| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-67955 | WordPress MyHome Core plugin <= 4.1.0 - Local File Inclusion vulnerability | TangibleWP | MyHome Core | High | 7.5 | 2026-01-22 16:51:56 | Deep Dive |
| CVE-2025-50004 | WordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerability | artbees | JupiterX Core | High | 8.8 | 2026-01-22 16:51:44 | Deep Dive |
| CVE-2026-24009 | Docling Core vulnerable to Remote Code Execution via unsafe PyYAML usage | docling-project | docling-core | High | 8.1 | 2026-01-22 15:04:53 | Deep Dive |
| CVE-2026-1225 | Malicious logback.xml configuration file allows instantiation of arbitrary classes | QOS.CH Sarl | Logback-core | - | - | 2026-01-22 09:24:15 | Deep Dive |
| CVE-2026-24002 | pyodide sandbox option is insecure | gristlabs | grist-core | Critical | 9.0 | 2026-01-22 02:26:29 | Deep Dive |
| CVE-2025-68141 | EVerest vulnerable to null pointer dereference during DC_ChargeLoopRes document deserialization | EVerest | everest-core | High | 7.4 | 2026-01-21 19:56:14 | Deep Dive |
| CVE-2025-68140 | EVerest allows null session ID to bypass session ID verification | EVerest | everest-core | Medium | 4.3 | 2026-01-21 19:54:51 | Deep Dive |
| CVE-2025-68139 | In EVerest, by default, the EV is responsible for closing the connection if the module encounters an error during request processing | EVerest | everest-core | Medium | 4.3 | 2026-01-21 19:36:36 | Deep Dive |
| CVE-2025-68138 | EVerest affected by memory exhaustion in libocpp | EVerest | everest-core | Medium | 4.7 | 2026-01-21 19:30:49 | Deep Dive |
| CVE-2026-23955 | EVerest vulnerable to concatenation of strings literal and integers | EVerest | everest-core | Medium | 4.2 | 2026-01-21 19:25:12 | Deep Dive |
| CVE-2025-68137 | EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop | EVerest | everest-core | High | 8.3 | 2026-01-21 19:20:09 | Deep Dive |
| CVE-2025-68136 | EVerest's inadequate session handling can lead to memory-related errors or exhaustion of the operating system’s file descriptors, resulting in a denial of service | EVerest | everest-core | High | 7.4 | 2026-01-21 19:18:21 | Deep Dive |
| CVE-2025-68135 | EVerest's inadequate exception handling leads to denial of service | EVerest | everest-core | Medium | 6.5 | 2026-01-21 18:56:06 | Deep Dive |
| CVE-2025-68134 | EVerest's use of assert functions can potentially lead to denial of service | EVerest | everest-core | High | 7.4 | 2026-01-21 18:32:14 | Deep Dive |
| CVE-2025-68132 | EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver | EVerest | everest-core | - | - | 2026-01-21 18:28:41 | Deep Dive |
| CVE-2025-68133 | EVerest's unlimited connections can lead to DoS through operating system resource exhaustion | EVerest | everest-core | High | 7.4 | 2026-01-21 02:25:03 | Deep Dive |
| CVE-2021-47773 | Dynojet Power Core 2.3.0 - Unquoted Service Path | Dynojet | Dynojet Power Core | High | 7.8 | 2026-01-15 15:52:12 | Deep Dive |
| CVE-2026-0992 | Libxml2: libxml2: denial of service via crafted xml catalogs | Red Hat | Red Hat Hardened Images | Low | 2.9 | 2026-01-15 14:20:25 | Deep Dive |
| CVE-2026-0989 | Libxml2: unbounded relaxng include recursion leading to stack overflow | Red Hat | Red Hat Hardened Images | Low | 3.7 | 2026-01-15 14:20:23 | Deep Dive |
| CVE-2026-0990 | Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing | Red Hat | Red Hat Hardened Images | Medium | 5.9 | 2026-01-15 14:20:07 | Deep Dive |