| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-0672 | Header injection in http.cookies.Morsel | Python Software Foundation | CPython | - | - | 2026-01-20 21:52:34 | Deep Dive |
| CVE-2025-15367 | POP3 command injection in user-controlled commands | Python Software Foundation | CPython | - | - | 2026-01-20 21:47:10 | Deep Dive |
| CVE-2025-15366 | IMAP command injection in user-controlled commands | Python Software Foundation | CPython | - | - | 2026-01-20 21:40:25 | Deep Dive |
| CVE-2025-15282 | Header injection via newlines in data URL mediatype | Python Software Foundation | CPython | - | - | 2026-01-20 21:35:14 | Deep Dive |
| CVE-2026-0865 | wsgiref.headers.Headers allows header newline injection | Python Software Foundation | CPython | - | - | 2026-01-20 21:26:15 | Deep Dive |
| CVE-2025-11468 | Folding email comments of unfoldable characters doesn't preserve parenthesis | Python Software Foundation | CPython | - | - | 2026-01-20 21:09:11 | Deep Dive |
| CVE-2025-59355 | Apache Linkis: Password Exposure | Apache Software Foundation | Apache Linkis | - | - | 2026-01-19 08:37:24 | Deep Dive |
| CVE-2025-29847 | Apache Linkis: Arbitrary File Read via Double URL Encoding Bypass | Apache Software Foundation | Apache Linkis | - | - | 2026-01-19 08:36:07 | Deep Dive |
| CVE-2025-68675 | Apache Airflow: proxy credentials for various providers might leak in task logs | Apache Software Foundation | Apache Airflow | 中危 | - | 2026-01-16 10:23:26 | Deep Dive |
| CVE-2025-68438 | Apache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncated | Apache Software Foundation | Apache Airflow | 中危 | - | 2026-01-16 10:06:08 | Deep Dive |
| CVE-2025-60021 | Apache bRPC: Remote command injection vulnerability in heap builtin service | Apache Software Foundation | Apache bRPC | 中危 | - | 2026-01-16 08:39:23 | Deep Dive |
| CVE-2026-0961 | Out-of-bounds Write in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.5 | 2026-01-14 20:23:49 | Deep Dive |
| CVE-2026-0962 | Out-of-bounds Write in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.3 | 2026-01-14 20:23:39 | Deep Dive |
| CVE-2026-0960 | Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark | Wireshark Foundation | Wireshark | Medium | 4.7 | 2026-01-14 20:23:34 | Deep Dive |
| CVE-2026-0959 | Out-of-bounds Write in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.3 | 2026-01-14 20:23:29 | Deep Dive |
| CVE-2025-66169 | Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component | Apache Software Foundation | Apache Camel Neo4j | - | - | 2026-01-14 11:45:20 | Deep Dive |
| CVE-2025-68493 | Apache Struts, Apache Struts: XXE vulnerability in outdated XWork component | Apache Software Foundation | Apache Struts | 高危 | - | 2026-01-11 13:05:37 | Deep Dive |
| CVE-2025-52435 | Apache Mynewt NimBLE: Invalid error handling in pause encryption procedure in NimBLE controller | Apache Software Foundation | Apache Mynewt NimBLE | 中危 | - | 2026-01-10 09:47:11 | Deep Dive |
| CVE-2025-53470 | Apache Mynewt NimBLE: Out-of-Bounds Write Vulnerability in NimBLE HCI H4 driver | Apache Software Foundation | Apache Mynewt NimBLE | 中危 | - | 2026-01-10 09:46:36 | Deep Dive |
| CVE-2025-53477 | Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI layer | Apache Software Foundation | Apache Mynewt NimBLE | 中危 | - | 2026-01-10 09:45:28 | Deep Dive |