| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2019-25475 | SQL Server Password Changer 1.90 Denial of Service Buffer Overflow | Top-Password | SQL Server Password Changer Denial of Service Exploit | Medium | 6.2 | 2026-03-11 18:23:17 | Deep Dive |
| CVE-2019-25474 | Easy MP3 Downloader 4.7.8.8 Denial of Service Buffer Overflow | Unknown | Easy MP3 Downloader Denial of Service | Medium | 6.2 | 2026-03-11 18:23:16 | Deep Dive |
| CVE-2026-26115 | SQL Server Elevation of Privilege Vulnerability | Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) | High | 8.8 | 2026-03-10 17:05:07 | Deep Dive |
| CVE-2026-21262 | SQL Server Elevation of Privilege Vulnerability | Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) | High | 8.8 | 2026-03-10 17:04:32 | Deep Dive |
| CVE-2026-1919 | Booktics <= 1.0.16 - Missing Authorization to Get Items via REST API endpoints | arraytics | Booktics – Booking Calendar for Appointments and Service Businesses | Medium | 5.3 | 2026-03-10 02:21:50 | Deep Dive |
| CVE-2026-1920 | Booktics <= 1.0.16 - Missing Authorization to Addon Plugin Installation | arraytics | Booktics – Booking Calendar for Appointments and Service Businesses | Medium | 5.3 | 2026-03-10 02:21:49 | Deep Dive |
| CVE-2026-27686 | Missing Authorization check in SAP Business Warehouse (Service API) | SAP_SE | SAP Business Warehouse (Service API) | Medium | 5.9 | 2026-03-10 00:18:33 | Deep Dive |
| CVE-2026-0489 | DOM-based Cross-Site Scripting (XSS) Vulnerability in SAP Business One (Job Service) | SAP_SE | SAP Business One (Job Service) | Medium | 6.1 | 2026-03-10 00:17:02 | Deep Dive |
| CVE-2026-30870 | Some sync filters in PowerSync Service ignored using `config.edition: 3` | powersync-ja | powersync-service | Medium | 6.5 | 2026-03-09 22:31:40 | Deep Dive |
| CVE-2026-29787 | mcp-memory-service: System Information Disclosure via Health Endpoint | doobidoo | mcp-memory-service | Medium | 5.3 | 2026-03-07 15:34:46 | Deep Dive |
| CVE-2026-26125 | Payment Orchestrator Service Elevation of Privilege Vulnerability | Microsoft | Payment Orchestrator Service | High | 8.6 | 2026-03-05 22:18:22 | Deep Dive |
| CVE-2025-1789 | Genetec Update Service 安全漏洞 | Genetec Inc. | Genetec Update Service | 高危 | - | 2026-02-24 18:47:25 | Deep Dive |
| CVE-2025-1787 | Genetec Update Service 安全漏洞 | Genetec Inc. | Genetec Update Service | 中危 | - | 2026-02-24 18:44:37 | Deep Dive |
| CVE-2026-21665 | Fiserv Originate Loans Peripherals Print Service 安全漏洞 | Fiserv | Originate Loans Peripherals (formerly Velocity Services) -- Print Service component | - | - | 2026-02-23 22:34:40 | Deep Dive |
| CVE-2025-14905 | 389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow | Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 | High | 7.2 | 2026-02-23 15:41:48 | Deep Dive |
| CVE-2026-26339 | Hyland Alfresco Transformation Service Argument Injection RCE | Hyland | Alfresco Transformation Service (Enterprise) | Critical | 9.8 | 2026-02-19 17:04:47 | Deep Dive |
| CVE-2026-26338 | Hyland Alfresco Transformation Service SSRF | Hyland | Alfresco Transformation Service (Enterprise) | Critical | 9.8 | 2026-02-19 17:03:24 | Deep Dive |
| CVE-2026-26337 | Hyland Alfresco Transformation Service Absolute Path Traversal Arbitrary File Read and SSRF | Hyland | Alfresco Transformation Service (Enterprise) | High | 8.2 | 2026-02-19 17:01:26 | Deep Dive |
| CVE-2025-12812 | Cloud Suite and Privilege Access Service – SQL Injection | Delinea Inc. | Cloud Suite and Privileged Access Service | - | - | 2026-02-18 22:10:35 | Deep Dive |
| CVE-2025-12811 | Cloud Suite and Privilege Access Service– HTTP request smuggling vulnerability | Delinea Inc. | Cloud Suite and Privileged Access Service | - | - | 2026-02-18 22:08:25 | Deep Dive |