| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27674 | Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java) | SAP_SE | SAP NetWeaver Application Server Java (Web Dynpro Java) | Medium | 6.1 | 2026-04-14 00:06:50 | Deep Dive |
| CVE-2026-3024 | Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web | Wakyma | Wakyma application web | - | - | 2026-03-16 10:13:37 | Deep Dive |
| CVE-2026-3023 | Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web | Wakyma | Wakyma application web | - | - | 2026-03-16 10:12:53 | Deep Dive |
| CVE-2026-3022 | Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web | Wakyma | Wakyma application web | - | - | 2026-03-16 10:11:30 | Deep Dive |
| CVE-2026-3021 | Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web | Wakyma | Wakyma application web | - | - | 2026-03-16 10:11:12 | Deep Dive |
| CVE-2026-3020 | Identity based authorization bypass vulnerability (IDOR) in the Wakyma application web | Wakyma | Wakyma application web | - | - | 2026-03-16 10:09:55 | Deep Dive |
| CVE-2025-2418 | Open Redirect in TR7's Web Application Firewall | TR7 Cyber Defense Inc. | Web Application Firewall | Medium | 4.3 | 2026-02-16 11:47:34 | Deep Dive |
| CVE-2026-2276 | Reflected Cross-Site Scripting in the Wix web application | Wix | web application | - | - | 2026-02-12 10:26:04 | Deep Dive |
| CVE-2026-0497 | Missing Authorization check in Business Server Pages Application (Product Designer Web UI) | SAP_SE | Business Server Pages Application (Product Designer Web UI) | Medium | 4.3 | 2026-01-13 01:13:36 | Deep Dive |
| CVE-2025-8769 | MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation | MegaSys Computer Technologies | Telenium Online Web Application | Critical | 9.8 | 2025-12-24 20:14:20 | Deep Dive |
| CVE-2025-41087 | Cross-Site Scripting (XSS) stored in Taclia's web application | Taclia | Taclia's web application | - | - | 2025-11-24 11:28:00 | Deep Dive |
| CVE-2021-4461 | Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass | Seeyon | Zhiyuan OA Web Application System | - | - | 2025-10-30 21:16:23 | Deep Dive |
| CVE-2025-10659 | MegaSys Enterprises Telenium Online Web Application OS Command Injection | MegaSys | Telenium Online Web Application: | Critical | 9.8 | 2025-09-30 20:00:53 | Deep Dive |
| CVE-2024-13174 | SQLi in E1 Informatics' Web Application | E1 Informatics | Web Application | High | 8.6 | 2025-09-16 14:28:20 | Deep Dive |
| CVE-2025-41714 | Path Traversal via 'Upload-Key' in SmartEMS Upload Handling | Welotec | SmartEMS Web Application | High | 8.8 | 2025-09-10 06:48:10 | Deep Dive |
| CVE-2010-20109 | Barracuda Spam & Virus Firewall "locale" Path Traversal | Barracuda Networks | Spam & Virus Firewall | - | - | 2025-08-21 20:09:04 | Deep Dive |
| CVE-2025-34040 | Seeyon Zhiyuan OA System Path Traversal File Upload | Seeyon (Beijing Zhiyuan Internet Software Co., Ltd.) | Zhiyuan OA Web Application System | - | - | 2025-06-24 01:12:23 | Deep Dive |
| CVE-2025-5140 | Seeyon Zhiyuan OA Web Application System ThirdMenuController.class this.oursNetService.getData server-side request forgery | Seeyon | Zhiyuan OA Web Application System | Medium | 6.3 | 2025-05-25 01:31:06 | Deep Dive |
| CVE-2025-4531 | Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injection | Seeyon | Zhiyuan OA Web Application System | Medium | 6.3 | 2025-05-11 05:31:07 | Deep Dive |
| CVE-2025-4529 | Seeyon Zhiyuan OA Web Application System ZIP File M3CoreController.class download path traversal | Seeyon | Zhiyuan OA Web Application System | Medium | 4.3 | 2025-05-11 04:00:08 | Deep Dive |