| CVE-2025-14831 | Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.3 | 2026-02-09 14:51:32 | Deep Dive |
| CVE-2026-1731 | Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) | BeyondTrust | Remote Support(RS) & Privileged Remote Access(PRA) | - | - | 2026-02-06 21:49:21 | Deep Dive |
| CVE-2026-1709 | Keylime: keylime: authentication bypass allows unauthorized administrative operations due to missing client-side tls authentication | Red Hat | Red Hat Enterprise Linux 10 | Critical | 9.4 | 2026-02-06 19:13:28 | Deep Dive |
| CVE-2020-37091 | Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin) | Maian Media | Maian Support Helpdesk | Medium | 5.3 | 2026-02-03 22:01:51 | Deep Dive |
| CVE-2026-1761 | Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response | Red Hat | Red Hat Enterprise Linux 10 | High | 8.6 | 2026-02-02 14:01:04 | Deep Dive |
| CVE-2026-1251 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) Insecure Direct Object Reference | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 5.4 | 2026-01-31 06:39:23 | Deep Dive |
| CVE-2026-0683 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) SQL Injection via Number Field Filter | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 6.5 | 2026-01-31 05:52:47 | Deep Dive |
| CVE-2026-22462 | WordPress Add Polylang support for Customizer plugin <= 1.4.5 - Cross Site Request Forgery (CSRF) vulnerability | richardevcom | Add Polylang support for Customizer | - | - | 2026-01-22 16:52:40 | Deep Dive |
| CVE-2025-68073 | WordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerability | Ninja Team | GDPR CCPA Compliance Support | Medium | 6.5 | 2026-01-22 16:52:07 | Deep Dive |
| CVE-2025-12641 | Awesome Support – WordPress HelpDesk & Support Plugin <= 6.3.6 - Missing Authorization to Unauthenticated Role Demotion | awesomesupport | Awesome Support – WordPress HelpDesk & Support Plugin | Medium | 6.5 | 2026-01-16 04:44:35 | Deep Dive |
| CVE-2020-36929 | Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path | Support | Brother BRPrint Auditor | High | 7.8 | 2026-01-15 23:25:35 | Deep Dive |
| CVE-2025-14242 | Vsftpd: vsftpd: denial of service via integer overflow in ls command parameter parsing | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-01-14 15:23:04 | Deep Dive |
| CVE-2025-40805 | Siemens Industrial Edge Devices 安全漏洞 | Siemens | Industrial Edge Cloud Device (IECD) | Critical | 10.0 | 2026-01-13 09:44:03 | Deep Dive |
| CVE-2026-0719 | Libsoup: signed to unsigned conversion error leading to stack-based buffer overflow in libsoup ntlm authentication | Red Hat | Red Hat Enterprise Linux 10 | High | 8.6 | 2026-01-08 12:38:31 | Deep Dive |
| CVE-2025-67926 | WordPress Fluent Support plugin <= 1.10.4 - Broken Access Control vulnerability | Shahjahan Jewel | Fluent Support | Medium | 6.5 | 2026-01-08 09:17:48 | Deep Dive |
| CVE-2025-13887 | AI BotKit <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes | wisdmlabs | AI ChatBot for WordPress by AI BotKit – Live in 2 Minutes, No Code | Medium | 6.4 | 2026-01-07 09:20:56 | Deep Dive |
| CVE-2025-14034 | ilGhera Support System for WooCommerce <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Deletion | ghera74 | ilGhera Support System for WooCommerce | Medium | 5.3 | 2026-01-06 03:21:41 | Deep Dive |
| CVE-2025-62091 | WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.8.2 - Broken Access Control vulnerability | Vollstart | Serial Codes Generator and Validator with WooCommerce Support | Medium | 5.4 | 2025-12-31 14:19:32 | Deep Dive |
| CVE-2025-68998 | WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability | Heateor Support | Heateor Social Login | Medium | 5.4 | 2025-12-30 10:47:52 | Deep Dive |
| CVE-2025-68599 | WordPress YouTube Embed plugin <= 5.4 - Cross Site Scripting (XSS) vulnerability | Embeds For YouTube Plugin Support | YouTube Embed | Medium | 6.5 | 2025-12-24 13:10:46 | Deep Dive |