.•280 views

CVE-2026-21513 MSHTML Framework Security Feature Bypass Vulnerability

...

8.8CVSS0.2798EPSS

Exploits0References1

Vulnrichment•added 2026/02/10 5:51 p.m.•2 views

CVE-2026-21513 MSHTML Framework Security Feature Bypass Vulnerability

...

8.8CVSS5.4AI score0.2798EPSS

Exploits0References1

Microsoft CVE•added 2026/02/10 4:0 p.m.•4 views

MSHTML Framework Security Feature Bypass Vulnerability

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.5AI score0.2798EPSS

Exploits0

Tenable Nessus•added 2026/02/10 12:0 a.m.•1 views

KB5075897: Windows Server version 23H2 Security Update (February 2026)

The remote Windows host is missing security update 5075897. It is, therefore, affected by multiple vulnerabilities - A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2mergedupsampleinternal function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit da...

8.8CVSS6.9AI score0.2798EPSS

Exploits13References30

Tenable Nessus•added 2026/02/10 12:0 a.m.•21 views

KB5075899: Windows Server 2025 Security Update (February 2026)

The remote Windows host is missing security update 5075899. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...

8.8CVSS6.4AI score0.2798EPSS

Exploits12References30

Tenable Nessus•added 2026/02/10 12:0 a.m.•3 views

KB5075912: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (February 2026)

The remote Windows host is missing security update 5075912. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...

8.8CVSS7.1AI score0.2798EPSS

Exploits9References25

VulnCheck KEV•added 2026/02/10 12:0 a.m.•4 views

VulnCheck KEV: CVE-2026-21513

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.8AI score0.2798EPSS

In wildExploits0References13

Tenable Nessus•added 2026/02/10 12:0 a.m.•2 views

KB5077181: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (February 2026)

The remote Windows host is missing security update 5077181. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...

8.8CVSS6.4AI score0.2798EPSS

Exploits12References28

Tenable Nessus•added 2026/02/10 12:0 a.m.•5 views

KB5075970: Windows Server 2012 R2 Security Update (February 2026)

The remote Windows host is missing security update 5075970. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...

8.8CVSS6.9AI score0.2798EPSS

Exploits8References16

Tenable Nessus•added 2026/02/10 12:0 a.m.•2 views

KB5075971: Windows Server 2012 Security Update (February 2026)

The remote Windows host is missing security update 5075971. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...

8.8CVSS7.7AI score0.2798EPSS

Exploits8References14

RedhatCVE•added 2026/01/07 9:41 a.m.•4 views

CVE-1999-0489

MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013...

10CVSS7AI score0.17107EPSS

Exploits0References1