| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-59098 | Trace Functionality Leaking Sensitive Data in dormakaba access manager | dormakaba | Access Manager 92xx-k5 | - | - | 2026-01-26 10:04:51 | Deep Dive |
| CVE-2025-59097 | Unauthenticated SOAP API in dormakaba access manager | dormakaba | Access Manager 92xx-k5 | - | - | 2026-01-26 10:04:39 | Deep Dive |
| CVE-2026-1076 | Star Review Manager <= 1.2.2 - Cross-Site Request Forgery to Settings Update | bramdnl | Star Review Manager | Medium | 4.3 | 2026-01-24 07:26:42 | Deep Dive |
| CVE-2025-12836 | VK Google Job Posting Manager <= 1.2.23 - Authenticated (Author+) Stored Cross-Site Scripting via Job Description Field | vektor-inc | VK Google Job Posting Manager | Medium | 6.4 | 2026-01-24 07:26:42 | Deep Dive |
| CVE-2026-24603 | WordPress Universal Google Adsense and Ads manager plugin <= 1.1.8 - Broken Access Control vulnerability | themebeez | Universal Google Adsense and Ads manager | Medium | 5.3 | 2026-01-23 14:29:04 | Deep Dive |
| CVE-2026-0757 | MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability | MCP Manager for Claude Desktop | MCP Manager for Claude Desktop | 高危 | - | 2026-01-23 03:27:59 | Deep Dive |
| CVE-2026-24304 | Azure Resource Manager Elevation of Privilege Vulnerability | Microsoft | Azure Resource Manager | Critical | 9.9 | 2026-01-23 01:18:55 | Deep Dive |
| CVE-2026-24365 | WordPress Stock Manager for WooCommerce plugin < 3.6.0 - Cross Site Request Forgery (CSRF) vulnerability | storeapps | Stock Manager for WooCommerce | Medium | 5.4 | 2026-01-22 16:52:45 | Deep Dive |
| CVE-2025-68898 | WordPress Synergy Project Manager plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | cjjparadoxmax | Synergy Project Manager | - | - | 2026-01-22 16:52:12 | Deep Dive |
| CVE-2025-52762 | WordPress flexo-posts-manager Plugin <= 1.0001 - Cross Site Scripting (XSS) Vulnerability | flexostudio | flexo-posts-manager | High | 7.1 | 2026-01-22 16:51:45 | Deep Dive |
| CVE-2026-20045 | Cisco Unified Communications Products Remote Code Execution Vulnerability | Cisco | Cisco Unified Communications Manager | High | 8.2 | 2026-01-21 16:26:20 | Deep Dive |
| CVE-2026-0690 | FlatPM – Ad Manager, AdSense and Custom Code <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Post Meta | flatboy | FlatPM – Ad Manager, AdSense and Custom Code | Medium | 6.4 | 2026-01-20 14:26:32 | Deep Dive |
| CVE-2025-14377 | Verve Asset Manager – Plaintext Storage Vulnerabilities | Rockwell Automation | Verve Asset Manager | - | - | 2026-01-20 13:21:41 | Deep Dive |
| CVE-2025-14376 | Verve Asset Manager – Plaintext Storage Vulnerabilities | Rockwell Automation | Verve Asset Manager | - | - | 2026-01-20 13:18:32 | Deep Dive |
| CVE-2025-12984 | Advanced Ads – Ad Manager & AdSense <= 2.0.15 - Authenticated (Admin+) SQL Injection | monetizemore | Advanced Ads – Ad Manager & AdSense | Medium | 4.9 | 2026-01-17 06:42:20 | Deep Dive |
| CVE-2021-47826 | Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path | Acer | Acer Backup Manager Module | High | 7.8 | 2026-01-16 19:09:31 | Deep Dive |
| CVE-2026-0949 | EDB Postgres Enterprise Manager 安全漏洞 | EnterpriseDB | Postgres Enterprise Manager (PEM) | Medium | 6.5 | 2026-01-16 16:29:42 | Deep Dive |
| CVE-2026-20075 | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | Cisco | Cisco Evolved Programmable Network Manager (EPNM) | Medium | 4.8 | 2026-01-15 16:32:16 | Deep Dive |
| CVE-2021-47771 | RDP Manager 4.9.9.3 - Denial-of-Service (PoC) | Cinspiration | RDP Manager | Medium | 5.5 | 2026-01-15 15:52:11 | Deep Dive |
| CVE-2022-50890 | Owlfiles File Manager 12.0.1 - Path Traversal | Skyjos | Owlfiles File Manager | High | 7.5 | 2026-01-13 22:51:42 | Deep Dive |