| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24837 | DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal | dnnsoftware | Dnn.Platform | High | 7.6 | 2026-01-27 23:53:24 | Deep Dive |
| CVE-2026-24836 | DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes | dnnsoftware | Dnn.Platform | High | 7.6 | 2026-01-27 23:51:27 | Deep Dive |
| CVE-2026-24833 | DotNetNuke.Core Vulnerable to Stored XSS in Module Description | dnnsoftware | Dnn.Platform | High | 7.6 | 2026-01-27 23:49:25 | Deep Dive |
| CVE-2026-24784 | DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer | dnnsoftware | Dnn.Platform | Medium | 6.8 | 2026-01-27 23:47:42 | Deep Dive |
| CVE-2026-24825 | a memory leak in ydb-platform/ydb with use of yajl_tree_parse function from src/yail module, which will cause out-of-memory in server and cause crash. | ydb-platform | ydb | - | - | 2026-01-27 09:02:51 | Deep Dive |
| CVE-2025-9820 | Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.0 | 2026-01-26 19:58:33 | Deep Dive |
| CVE-2025-9615 | Networkmanager: networkmanager file access | Red Hat | Red Hat Enterprise Linux 10 | - | - | 2026-01-26 19:58:17 | Deep Dive |
| CVE-2026-1190 | Org.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdata | Red Hat | Red Hat build of Keycloak 26.4 | Low | 3.1 | 2026-01-26 19:36:54 | Deep Dive |
| CVE-2025-14969 | Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect | Red Hat | Red Hat build of Quarkus 3.27.2 | Medium | 4.3 | 2026-01-26 19:36:40 | Deep Dive |
| CVE-2025-11065 | Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure | - | - | Medium | 5.3 | 2026-01-26 19:36:29 | Deep Dive |
| CVE-2026-24128 | XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages | xwiki | xwiki-platform | 中危 | - | 2026-01-23 23:18:31 | Deep Dive |
| CVE-2026-0603 | Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection | - | - | High | 8.3 | 2026-01-23 06:31:39 | Deep Dive |
| CVE-2026-1035 | Org.keycloak.protocol.oidc: keycloak refresh token reuse bypass via toctou race condition | Red Hat | Red Hat build of Keycloak 26.4 | Low | 3.1 | 2026-01-21 05:52:22 | Deep Dive |
| CVE-2026-1180 | Org.keycloak.protocol.oidc: blind server-side request forgery (ssrf) in keycloak oidc dynamic client registration via jwks_uri | Red Hat | Red Hat build of Keycloak 26.4 | Medium | 5.8 | 2026-01-20 12:33:01 | Deep Dive |
| CVE-2021-47763 | Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection | Aimeos | Aimeos Laravel ecommerce platform | High | 8.2 | 2026-01-15 15:52:08 | Deep Dive |
| CVE-2026-0992 | Libxml2: libxml2: denial of service via crafted xml catalogs | Red Hat | Red Hat Hardened Images | Low | 2.9 | 2026-01-15 14:20:25 | Deep Dive |
| CVE-2026-0989 | Libxml2: unbounded relaxng include recursion leading to stack overflow | Red Hat | Red Hat Hardened Images | Low | 3.7 | 2026-01-15 14:20:23 | Deep Dive |
| CVE-2026-0990 | Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing | Red Hat | Red Hat Hardened Images | Medium | 5.9 | 2026-01-15 14:20:07 | Deep Dive |
| CVE-2026-0976 | Org.keycloak/keycloak-quarkus-server: keycloak: proxy bypass due to improper handling of matrix parameters in url paths | Red Hat | Red Hat Build of Keycloak | Low | 3.7 | 2026-01-15 12:06:21 | Deep Dive |
| CVE-2025-8090 | Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety | BlackBerry Ltd | QNX Software Development Platform | Medium | 6.2 | 2026-01-13 16:36:21 | Deep Dive |