search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2026-01-20 2026-01-20 2026-01-21 VU#481830 Libheif uncompressed codec lacks bounds check leading to application crash
2026-01-20 2026-01-20 2026-01-21 VU#102648 Code injection vulnerability in binary-parser library
2026-01-20 2026-01-20 2026-01-20 VU#458022 Open5GS WebUI uses a hard-coded secrets including JSON Web Token signing key
2026-01-20 2026-01-20 2026-01-20 VU#271649 Stack-based buffer overflow in libtasn1 versions v4.20.0 and earlier
2026-01-20 2026-01-20 2026-01-20 VU#818729 Safetica contains a kernel driver vulnerability
2026-01-20 2026-01-20 2026-01-20 VU#244846 Server-Side Template Injection (SSTI) vulnerability exist in Genshi
2026-01-20 2026-01-20 2026-01-20 VU#924114 dr_flac contains an integer overflow vulnerability that allows for DoS when provided a crafted file
2026-01-16 2026-01-16 2026-01-16 VU#383552 thelibrarian does not secure its interface, allowing for access to internal system data
2026-01-16 2026-01-16 2026-01-16 VU#650657 Livewire Filemanager contains an insecure .php component that allows for unauthenticated RCE in Laravel Products
2026-01-15 2026-01-15 2026-01-15 VU#472136 Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro
2026-01-09 2026-01-09 2026-01-09 VU#361400 BeeS Software Solutions BeeS Examination Tool (BET) portal contains SQL injection vulnerability
2026-01-06 2026-01-06 2026-01-06 VU#295169 TOTOLINK EX200 firmware-upload error handling can activate an unauthenticated root telnet service
2026-01-06 2026-01-06 2026-01-06 VU#420440 Vulnerable Python version used in Forcepoint One DLP Client
2025-12-17 2025-12-17 2025-12-22 VU#382314 Vulnerability in UEFI firmware modules prevents IOMMU initialization on some UEFI-based motherboards
2025-12-16 2025-12-16 2025-12-16 VU#651499 Siemens Gridscale X Prepay username enumeration and account lock bypass vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis