🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2024-37079 | Critical | 9.0 |
Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability — Broadcom VMware vCenter Server contains an out-of-bou…
|
⚡ Exploit ✅ Patch | Jan 23, 2026 |
| CVE-2025-34026 | Critical | 9.0 |
Versa Concerto Improper Authentication Vulnerability — Versa Concerto SD-WAN orchestration platform contains an improper…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-54313 | Critical | 9.0 |
Prettier eslint-config-prettier Embedded Malicious Code Vulnerability — Prettier eslint-config-prettier contains an embe…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-68645 | Critical | 9.0 |
Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability — Synacor Zimbra Collaboration Suite (Z…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-31125 | Critical | 9.0 |
Vite Vitejs Improper Access Control Vulnerability — Vite Vitejs contains an improper access control vulnerability that e…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2026-20045 | Critical | 9.0 |
Cisco Unified Communications Products Code Injection Vulnerability — Cisco Unified Communications Manager (Unified CM), …
|
⚡ Exploit ✅ Patch | Jan 21, 2026 |
| CVE-2025-53912 | Critical | 9.6 |
An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A s…
|
⚡ Exploit ✅ Patch | Jan 20, 2026 |
| CVE-2026-23523 | Critical | 9.6 |
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2026-23520 | Critical | 9.0 |
Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane…
|
⚡ Exploit ✅ Patch | Jan 15, 2026 |
| CVE-2026-20805 | Critical | 9.0 |
Microsoft Windows Information Disclosure Vulnerability — Microsoft Windows Desktop Windows Manager contains an informati…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2026-22794 | Critical | 9.6 |
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin …
|
⚡ Exploit ✅ Patch | Jan 12, 2026 |
| CVE-2025-8110 | Critical | 9.0 |
Gogs Path Traversal Vulnerability — Gogs contains a path traversal vulnerability affecting improper Symbolic link handli…
|
⚡ Exploit ✅ Patch | Jan 12, 2026 |
| CVE-2026-22688 | Critical | 9.9 |
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.…
|
⚡ Exploit ✅ Patch | Jan 10, 2026 |
| CVE-2025-69222 | Critical | 9.1 |
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF…
|
⚡ Exploit ✅ Patch | Jan 7, 2026 |
| CVE-2009-0556 | Critical | 9.0 |
Microsoft Office PowerPoint Code Injection Vulnerability — Microsoft Office PowerPoint contains a code injection vulnera…
|
⚡ Exploit ✅ Patch | Jan 7, 2026 |
| CVE-2025-37164 | Critical | 9.0 |
Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability — Hewlett Packard Enterprise (HPE) OneView contain…
|
⚡ Exploit ✅ Patch | Jan 7, 2026 |
| CVE-2025-64420 | Critical | 9.9 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-59157 | Critical | 9.9 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64419 | Critical | 9.6 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-66398 | Critical | 9.6 |
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticate…
|
⚡ Exploit ✅ Patch | Jan 1, 2026 |