| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-13919 | Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client | Broadcom | Symantec Endpoint Protection Windows Client | Medium | 4.4 | 2026-01-28 16:41:03 | Deep Dive |
| CVE-2025-13918 | Elevation of Privileges in Symantec Endpoint Protection Windows Client | Broadcom | Symantec Endpoint Protection Windows Client | Medium | 6.7 | 2026-01-28 16:35:44 | Deep Dive |
| CVE-2025-27821 | HDFS native client: Out of bounds write in URI parser of native HDFS client | Apache Software Foundation | HDFS native client | - | - | 2026-01-26 09:44:14 | Deep Dive |
| CVE-2026-0776 | Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability | Discord | Client | 高危 | - | 2026-01-23 03:29:19 | Deep Dive |
| CVE-2026-20960 | PowerApps Desktop Client Remote Code Execution Vulnerability | Microsoft | Microsoft Power Apps Desktop Client | High | 8.0 | 2026-01-16 21:28:11 | Deep Dive |
| CVE-2021-47791 | SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service | Smartftp | SmartFTP Client | High | 7.5 | 2026-01-15 23:25:42 | Deep Dive |
| CVE-2026-21226 | Azure Core shared client library for Python Remote Code Execution Vulnerability | Microsoft | Azure Core shared client library for Python | High | 7.5 | 2026-01-13 18:04:55 | Deep Dive |
| CVE-2025-41717 | Config-Upload Code Injection | Phoenix Contact | TC ROUTER 3002T-3G | High | 8.8 | 2026-01-13 07:48:20 | Deep Dive |
| CVE-2025-13897 | Client Testimonial Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field | amu02aftab | Client Testimonial Slider | Medium | 6.4 | 2026-01-09 11:15:33 | Deep Dive |
| CVE-2026-20893 | Fujitsu Security Solution AuthConductor Client Basic 访问控制错误漏洞 | Fujitsu Client Computing Limited | Fujitsu Security Solution AuthConductor Client Basic V2 | 高危 | - | 2026-01-07 03:16:19 | Deep Dive |
| CVE-2020-36925 | Arteco Web Client DVR/NVR Session ID Brute Force Authentication Bypass | Arteco-Global | Arteco Web Client DVR/NVR | Critical | 9.8 | 2026-01-06 15:52:29 | Deep Dive |
| CVE-2025-53594 | Qfinder Pro, Qsync, QVPN | QNAP Systems Inc. | Qfinder Pro Mac | 高危 | - | 2026-01-02 15:18:26 | Deep Dive |
| CVE-2025-55065 | Kopek Reem ReKord Client SQL注入漏洞 | Kopek Reem | ReKord client | High | 7.5 | 2026-01-01 18:30:46 | Deep Dive |
| CVE-2025-62121 | WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability | Imran Emu | Logo Slider , Logo Carousel , Logo showcase , Client Logo | Medium | 5.9 | 2025-12-31 13:39:52 | Deep Dive |
| CVE-2022-50799 | Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service | Fetch Softworks | Fetch Softworks Fetch FTP Client | High | 7.5 | 2025-12-30 22:41:40 | Deep Dive |
| CVE-2025-34290 | Versa SASE Client for Windows < 7.9.5 Arbitrary Folder Deletion Leading to Local Privilege Escalation | Versa Networks | SASE Client for Windows | - | - | 2025-12-20 20:01:43 | Deep Dive |
| CVE-2023-53959 | FileZilla Client 3.63.1 DLL Hijacking via Missing TextShaping.dll | filezilla-project | FileZilla Client | Critical | 9.8 | 2025-12-19 21:05:53 | Deep Dive |
| CVE-2025-14885 | SourceCodester Client Database Management System Leads Generation user_leads.php unrestricted upload | SourceCodester | Client Database Management System | Medium | 6.3 | 2025-12-18 18:32:06 | Deep Dive |
| CVE-2025-13730 | OpenID Connect Generic Client <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | daggerhart | OpenID Connect Generic Client | Medium | 6.4 | 2025-12-18 09:21:30 | Deep Dive |
| CVE-2025-64227 | WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.7 - PHP Object Injection vulnerability | BoldGrid | Client Invoicing by Sprout Invoices | - | - | 2025-12-18 07:22:13 | Deep Dive |