🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-22783 | Critical | 9.6 |
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior…
|
✅ Patch | Jan 12, 2026 |
| CVE-2025-8110 | Critical | 9.0 |
Gogs Path Traversal Vulnerability — Gogs contains a path traversal vulnerability affecting improper Symbolic link handli…
|
⚡ Exploit ✅ Patch | Jan 12, 2026 |
| CVE-2026-22688 | Critical | 9.9 |
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.…
|
⚡ Exploit ✅ Patch | Jan 10, 2026 |
| CVE-2025-64090 | Critical | 10.0 |
This vulnerability allows authenticated attackers to execute commands via the hostname of the device.
|
✅ Patch | Jan 9, 2026 |
| CVE-2025-69222 | Critical | 9.1 |
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF…
|
⚡ Exploit ✅ Patch | Jan 7, 2026 |
| CVE-2009-0556 | Critical | 9.0 |
Microsoft Office PowerPoint Code Injection Vulnerability — Microsoft Office PowerPoint contains a code injection vulnera…
|
⚡ Exploit ✅ Patch | Jan 7, 2026 |
| CVE-2025-37164 | Critical | 9.0 |
Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability — Hewlett Packard Enterprise (HPE) OneView contain…
|
⚡ Exploit ✅ Patch | Jan 7, 2026 |
| CVE-2025-59157 | Critical | 9.9 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64420 | Critical | 9.9 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions …
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-64419 | Critical | 9.6 |
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0…
|
⚡ Exploit ✅ Patch | Jan 5, 2026 |
| CVE-2025-66398 | Critical | 9.6 |
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticate…
|
⚡ Exploit ✅ Patch | Jan 1, 2026 |
| CVE-2025-14847 | Critical | 9.0 |
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability — MongoDB Server contains a…
|
⚡ Exploit ✅ Patch | Dec 29, 2025 |
| CVE-2023-52163 | Critical | 9.0 |
Digiever DS-2105 Pro Missing Authorization Vulnerability — Digiever DS-2105 Pro contains a missing authorization vulnera…
|
⚡ Exploit ✅ Patch | Dec 22, 2025 |
| CVE-2025-14733 | Critical | 9.0 |
WatchGuard Firebox Out of Bounds Write Vulnerability — WatchGuard Fireware OS iked process contains an out of bounds wri…
|
⚡ Exploit ✅ Patch | Dec 19, 2025 |
| CVE-2025-20393 | Critical | 9.0 |
Cisco Multiple Products Improper Input Validation Vulnerability — Cisco Secure Email Gateway, Secure Email, AsyncOS Soft…
|
⚡ Exploit ✅ Patch | Dec 17, 2025 |
| CVE-2025-40602 | Critical | 9.0 |
SonicWall SMA1000 Missing Authorization Vulnerability — SonicWall SMA1000 contains a missing authorization vulnerability…
|
⚡ Exploit ✅ Patch | Dec 17, 2025 |
| CVE-2025-59374 | Critical | 9.0 |
ASUS Live Update Embedded Malicious Code Vulnerability — ASUS Live Update contains an embedded malicious code vulnerabil…
|
⚡ Exploit ✅ Patch | Dec 17, 2025 |
| CVE-2025-59718 | Critical | 9.0 |
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability — Fortinet FortiOS, FortiSwitc…
|
⚡ Exploit ✅ Patch | Dec 16, 2025 |
| CVE-2025-43529 | Critical | 9.0 |
Apple Multiple Products Use-After-Free WebKit Vulnerability — Apple iOS, iPadOS, macOS, and other Apple products contain…
|
⚡ Exploit ✅ Patch | Dec 15, 2025 |
| CVE-2025-14611 | Critical | 9.0 |
Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability — Gladinet CentreStack and TrioFox contain a har…
|
⚡ Exploit ✅ Patch | Dec 15, 2025 |