Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2026
CVE-2026-26095
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26096
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26097
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26098
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26099
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26100
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.
CVSS Score
6.8
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26101
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-02-20
CVE-2026-26093
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2.0.4 allows Command Injection via a crafted network request.
CVSS Score
8.7
EPSS Score
0.003
Published
2026-02-20
CVE-2025-70833
An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset the password of any user (including the administrator) and fully takeover the account by manipulating POST parameters. The issue stems from insecure permission validation in check-power.php.
CVSS Score
9.4
EPSS Score
0.002
Published
2026-02-20
CVE-2025-15582
A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the function Delete/Update of the component Product Management Module. Performing a manipulation of the argument ID results in authorization bypass. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved