🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2023-54340 | High | 8.2 |
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by mani…
|
✅ Patch | Jan 13, 2026 |
| CVE-2025-59022 | High | 8.1 |
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the T…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0506 | High | 8.1 |
Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attack…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0511 | High | 8.1 |
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated u…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0403 | High | 8.0 |
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN t…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0404 | High | 8.0 |
An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent at…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0406 | High | 8.0 |
An insufficient input validation vulnerability in the NETGEAR XR1000v2
allows attackers connected to the router's LAN t…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0407 | High | 8.0 |
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with Wi…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0408 | High | 8.0 |
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the…
|
✅ Patch | Jan 13, 2026 |
| CVE-2022-50921 | High | 7.8 |
WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitra…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2022-50928 | High | 7.8 |
BlueSoleilCS 5.4.277 contains an unquoted service path vulnerability in its Windows service configuration that allows lo…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2022-50931 | High | 7.8 |
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable fi…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2022-50933 | High | 7.8 |
Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute ar…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2023-54331 | High | 7.8 |
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitra…
|
⚡ Exploit ✅ Patch | Jan 13, 2026 |
| CVE-2025-68817 | High | 7.8 |
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in ksmbd_tree_connect_put…
|
✅ Patch | Jan 13, 2026 |
| CVE-2025-71089 | High | 7.8 |
In the Linux kernel, the following vulnerability has been resolved:
iommu: disable SVA when CONFIG_X86 is set
Patch se…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0405 | High | 7.8 |
An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access th…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-0859 | High | 7.8 |
TYPO3's mail‑file spool deserialization flaw lets local users with write access to the spool directory craft a malicious…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-20816 | High | 7.8 |
Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileg…
|
✅ Patch | Jan 13, 2026 |
| CVE-2026-20826 | High | 7.8 |
Concurrent execution using shared resource with improper synchronization ('race condition') in Tablet Windows User Inter…
|
✅ Patch | Jan 13, 2026 |