| CVE-2025-15283 |
WordPress Name Directory插件存储型XSS漏洞 |
高危 |
7.2 |
2026-01-14 |
| CVE-2025-15266 |
WordPress GeekyBot插件存储型XSS漏洞 |
高危 |
7.2 |
2026-01-14 |
| CVE-2025-15021 |
Gotham Block Extra Light插件存储型XSS漏洞 |
中危 |
4.4 |
2026-01-14 |
| CVE-2025-15020 |
Gotham Block Extra Light插件任意文件读取漏洞 |
中危 |
6.5 |
2026-01-14 |
| CVE-2025-14880 |
Netcash WooCommerce Payment Gateway 越权漏洞 |
中危 |
5.3 |
2026-01-14 |
| CVE-2025-14854 |
WordPress WP-CRM System 权限绕过漏洞 |
中危 |
5.4 |
2026-01-14 |
| CVE-2025-14846 |
SocialChamp WordPress插件CSRF漏洞 |
中危 |
4.3 |
2026-01-14 |
| CVE-2025-14770 |
WordPress Shipping Rate By Cities插件SQL注入漏洞 |
高危 |
7.5 |
2026-01-14 |
| CVE-2025-14725 |
WordPress Internal Link Builder插件存储型XSS漏洞 |
中危 |
4.4 |
2026-01-14 |
| CVE-2025-14615 |
WordPress Dashboard Builder插件CSRF导致SQL注入漏洞 |
高危 |
7.1 |
2026-01-14 |
| CVE-2025-14613 |
WordPress GetContentFromURL插件SSRF漏洞 |
高危 |
7.2 |
2026-01-14 |
| CVE-2025-14557 |
Drupal Facebook Pixel存储型XSS漏洞 |
中危 |
4.8 |
2026-01-14 |
| CVE-2025-14556 |
Drupal Flag模块跨站脚本(XSS)漏洞 |
中危 |
5.4 |
2026-01-14 |
| CVE-2025-14502 |
WordPress News and Blog Designer Bundle插件本地文件包含漏洞 |
严重 |
9.8 |
2026-01-14 |
| CVE-2025-14482 |
| WordPress Crush.pics插件越权设置修改漏洞 |
中危 |
4.3 |
2026-01-14 |
| CVE-2025-14464 |
WordPress PDF Resume Parser插件SMTP凭证泄露漏洞 |
中危 |
5.3 |
2026-01-14 |
| CVE-2025-14389 |
WordPress WPBlogSyn插件CSRF漏洞 |
中危 |
4.3 |
2026-01-14 |
| CVE-2025-14379 |
WordPress Testimonials Creator插件存储型XSS漏洞 |
中危 |
4.4 |
2026-01-14 |
| CVE-2025-14301 |
WordPress Opvius AI插件路径遍历漏洞 |
严重 |
9.8 |
2026-01-14 |
| CVE-2025-14242 |
vsftpd STAT命令整数溢出导致拒绝服务漏洞 |
中危 |
6.5 |
2026-01-14 |
| CVE-2025-14173 |
Perfit WooCommerce插件缺失授权漏洞 |
中危 |
5.3 |
2026-01-14 |
| CVE-2025-14058 |
联想平板控制中心物理访问认证绕过漏洞 |
低危 |
3.2 |
2026-01-14 |
| CVE-2025-13627 |
WordPress Makesweat插件存储型XSS漏洞 |
中危 |
4.4 |
2026-01-14 |
| CVE-2025-13455 |
ThinkPlus配置软件指纹认证绕过漏洞 |
高危 |
7.8 |
2026-01-14 |
| CVE-2025-13454 |
ThinkPlus配置软件本地敏感信息泄露漏洞 |
中危 |
5.5 |
2026-01-14 |
| CVE-2025-13453 |
ThinkPlus USB驱动器物理访问数据泄露漏洞 |
中危 |
4.6 |
2026-01-14 |
| CVE-2025-13154 |
Lenovo Vantage SmartPerformanceAddin 符号链接跟随漏洞导致任意文... |
中危 |
5.5 |
2026-01-14 |
| CVE-2025-12178 |
WordPress SpiceForms Form Builder存储型XSS漏洞 |
中危 |
6.4 |
2026-01-14 |
| CVE-2025-12166 |
WordPress Simply Schedule Appointments插件盲注SQL注入漏洞 |
高危 |
7.5 |
2026-01-14 |
| CVE-2025-12053 |
Windows驱动程序RTL_QUERY_REGISTRY_DIRECT缓冲区溢出漏洞 |
高危 |
7.8 |
2026-01-14 |
| CVE-2025-12052 |
Windows驱动RTL_QUERY_REGISTRY_DIRECT缓冲区溢出漏洞 |
高危 |
7.8 |
2026-01-14 |
| CVE-2025-12051 |
Insyde固件工具包驱动程序RTL_QUERY_REGISTRY_DIRECT缓冲区溢出漏洞 |
高危 |
7.8 |
2026-01-14 |
| CVE-2025-12050 |
Windows驱动RTL_QUERY_REGISTRY_DIRECT缓冲区溢出漏洞 |
高危 |
7.8 |
2026-01-14 |
| CVE-2025-11224 |
GitLab Kubernetes代理存储型XSS漏洞 |
高危 |
7.7 |
2026-01-14 |
| CVE-2025-0647 |
Arm CPU TLB缓存一致性问题导致权限提升 |
高危 |
7.9 |
2026-01-14 |
| CVE-2026-23478 |
Cal.com NextAuth JWT认证绕过漏洞 |
严重 |
9.8 |
2026-01-13 |
| CVE-2026-22871 |
GuardDog safe_extract()路径遍历漏洞导致远程代码执行 |
严重 |
9.8 |
2026-01-13 |
| CVE-2026-22870 |
GuardDog safe_extract() Zip Bomb拒绝服务漏洞 |
高危 |
7.5 |
2026-01-13 |
| CVE-2026-22869 |
Eigent CI工作流pull_request_target远程代码执行漏洞 |
严重 |
9.8 |
2026-01-13 |
| CVE-2026-22868 |
go-ethereum节点拒绝服务漏洞 |
高危 |
7.5 |
2026-01-13 |
| CVE-2026-22862 |
go-ethereum (geth) 节点拒绝服务漏洞 |
高危 |
7.5 |
2026-01-13 |
| CVE-2026-22861 |
iccDEV库堆缓冲区溢出漏洞 |
高危 |
8.8 |
2026-01-13 |
| CVE-2026-22818 |
Hono框架JWT验证中间件算法混淆漏洞 |
高危 |
8.2 |
2026-01-13 |
| CVE-2026-22817 |
Hono框架JWT验证中间件算法混淆漏洞 |
高危 |
8.2 |
2026-01-13 |
| CVE-2026-22809 |
tarteaucitron.js issuu_id参数ReDoS拒绝服务漏洞 |
中危 |
4.4 |
2026-01-13 |
| CVE-2026-22791 |
openCryptoki CKM_ECDH_AES_KEY_WRAP堆缓冲区溢出漏洞 |
中危 |
6.6 |
2026-01-13 |
| CVE-2026-21308 |
Adobe Substance3D Designer越界读取漏洞 |
中危 |
5.5 |
2026-01-13 |
| CVE-2026-21307 |
Adobe Substance3D Designer越界写入代码执行漏洞 |
高危 |
7.8 |
2026-01-13 |
| CVE-2026-21306 |
Adobe Substance3D Sampler越界写入漏洞 |
高危 |
7.8 |
2026-01-13 |
| CVE-2026-21305 |
Adobe Substance3D Painter越界写入漏洞 |
高危 |
7.8 |
2026-01-13 |