🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-52691 | Critical | 9.0 |
SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability — SmarterTools SmarterMail contai…
|
⚡ Exploit ✅ Patch | Jan 26, 2026 |
| CVE-2026-24061 | Critical | 9.0 |
GNU InetUtils Argument Injection Vulnerability — GNU InetUtils contains an argument injection vulnerability in telnetd t…
|
⚡ Exploit ✅ Patch | Jan 26, 2026 |
| CVE-2026-23760 | Critical | 9.0 |
SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability — SmarterTools SmarterMa…
|
⚡ Exploit ✅ Patch | Jan 26, 2026 |
| CVE-2018-14634 | Critical | 9.0 |
Linux Kernel Integer Overflow Vulnerability — Linux Kernel contains an integer overflow vulnerability in the create_elf_…
|
⚡ Exploit ✅ Patch | Jan 26, 2026 |
| CVE-2026-24304 | Critical | 9.9 |
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
|
✅ Patch | Jan 23, 2026 |
| CVE-2024-37079 | Critical | 9.0 |
Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability — Broadcom VMware vCenter Server contains an out-of-bou…
|
⚡ Exploit ✅ Patch | Jan 23, 2026 |
| CVE-2026-24307 | Critical | 9.3 |
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information o…
|
✅ Patch | Jan 22, 2026 |
| CVE-2025-31125 | Critical | 9.0 |
Vite Vitejs Improper Access Control Vulnerability — Vite Vitejs contains an improper access control vulnerability that e…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-34026 | Critical | 9.0 |
Versa Concerto Improper Authentication Vulnerability — Versa Concerto SD-WAN orchestration platform contains an improper…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-68645 | Critical | 9.0 |
Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability — Synacor Zimbra Collaboration Suite (Z…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2025-54313 | Critical | 9.0 |
Prettier eslint-config-prettier Embedded Malicious Code Vulnerability — Prettier eslint-config-prettier contains an embe…
|
⚡ Exploit ✅ Patch | Jan 22, 2026 |
| CVE-2026-20045 | Critical | 9.0 |
Cisco Unified Communications Products Code Injection Vulnerability — Cisco Unified Communications Manager (Unified CM), …
|
⚡ Exploit ✅ Patch | Jan 21, 2026 |
| CVE-2025-53912 | Critical | 9.6 |
An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A s…
|
⚡ Exploit ✅ Patch | Jan 20, 2026 |
| CVE-2026-23836 | Critical | 9.9 |
HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized co…
|
✅ Patch | Jan 19, 2026 |
| CVE-2026-23523 | Critical | 9.6 |
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0…
|
⚡ Exploit ✅ Patch | Jan 16, 2026 |
| CVE-2026-23520 | Critical | 9.0 |
Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane…
|
⚡ Exploit ✅ Patch | Jan 15, 2026 |
| CVE-2026-0500 | Critical | 9.6 |
Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthe…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0498 | Critical | 9.1 |
SAP S/4HANA (Private Cloud and On-Premise) allows an attacker with admin privileges to exploit a vulnerability in the fu…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-20805 | Critical | 9.0 |
Microsoft Windows Information Disclosure Vulnerability — Microsoft Windows Desktop Windows Manager contains an informati…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2026-22794 | Critical | 9.6 |
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin …
|
⚡ Exploit ✅ Patch | Jan 12, 2026 |