🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-59156 | High | 8.8 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64423 | High | 8.8 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64424 | High | 8.8 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-66518 | High | 8.8 |
Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.ses…
|
✅ Patch | Jan 5, 2026 |
| CVE-2025-68454 | High | 8.8 |
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64425 | High | 8.1 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-59158 | High | 8.0 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions pri…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64421 | High | 8.0 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-68428 | High | 7.5 |
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loa…
|
✅ Patch | Jan 5, 2026 |
| CVE-2025-68547 | High | 7.5 |
Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Configured Access Control…
|
✅ Patch | Jan 5, 2026 |
| CVE-2026-0621 | High | 7.5 |
Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-15456 | High | 7.3 |
A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2026-0589 | High | 7.3 |
A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-68455 | High | 7.2 |
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 ar…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-3646 | High | 7.3 |
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unau…
|
✅ Patch | Jan 4, 2026 |
| CVE-2025-64124 | High | 8.8 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…
|
✅ Patch | Jan 3, 2026 |
| CVE-2025-15428 | High | 8.8 |
A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemo…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-15429 | High | 8.8 |
A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function s…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |
| CVE-2025-64120 | High | 8.8 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…
|
✅ Patch | Jan 2, 2026 |
| CVE-2026-21449 | High | 8.8 |
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template in…
|
⚡ Exploit ✅ Patch | Jan 2, 2026 |