| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24629 | WordPress Web Accessibility with Max Access plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability | Ability, Inc | Web Accessibility with Max Access | 中危 | - | 2026-01-23 14:29:08 | Deep Dive |
| CVE-2025-9290 | Authentication Weakness on Omada Controllers, Gateways and Access Points | TP-Link Systems Inc. | Omada Software Controller | 中危 | - | 2026-01-22 23:14:46 | Deep Dive |
| CVE-2026-0519 | Information Disclosure in Secure Access Between 12.70 and 14.20 | Absolute Security | Secure Access | 中危 | - | 2026-01-17 01:13:59 | Deep Dive |
| CVE-2026-0518 | XSS in Secure Access Consoles prior to 14.20 | Absolute Security | Secure Access | 中危 | - | 2026-01-17 01:09:29 | Deep Dive |
| CVE-2026-0517 | Denial of Service in Secure Access Servers Prior to 14.20. | Absolute Security | Secure Access | 中危 | - | 2026-01-17 01:04:56 | Deep Dive |
| CVE-2026-0227 | PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal | Palo Alto Networks | Cloud NGFW | - | - | 2026-01-15 18:45:09 | Deep Dive |
| CVE-2025-62193 | NOAA PMEL Live Access Server (LAS) PyFerret command injection | National Oceanic and Atmospheric Administration (NOAA) | Live Access Server (LAS) | Critical | 9.8 | 2026-01-15 16:44:16 | Deep Dive |
| CVE-2022-50924 | Private Internet Access 3.3 - 'pia-service' Unquoted Service Path | Private Internet Access | Private Internet Access | High | 8.4 | 2026-01-13 22:51:56 | Deep Dive |
| CVE-2025-37186 | Local Privilege Escalation Vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux | Hewlett Packard Enterprise (HPE) | Virtual Intranet Access (VIA) | High | 7.8 | 2026-01-13 20:16:34 | Deep Dive |
| CVE-2025-11669 | Broken Access Control | Zohocorp | ManageEngine PAM360 | High | 8.1 | 2026-01-13 14:10:56 | Deep Dive |
| CVE-2019-25277 | FaceSentry Access Control System 6.4.8 Reflected Cross-Site Scripting via pluginInstall.php | iWT Ltd. | FaceSentry Access Control System | Medium | 6.1 | 2026-01-07 23:11:07 | Deep Dive |
| CVE-2019-25270 | SOCA Access Control System 180612 Reflected Cross-Site Scripting via logged_page.php | SOCA Technology Co., Ltd | SOCA Access Control System | Medium | 6.1 | 2026-01-07 23:11:06 | Deep Dive |
| CVE-2019-25279 | FaceSentry Access Control System 6.4.8 Cleartext Password Storage Vulnerability | iWT Ltd. | FaceSentry Access Control System | High | 7.5 | 2026-01-07 23:10:01 | Deep Dive |
| CVE-2019-25278 | FaceSentry Access Control System 6.4.8 Authentication Credentials MiTM Disclosure | iWT Ltd. | FaceSentry Access Control System | Medium | 5.9 | 2026-01-07 23:10:00 | Deep Dive |
| CVE-2021-47743 | COMMAX Biometric Access Control System 1.0.0 Reflected XSS via Cookie Parameters | COMMAX Co., Ltd. | COMMAX Biometric Access Control System | Medium | 6.1 | 2025-12-31 18:40:55 | Deep Dive |
| CVE-2019-25242 | FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery via Web Interface | iWT Ltd. | FaceSentry Access Control System | Medium | 4.3 | 2025-12-24 19:27:59 | Deep Dive |
| CVE-2019-25243 | FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test | iWT Ltd. | FaceSentry Access Control System | High | 8.8 | 2025-12-24 19:27:59 | Deep Dive |
| CVE-2019-25241 | FaceSentry Access Control System 6.4.8 Remote SSH Root Access | iWT Ltd. | FaceSentry Access Control System | High | 7.5 | 2025-12-24 19:27:58 | Deep Dive |
| CVE-2018-25128 | SOCA Access Control System 180612 SQL Injection and Authentication Bypass | SOCA Technology Co., Ltd | SOCA Access Control System | High | 8.2 | 2025-12-24 19:27:43 | Deep Dive |
| CVE-2018-25129 | SOCA Access Control System 180612 Information Disclosure via Multiple Endpoints | SOCA Technology Co., Ltd | SOCA Access Control System | High | 7.5 | 2025-12-24 19:27:43 | Deep Dive |