| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-37166 | Unexpected shutdown in HPE Instant On Access Points after processing specific packets | Hewlett Packard Enterprise (HPE) | Instant On | High | 7.5 | 2026-01-13 17:42:10 | Deep Dive |
| CVE-2025-37165 | Exposure of VLAN information in unintended network interfaces | Hewlett Packard Enterprise (HPE) | Instant On | High | 7.5 | 2026-01-13 17:40:57 | Deep Dive |
| CVE-2026-0500 | Remote code execution in SAP Wily Introscope Enterprise Manager (WorkStation) | SAP_SE | SAP Wily Introscope Enterprise Manager (WorkStation) | Critical | 9.6 | 2026-01-13 01:13:58 | Deep Dive |
| CVE-2026-0499 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal | SAP_SE | SAP NetWeaver Enterprise Portal | Medium | 6.1 | 2026-01-13 01:13:47 | Deep Dive |
| CVE-2026-0719 | Libsoup: signed to unsigned conversion error leading to stack-based buffer overflow in libsoup ntlm authentication | Red Hat | Red Hat Enterprise Linux 10 | High | 8.6 | 2026-01-08 12:38:31 | Deep Dive |
| CVE-2025-12543 | Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf | Red Hat | Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11 | Critical | 9.6 | 2026-01-07 16:04:22 | Deep Dive |
| CVE-2025-13744 | Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed rendering of malicious HTML | GitHub | Enterprise Server | 中危 | - | 2026-01-06 20:44:03 | Deep Dive |
| CVE-2025-15065 | Data Exposure in Kings Information & Network KESS Enterprise | Kings Information & Network Co. | KESS Enterprise | Medium | 6.3 | 2025-12-29 00:09:27 | Deep Dive |
| CVE-2019-25258 | LogicalDOC Enterprise 7.7.4 Multiple Post-Authentication Directory Traversal Vulnerabilities | LogicalDOC Srl | LogicalDOC Enterprise | High | 7.5 | 2025-12-24 19:28:07 | Deep Dive |
| CVE-2019-25257 | LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation | LogicalDOC Srl | LogicalDOC Enterprise | Medium | 6.5 | 2025-12-24 19:28:06 | Deep Dive |
| CVE-2025-15016 | Ragic|Enterprise Cloud Database - Hard-coded Cryptographic Key | Ragic | Enterprise Cloud Database | Critical | 9.8 | 2025-12-22 03:27:58 | Deep Dive |
| CVE-2025-15015 | Ragic|Enterprise Cloud Database - Arbitrary File Read | Ragic | Enterprise Cloud Database | High | 7.5 | 2025-12-22 03:22:47 | Deep Dive |
| CVE-2025-14946 | Libnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uri | Red Hat | libnbd | Medium | 4.8 | 2025-12-19 13:02:38 | Deep Dive |
| CVE-2025-60076 | WordPress Ray Enterprise Translation plugin <= 1.7.1 - Local File Inclusion vulnerability | Jiro Sasamoto | Ray Enterprise Translation | High | 7.5 | 2025-12-18 07:22:06 | Deep Dive |
| CVE-2025-37164 | HPE OneView 安全漏洞 | Hewlett Packard Enterprise (HPE) | HPE OneView | Critical | 10.0 | 2025-12-16 16:30:35 | Deep Dive |
| CVE-2025-14046 | Insufficient HTML Sanitization Allows User-Controlled DOM Elements to Overwrite Server-Initialized Data Islands and Trigger Unintended Server-Side POST Requests | GitHub | Enterprise Server | - | - | 2025-12-11 17:52:05 | Deep Dive |
| CVE-2025-14523 | Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins) | Red Hat | Red Hat Enterprise Linux 10 | High | 8.2 | 2025-12-11 12:30:59 | Deep Dive |
| CVE-2025-14512 | Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow | GNOME | glib | Medium | 6.5 | 2025-12-11 07:11:02 | Deep Dive |
| CVE-2025-14087 | Glib: glib: buffer underflow in gvariant parser leads to heap corruption | GNOME | glib | Medium | 5.6 | 2025-12-10 09:01:34 | Deep Dive |
| CVE-2025-62560 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 7.8 | 2025-12-09 17:56:01 | Deep Dive |