🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-22219 | High | 7.7 |
Chainlit versions prior to 2.9.4 contain a server-side request forgery (SSRF) vulnerability in the /project/element upda…
|
⚡ Exploit ✅ Patch | Jan 20, 2026 |
| CVE-2026-1137 | High | 8.8 |
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /gof…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-1138 | High | 8.8 |
A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. …
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-1139 | High | 8.8 |
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-1140 | High | 8.8 |
A vulnerability was found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/Config…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2025-68616 | High | 7.5 |
WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery (SSRF) pro…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-23732 | High | 7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbDa…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-23850 | High | 7.5 |
SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted s…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-1192 | High | 7.3 |
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unkn…
|
⚡ Exploit ✅ Patch | Jan 19, 2026 |
| CVE-2026-23644 | High | 7.5 |
esm.sh is a no-build content delivery network (CDN) for web development. Prior to Go pseeudoversion 0.0.0-20260116051925…
|
⚡ Exploit ✅ Patch | Jan 18, 2026 |
| CVE-2021-47794 | High | 8.8 |
ZesleCP 3.1.9 contains an authenticated remote code execution vulnerability that allows attackers to create malicious FT…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2021-47780 | High | 7.8 |
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrar…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2021-47805 | High | 7.8 |
Disk Savvy 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows loca…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2021-47814 | High | 7.5 |
NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2021-47815 | High | 7.5 |
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2026-22782 | High | 7.5 |
RustFS is a distributed object storage system built in Rust. From >= 1.0.0-alpha.1 to 1.0.0-alpha.79, invalid RPC signat…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2026-23723 | High | 7.2 |
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was ide…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2021-47757 | High | 8.8 |
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup res…
|
⚡ Exploit ✅ Patch | Jan 15, 2026 |
| CVE-2021-47758 | High | 8.8 |
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attac…
|
⚡ Exploit ✅ Patch | Jan 15, 2026 |
| CVE-2026-23622 | High | 8.8 |
Easy!Appointments is a self hosted appointment scheduler. In 1.5.2 and earlier, application/core/EA_Security.php::csrf_v…
|
⚡ Exploit ✅ Patch | Jan 15, 2026 |