🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-24780 | High | 8.8 |
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that aut…
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2026-25047 | High | 8.8 |
deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution …
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2020-37001 | High | 8.4 |
Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attack…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-36999 | High | 8.2 |
Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipul…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37004 | High | 8.2 |
Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract use…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37006 | High | 8.2 |
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows remote attackers to man…
|
✅ Patch | Jan 29, 2026 |
| CVE-2026-1610 | High | 8.1 |
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of t…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-7016 | High | 8.0 |
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Aut…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37016 | High | 7.8 |
BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with eleva…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37020 | High | 7.8 |
SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37021 | High | 7.8 |
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local a…
|
✅ Patch | Jan 29, 2026 |
| CVE-2026-25116 | High | 7.6 |
Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated …
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2026-25061 | High | 7.5 |
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame …
|
⚡ Exploit ✅ Patch | Jan 29, 2026 |
| CVE-2020-36995 | High | 7.5 |
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application …
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37015 | High | 7.5 |
Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attac…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-7713 | High | 7.5 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Inte…
|
✅ Patch | Jan 29, 2026 |
| CVE-2025-7714 | High | 7.5 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive…
|
✅ Patch | Jan 29, 2026 |
| CVE-2020-37005 | High | 7.1 |
TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that allows attackers to enumer…
|
✅ Patch | Jan 29, 2026 |
| CVE-2026-24897 | Critical | 10.0 |
Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged us…
|
⚡ Exploit ✅ Patch | Jan 28, 2026 |
| CVE-2026-0844 | High | 8.8 |
The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including…
|
✅ Patch | Jan 28, 2026 |