🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-22984 | High | 7.1 |
In the Linux kernel, the following vulnerability has been resolved:
libceph: prevent potential out-of-bounds reads in h…
|
✅ Patch | Jan 23, 2026 |
| CVE-2026-24307 | Critical | 9.3 |
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information o…
|
✅ Patch | Jan 22, 2026 |
| CVE-2025-31125 | Critical | 9.0 |
Vite Vitejs Improper Access Control Vulnerability — Vite Vitejs contains an improper access control vulnerability that e…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-34026 | Critical | 9.0 |
Versa Concerto Improper Authentication Vulnerability — Versa Concerto SD-WAN orchestration platform contains an improper…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-54313 | Critical | 9.0 |
Prettier eslint-config-prettier Embedded Malicious Code Vulnerability — Prettier eslint-config-prettier contains an embe…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-68645 | Critical | 9.0 |
Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability — Synacor Zimbra Collaboration Suite (Z…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-10856 | High | 8.1 |
Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Software Services Trade Inc. Teknoera allows Fi…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-24010 | High | 8.0 |
Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versi…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2026-24129 | High | 8.0 |
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versi…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2026-1260 | High | 7.8 |
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-1330 | High | 7.5 |
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote at…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-21520 | High | 7.5 |
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view s…
|
✅ Patch | Jan 22, 2026 |
| CVE-2025-10024 | High | 7.5 |
Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Educatio…
|
✅ Patch | Jan 22, 2026 |
| CVE-2025-10855 | High | 7.5 |
Authorization Bypass Through User-Controlled Key vulnerability in Solvera Software Services Trade Inc. Teknoera allows E…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-21521 | High | 7.4 |
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose inf…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-21524 | High | 7.4 |
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to dis…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-23988 | High | 7.3 |
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condit…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-67684 | High | 7.2 |
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart …
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-0533 | High | 7.1 |
A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation dialog and clicked by…
|
✅ Patch | Jan 22, 2026 |
| CVE-2026-0534 | High | 7.1 |
A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger a Stored Cross-site …
|
✅ Patch | Jan 22, 2026 |