🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-68454 | High | 8.8 |
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64425 | High | 8.1 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-59158 | High | 8.0 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions pri…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64421 | High | 8.0 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2026-0621 | High | 7.5 |
Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-15456 | High | 7.3 |
A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2026-0589 | High | 7.3 |
A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-68455 | High | 7.2 |
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2026-21449 | High | 8.8 |
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template in…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-15429 | High | 8.8 |
A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function s…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-15428 | High | 8.8 |
A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemo…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-69414 | High | 8.5 |
Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myplex/account call wit…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2026-21451 | High | 8.4 |
Bagisto is an open source laravel eCommerce platform. A stored Cross-Site Scripting (XSS) vulnerability exists in Bagist…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-69415 | High | 7.1 |
In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly a…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-66398 | Critical | 9.6 |
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticate…
|
⚡ Exploit ✅ Patch | Jan 1, 2026 |
| CVE-2026-21428 | High | 7.5 |
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the ``write_h…
|
⚡ Exploit ✅ Patch | Jan 1, 2026 |
| CVE-2025-68619 | High | 7.2 |
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore i…
|
⚡ Exploit ✅ Patch | Jan 1, 2026 |
| CVE-2025-14847 | Critical | 9.0 |
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability — MongoDB Server contains a…
|
⚡ Exploit ✅ Patch | Dec 29, 2025 |
| CVE-2023-52163 | Critical | 9.0 |
Digiever DS-2105 Pro Missing Authorization Vulnerability — Digiever DS-2105 Pro contains a missing authorization vulnera…
|
⚡ Exploit ✅ Patch | Dec 22, 2025 |
| CVE-2025-14733 | Critical | 9.0 |
WatchGuard Firebox Out of Bounds Write Vulnerability — WatchGuard Fireware OS iked process contains an out of bounds wri…
|
⚡ Exploit ✅ Patch | Dec 19, 2025 |