Patch Tuesday — January 2026

2026-01-13 · 1053 CVEs

CVEs published or modified the week of 2026-01-13, partitioned by vendor.

Microsoft (140 CVEs)

CVESeverityCVSSKEVPublishedSummary
CVE-2026-20963Critical9.8KEV2026-01-13Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
CVE-2025-69270Critical9.82026-01-12Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.
CVE-2025-69269Critical9.82026-01-12Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier.
CVE-2026-20947High8.82026-01-13Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-20868High8.82026-01-13Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-69276High8.82026-01-12Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.
CVE-2025-69274High8.82026-01-12Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.
CVE-2026-23512High8.62026-01-14SumatraPDF is a multi-format reader for Windows.
CVE-2026-21280High8.62026-01-13Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21272High8.62026-01-13Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write.
CVE-2026-21271High8.62026-01-13Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21268High8.62026-01-13Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21267High8.62026-01-13Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker.
CVE-2026-20953High8.42026-01-13Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-20952High8.42026-01-13Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-20944High8.42026-01-13Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-20856High8.12026-01-13Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
CVE-2026-20960High8.02026-01-16Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.
CVE-2026-20931High8.02026-01-13External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2026-21287High7.82026-01-13Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21304High7.82026-01-13InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21283High7.82026-01-13Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21281High7.82026-01-13InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21277High7.82026-01-13InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21276High7.82026-01-13InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21275High7.82026-01-13InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21274High7.82026-01-13Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21224High7.82026-01-13Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-20957High7.82026-01-13Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20956High7.82026-01-13Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20955High7.82026-01-13Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20951High7.82026-01-13Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
CVE-2026-20950High7.82026-01-13Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20949High7.82026-01-13Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-20948High7.82026-01-13Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-20946High7.82026-01-13Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20941High7.82026-01-13Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
CVE-2026-20940High7.82026-01-13Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-20938High7.82026-01-13Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2026-20924High7.82026-01-13Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20923High7.82026-01-13Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20922High7.82026-01-13Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
CVE-2026-20920High7.82026-01-13Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-20918High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20877High7.82026-01-13Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20874High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20873High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20871High7.82026-01-13Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-20870High7.82026-01-13Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-20867High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20866High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20865High7.82026-01-13Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20864High7.82026-01-13Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-20861High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20860High7.82026-01-13Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-20859High7.82026-01-13Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2026-20858High7.82026-01-13Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20857High7.82026-01-13Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-20843High7.82026-01-13Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
CVE-2026-20840High7.82026-01-13Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
CVE-2026-20837High7.82026-01-13Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
CVE-2026-20832High7.82026-01-13Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability
CVE-2026-20831High7.82026-01-13Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-20826High7.82026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2026-20822High7.82026-01-13Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-20820High7.82026-01-13Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-20817High7.82026-01-13Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
CVE-2026-20816High7.82026-01-13Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2026-20811High7.82026-01-13Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-20810High7.82026-01-13Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-20809High7.82026-01-13Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
CVE-2026-20852High7.72026-01-13Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.
CVE-2026-20804High7.72026-01-13Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.
CVE-2026-21226High7.52026-01-13Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.
CVE-2026-20965High7.52026-01-13Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.
CVE-2026-20934High7.52026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-20929High7.52026-01-13Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.
CVE-2026-20926High7.52026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-20921High7.52026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-20919High7.52026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-20875High7.52026-01-13Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
CVE-2026-20854High7.52026-01-13Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.
CVE-2026-20849High7.52026-01-13Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
CVE-2026-20848High7.52026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-0386High7.52026-01-13Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.
CVE-2025-69273High7.52026-01-12Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier.
CVE-2025-69272High7.52026-01-12Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier.
CVE-2025-69271High7.52026-01-12Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.
CVE-2026-20853High7.42026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.
CVE-2026-20844High7.42026-01-13Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
CVE-2026-20803High7.22026-01-13Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-21223High7.12026-01-16Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.
CVE-2026-21221High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-21219High7.02026-01-13Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
CVE-2026-20943High7.02026-01-13Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-20869High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally.
CVE-2026-20863High7.02026-01-13Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-20842High7.02026-01-13Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVE-2026-20836High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-20830High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-20815High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-20814High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-20808High7.02026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Printer Association Object allows an authorized attacker to elevate privileges locally.
CVE-2026-20876Medium6.72026-01-13Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2026-20925Medium6.52026-01-13External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-20872Medium6.52026-01-13External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-20847Medium6.52026-01-13Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.
CVE-2026-20812Medium6.52026-01-13Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network.
CVE-2025-69267Medium6.52026-01-12Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.
CVE-2026-21265Medium6.42026-01-13Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB.
CVE-2026-20935Medium6.22026-01-13Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
CVE-2026-20851Medium6.22026-01-13Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.
CVE-2026-20821Medium6.22026-01-13Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally.
CVE-2026-20818Medium6.22026-01-13Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally.
CVE-2025-69275Medium6.12026-01-12Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier.
CVE-2025-69268Medium6.12026-01-12Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.
CVE-2026-21288Medium5.52026-01-13Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service.
CVE-2026-21278Medium5.52026-01-13InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure.
CVE-2026-20939Medium5.52026-01-13Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-20937Medium5.52026-01-13Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-20932Medium5.52026-01-13Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-20862Medium5.52026-01-13Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally.
CVE-2026-20839Medium5.52026-01-13Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally.
CVE-2026-20838Medium5.52026-01-13Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-20835Medium5.52026-01-13Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to disclose information locally.
CVE-2026-20833Medium5.52026-01-13Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally.
CVE-2026-20829Medium5.52026-01-13Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally.
CVE-2026-20827Medium5.52026-01-13Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to disclose information locally.
CVE-2026-20824Medium5.52026-01-13Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-20823Medium5.52026-01-13Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-20819Medium5.52026-01-13Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.
CVE-2026-20805Medium5.5KEV2026-01-13Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
CVE-2026-20958Medium5.42026-01-13Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.
CVE-2026-20927Medium5.32026-01-13Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.
CVE-2026-20959Medium4.62026-01-13Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-20834Medium4.62026-01-13Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack.
CVE-2026-20828Medium4.62026-01-13Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a physical attack.
CVE-2026-20962Medium4.42026-01-13Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.
CVE-2026-20825Medium4.42026-01-13Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally.
CVE-2026-20936Medium4.32026-01-13Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.

Other vendors (913 CVEs across 418 vendors)

Linux · 137 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-33206High7.82026-01-14NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection.
CVE-2025-71143High7.82026-01-14In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws membe…
CVE-2025-71137High7.82026-01-14In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size (rx_pending) is not set below the permitted length.
CVE-2025-71123High7.82026-01-14In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size.
CVE-2025-71122High7.82026-01-14In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARN_ON by corrupting th…
CVE-2025-71110High7.82026-01-14In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free().
CVE-2025-71100High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() TID getting from ieee80211_get_tid() might be out of range of array size of sta_entry->tids[], so c…
CVE-2025-71099High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() In xe_oa_add_config_ioctl(), we accessed oa_config->id after dropping metrics_lock.
CVE-2025-71092High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed t…
CVE-2025-71091High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_override_port_prio_changed() There has been a syzkaller bug reported recently with the following trace: list_del corrupti…
CVE-2025-71089High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7.
CVE-2025-71086High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets…
CVE-2025-71082High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921dbd00c4e ("Bluetooth: Use devm_kzalloc in btusb.c file").
CVE-2025-71078High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the…
CVE-2025-71075High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, le…
CVE-2025-71073High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbd_interrupt() schedules lk->tq via schedule_work(), and the work handler lkkbd_reinit() dereferences the lk…
CVE-2025-71071High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on e…
CVE-2025-71068High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rq_pages index in inline path svc_rdma_copy_inline_range indexed rqstp->rq_pages[rc_curpage] without verifying rc_curpage stays within the allocated…
CVE-2025-68817High7.82026-01-13In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Under high concurrency, A tree-connection object (tcon) is freed on a disconnect path while another…
CVE-2025-71066High7.52026-01-13In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change zdi-disclosures@trendmicro.com says: The vulnerability is a race condition betw…
CVE-2025-71136High7.12026-01-14In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() It's possible for cp_read() and hdmi_read() to return -EIO.
CVE-2025-71133High7.12026-01-14In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event irdma_net_event() should not dereference anything from "neigh" (alias "ptr") until it has checked that the event is NET…
CVE-2025-71116High7.12026-01-14In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encoded length of ceph_pg_pool envelope is le…
CVE-2025-71112High7.12026-01-14In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF.
CVE-2025-71101High7.12026-01-13In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hp_populate_*_elements_from_package() functions in the hp-bioscfg driver contain out…
CVE-2025-71093High7.12026-01-13In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we read the last byte of the frame via 'data[length - 1]' to evaluate the TBI workaround.
CVE-2025-71144Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect() After the blamed commit below, if the MPC subflow is already in TCP_CLOSE status or has fallback to TCP at mptcp_disconnect()…
CVE-2025-71142Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110 RIP…
CVE-2025-71141Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers should only be called when the device has…
CVE-2025-71139Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area *** Bug description *** When I tested kexec with the latest kernel, I ran into the following warning: [ 40…
CVE-2025-71138Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add missing NULL pointer check for pingpong interface It is checked almost always in dpu_encoder_phys_wb_setup_ctl(), but in a single place the check is mis…
CVE-2025-71135Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() The variable mddev->private is first assigned to conf and then checked: conf = mdde…
CVE-2025-71134Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible.
CVE-2025-71132Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPT_RT When smc91x.c is built with PREEMPT_RT, the following splat occurs in FVP_RevC: [ 13.055000] smc91x LNRO0003:00 eth0: lin…
CVE-2025-71131Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion.
CVE-2025-71130Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up.
CVE-2025-71129Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions.
CVE-2025-71128Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize options_len before referencing options.
CVE-2025-71127Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 ("The A…
CVE-2025-71126Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme…
CVE-2025-71125Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events.
CVE-2025-71124Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preempt_prepare_postamble after error check Move the call to preempt_prepare_postamble() after verifying that preempt_postamble_ptr is valid.
CVE-2025-71121Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g.
CVE-2025-71120Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL.
CVE-2025-71119Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the fol…
CVE-2025-71118Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if start_node is NULL Although commit 0c9992315e73 ("ACPICA: Avoid walking the ACPI Namespace if it is not there") fixed the situatio…
CVE-2025-71117Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the…
CVE-2025-71115Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: um: init cpu_tasks[] earlier This is currently done in uml_finishsetup(), but e.g.
CVE-2025-71114Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: via_wdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocate_resource() to reserve a MMIO region for the watchdog control reg…
CVE-2025-71113Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, r…
CVE-2025-71109Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 ("MIPS: Tracing: Reduce the overhead of dynamic Function Tracer"), t…
CVE-2025-71108Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set…
CVE-2025-71107Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_put_super() finishes Xfstests generic/335, generic/336 sometimes crash with the following message: F2FS-fs (dm-0): det…
CVE-2025-71106Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystems_freeze_callback() The freeze_all_ptr check in filesystems_freeze_callback() introduced by commit a3f8f8662771 ("power: always fr…
CVE-2025-71105Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inline_xattr_slab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------[ cut…
CVE-2025-71104Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the…
CVE-2025-71103Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpc_reglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpc_reglist if still deferenced in a7xx_patch_pwru…
CVE-2025-71102Medium5.52026-01-14In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in __scs_magic __scs_magic() needs a 'void *' variable, but a 'struct task_struct *' is given.
CVE-2025-71098Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: ip6_gre: make ip6gre_header() robust Over the years, syzbot found many ways to crash the kernel in ip6gre_header() [1].
CVE-2025-71097Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fib_table_flush() is called t…
CVE-2025-71096Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly The netlink response for RDMA_NL_LS_OP_IP_RESOLVE should always have a LS_NLA_TYPE_DGID attribute, it is…
CVE-2025-71095Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDP_TX action There is a crash issue when running zero copy XDP_TX action, the crash log is shown below.
CVE-2025-71094Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asix_read_phy_addr().
CVE-2025-71090Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg() nfsd4_add_rdaccess_to_wrdeleg() unconditionally overwrites fp->fi_fds[O_RDONLY] with a newly acquir…
CVE-2025-71088Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/sub…
CVE-2025-71087Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg() There are off-by-one bugs when configuring RSS hash key and lookup table, causing out-of-bounds reads to memory [1]…
CVE-2025-71085Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_h…
CVE-2025-71084Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancel_work_sync() will pr…
CVE-2025-71083Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g.
CVE-2025-71081Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the set_sync()…
CVE-2025-71080Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT On PREEMPT_RT kernels, after rt6_get_pcpu_route() returns NULL, the current task can be preempted.
CVE-2025-71079Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write A deadlock can occur between nfc_unregister_device() and rfkill_fop_write() due to lock orderin…
CVE-2025-71077Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upper limit for the number of banks.
CVE-2025-71076Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, poten…
CVE-2025-71072Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures maple_tree insertions can fail if we are seriously short on memory; simple_offset_rename() does not recover well if it runs into t…
CVE-2025-68823Medium5.52026-01-13In the Linux kernel, the following vulnerability has been resolved: ublk: fix deadlock when reading partition table When one process(such as udev) opens ublk block device (e.g., to read the partition table via bdev_open()), a deadlock[1]…
CVE-2025-71111Medium4.72026-01-14In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU The macro FAN_FROM_REG evaluates its arguments multiple times.
CVE-2025-71074Medium4.72026-01-13In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal, ending up with file->private_data pointing to freed object.
CVE-2025-711402026-01-14In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected chan…
CVE-2025-710702026-01-13In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet…
CVE-2025-710692026-01-13In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAX_DIR_HASH_DEPTH.
CVE-2025-710672026-01-13In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read boot_block when mounting When mounting, sb->s_blocksize is used to read the boot_block without being defined or validated.
CVE-2025-710652026-01-13In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi->cp_rwsem --> fs_recla…
CVE-2025-710642026-01-13In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the num_tqps in the vf driver to apply for resources Currently, hdev->htqp is allocated using hdev->num_tqps, and kinfo->tqp is allocated using kinfo->n…
CVE-2025-688222026-01-13In the Linux kernel, the following vulnerability has been resolved: Input: alps - fix use-after-free bugs caused by dev3_register_work The dev3_register_work delayed work item is initialized within alps_reconnect() and scheduled upon rec…
CVE-2025-688212026-01-13In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 ("fuse: allocate ff->release_args only if release is needed") skips allocating ff->release_args if the server do…
CVE-2025-688202026-01-13In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g.
CVE-2025-688192026-01-13In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() rlen value is a user-controlled value, but dtv5100_i2c_msg() does not check the size of the rlen value.
CVE-2025-688182026-01-13In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9.
CVE-2025-688162026-01-13In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fw_tracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities a…
CVE-2025-688152026-01-13In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr class from the active list if it changes to strict Whenever a user issues an ets qdisc change command, transforming a drr class into a strict…
CVE-2025-688142026-01-13In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname().
CVE-2025-688132026-01-13In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure() without ensuring skb->dev is set, leading to a NULL…
CVE-2025-688112026-01-13In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rc_pageoff for memcpy byte offset svc_rdma_copy_inline_range added rc_curpage (page index) to the page base instead of the byte offset rc_pageoff.
CVE-2025-688102026-01-13In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot Reject attempts to disable KVM_MEM_GUEST_MEMFD on a memslot that was initially created with a guest_mem…
CVE-2025-688092026-01-13In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on m_flags in vfs_cache ksmbd maintains delete-on-close and pending-delete state in ksmbd_inode->m_flags.
CVE-2025-688082026-01-13In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtv_channel_si_init() creates a temporary list (program, service, event) and ownership of the…
CVE-2025-688072026-01-13In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbt_enable_default and IO submission When wbt_enable_default() is moved out of queue freezing in elevator_change(), it can cause the wbt inflight…
CVE-2025-688062026-01-13In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2_set_ea function, which handles Extended Attributes (EA), was performing buffer valid…
CVE-2025-688052026-01-13In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the q…
CVE-2025-688042026-01-13In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread `cros_ec_console_log_work` is still accessing the device, resu…
CVE-2025-688032026-01-13In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that…
CVE-2025-688022026-01-13In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit num_syncs to prevent oversized allocations The exec and vm_bind ioctl allow userspace to specify an arbitrary num_syncs value.
CVE-2025-688012026-01-13In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_router: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour [1].
CVE-2025-688002026-01-13In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex (instead of RTNL) to protect the multicast route list, so…
CVE-2025-687992026-01-13In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrml_receive() The cffrml_receive() function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from…
CVE-2025-687982026-01-13In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc->events[idx] can become NULL in a subtle race condition with NMI->throttle->x86_pmu_stop().
CVE-2025-687972026-01-13In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in ac_ioctl Discovered by Atuin - Automated Vulnerability Discovery Engine.
CVE-2025-687962026-01-13In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in extent cache As syzbot reported: F2FS-fs (loop0): __update_extent_tree_range: extent len is zero, type: 0, extent [0, 0…
CVE-2025-687952026-01-13In the Linux kernel, the following vulnerability has been resolved: ethtool: Avoid overflowing userspace buffer on stats query The ethtool -S command operates across three ioctl calls: ETHTOOL_GSSET_INFO for the size, ETHTOOL_GSTRINGS fo…
CVE-2025-687942026-01-13In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomap_adjust_read_range() assumes that the position and length passed in are block-aligned.
CVE-2025-687932026-01-13In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job->pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue.
CVE-2025-687922026-01-13In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in name_size 'name_size' does not have any range checks, and it just directly indexes with TPM_ALG_ID, which could lead into mem…
CVE-2025-687912026-01-13In the Linux kernel, the following vulnerability has been resolved: fuse: missing copy_finish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies.
CVE-2025-687902026-01-13In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix double unregister of HCA_PORTS component Clear hca_devcom_comp in device's private data after unregistering it in LAG teardown.
CVE-2025-687882026-01-13In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events (e.g.
CVE-2025-687872026-01-13In the Linux kernel, the following vulnerability has been resolved: netrom: Fix memory leak in nr_sendmsg() syzbot reported a memory leak [1].
CVE-2025-687862026-01-13In the Linux kernel, the following vulnerability has been resolved: ksmbd: skip lock-range check on equal size to avoid size==0 underflow When size equals the current i_size (including 0), the code used to call check_lock_range(filp, i_s…
CVE-2025-687852026-01-13In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in push_nsh() action The push_nsh() action structure looks like this: OVS_ACTION_ATTR_PUSH_NSH(OVS_KEY_ATTR_NSH(OVS_N…
CVE-2025-687842026-01-13In the Linux kernel, the following vulnerability has been resolved: xfs: fix a UAF problem in xattr repair The xchk_setup_xattr_buf function can allocate a new value buffer, which means that any reference to ab->value before the call cou…
CVE-2025-687832026-01-13In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices get_meter_levels_from_urb() parses the 64-byte meter packets sent by the device and fills the per-channel arrays…
CVE-2025-687822026-01-13In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset t_task_cdb pointer in error case If allocation of cmd->t_task_cdb fails, it remains NULL but is later dereferenced in the 'err' path.
CVE-2025-687812026-01-13In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The delayed work item otg_event is initialized in fsl_otg_conf() and scheduled under two cond…
CVE-2025-687802026-01-13In the Linux kernel, the following vulnerability has been resolved: sched/deadline: only set free_cpus for online runqueues Commit 16b269436b72 ("sched/deadline: Modify cpudl::free_cpus to reflect rd->online") introduced the cpudl_set/cl…
CVE-2025-687792026-01-13In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: _mlx5e_remove -> mlx5e_psp_unregister mlx5e_nic_cleanup -> mlx5e_psp_unregister This leads to a r…
CVE-2025-687782026-01-13In the Linux kernel, the following vulnerability has been resolved: btrfs: don't log conflicting inode if it's a dir moved in the current transaction We can't log a conflicting inode if it's a directory and it was moved from one parent d…
CVE-2025-687772026-01-13In the Linux kernel, the following vulnerability has been resolved: Input: ti_am335x_tsc - fix off-by-one error in wire_order validation The current validation 'wire_order[i] > ARRAY_SIZE(config_pins)' allows wire_order[i] to equal ARRAY…
CVE-2025-687762026-01-13In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() prp_get_untagged_frame() calls __pskb_copy() to create frame->skb_std but doesn't check if the allocati…
CVE-2025-687752026-01-13In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshake_net->hn_requests list, but it is stil…
CVE-2025-687742026-01-13In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create When sync() and link() are called concurrently, both threads may enter hfs_bnode_find() without finding the no…
CVE-2025-687732026-01-13In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce ("spi: fsl-cpm: Use 16 bit mode for large transfers with even size") failed to make…
CVE-2025-687722026-01-13In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng <sjb7183@psu.edu> reported a bug as below: Oops: divide error: 0000 [#1] SMP KASAN PTI …
CVE-2025-687712026-01-13In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2_find_victim_chain syzbot reported a kernel BUG in ocfs2_find_victim_chain() because the `cl_next_free_rec` field of the allocation chain l…
CVE-2025-687702026-01-13In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix XDP_TX path For XDP_TX action in bnxt_rx_xdp(), clearing of the event flags is not correct.
CVE-2025-687692026-01-13In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_recover_fsync_data() With below scripts, it will trigger panic in f2fs: mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/fo…
CVE-2025-687682026-01-13In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdir_pre_exit() We have been seeing occasional deadlocks on pernet_ops_rwsem since September in NIPA.
CVE-2025-687672026-01-13In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that S_IFMT bits of inode->i_mode can become bogus when the S_IFMT bits of the 16bits "mode" field…

N/a · 35 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-70892Critical9.82026-01-15Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module.
CVE-2025-69992Critical9.82026-01-13phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.
CVE-2025-69991Critical9.82026-01-13phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php.
CVE-2025-29329Critical9.82026-01-12Buffer Overflow in the ippprint (Internet Printing Protocol) service in Sagemcom F@st 3686 MAGYAR_4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request.
CVE-2025-67147Critical9.82026-01-12Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in (1) submit_contact.php, the 'username' and 'pass_key' parameters in (2) secure_login.php, an…
CVE-2025-69990Critical9.12026-01-13phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php.
CVE-2025-70893High8.82026-01-15A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System v1.0 within the adminprofile.php endpoint.
CVE-2025-68707High8.82026-01-13An authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated network-adjacent attackers to perform arbitrary configuration changes without providing credentials, as long as a valid a…
CVE-2025-66698High8.62026-01-13An issue in Semantic machines v5.4.8 allows attackers to bypass authentication via sending a crafted HTTP request to various API endpoints.
CVE-2025-68921High7.82026-01-16SteelSeries Nahimic 3 1.10.7 allows Directory traversal.
CVE-2025-71020High7.52026-01-16Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function.
CVE-2025-70746High7.52026-01-16Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function.
CVE-2025-70656High7.52026-01-15Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function.
CVE-2025-71019High7.52026-01-15Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function.
CVE-2025-70744High7.52026-01-15Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub_65B5C function.
CVE-2025-71021High7.52026-01-14Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function.
CVE-2025-70747High7.52026-01-14Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function.
CVE-2025-71027High7.52026-01-13Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanMTU2 parameter of the fromAdvSetMacMtuWan function.
CVE-2025-71026High7.52026-01-13Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function.
CVE-2025-71025High7.52026-01-13Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function.
CVE-2025-71024High7.52026-01-13Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function.
CVE-2025-71023High7.52026-01-13Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function.
CVE-2025-70753High7.52026-01-13Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function.
CVE-2025-67835Medium6.52026-01-14Paessler PRTG Network Monitor before 25.4.114 allows Denial-of-Service (DoS) by an authenticated attacker via the Notification Contacts functionality.
CVE-2025-56451Medium6.12026-01-16Cross site scripting vulnerability in seeyon Zhiyuan A8+ Collaborative Management Software 7.0 via the topValue parameter to the seeyon/main.do endpoint.
CVE-2026-0858Medium6.12026-01-16Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams.
CVE-2025-70891Medium6.12026-01-15A stored cross-site scripting (XSS) vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module.
CVE-2025-70890Medium6.12026-01-15A stored cross-site scripting (XSS) vulnerability exists in Cyber Cafe Management System v1.0.
CVE-2025-67833Medium6.12026-01-14Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the tag parameter.
CVE-2025-63644Medium5.42026-01-14A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field.
CVE-2025-67834Medium5.42026-01-14Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the filter parameter.
CVE-2021-41074Medium5.42026-01-12A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document.
CVE-2025-15529Medium5.32026-01-16A vulnerability was found in Open5GS up to 2.7.6.
CVE-2025-15528Medium5.32026-01-16A vulnerability has been found in Open5GS up to 2.7.6.
CVE-2025-67813Medium5.32026-01-12Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication

Juniper · 23 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-21920High7.52026-01-15An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
CVE-2026-21918High7.52026-01-15A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
CVE-2026-21917High7.52026-01-15An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
CVE-2026-21914High7.52026-01-15An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos).
CVE-2026-21913High7.52026-01-15An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
CVE-2026-21906High7.52026-01-15An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tun…
CVE-2026-21905High7.52026-01-15A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application layer gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attac…
CVE-2025-60003High7.52026-01-15A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
CVE-2025-59960High7.42026-01-15An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets…
CVE-2026-21908High7.12026-01-15A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd p…
CVE-2026-21921Medium6.52026-01-15A Use After Free vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker authenticated with low privileges to cause a Denial-of-Service (DoS).
CVE-2026-21911Medium6.52026-01-15An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of n…
CVE-2026-21910Medium6.52026-01-15An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping…
CVE-2026-21909Medium6.52026-01-15A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker controlling an adjacent IS-IS neighbor to send a spec…
CVE-2026-21903Medium6.52026-01-15A Stack-based Buffer Overflow vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a network-based attacker, authenticated with low privileges to cause a Denial-of-Service (DoS).
CVE-2026-0203Medium6.52026-01-15An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS allows an unauthenticated, network-adjacent attacker sending a specifically malformed ICMP packet to cause an FPC to crash and r…
CVE-2025-52987Medium6.12026-01-15A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers.
CVE-2026-21907Medium5.92026-01-15A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper Networks Junos Space allows the use of static key ciphers (ssl-static-key-ciphers), reducing the confidentiality of on-path traffic communica…
CVE-2025-60011Medium5.82026-01-15An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact…
CVE-2026-21912Medium5.52026-01-15A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the method to collect FPC Ethernet firmware statistics of Juniper Networks Junos OS on MX10k Series allows a local, low-privileged attacker executing the 'show system fir…
CVE-2025-60007Medium5.52026-01-15A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with low privileges to cause a Denial-of-Service (DoS).
CVE-2025-59961Medium5.52026-01-15An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the…
CVE-2025-59959Medium5.52026-01-15An Untrusted Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service (DoS).

Arubanetworks · 17 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-37184Critical9.82026-01-14A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements.
CVE-2025-37168High8.22026-01-13Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system.
CVE-2025-37183High7.22026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks.
CVE-2025-37182High7.22026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks.
CVE-2025-37181High7.22026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks.
CVE-2025-37175High7.22026-01-13Arbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems.
CVE-2025-37174High7.22026-01-13Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems.
CVE-2025-37173High7.22026-01-13An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems.
CVE-2025-37172High7.22026-01-13Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system.
CVE-2025-37171High7.22026-01-13Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system.
CVE-2025-37170High7.22026-01-13Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system.
CVE-2025-37169High7.22026-01-13A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway.
CVE-2025-37177Medium6.52026-01-13An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems.
CVE-2025-37176Medium6.52026-01-13A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations.
CVE-2025-37185Medium5.52026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attacks against an administrative user of the interface.
CVE-2025-37179Medium5.32026-01-13Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers.
CVE-2025-37178Medium5.32026-01-13Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers.

Huawei · 16 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68960High8.42026-01-14Multi-thread race condition vulnerability in the video framework module.
CVE-2025-68957High8.42026-01-14Multi-thread race condition vulnerability in the card framework module.
CVE-2025-68958High8.02026-01-14Multi-thread race condition vulnerability in the card framework module.
CVE-2025-68956High8.02026-01-14Multi-thread race condition vulnerability in the card framework module.
CVE-2025-68955High8.02026-01-14Multi-thread race condition vulnerability in the card framework module.
CVE-2025-68968High7.82026-01-14Double free vulnerability in the multi-mode input module.
CVE-2025-68969Medium6.82026-01-14Multi-thread race condition vulnerability in the thermal management module.
CVE-2025-68964Medium6.22026-01-14Data verification vulnerability in the HiView module.
CVE-2025-68959Medium6.22026-01-14Permission verification bypass vulnerability in the media library module.
CVE-2025-68970Medium6.12026-01-14Permission verification bypass vulnerability in the media library module.
CVE-2025-68967Medium5.72026-01-14Vulnerability of improper permission control in the print module.
CVE-2025-68963Medium5.72026-01-14Man-in-the-middle attack vulnerability in the Clone module.
CVE-2025-68966Medium5.12026-01-14Permission control vulnerability in the Notepad module.
CVE-2025-68962Medium5.12026-01-14Multi-thread race condition vulnerability in the camera framework module.
CVE-2025-68961Medium5.12026-01-14Multi-thread race condition vulnerability in the camera framework module.
CVE-2025-68965Medium4.72026-01-14Permission control vulnerability in the Notepad module.

Mozilla · 16 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0881Critical10.02026-01-13Sandbox escape in the Messaging System component.
CVE-2026-0892Critical9.82026-01-13Memory safety bugs present in Firefox 146 and Thunderbird 146.
CVE-2026-0884Critical9.82026-01-13Use-after-free in the JavaScript Engine component.
CVE-2026-0879Critical9.82026-01-13Sandbox escape due to incorrect boundary conditions in the Graphics component.
CVE-2026-0882High8.82026-01-13Use-after-free in the IPC component.
CVE-2026-0880High8.82026-01-13Sandbox escape due to integer overflow in the Graphics component.
CVE-2026-0891High8.12026-01-13Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146.
CVE-2026-0877High8.12026-01-13Mitigation bypass in the DOM: Security component.
CVE-2026-0878High8.02026-01-13Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component.
CVE-2026-0889High7.52026-01-13Denial-of-service in the DOM: Service Workers component.
CVE-2026-0885Medium6.52026-01-13Use-after-free in the JavaScript: GC component.
CVE-2026-0890Medium5.42026-01-13Spoofing issue in the DOM: Copy & Paste and Drag & Drop component.
CVE-2026-0888Medium5.32026-01-13Information disclosure in the XML component.
CVE-2026-0886Medium5.32026-01-13Incorrect boundary conditions in the Graphics component.
CVE-2026-0883Medium5.32026-01-13Information disclosure in the Networking component.
CVE-2026-0887Medium4.32026-01-13Clickjacking issue, information disclosure in the PDF Viewer component.

Sick · 16 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22907Critical9.92026-01-15An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.
CVE-2026-22908Critical9.12026-01-15Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.
CVE-2026-22910High7.52026-01-15The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access.
CVE-2026-22909High7.52026-01-15Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, potentially disrupting system operations.
CVE-2026-22645Medium5.32026-01-15The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.
CVE-2026-22644Medium5.32026-01-15Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain una…
CVE-2026-22911Medium5.32026-01-15Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device.
CVE-2026-22646Medium4.32026-01-15Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions…
CVE-2026-22918Medium4.32026-01-15An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through maliciously crafted web pages, leading to the extraction of sensitive data.
CVE-2026-22917Medium4.32026-01-15Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.
CVE-2026-22916Medium4.32026-01-15An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.
CVE-2026-22915Medium4.32026-01-15An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information.
CVE-2026-22914Medium4.32026-01-15An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation.
CVE-2026-22913Medium4.32026-01-15Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login.
CVE-2026-22912Medium4.32026-01-15Improper validation of a login parameter may allow attackers to redirect users to malicious websites after authentication.
CVE-2026-22919Low3.82026-01-15An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, leading to the extraction of sensitive data.

Sap_se · 13 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0501Critical9.92026-01-13Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger), an authenticated user could execute crafted SQL queries to read, modify, and delete backend database data.
CVE-2026-0491Critical9.12026-01-13SAP Landscape Transformation allows an attacker with admin privileges to exploit a vulnerability in the function module exposed via RFC.
CVE-2026-0507High8.42026-01-13Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server.
CVE-2026-0511High8.12026-01-13SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
CVE-2026-0496Medium6.62026-01-13SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file (including script files) without proper file format validation.
CVE-2026-0503Medium6.42026-01-13Due to missing authorization check in the SAP ERP Central Component (SAP ECC) and SAP S/4HANA (SAP EHS Management), an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating use…
CVE-2026-0499Medium6.12026-01-13SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter.
CVE-2026-0495Medium5.12026-01-13SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to send uploaded files to arbitrary emails which could enable effective phishing campaigns.
CVE-2026-0497Medium4.32026-01-13SAP Product Designer Web UI of Business Server Pages allows authenticated non-administrative users to access non-sensitive information.
CVE-2026-0494Medium4.32026-01-13Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted.
CVE-2026-0493Medium4.32026-01-13Due to a Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request type, this deviation from expected request semant…
CVE-2026-0504Low3.82026-01-13Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutraliz…
CVE-2026-0510Low3.02026-01-13The User Management Engine (UME) in NetWeaver Application Server for Java (NW AS Java) utilizes an obsolete cryptographic algorithm for encrypting User Mapping data.

Adobe · 10 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-21299High7.82026-01-13Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21298High7.82026-01-13Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21307High7.82026-01-13Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21306High7.82026-01-13Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21305High7.82026-01-13Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
CVE-2026-21303Medium5.52026-01-13Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure.
CVE-2026-21302Medium5.52026-01-13Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure.
CVE-2026-21301Medium5.52026-01-13Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service.
CVE-2026-21300Medium5.52026-01-13Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service.
CVE-2026-21308Medium5.52026-01-13Substance3D - Designer versions 15.0.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure.

Gpac · 10 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-70298High8.22026-01-15GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.
CVE-2025-70307High7.52026-01-15A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2025-70308High7.52026-01-15An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .gsf file.
CVE-2025-70304High7.52026-01-15A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2025-70299Medium6.52026-01-15A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.
CVE-2025-70303Medium5.52026-01-15A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2025-70302Medium5.52026-01-15A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-70310Medium5.52026-01-15A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file.
CVE-2025-70309Medium5.52026-01-15A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file.
CVE-2025-70305Medium5.52026-01-15A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.

Labredescefetrj · 10 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23722Critical9.12026-01-16WeGIA is a Web Manager for Charitable Institutions.
CVE-2026-23723High7.22026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23730Medium6.12026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23729Medium6.12026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23728Medium6.12026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23727Medium6.12026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23726Medium6.12026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23725Medium5.42026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23731Medium4.32026-01-16WeGIA is a web manager for charitable institutions.
CVE-2026-23724Medium4.32026-01-16WeGIA is a web manager for charitable institutions.

Apple · 9 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2024-44238High7.82026-01-16The issue was addressed with improved bounds checks.
CVE-2022-50890High7.52026-01-13Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories.
CVE-2025-43508Medium5.52026-01-16A logging issue was addressed with improved data redaction.
CVE-2025-24089Medium5.32026-01-16A permissions issue was addressed with additional restrictions.
CVE-2022-50891Medium5.02026-01-13Owlfiles File Manager 12.0.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the path parameter in HTTP server endpoints.
CVE-2025-31186Low3.32026-01-16A permissions issue was addressed with additional restrictions.
CVE-2025-24090Low3.32026-01-16A permissions issue was addressed with additional restrictions.
CVE-2024-44210Low3.32026-01-16This issue was addressed with improved permissions checking.
CVE-2024-54556Low2.42026-01-16This issue was addressed through improved state management.

Freerdp · 9 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22857Critical9.82026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22854Critical9.82026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22853Critical9.82026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22852Critical9.82026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22859Critical9.12026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22858Critical9.12026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22855Critical9.12026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22856High8.12026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.
CVE-2026-22851Medium5.92026-01-14FreeRDP is a free implementation of the Remote Desktop Protocol.

Aveva · 7 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-61937Critical10.02026-01-16The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the  model application server.
CVE-2025-65118High8.82026-01-16The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compro…
CVE-2025-64691High8.82026-01-16The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application serv…
CVE-2025-61943High8.42026-01-16The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Standard User) to tamper with queries in Captive Historian and achieve code execution under SQL Server administrative privileges, potentially…
CVE-2025-64729High8.12026-01-16The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently in…
CVE-2025-65117High7.42026-01-16The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts w…
CVE-2025-64769High7.12026-01-16The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios.

Canon · 7 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14237Critical9.82026-01-16Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
CVE-2025-14236Critical9.82026-01-16Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
CVE-2025-14235Critical9.82026-01-16Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary cod…
CVE-2025-14234Critical9.82026-01-16Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
CVE-2025-14233Critical9.82026-01-16Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
CVE-2025-14232Critical9.82026-01-16Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.
CVE-2025-14231Critical9.82026-01-16Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.

Samrocketman · 7 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68931High7.52026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.
CVE-2025-68704High7.52026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.
CVE-2025-68703High7.52026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.
CVE-2025-68702High7.52026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.
CVE-2025-68701High7.52026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.
CVE-2025-68698High7.52026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.
CVE-2025-68925Medium5.32026-01-13Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries.

Elastic · 6 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0532High8.62026-01-14External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector…
CVE-2026-0529Medium6.52026-01-14Improper Validation of Array Index (CWE-129) in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers (CAPEC-100) through specially crafted network traffic.
CVE-2026-0543Medium6.52026-01-13Improper Input Validation (CWE-20) in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation (CAPEC-130) through a specially crafted email address parameter.
CVE-2026-0531Medium6.52026-01-13Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive Allocation (CAPEC-130) via a specially crafted bulk retrieval request.
CVE-2026-0530Medium6.52026-01-13Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive Allocation (CAPEC-130) via a specially crafted request.
CVE-2026-0528Medium6.52026-01-13Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricse…

Fortinet · 6 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-64155Critical9.82026-01-13An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM…
CVE-2025-47855Critical9.82026-01-13An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet FortiFone 7.0.0 through 7.0.1, FortiFone 3.0.13 through 3.0.23 allows an unauthenticated attacker to obtain the device configuration via craf…
CVE-2025-25249High8.12026-01-13A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6…
CVE-2025-59922High7.22026-01-13An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiClientEMS 7.4.3 through 7.4.4, FortiClientEMS 7.4.0 through 7.4.1, FortiClientEMS 7.2.0 through 7…
CVE-2025-58693Medium6.52026-01-13An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows a privileged attacker to delete files from the underlying fil…
CVE-2025-67685Low3.82026-01-13A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox 4.4 all versions, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated…

Gotac · 6 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-1021Critical9.82026-01-16Police Statistics Database System developed by Gotac has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attacker to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
CVE-2026-1019Critical9.82026-01-16Police Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.
CVE-2026-1023High7.52026-01-16Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly exploit a specific functionality to query database contents.
CVE-2026-1022High7.52026-01-16Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
CVE-2026-1018High7.52026-01-16Police Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing Unauthenticated remote attacker to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2026-1020Medium5.32026-01-16Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticated remote attackers to enumerate the system file directory.

Lenovo · 6 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-13455High7.82026-01-14A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint.
CVE-2026-0421Medium6.52026-01-14A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu.
CVE-2025-13454Medium5.52026-01-14A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information.
CVE-2025-13154Medium5.52026-01-14An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges.
CVE-2025-13453Medium4.62026-01-14A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive.
CVE-2025-14058Low3.22026-01-14A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access…

Netgear · 6 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0408High8.02026-01-13A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and passwo…
CVE-2026-0407High8.02026-01-13An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin pa…
CVE-2026-0406High8.02026-01-13An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections.
CVE-2026-0404High8.02026-01-13An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router.
CVE-2026-0403High8.02026-01-13An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.
CVE-2026-0405High7.82026-01-13An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

Sap · 6 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0500Critical9.62026-01-13Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL.
CVE-2026-0498Critical9.12026-01-13SAP S/4HANA (Private Cloud and On-Premise) allows an attacker with admin privileges to exploit a vulnerability in the function module exposed via RFC.
CVE-2026-0492High8.82026-01-13SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access.
CVE-2026-0506High8.12026-01-13Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attacker could misuse an RFC function to execute form routines (FORMs) in the ABAP system.
CVE-2026-0514Medium6.12026-01-13Due to a Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link.
CVE-2026-0513Medium4.72026-01-13Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled si…

Bluspark Global · 5 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22238Critical9.82026-01-14The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX admin APIs.
CVE-2026-22237Critical9.82026-01-14The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation.
CVE-2026-22236Critical9.82026-01-14The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX backend APIs.
CVE-2026-22240High7.52026-01-14The vulnerability exists in BLUVOYIX due to an improper password storage implementation and subsequent exposure via unauthenticated APIs.
CVE-2026-22239Medium5.32026-01-14The vulnerability exists in BLUVOYIX due to design flaws in the email sending API.

E107 · 5 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50905Critical9.82026-01-13e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks.
CVE-2022-50939High7.22026-01-13e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal.
CVE-2022-50916High7.22026-01-13e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality.
CVE-2022-50907High7.22026-01-13e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files.
CVE-2022-50906Medium4.82026-01-13e107 CMS 3.2.1 contains an upload restriction bypass vulnerability that allows authenticated administrators to upload malicious SVG files through the media manager.

Pimcore · 5 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23492High8.82026-01-14Pimcore is an Open Source Data & Experience Management Platform.
CVE-2026-23493High8.62026-01-15Pimcore is an Open Source Data & Experience Management Platform.
CVE-2026-23496Medium5.42026-01-15Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore.
CVE-2026-23495Medium4.32026-01-15Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore.
CVE-2026-23494Medium4.32026-01-15Pimcore is an Open Source Data & Experience Management Platform.

Svelte · 5 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67647Critical9.12026-01-15SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte.
CVE-2026-22803High7.52026-01-15SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte.
CVE-2026-22775High7.52026-01-15Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job.
CVE-2026-22774High7.52026-01-15Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job.
CVE-2025-15265Medium6.12026-01-15An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable.

Wondershare · 5 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50904High8.42026-01-13Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges.
CVE-2022-50903High8.42026-01-13Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges.
CVE-2022-50902High8.42026-01-13Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges.
CVE-2022-50901High8.42026-01-13Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code.
CVE-2022-50900High8.42026-01-13Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges.

Agora-project · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67079Critical9.82026-01-15File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions.
CVE-2025-67077High8.82026-01-15File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or under certain conditions also guest users, via the UploadTmpFile action.
CVE-2025-67076High7.52026-01-15Directory traversal vulnerability in Omnispace Agora Project before 25.10 allowing unauthenticated attackers to read files on the system via the misc controller and the ExternalGetFile action.
CVE-2025-67078Medium6.12026-01-15Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors.

Altium · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-1009Critical9.02026-01-15A stored cross-site scripting (XSS) vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content.
CVE-2026-1010High8.02026-01-15A stored cross-site scripting (XSS) vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs.
CVE-2026-1008High7.62026-01-15A stored cross-site scripting (XSS) vulnerability exists in the user profile text fields of Altium 365.
CVE-2026-1011Medium6.12026-01-16A stored cross-site scripting (XSS) vulnerability exists in the Altium Support Center AddComment endpoint due to missing server-side input sanitization.

Apache · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-60021Critical9.82026-01-16Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to inject remote command.
CVE-2025-68675High7.52026-01-16In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information.
CVE-2025-68438High7.52026-01-16In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed [core] max_templated_field_length, sensitive values could be exposed in cleartext in the Rendered Templates UI.
CVE-2025-66169Medium5.32026-01-14Cypher Injection vulnerability in Apache Camel camel-neo4j component.

Automai · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-46066Critical9.92026-01-12An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges
CVE-2025-46070Critical9.82026-01-12An issue in Automai BotManager v.25.2.0 allows a remote attacker to execute arbitrary code via the BotManager.exe component
CVE-2025-46068High8.82026-01-12An issue in Automai Director v.25.2.0 allows a remote attacker to execute arbitrary code via the update mechanism
CVE-2025-46067High8.22026-01-12An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information via a crafted js file

Imaginationtech · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-25176Critical9.12026-01-13Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform.
CVE-2025-58411High8.82026-01-13Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario.
CVE-2025-10865High7.82026-01-13Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free.
CVE-2025-58409Low3.52026-01-13Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.

Imaster · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-410062026-01-12Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’.
CVE-2025-410052026-01-12Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchange_offers.php’.
CVE-2025-410042026-01-12Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter.
CVE-2025-410032026-01-12Imaster's Patient Record Management System contains a stored Cross-Site Scripting (XSS) vulnerability in the endpoint ‘/projects/hospital/admin/edit_patient.php’.

Insyde Software · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12053High7.82026-01-14The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
CVE-2025-12052High7.82026-01-14The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
CVE-2025-12051High7.82026-01-14The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
CVE-2025-12050High7.82026-01-14The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.

Red Hat · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12548Critical9.02026-01-13A flaw was found in Eclipse Che che-machine-exec.
CVE-2025-14242Medium6.52026-01-14A flaw was found in vsftpd.
CVE-2026-0716Medium4.82026-01-13A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages.
CVE-2026-0976Low3.72026-01-15A flaw was found in Keycloak.

Thelibrarian · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0616High7.52026-01-16TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system.
CVE-2026-0613High7.52026-01-16The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzne…
CVE-2026-0612High7.52026-01-16The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastruc…
CVE-2026-0615High7.32026-01-16The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend.

Typo3 · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-59022High8.12026-01-13Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table.
CVE-2026-0859High7.82026-01-13TYPO3's mail‑file spool deserialization flaw lets local users with write access to the spool directory craft a malicious file that is deserialized during the mailer:spool:send command, enabling arbitrary PHP code execution on the web serve…
CVE-2025-59020Medium6.52026-01-13By exploiting the defVals parameter, attackers could bypass field‑level access checks during record creation in the TYPO3 backend.
CVE-2025-59021Medium6.42026-01-13Backend users with access to the redirects module and write permission on the sys_redirect table were able to read, create, and modify any redirect record without restriction to the user’s own file-mounts or web-mounts.

Weblate · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23535High8.02026-01-16wlc is a Weblate command-line client using Weblate's REST API.
CVE-2026-21889High7.52026-01-14Weblate is a web based localization tool.
CVE-2026-22251Medium5.32026-01-12wlc is a Weblate command-line client using Weblate's REST API.
CVE-2026-22250Low2.52026-01-12wlc is a Weblate command-line client using Weblate's REST API.

Wireshark · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0961Medium5.52026-01-14BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
CVE-2026-0962Medium5.32026-01-14SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
CVE-2026-0959Medium5.32026-01-14IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
CVE-2026-0960Medium4.72026-01-14HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service

Workdo · 4 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-409782026-01-12Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request to ‘/ticket/x/conversion’, using the ‘reply_description’ pa…
CVE-2025-409772026-01-12Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack of proper validation of user input by sending a POST request to ‘/store-ticket’, using the ‘subject’ and ‘description’ parameters.
CVE-2025-409762026-01-12Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's TicketGo, consisting of a lack of proper validation of user input by sending a POST request to ‘/ticketgo-saas/home’, using the ‘description’ parameter.
CVE-2025-409752026-01-12Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's HRMGo, consisting of a lack of proper validation of user input by sending a POST request to ‘/hrmgo/ticket/changereply’, using the ‘description’ parameter.

Acer · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47826High7.82026-01-16Acer Backup Manager 3.0.0.99 contains an unquoted service path vulnerability in the NTI IScheduleSvc service that allows local users to potentially execute arbitrary code.
CVE-2021-47825High7.82026-01-16Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges.
CVE-2021-47823High7.82026-01-16Acer ePowerSvc 6.0.3008.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges.

Avahi · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68471Medium6.52026-01-12Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite.
CVE-2025-68468Medium6.52026-01-12Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite.
CVE-2025-68276Medium5.52026-01-12Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite.

Cisco · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-20076Medium4.82026-01-15A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vuln…
CVE-2026-20075Medium4.82026-01-15A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack a…
CVE-2026-20047Medium4.82026-01-15A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks ag…

Delta Electronics · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-62582Critical9.82026-01-16Delta Electronics DIAView has multiple vulnerabilities.
CVE-2025-62581Critical9.82026-01-16Delta Electronics DIAView has multiple vulnerabilities.
CVE-2026-0975High7.82026-01-16Delta Electronics DIAView has Command Injection vulnerability.

Espressif · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68656Medium6.82026-01-12Espressif ESP-IDF USB Host HID (Human Interface Device) Driver allows access to HID devices.
CVE-2025-68622Medium6.82026-01-12Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras.
CVE-2025-68657Medium6.42026-01-12Espressif ESP-IDF USB Host HID (Human Interface Device) Driver allows access to HID devices.

Google · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-48647High7.82026-01-16In cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory overwrite due to improper input validation.
CVE-2026-0897High7.52026-01-15Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a cra…
CVE-2025-36911High7.12026-01-15In key-based pairing, there is a possible ID due to a logic error in the code.

Hewlett Packard Enterprise (Hpe) · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-37186High7.82026-01-13A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client.
CVE-2025-37166High7.52026-01-13A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services.
CVE-2025-37165High7.52026-01-13A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces.

Ibm · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0990Medium5.92026-01-15A flaw was found in libxml2, an XML parsing library.
CVE-2026-0989Low3.72026-01-15A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled.
CVE-2026-0992Low2.92026-01-15A flaw was found in the libxml2 library.

Invoiceplane · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67084Critical9.92026-01-15File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, which can later be executed remotely, leading to Remote Code Execution (RCE).
CVE-2025-67082Medium6.52026-01-15An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity" and "minQuantity" parameters when generating a report.
CVE-2025-67083Medium5.32026-01-15Directory traversal vulnerability in InvoicePlane through 1.6.3 allows unauthenticated attackers to read files from the server.

Progress · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-13774High8.82026-01-13A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands.
CVE-2025-13447High8.42026-01-13OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsaniti…
CVE-2025-13444High8.42026-01-13OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsaniti…

Siemens · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-40805Critical10.02026-01-13Affected devices do not properly enforce user authentication on specific API endpoints.
CVE-2025-40942High8.82026-01-13A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4).
CVE-2025-40944High7.52026-01-13A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) (All versions >= V4.2.0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) (A…

Stackideas · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-21625High8.82026-01-16User provided uploads to the Easy Discuss component for Joomla aren't properly validated.
CVE-2026-21624Medium5.42026-01-16Lack of input filterung leads to a persistent XSS vulnerability in the user avatar text handling of the Easy Discuss component for Joomla.
CVE-2026-21623Medium5.42026-01-16Lack of input filterung leads to a persistent XSS vulnerability in the forum post handling of the Easy Discuss component for Joomla.

Toa Corporation · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-20759High8.82026-01-16OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low("monitoring user") or higher privilege to execute an arbitrary OS command.
CVE-2026-22876Medium6.52026-01-16Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation.
CVE-2026-20894Medium4.82026-01-16Cross-site scripting vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation.

Typesetter · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-71166Medium5.42026-01-14Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting (XSS) vulnerability in the administrative interface within the Tools Status move message handling.
CVE-2025-71165Medium5.42026-01-14Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting (XSS) vulnerability in the administrative interface within the Tools Status functionality.
CVE-2025-71164Medium5.42026-01-14Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting (XSS) vulnerability in the Editing component.

Unknown · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-10915Critical9.82026-01-13The Dreamer Blog WordPress theme through 1.2 is vulnerable to arbitrary installations due to a missing capability check.
CVE-2025-14829Critical9.12026-01-13The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation.
CVE-2025-14579Medium4.82026-01-12The Quiz Maker WordPress plugin before 6.7.0.89 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability…

Viaviweb · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50893Critical9.82026-01-13VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality.
CVE-2022-50892High8.22026-01-13VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials.
CVE-2022-50894Medium6.52026-01-13VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the img_id parameter.

Zohocorp · 3 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-11250Critical9.12026-01-13Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.
CVE-2025-11669High8.12026-01-13Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality.
CVE-2025-9435Medium5.52026-01-13Zohocorp ManageEngine ADManager Plus versions below 7230 are vulnerable to Path Traversal in the User Management module

10-strike · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47772Critical9.82026-01-1510-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution.
CVE-2021-47767High7.82026-01-1510-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges.

Akinloluwami · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22819Medium5.92026-01-14Outray openSource ngrok alternative.
CVE-2026-22820Low3.72026-01-14Outray openSource ngrok alternative.

Anoma · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22812High8.82026-01-12OpenCode is an open source AI coding agent.
CVE-2026-22813Medium6.12026-01-12OpenCode is an open source AI coding agent.

Blurams · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-65397Medium6.82026-01-14An insecure authentication mechanism in the safe_exec.sh startup script of Blurams Flare Camera version 24.1114.151.929 and earlier allows an attacker with physical access to the device to execute arbitrary commands with root privileges, i…
CVE-2025-65396Medium6.12026-01-14A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface.

Brother · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2020-36929High7.82026-01-16Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code.
CVE-2020-36928High7.82026-01-16Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBA_Agent_Client service running with LocalSystem privileges.

Celestialsoftware · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47765Medium5.52026-01-15AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields.
CVE-2021-47764Medium5.52026-01-15AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating DialUp connection and license name fields.

Chikitsa · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47758High8.82026-01-15Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality.
CVE-2021-47757High8.82026-01-15Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality.

Code-projects · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0852High7.32026-01-12A security flaw has been discovered in code-projects Online Music Site 1.0.
CVE-2026-0851High7.32026-01-12A vulnerability was identified in code-projects Online Music Site 1.0.

Connectwise · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0695High8.72026-01-16In ConnectWise PSA versions older than 2026.1, Time Entry notes stored in the Time Entry Audit Trail may be rendered without applying output encoding to certain content.
CVE-2026-0696Medium6.52026-01-16In ConnectWise PSA versions older than 2026.1, certain session cookies were not set with the HttpOnly attribute.

D3dsecurity · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-65552Critical9.82026-01-12D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel.
CVE-2025-65553Medium6.52026-01-12D3D Wi-Fi Home Security System ZX-G12 v2.1.17 is susceptible to RF jamming on the 433 MHz alarm sensor channel.

Datadog · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22871Critical9.82026-01-13GuardDog is a CLI tool to identify malicious PyPI packages.
CVE-2026-22870High7.52026-01-13GuardDog is a CLI tool to identify malicious PyPI packages.

Dell · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-46685High7.52026-01-13Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability.
CVE-2025-46684Medium6.62026-01-13Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability.

Deno · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22864High8.12026-01-15Deno is a JavaScript, TypeScript, and WebAssembly runtime.
CVE-2026-22863High7.52026-01-15Deno is a JavaScript, TypeScript, and WebAssembly runtime.

Disksorter · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47847High7.82026-01-16Disk Sorter Server 13.6.12 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code.
CVE-2021-47809High7.82026-01-16Disk Sorter Enterprise 13.6.12 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code.

Drupal · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14556Medium5.42026-01-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Flag allows Cross-Site Scripting (XSS).This issue affects Flag: from 7.X-3.0 through 7.X-3.9.
CVE-2025-14557Medium4.82026-01-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Facebook Pixel facebook_pixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1.

Ethereum · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22868High7.52026-01-13go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol.
CVE-2026-22862High7.52026-01-13go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol.

Flexense · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47807High7.82026-01-16Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code.
CVE-2020-36930High7.82026-01-16SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code.

Glpi-project · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-66417High7.52026-01-15GLPI is a free asset and IT management software package.
CVE-2025-64516High7.52026-01-15GLPI is a free asset and IT management software package.

Gnu · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0861High8.42026-01-14Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.
CVE-2026-0915High7.52026-01-15Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to…

Gothamdev · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15020Medium6.52026-01-14The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode.
CVE-2025-15021Medium4.42026-01-14The Gotham Block Extra Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping.

Gradle · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22865High7.42026-01-16Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs.
CVE-2026-22816High7.42026-01-16Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs.

Hikvision · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-66177High8.82026-01-13There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models.
CVE-2025-66176High8.82026-01-13There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products.

Hono · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22818High8.22026-01-13Hono is a Web application framework that provides support for any JavaScript runtime.
CVE-2026-22817High8.22026-01-13Hono is a Web application framework that provides support for any JavaScript runtime.

Https://github.com/shadowblip · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-660052026-01-14Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.
CVE-2025-143382026-01-14Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005.

Hubert · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-65783Critical9.82026-01-13An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.
CVE-2025-65784Medium6.52026-01-13Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request.

Inbit · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54330Critical9.82026-01-13Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets.
CVE-2023-54329Critical9.82026-01-13Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol.

Jokkedk · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54339Critical9.82026-01-13Webgrind 1.1 contains a remote command execution vulnerability that allows unauthenticated attackers to inject OS commands via the dataFile parameter in index.php.
CVE-2023-54341Medium6.12026-01-13Webgrind 1.1 and before contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts via the file parameter in index.php.

Libpng · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22801Medium6.82026-01-12LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files.
CVE-2026-22695Medium6.12026-01-12LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files.

Linknacional · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0942Medium5.32026-01-16The Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clearOrderLogs() function in all versions up to, and includ…
CVE-2026-0939Medium5.32026-01-16The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2.

Litexmedia · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50922Critical9.82026-01-13Audio Conversion Wizard v2.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory with a specially crafted registration code.
CVE-2021-47775High8.42026-01-15YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler.

Llamaindex · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2024-14021High7.82026-01-12LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.load_from_disk() in llama_index/indices/managed/bge_m3/base.py.
CVE-2024-58339High7.52026-01-12LlamaIndex (run-llama/llama_index) versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation.

Mattermost · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14435Medium6.82026-01-16Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops.
CVE-2025-14822Low3.12026-01-16Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens

Merit Lilin · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0855High8.82026-01-12Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
CVE-2026-0854High8.82026-01-12Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.

Mitel · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67822Critical9.42026-01-15A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication m…
CVE-2025-67823High8.22026-01-15A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting (XSS) attack due to insufficient…

Naver · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23769Medium6.12026-01-16lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files.
CVE-2026-23768Medium6.12026-01-16lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or object tags are used with a src attribut…

Nsasoft · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47815High7.52026-01-16Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application.
CVE-2021-47814High7.52026-01-16NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field.

Riot · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22214Critical9.82026-01-12RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data.
CVE-2026-22213Critical9.82026-01-12RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility.

Schneider Electric · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-13845High7.82026-01-15CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.
CVE-2025-13844Medium5.32026-01-15CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.

Smci · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12007High8.42026-01-16There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F .
CVE-2025-12006High7.22026-01-16There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F .

Smewebify · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22788High8.22026-01-12WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry.
CVE-2026-22789Medium5.42026-01-12WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry.

Sonatype · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-06002026-01-14Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to configure proxy repositories with URLs that can access unintended network destinations, potenti…
CVE-2026-06012026-01-14A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction.

Tinyos · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2026-222112026-01-14TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack.
CVE-2026-222122026-01-12TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility.

Umbraco · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68924High7.52026-01-16In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
CVE-2021-47776Medium5.32026-01-15Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints.

Viafirma · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2025-41078High8.12026-01-12Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by…
CVE-2025-41077High8.12026-01-12IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data.

Weird-solutions · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47829High7.82026-01-16DHCP Broadband 4.1.0.1503 contains an unquoted service path vulnerability in its service configuration that allows local attackers to execute code with elevated privileges.
CVE-2021-47828High7.82026-01-16BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration.

Youphptube · 2 CVEs

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47750Medium6.12026-01-13YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page.
CVE-2021-47749Medium5.52026-01-13YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests.

4homepages · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50806High7.22026-01-134images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality.

A-plus Video Technologies · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0853Medium5.32026-01-12Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information.

Aankit · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12178Medium6.42026-01-14The SpiceForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'spiceforms' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user suppl…

Abage · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15377Medium4.32026-01-14The Sosh Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0.

Abb · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14510High8.12026-01-16Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120.

Abhishekmali21 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67146Critical9.42026-01-12Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in (1) member_search.php, (2) trainer_search.php, and (3) gym_search.php, and via the 'id' parameter in (4) payment_search.ph…

Adoncreatives · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14379Medium4.42026-01-14The Testimonials Creator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 1.6 due to insufficient input sanitization and output escaping.

Adonisjs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-228142026-01-13@adonisjs/lucid is an SQL ORM for AdonisJS built on top of Knex.

Advantech · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-52694Critical10.02026-01-12Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet, potentially affecting data confidenti…

Aerocms_project · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50895Critical9.82026-01-13Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries.

Agentfront · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22686Critical10.02026-01-14Enclave is a secure JavaScript sandbox designed for safe AI agent code execution.

Ahmadgb · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15266High7.22026-01-14The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the chat message field in all versions up to, and including, 1.1.8 due to insufficient inp…

Aimeos · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47763High8.22026-01-15Aimeos 2021.10 LTS contains a SQL injection vulnerability in the json api 'sort' parameter that allows attackers to inject malicious database queries.

Aimonesoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54328Medium6.52026-01-13AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes.

Airth · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67399Medium4.62026-01-14An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller (Wi-Fi and BLE module) on the device is open to access

Aiven-open · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23529High7.72026-01-16Kafka Connect BigQuery Connector is an implementation of a sink connector from Apache Kafka to Google BigQuery.

Ajseidl · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15378High7.22026-01-14The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note_list_class' and 'popup_display_effect_in' parameters in all versions up to, and including, 1.0 due to missing authorization and nonce verific…

Alextselegidis · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23622High8.82026-01-15Easy!Appointments is a self hosted appointment scheduler.

Algo Solutions · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50909High8.82026-01-13Algo 8028 Control Panel version 3.3.3 contains a command injection vulnerability in the fm-data.lua endpoint that allows authenticated attackers to execute arbitrary commands.

Aliasvault · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22694Medium6.12026-01-14AliasVault is a privacy-first password manager with built-in email aliasing.

Altumcode · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-66939Medium5.42026-01-12Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file

Amauri · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22809Medium4.42026-01-13tarteaucitron.js is a compliant and accessible cookie banner.

Amd · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-299432026-01-16Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.

Ametys · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50937Medium6.12026-01-13Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links.

Amitmerchant1990 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47837High7.22026-01-16Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files.

Anaconda · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23528Medium6.12026-01-16Dask distributed is a distributed task scheduler for Dask.

Anycomment · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67025Medium6.12026-01-15Cross Site Scripting vulnerability in Anycomment anycomment.io 0.4.4 allows a remote attacker to execute arbitrary code via the Anycomment comment section

Anysphere · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22708Critical9.82026-01-14Cursor is a code editor built for programming with AI.

Aplazopayment · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15512Medium5.32026-01-14The Aplazo Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_success_response() function in all versions up to, and including, 1.4.3.

Appsmith · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22794Critical9.62026-01-12Appsmith is a platform to build admin panels, internal tools, and dashboards.

Arcane · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23520Critical9.02026-01-15Arcane provides modern docker management.

Arm · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-0647High7.92026-01-14In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain.

Arunna · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47754Medium6.52026-01-15Arunna 1.0.0 contains a cross-site request forgery vulnerability that allows attackers to manipulate user profile settings without authentication.

Assaf Parag · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2019-252972026-01-16Poll, Survey & Quiz Maker Plugin by Opinion Stage Wordpress plugin versions prior to 19.6.25 contain a stored cross-site scripting (XSS) vulnerability via multiple parameters due to insufficient input validation and output escaping.

Automattic · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54332Medium6.12026-01-13Jetpack 11.4 contains a cross-site scripting vulnerability in the contact form module that allows attackers to inject malicious scripts through the post_id parameter.

Awesomesupport · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12641Medium6.52026-01-16The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in all versions up to, and including, 6.3.6.

B2evolution · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47800Medium5.32026-01-16b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication.

B3log · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23645Medium6.12026-01-16SiYuan is self-hosted, open source personal knowledge management software.

Bdtask · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47769Medium4.82026-01-15Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules.

Bee Interactive · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14894Critical9.82026-01-16Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed…

Beehive Forum · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50910Critical9.82026-01-13Beehive Forum 1.5.2 contains a host header injection vulnerability in the forgot password functionality that allows attackers to manipulate password reset requests.

Bestpractical · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-61873Low2.62026-01-16Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.

Blackberry Ltd · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-8090Medium6.22026-01-13Null pointer dereference in the MsgRegisterEvent() system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel.

Brechtvds · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15527Medium4.32026-01-16The WP Recipe Maker plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 10.2.2 via the api_get_post_summary function due to insufficient restrictions on which posts can be retrieved.

Busymac · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-66689Medium6.52026-01-12A path traversal vulnerability exists in Zen MCP Server before 9.8.2 that allows authenticated attackers to read arbitrary files on the system.

Butlerblog · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14448Medium5.42026-01-15The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Multiple Checkbox and Multiple Select user profile fields in all versions up to, and including, 3.5.4.3 due to insufficient input sa…

Cakephp · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23643Medium5.42026-01-16CakePHP is a rapid development framework for PHP.

Cal · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23478Critical9.82026-01-13Cal.com is open-source scheduling software.

Chainlit · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68492Medium4.22026-01-14Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability.

Chamilo · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-69581Medium5.52026-01-16An issue was discovered in Chamillo LMS 1.11.2.

Changjetong Information Technology Co., Ltd. · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-7334Critical9.82026-01-15Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution.

Checkpoint · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-9142High7.52026-01-14A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory.

Cinspiration · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47771Medium5.52026-01-15RDP Manager 4.9.9.3 contains a denial of service vulnerability in connection input fields that allows local attackers to crash the application.

Cleidigh · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47768Medium6.12026-01-15ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads.

Clevo · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-53984High8.42026-01-13Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges.

Cmder · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47781Critical9.82026-01-15Cmder Console Emulator 1.3.18 contains a buffer overflow vulnerability that allows attackers to trigger a denial of service condition through a maliciously crafted .cmd file.

Cobbr · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2020-36911Critical9.82026-01-13Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges.

Cobiansoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50923High7.82026-01-13Cobian Backup 0.9 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges.

Codedropz · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14457Low3.72026-01-15The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership check in the dnd_codedropz_upload_delete() function in all versions up to, and inc…

Codepeople · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0684Medium4.32026-01-13The CP Image Store with Slideshow plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.9 due to a logic error in the 'cpis_admin_init' function's permission check.

Codewithcj · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-65368Medium6.12026-01-15SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting (XSS) via user input and LLM output.

Color · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22861High8.82026-01-13iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles.

Connectify Inc · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50929High8.42026-01-13Connectify Hotspot 2018 contains an unquoted service path vulnerability in its ConnectifyService executable that allows local attackers to potentially execute arbitrary code.

Contpaqi · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50938High8.42026-01-13CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges.

Cooler Master Technology Inc. · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50808High8.42026-01-13CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges.

Cotonti · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47808Medium5.42026-01-16Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter.

Covid-19_contact_tracing_system_project · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-66802Critical9.82026-01-12Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE (Remote Code Execution).

Croixhaug · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12166High7.52026-01-14The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection via the `order` and `append_where_sql` parameters in all versions up to, and including, 1.6.9.9 due to…

Crushpics · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14482Medium4.32026-01-14The Crush.pics Image Optimizer - Image Compression and Optimization plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on multiple functions in all versions up to, and including, 1.8.7.

Cyberfox · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47784High7.52026-01-15Cyberfox Web Browser 52.9.1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the search bar with excessive data.

Danny-avila · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22252Critical9.12026-01-12LibreChat is a ChatGPT clone with additional features.

Daschmi · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14613High7.22026-01-14The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.

Dashboardbuilder · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14615High7.12026-01-14The DASHBOARD BUILDER – WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.7.

Ddsn · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-63314Critical10.02026-01-12A static password reset token in the password reset function of DDSN Interactive Acora CMS v10.7.1 allows attackers to arbitrarily reset the user password and execute a full account takeover via a replay attack.

Debian · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23490High7.52026-01-16pyasn1 is a generic ASN.1 library for Python.

Defenseunicorns · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23634Unrated2026-01-16Pepr is a type safe K8s middleware.

Denver · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47796Critical9.82026-01-16Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell.

Dfieldfl · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0734Medium4.42026-01-14The WP Allowed Hosts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allowed-hosts' parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping.

Dfir-iris · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22783Critical9.62026-01-12Iris is a web collaborative platform that helps incident responders share technical details during investigations.

Diskboss · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47822High7.82026-01-16DiskBoss Service 12.2.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to execute code with elevated privileges.

Diskpulse · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2020-36927High7.82026-01-16DiskPulse Enterprise 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code.

Disksavvy · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47805High7.82026-01-16Disk Savvy 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code.

Divisupreme · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-13062High8.82026-01-15The Supreme Modules Lite plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.5.62.

Docmost · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22249High7.12026-01-15Docmost is an open-source collaborative wiki and documentation software.

Dolibarr · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47779Medium5.42026-01-16Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts.

Donknap · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-66292High8.12026-01-15DPanel is an open source server management panel written in Go.

Dupscout · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47806High7.82026-01-16Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code.

Dupterminator · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47818High7.52026-01-16DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box.

Dvcrn · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47838High7.22026-01-16Markright 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to embed malicious payloads in markdown files.

Dynojet · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47773High7.82026-01-15Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges.

Eachitaly · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-65349Medium5.42026-01-15A Stored Cross-Site Scripting (XSS) vulnerability in Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to execute arbitrary scripts via a crafted payload due to unsanitize…

Easeus · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50914High8.42026-01-13EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable.

Eclipse · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-1002Medium5.32026-01-15The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI.

Eigent · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22869Critical9.82026-01-13Eigent is a multi-agent Workforce.

Ekoopmans · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22787Medium6.12026-01-14html2pdf.js converts any webpage or element into a printable PDF entirely client-side.

Electric-studio · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0741Medium4.42026-01-14The Electric Studio Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping.

Emaintenance · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-143172026-01-14In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a `loyaltyGuestId` parameter.

Emerson · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50930High8.42026-01-13Emerson PAC Machine Edition 9.80 contains an unquoted service path vulnerability in the TrapiServer service that allows local users to potentially execute code with elevated privileges.

Emlog · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22799High8.82026-01-12Emlog is an open source website building system.

Emqx · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2024-48077High7.52026-01-15NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling.

En · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47774Critical9.82026-01-15Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code.

Enhancesoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22200High7.52026-01-12Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality.

Enterprisedb · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0949Medium6.52026-01-16PEM versions prior to 9.8.1 are affected by a stored Cross-site Scripting (XSS) vulnerability that allows users with access to the Manage Charts menu to inject arbitrary JavaScript when creating a new chart, which is then executed by any u…

Entrust Corporation · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-237462026-01-15Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service (DCG.SmartCa…

Envoyproxy · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22771High8.82026-01-12Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway.

Epic Games · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-61973High8.82026-01-15A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store.

Eptura · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-25652High7.52026-01-13In Eptura Archibus 2024.03.01.109, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to directory traversal.

Eramba · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-55462Medium6.52026-01-13A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true.

Ethersoftware · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47785Critical9.82026-01-16Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution.

Explorerplusplus · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54334Critical9.82026-01-13Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler (SEH) records that allows attackers to execute arbitrary code.

Exrick · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-36331High8.22026-01-12Incorrect access control in the /member/orderList API of xmall v1.1 allows attackers to arbitrarily access other users' order details via manipulation of the query parameter userId.

Extplorer · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54335Critical9.82026-01-13eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request.

Fabricators · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2024-54855Medium6.42026-01-13fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts.

Flipped-aurora · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22786High7.22026-01-12Gin-vue-admin is a backstage management system based on vue and gin.

Floattechnologies · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15513Medium5.32026-01-14The Float Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to improper error handling in the verifyFloatResponse() function in all versions up to, and including, 1.1.9.

Frappe · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23497Medium5.42026-01-14Frappe Learning Management System (LMS) is a learning system that helps users structure their content.

Freeimage_project · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-70968Critical9.82026-01-14FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE().

Freeter · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47835High7.22026-01-16Freeter 1.2.1 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads in custom widget titles and files.

Gearboxcomputers · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47833High7.82026-01-16WifiHotSpot 1.0.0.0 contains an unquoted service path vulnerability in its WifiHotSpotService.exe that allows local attackers to execute code with elevated privileges.

Geonetwork · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50899Medium6.52026-01-13Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server.

Geovision · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47795Medium6.22026-01-16GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization.

Getgrav · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47812Critical9.82026-01-16GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint.

Getoutline · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54331High7.82026-01-13Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges.

Gitlab · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-11224High7.72026-01-14GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through imprope…

Graphql-hive · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-237352026-01-16GraphQL Modules is a toolset of libraries and guidelines dedicated to create reusable, maintainable, testable and extendable modules out of your GraphQL server.

Grocerycrud · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47811Critical9.12026-01-16Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows remote attackers to manipulate database queries.

Guillaumev · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0812Medium4.42026-01-14The LinkedIn SC plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'linkedin_sc_date_format', 'linkedin_sc_api_key', and 'linkedin_sc_secret_key' parameters in all versions up to, and including, 1.1.9 due to insuffic…

Gurayyarar · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47841Medium6.12026-01-16SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets.

H3 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23527High8.92026-01-15H3 is a minimal H(TTP) framework built for high performance and portability.

Hcl Software · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-59870High7.42026-01-16HCL MyXalytics  is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk

Httpdebugger · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47762High7.82026-01-15HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges.

Https://github.com/linrunner · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-678592026-01-14A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Humansignal · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22033Medium5.42026-01-12Label Studio is a multi-type data labeling and annotation tool.

I-funbox · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47803High7.82026-01-16iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges.

Ilwebmaster21 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50921High7.82026-01-13WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges.

Impresscms · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50912Critical9.82026-01-13ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files.

Infonetsoftware · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54336High8.42026-01-13Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges.

Isaacs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23745Medium6.12026-01-16node-tar is a Tar for Node.js.

Itec · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50913High8.42026-01-13ITeC ITeCProteccioAppServer contains an unquoted service path vulnerability that allows local attackers to execute code with elevated system privileges.

Itflow · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67081Medium4.92026-01-15An SQL injection vulnerability in Itflow through 25.06 has been identified in the "role_id" parameter when editing a profile.

Ivt Corp · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50928High7.82026-01-13BlueSoleilCS 5.4.277 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code.

Jayesh · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-51567Critical9.12026-01-12A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender…

Jeroenpeters1986 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15283High7.22026-01-14The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' and 'name_directory_description' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitiza…

Jersou · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47836Medium6.12026-01-16Markdown Explorer 0.1.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through file uploads and editor inputs.

Jotron · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47842High7.22026-01-16StudyMD 0.3.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files.

Kalyan02 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50898High8.82026-01-13NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation.

Keesiemeijer · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0916Medium6.42026-01-16The Related Posts by Taxonomy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'related_posts_by_tax' shortcode in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output…

Kiwicommerce · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14464Medium5.32026-01-14The PDF Resume Parser plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.

Kunzemarketing · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15486Medium4.42026-01-14The Kunze Law plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's shortcode in all versions up to, and including, 2.1 due to the plugin fetching HTML content from a remote server and injecting it into pages witho…

Kyocera · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50932High7.52026-01-13Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path.

Laborator · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12895Medium5.32026-01-15The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kalium_vc_contact_form_request() function in all versions up to, and including…

Lakefs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68671Medium6.52026-01-15lakeFS is an open-source tool that transforms object storage into a Git-like repositories.

Langchain · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2024-58340High7.52026-01-12LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service (ReDoS) vulnerability in the MRKLOutputParser.parse() method (libs/langchain/langchain/agents/mrkl/output_parser.py).

Laravel · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47756High8.42026-01-16Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges.

Lasuite · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22867High8.72026-01-15LaSuite Doc is a collaborative note taking, wiki and documentation platform.

Leawo · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47797High7.52026-01-16Leawo Prof.

Lemonldap-ng · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-31510High7.22026-01-16In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XSS) allows remote attackers to inject arbitrary web script or HTML (into the login page) via the tab parameter, for Choice authentication.

Lemonsoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-94272026-01-13Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lemonsoft WordPress add on allows Cross-Site Scripting (XSS).This issue affects WordPress add on: 2025.7.1.

Levelprograms · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47766High7.12026-01-15Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb' parameter of kmaleonW.php that allows attackers to manipulate database queries.

Lfprojects · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14279High8.12026-01-12MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server.

Libsndfile_project · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-56226Medium5.32026-01-14Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.

Linuxfoundation · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22772Medium5.82026-01-12Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity.

Liquidweb · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14844High8.22026-01-16The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcp_stripe_create_setup_intent_for_saved_card' function due to missing capability c…

Logiceverest · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0678Medium4.92026-01-14The Flat Shipping Rate by City for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the 'cities' parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied paramete…

Lottiefile · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0717Medium5.32026-01-14The LottieFiles – Lottie block for Gutenberg plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.0 via the `/wp-json/lottiefiles/v1/settings/` REST API endpoint.

Ludashi · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-67246High7.32026-01-15A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler.

Lycheeorg · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22784Medium4.32026-01-12Lychee is a free, open-source photo-management tool.

Macro-expert · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47780High7.82026-01-16Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges.

Mailerlite · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-1000Medium6.52026-01-16The MailerLite - WooCommerce integration plugin for WordPress is vulnerable to unauthorized data modification and deletion in all versions up to, and including, 3.1.3.

Mailhog · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50908High7.22026-01-13Mailhog 1.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through email attachments.

Makesweat · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-13627Medium4.42026-01-14The Makesweat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'makesweat_clubid' setting in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping.

Malavida · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50933High7.82026-01-13Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges.

Mallsop · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0594Medium6.12026-01-14The List Site Contributors plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'alpha' parameter in versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping.

Maximmasiutin · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22781Critical9.82026-01-12TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32.

Mcpjam · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23744Critical9.82026-01-16MCPJam inspector is the local-first development platform for MCP servers.

Metabase · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22805High8.62026-01-12Metabase is an open-source data analytics platform.

Metagauss · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14507Medium5.32026-01-13The EventPrime - Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.0 via the REST API.

Millegpg · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47761High7.82026-01-15MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory.

Mindsdb · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68472High8.12026-01-12MindsDB is a platform for building artificial intelligence from enterprise data.

Mit · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-24528High7.12026-01-16In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c.

Modular Ds · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23550Critical9.82026-01-14Incorrect Privilege Assignment vulnerability in Modular DS Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from n/a through <= 2.5.1.

Moeditor · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47840High7.22026-01-16Moeditor 0.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files.

Mpdf · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50897Medium5.52026-01-13mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters.

Mrvladus · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-71063High8.22026-01-12Errands before 46.2.10 does not verify TLS certificates for CalDAV servers.

N8n · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68949Medium5.32026-01-13n8n is an open source workflow automation platform.

National Oceanic And Atmospheric Administration (Noaa) · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-62193Critical9.82026-01-15Sites running NOAA PMEL Live Access Server (LAS) are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions.

Neoteroi · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22779Medium5.32026-01-14BlackSheep is an asynchronous web framework to build event based web applications with Python.

Netapp · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22050Medium4.32026-01-12ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none.

Netcashpaynow · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14880Medium5.32026-01-14The Netcash WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_return_url function in all versions up to, and including, 4.1.3.

Ninjateam · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14001Medium5.42026-01-13The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'duplicateBulkHandle' and 'duplicateBulkHandleHPOS' functions in all versions up to, and including, 1.8.

Nodejs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22036Medium5.92026-01-14Undici is an HTTP/1.1 client for Node.js.

Nofearinc · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14854Medium5.42026-01-14The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpcrm_get_email_recipients and wpcrm_system_ajax_task_change_status AJAX functions in all versions up to, and including, 3…

Noteburner · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47798Critical9.82026-01-16NoteBurner 2.35 contains a buffer overflow vulnerability in the license code input field that allows attackers to crash the application.

Nsauditor · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47813High7.52026-01-16Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field.

Nsecsoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68947Medium4.72026-01-13NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver.

Obridgeacademy · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14389Medium4.32026-01-14The WPBlogSyn plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.

Odinesolutions · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47782High8.22026-01-16Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries.

Ollama · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15514High7.52026-01-12Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer dereference vulnerability in the multi-modal model image processing functionality.

Omnilogic · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2012-100642026-01-16Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint.

Openagentplatform · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23523Critical9.62026-01-16Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs.

Openc3 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68271Critical10.02026-01-13OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems.

Opencryptoki · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22791Medium6.62026-01-13openCryptoki is a PKCS#11 library and tools for Linux and AIX.

Opensc Project · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-24531Medium6.72026-01-16In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.

Opensourcepos · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-68658Medium4.32026-01-13Open Source Point of Sale (opensourcepos) is a web based point of sale application written in PHP using CodeIgniter framework.

Orval · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22785Critical9.82026-01-12orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification.

Pabloandumundu · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47843Medium5.42026-01-15Tagstoo 2.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious payloads through files or custom tags.

Palo Alto Networks · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0227High7.52026-01-15A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall.

Paultgoodchild · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15370Medium4.32026-01-16The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing va…

Payhere · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15475Medium5.32026-01-14The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the check_payhere_response function in all versions up to, and including, 2.3…

Pegasystems · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-621822026-01-13Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.

Perfitdev · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14173Medium5.32026-01-14The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1.

Phoenix Contact · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-41717High8.82026-01-13An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root.

Phphtmledit · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47751High7.52026-01-13CuteEditor for PHP (now referred to as Rich Text Editor) 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories.

Phpkf · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47753Critical9.82026-01-15phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks.

Phpwcms · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47783Medium5.42026-01-16Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript.

Pjo2 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54338High8.42026-01-13Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges.

Plugins360 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12957High8.82026-01-16The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.5.7.

Prasannasp · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0813Medium4.42026-01-14The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'short_link_post_title' and 'short_link_page_title' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and ou…

Primera · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50915High7.82026-01-13PTPublisher 2.3.4 contains an unquoted service path vulnerability in the PTProtect service that allows local attackers to potentially execute arbitrary code with elevated privileges.

Private Internet Access · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50924High8.42026-01-13Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges.

Projeqtor · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47819Critical9.82026-01-15ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities.

Proton · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50917High7.82026-01-13ProtonVPN 1.26.0 contains an unquoted service path vulnerability in its WireGuard service configuration that allows local attackers to potentially execute arbitrary code.

Prowise · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50925Critical9.82026-01-13Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attackers to send keyboard events through an exposed WebSocket on port 8082.

Pysoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47790High7.82026-01-16Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges.

Radykal · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15526Medium5.32026-01-16The Fancy Product Designer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.8.

Raimersoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47821High7.52026-01-16RarmaRadio 2.72.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing network configuration fields with large character buffers.

Rebelcode · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14375Medium6.12026-01-16The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 5.0.10 due to insufficient…

Redragon · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47786High7.52026-01-16Redragon Gaming Mouse driver contains a kernel-level vulnerability that allows attackers to trigger a denial of service by sending malformed IOCTL requests.

Remotemouse · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47792High7.82026-01-16Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges.

Ribccs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47777High8.22026-01-15Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue' parameter of the login validation endpoint.

Rndsand81 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15376Medium4.32026-01-14The Stopwords for comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.

Rocket.chat · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23477High7.72026-01-14Rocket.Chat is an open-source, secure, fully customizable communications platform.

Roxnor · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-1003Medium4.32026-01-16The GetGenie plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.3.0.

Roxy-wi · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22265High7.52026-01-15Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers.

Rustcrypto · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23519Critical9.82026-01-15RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler.

Rustfs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22782High7.52026-01-16RustFS is a distributed object storage system built in Rust.

Sablab · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14725Medium4.42026-01-14The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping.

Sandboxie · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50920High8.42026-01-13Sandboxie-Plus 5.50.2 contains an unquoted service path vulnerability in the SbieSvc Windows service that allows local attackers to potentially execute arbitrary code.

Sandboxie-plus · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47831High7.52026-01-16Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field.

Schedmd · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-43904Medium4.22026-01-16In SchedMD Slurm before 24.11.5, 24.05.8, and 23.11.11, the accounting system can allow a Coordinator to promote a user to Administrator.

Schlix · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47834Medium6.42026-01-16Schlix CMS 2.2.6-6 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into category titles.

Searchwiz · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0694Medium6.42026-01-14The SearchWiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in search results in all versions up to, and including, 1.0.0.

Servicenow · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-12420Critical9.82026-01-12A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform.

Shopware · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23498High7.22026-01-14Shopware is an open commerce platform.

Slab · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15056Medium6.12026-01-13A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting (XSS).

Slims · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50805High8.22026-01-13Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries.

Smartertools · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2020-36926High7.52026-01-16SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details.

Smartftp · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47791High7.52026-01-16SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation.

Smings · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14853Medium4.32026-01-16The LEAV Last Email Address Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions <= 1.7.1.

Smub · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14384Medium4.32026-01-16The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `/aioseo/v1/ai/credits` REST route in all versions…

Socialchampio · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14846Medium4.32026-01-14The SocialChamp with WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.5.
CVESeverityCVSSKEVPublishedSummary
CVE-2021-47755High7.52026-01-15Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint.

Software-metadata.pub · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22798Medium5.92026-01-12hermes is an implementation of the HERMES workflow to automatize software publication with rich metadata.

Specialk · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0913Medium6.42026-01-16The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'usp_access' shortcode in all versions up to, and including, 20260110 due to insu…

Splashtop · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50693High8.42026-01-13Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code.

Splinterware · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47824High7.52026-01-16iDailyDiary 4.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the preferences tab name field.

Spring · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22718Medium6.82026-01-14The VSCode extension for Spring CLI are vulnerable to command injection, resulting in command execution on the users machine.

Spy-emergency · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47845High7.82026-01-16Spy Emergency 25.0.650 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to execute code with elevated privileges.

Steven · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2011-100412026-01-15Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload vulnerability in process_upload.php due to missing file type validation.

Strongswan · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-62291High8.12026-01-16In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.

Stylemix · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14757Medium5.32026-01-16The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO.

Syed Balkhi · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2020-36919Medium6.12026-01-13WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter.

Sylkat-tools · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47752High7.52026-01-15AWebServer GhostBuilding 18 contains a denial of service vulnerability that allows remote attackers to overwhelm the server by sending multiple concurrent HTTP requests.

Sysax · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54337Critical9.12026-01-13Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application.

Tdarr · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50919Critical9.82026-01-13Tdarr 2.00.15 contains an unauthenticated remote code execution vulnerability in its Help terminal that allows attackers to inject and chain arbitrary commands.

Teamspeak · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50931High7.82026-01-13TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries.

Techknowprime · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0635Medium4.32026-01-14The Responsive Accordion Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'resp_accordion_silder_save_images' function in all versions up to, and including, 1.2.2.

Telcel · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50935Critical9.82026-01-13Flame II HSPA USB Modem contains an unquoted service path vulnerability in its Windows service configuration.

Telegram · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47793High7.52026-01-16Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized message payload.

Tenable · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-36640High8.82026-01-13A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges.

Termix · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22804High8.02026-01-12Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities.

Testa · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50896Medium6.12026-01-13Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts.

The Browser Company Of New York · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15032High7.42026-01-16Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site.

The Nu Html Checker · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-15104Medium5.32026-01-16Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services.

Thecus · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47816High8.82026-01-16Thecus N4800Eco NAS Server Control Panel contains a command injection vulnerability that allows authenticated attackers to execute arbitrary system commands through user management endpoints.

Thm · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22800Low2.42026-01-12PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton.

Torstenbulk · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14793Medium5.02026-01-16The DK PDF – WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function.

Totalav · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47787High7.82026-01-16TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges.
CVESeverityCVSSKEVPublishedSummary
CVE-2025-9014High7.52026-01-15A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation.  A remote, unauthenticated attacker can exploit this flaw and cause Denial of Serv…
CVESeverityCVSSKEVPublishedSummary
CVE-2026-06292026-01-16Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state.

Traefik · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22045Medium5.92026-01-15Traefik is an HTTP reverse proxy and load balancer.

Tridenttechnolabs · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14770High7.52026-01-14The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city' parameter in all versions up to, and including, 2.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient prepara…

Ttyplus · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47759Medium6.22026-01-15MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerability that allows local attackers to view SSH connection passwords through Windows PowerShell process listing.

Ubeeinteractive · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47820Medium5.32026-01-16Ubee EVW327 contains a cross-site request forgery vulnerability that allows attackers to enable remote access without user interaction.

Unattributed · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23800Critical10.02026-01-16Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0.

Vaghasia3 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14502Critical9.82026-01-14The News and Blog Designer Bundle plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1 via the template parameter.

Vertiv · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50927Medium6.22026-01-13Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group.

Vesparny · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47839High7.22026-01-16Marky 0.0.1 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files.

Vianeos · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47801High8.22026-01-16Vianeos OctoPUS 5 contains a time-based blind SQL injection vulnerability in the 'login_user' parameter during authentication requests.

Videolan · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-51602Medium4.82026-01-16mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.

Visual-tools · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47799Medium6.22026-01-15Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access.

Vive · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50918High8.42026-01-13VIVE Runtime Service 1.0.0.4 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges.

Vivotek · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-227552026-01-13Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391…

Vk011 · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0680Medium4.42026-01-14The Real Post Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping.

Wago · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50926Critical9.82026-01-13WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies.

Wbce · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2022-50936High8.82026-01-13WBCE CMS version 1.5.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious droplets through the admin panel.

Webbu · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-0739Medium4.42026-01-14The WMF Mobile Redirector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping.

Websitebaker · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47788High8.82026-01-16WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code.

Webssh · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47827High7.52026-01-16WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input.

Wibu · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47810High7.82026-01-16WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code.

Wisecleaner · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47804High7.82026-01-16Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges.

Woosaai · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14301Critical9.82026-01-14The Integration Opvius AI for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.0.

Wordpress · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54333High8.22026-01-13Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries.

Workorder · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-54340High8.22026-01-13WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters.

Wpcenter · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-13859Medium6.42026-01-15The AffiliateX – Amazon Affiliate Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_customization_settings AJAX action in versions 1.0.0 to 1.3.9.3.

Wpdevelop · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-14982Medium4.32026-01-16The Booking Calendar plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Exposure in all versions up to, and including, 10.14.11.

Wpdevteam · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-1004Medium5.32026-01-16The Essential Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 6.5.5 via the 'eael_product_quickview_popup' function.

Xmind · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47844Medium6.12026-01-16Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers.

Yenkee · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47789High7.52026-01-16Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input.

Yhirose · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-22776High7.52026-01-12cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library.

Ysoft · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2025-131752026-01-14Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected…

Zalando · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23742High8.82026-01-16Skipper is an HTTP router and reverse proxy for service composition.

Zesle · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2021-47794High8.82026-01-16ZesleCP 3.1.9 contains an authenticated remote code execution vulnerability that allows attackers to create malicious FTP accounts with shell injection payloads.

Zippy · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2023-53985Medium6.12026-01-13Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters.

Zitadel · 1 CVE

CVESeverityCVSSKEVPublishedSummary
CVE-2026-23511Medium5.32026-01-15ZITADEL is an open source identity management platform.