| CVE-2026-0992 | Libxml2: libxml2: denial of service via crafted xml catalogs | Red Hat | Red Hat Hardened Images | Low | 2.9 | 2026-01-15 14:20:25 | Deep Dive |
| CVE-2026-0989 | Libxml2: unbounded relaxng include recursion leading to stack overflow | Red Hat | Red Hat Hardened Images | Low | 3.7 | 2026-01-15 14:20:23 | Deep Dive |
| CVE-2026-0990 | Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing | Red Hat | Red Hat Hardened Images | Medium | 5.9 | 2026-01-15 14:20:07 | Deep Dive |
| CVE-2026-0976 | Org.keycloak/keycloak-quarkus-server: keycloak: proxy bypass due to improper handling of matrix parameters in url paths | Red Hat | Red Hat Build of Keycloak | Low | 3.7 | 2026-01-15 12:06:21 | Deep Dive |
| CVE-2025-37181 | Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | EdgeConnect SD-WAN Orchestrator | High | 7.2 | 2026-01-14 16:26:01 | Deep Dive |
| CVE-2025-37185 | Authenticated Stored Cross-Site Scripting Vulnerabilities (XSS) in EdgeConnect SD-WAN Orchestrator Web Administration Interface | Hewlett Packard Enterprise (HPE) | EdgeConnect SD-WAN Orchestrator | Medium | 5.5 | 2026-01-14 16:20:31 | Deep Dive |
| CVE-2025-37184 | Unauthenticated Bypass Allows Multi-Factor Authentication Circumvention | Hewlett Packard Enterprise (HPE) | EdgeConnect SD-WAN Orchestrator | Critical | 9.8 | 2026-01-14 16:19:46 | Deep Dive |
| CVE-2025-37183 | Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | EdgeConnect SD-WAN Orchestrator | High | 7.2 | 2026-01-14 16:18:14 | Deep Dive |
| CVE-2025-37182 | Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | EdgeConnect SD-WAN Orchestrator | High | 7.2 | 2026-01-14 16:17:12 | Deep Dive |
| CVE-2025-14242 | Vsftpd: vsftpd: denial of service via integer overflow in ls command parameter parsing | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-01-14 15:23:04 | Deep Dive |
| CVE-2026-0716 | Libsoup: out-of-bounds read in libsoup websocket frame processing | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.8 | 2026-01-13 23:07:06 | Deep Dive |
| CVE-2025-37186 | Local Privilege Escalation Vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux | Hewlett Packard Enterprise (HPE) | Virtual Intranet Access (VIA) | High | 7.8 | 2026-01-13 20:16:34 | Deep Dive |
| CVE-2025-37179 | Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 5.3 | 2026-01-13 20:08:59 | Deep Dive |
| CVE-2025-37178 | Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 5.3 | 2026-01-13 20:08:24 | Deep Dive |
| CVE-2025-37177 | Authenticated Arbitrary File Deletion Vulnerability in AOS-10 or AOS-8 Command Line Interface (CLI) | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.5 | 2026-01-13 20:08:07 | Deep Dive |
| CVE-2025-37176 | Authenticated Command Injection Vulnerability in an AOS-8 operating system's internal workflow | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.5 | 2026-01-13 20:07:50 | Deep Dive |
| CVE-2025-37175 | Authenticated Arbitrary File Upload Vulnerability in AOS-10 or AOS-8 Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2026-01-13 20:07:34 | Deep Dive |
| CVE-2025-37174 | Authenticated Arbitrary File Write Vulnerability in AOS 10 and AOS-8 Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2026-01-13 20:05:33 | Deep Dive |
| CVE-2025-37173 | Improper Input Handling Vulnerability in Authenticated Configuration API Endpoint (AOS-10/AOS-8 Web UI) | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2026-01-13 20:04:57 | Deep Dive |
| CVE-2025-37172 | Authenticated Command Injection Vulnerabilities in AOS-8 Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2026-01-13 20:04:38 | Deep Dive |