NVD disclosure day

Published threat advisories for February 19, 2026

CVE advisoryCRITICAL

CVE-2025-9953

Databank Accreditation Software SQL Injection Authorization Bypass

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical authorization bypass vulnerability exists in DATABASE Software Training Consulting Ltd. Databank Accreditation Software, allowing SQL injection. An unauthenticated attacker could exploit this flaw by sending crafted network requests, potentially leading to unauthorized data access and manipulation. The vendo

NVD published:

CVE advisoryCRITICAL

CVE-2025-8350

BiEticaret CMS EAR and Missing Authentication Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability exists in a content management system that allows attackers to bypass authentication and potentially split HTTP responses. This issue could permit unauthorized access and actions if the system is reachable. It is important to determine if your organization uses this technology and assess its ex

NVD published: