| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-8025 | Improper Access Control in Dinosoft Business Solutions' Dinosoft ERP | Dinosoft Business Solutions | Dinosoft ERP | Critical | 9.8 | 2026-02-11 12:19:11 | Deep Dive |
| CVE-2026-2103 | Use of Hard-Coded Cryptographic Key for Password Storage | Infor | SyteLine ERP | High | 7.1 | 2026-02-06 16:22:28 | Deep Dive |
| CVE-2020-37084 | School ERP Pro 1.0 Admin Profile Photo Upload Remote Code Execution Vulnerability | Arox | School ERP Pro | - | - | 2026-02-03 22:09:47 | Deep Dive |
| CVE-2020-37090 | School ERP Pro 1.0 - Remote Code Execution | Arox | School ERP Pro | Critical | 9.8 | 2026-02-03 22:01:51 | Deep Dive |
| CVE-2020-37089 | School ERP Pro 1.0 - 'es_messagesid' SQL Injection | Arox | School ERP Pro | High | 8.2 | 2026-02-03 22:01:50 | Deep Dive |
| CVE-2020-37088 | School ERP Pro 1.0 - Arbitrary File Read | Arox | School ERP Pro | High | 7.5 | 2026-02-03 22:01:49 | Deep Dive |
| CVE-2026-25510 | CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor | ci4-cms-erp | ci4ms | Critical | 9.9 | 2026-02-03 21:17:03 | Deep Dive |
| CVE-2026-25509 | CI4MS Vulnerable to User Email Enumeration via Password Reset Flow | ci4-cms-erp | ci4ms | Medium | 5.3 | 2026-02-03 21:16:29 | Deep Dive |
| CVE-2020-37022 | OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting | OpenZ | OpenZ ERP | Medium | 6.4 | 2026-01-30 16:16:40 | Deep Dive |
| CVE-2026-1218 | Bjskzy Zhiyou ERP com.artery.richclient.RichClientService RichClientService.class initRCForm xml external entity reference | Bjskzy | Zhiyou ERP | Medium | 6.3 | 2026-01-20 05:32:07 | Deep Dive |
| CVE-2021-47777 | Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Unauthenticated) | Ribccs | Build Smart ERP | High | 8.2 | 2026-01-15 15:52:14 | Deep Dive |
| CVE-2026-0503 | Missing Authorization check in in SAP ERP Central Component and SAP S/4HANA (SAP EHS Management) | SAP_SE | SAP ERP Central Component and SAP S/4HANA (SAP EHS Management) | Medium | 6.4 | 2026-01-13 01:14:21 | Deep Dive |
| CVE-2025-15170 | Advaya Softech GEMS ERP Portal Error Message home.jsp cross site scripting | Advaya Softech | GEMS ERP Portal | Medium | 4.3 | 2025-12-29 03:32:08 | Deep Dive |
| CVE-2025-67546 | WordPress WP ERP plugin <= 1.16.6 - Sensitive Data Exposure vulnerability | weDevs | WP ERP | - | - | 2025-12-18 07:22:20 | Deep Dive |
| CVE-2025-13506 | Improper Authorization in Nebim Neyir's Nebim V3 ERP | Nebim Neyir Computer Industry and Services Inc. | Nebim V3 ERP | High | 8.8 | 2025-12-12 12:19:37 | Deep Dive |
| CVE-2025-63008 | WordPress WP ERP plugin <= 1.16.7 - Broken Access Control vulnerability | weDevs | WP ERP | Medium | 5.3 | 2025-12-09 14:52:27 | Deep Dive |
| CVE-2025-14089 | Himool ERP AdminActionViewSet update_account improper authorization | Himool | ERP | Medium | 6.3 | 2025-12-05 15:32:06 | Deep Dive |
| CVE-2025-13168 | ury-erp ury pos_extend.py overrided_past_order_list sql injection | ury-erp | ury | Medium | 6.3 | 2025-11-14 15:02:07 | Deep Dive |
| CVE-2025-11253 | SQLi in Aksis Technologies' Netty ERP | Aksis Technology Inc. | Netty ERP | Critical | 9.8 | 2025-10-24 08:32:39 | Deep Dive |
| CVE-2025-9339 | SQL Injection in SIMPLE.ERP | Simple SA | SIMPLE.ERP | - | - | 2025-10-21 13:34:33 | Deep Dive |