| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62235 | Apache Mynewt NimBLE: Incorrect handling of SMP Security Request could lead to undesirable pairing | Apache Software Foundation | Apache Mynewt NimBLE | 中危 | - | 2026-01-10 09:42:30 | Deep Dive |
| CVE-2026-0817 | CampaignEvents API missing authorization exposes meeting and chat URLs | Wikimedia Foundation | MediaWiki - CampaignEvents extension | 中危 | - | 2026-01-09 15:50:51 | Deep Dive |
| CVE-2026-22712 | ApprovedRevs allows bypassing the inline CSS sanitizer | The Wikimedia Foundation | Mediawiki - ApprovedRevs Extension | 中危 | - | 2026-01-09 00:06:22 | Deep Dive |
| CVE-2026-22713 | Stored XSS through edit summaries in GrowthExperiments | The Wikimedia Foundation | Mediawiki - GrowthExperiments Extension | 中危 | - | 2026-01-09 00:00:58 | Deep Dive |
| CVE-2026-22714 | i18n XSS, DoS and config SQLI in Monaco | The Wikimedia Foundation | Mediawiki - Monaco Skin | 中危 | - | 2026-01-08 23:56:07 | Deep Dive |
| CVE-2026-22710 | Stored XSS through autocomment system messages in Wikibase | The Wikimedia Foundation | Mediawiki - Wikibase Extension | 中危 | - | 2026-01-08 23:48:52 | Deep Dive |
| CVE-2026-0671 | Multiple stored i18n/message-key XSSes in UploadWizard | Wikimedia Foundation | MediaWiki - UploadWizard extension | 中危 | - | 2026-01-08 16:21:24 | Deep Dive |
| CVE-2026-22185 | OpenLDAP <= 2.6.10 LMDB mdb_load Heap Buffer Underflow in readline() | OpenLDAP Foundation | OpenLDAP | 中危 | - | 2026-01-07 20:26:30 | Deep Dive |
| CVE-2026-0670 | Stored XSS through a system message and a user-provided parameter in ProofreadPage | Wikimedia Foundation | MediaWiki - ProofreadPage Extension | 中危 | - | 2026-01-07 18:55:43 | Deep Dive |
| CVE-2026-0669 | Path Traversal vulnerability in CSS extension on certain web servers | Wikimedia Foundation | MediaWiki - CSS extension | 中危 | - | 2026-01-07 17:46:57 | Deep Dive |
| CVE-2026-0668 | VisualData extension: Regular Expression Denial of Service (ReDoS) via crafted user input | Wikimedia Foundation | MediaWiki - VisualData Extension | 中危 | - | 2026-01-07 17:36:19 | Deep Dive |
| CVE-2025-68637 | Apache Uniffle: Insecure SSL Configuration in Uniffle HTTP Client | Apache Software Foundation | Apache Uniffle | 超危 | - | 2026-01-07 09:39:04 | Deep Dive |
| CVE-2025-68280 | Apache SIS: XML External Entity (XXE) vulnerability | Apache Software Foundation | Apache SIS | 中危 | - | 2026-01-05 13:45:22 | Deep Dive |
| CVE-2025-66518 | Apache Kyuubi: Unauthorized directory access due to missing path normalization | Apache Software Foundation | Apache Kyuubi | 高危 | - | 2026-01-05 08:46:28 | Deep Dive |
| CVE-2025-47411 | Apache StreamPipes: Leverage of User ID for Privilege Escalation | Apache Software Foundation | Apache StreamPipes | 高危 | - | 2026-01-01 16:41:52 | Deep Dive |
| CVE-2025-48769 | Apache NuttX RTOS: fs/vfs/fs_rename: use after free | Apache Software Foundation | Apache NuttX RTOS | 中危 | - | 2026-01-01 16:14:33 | Deep Dive |
| CVE-2025-48768 | Apache NuttX RTOS: fs/inode: fs_inoderemove root inode removal | Apache Software Foundation | Apache NuttX RTOS | 中危 | - | 2026-01-01 16:14:01 | Deep Dive |
| CVE-2018-25154 | GNU Barcode 0.99 Buffer Overflow in Code 93 Encoding Mechanism | The GNU Project | Free Software Foundation, Inc. | GNU Barcode | Critical | 9.8 | 2025-12-24 19:27:53 | Deep Dive |
| CVE-2025-2515 | Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies | Eclipse Foundation | BlueChi | High | 7.2 | 2025-12-24 16:21:54 | Deep Dive |
| CVE-2025-12840 | Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | Academy Software Foundation | OpenEXR | - | - | 2025-12-23 21:41:45 | Deep Dive |