{
"Source": "CVE FEED",
"Title": "CVE-2025-69284 - In plane.io, a Guest User to a Workspace can still be able to see list of members",
"Content": "CVE ID : CVE-2025-69284
Published : Jan. 2, 2026, 3:42 p.m. | 19 minutes ago
Description : Plane is an an open-source project management tool. In plane.io, a guest user doesn't have a permission to access https[:]//app[.]plane[.]so/[:]slug/settings. Prior to Plane version 1.2.0, a problem occurs when the `/api/workspaces/:slug/members/` is accessible by guest and able to list of users on a specific workspace that they joined. Since the `display_name` in the response is actually the handler of the email, a malicious guest can still identify admin users' email addresses. Version 1.2.0 fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-69284 - In plane.io, a Guest User to a Workspace can still be able to see list of members",
"Content": "CVE ID : CVE-2025-69284
Published : Jan. 2, 2026, 3:42 p.m. | 19 minutes ago
Description : Plane is an an open-source project management tool. In plane.io, a guest user doesn't have a permission to access https[:]//app[.]plane[.]so/[:]slug/settings. Prior to Plane version 1.2.0, a problem occurs when the `/api/workspaces/:slug/members/` is accessible by guest and able to list of users on a specific workspace that they joined. Since the `display_name` in the response is actually the handler of the email, a malicious guest can still identify admin users' email addresses. Version 1.2.0 fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62852 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-62852
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
QTS 5.2.8.3332 build 20251128 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62852 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-62852
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
QTS 5.2.8.3332 build 20251128 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-59387 - MARS (Multi-Application Recovery Service)",
"Content": "CVE ID : CVE-2025-59387
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). The remote attackers can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
MARS (Multi-Application Recovery Service) 1.2.1.1686 and later
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-59387 - MARS (Multi-Application Recovery Service)",
"Content": "CVE ID : CVE-2025-59387
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). The remote attackers can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
MARS (Multi-Application Recovery Service) 1.2.1.1686 and later
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-59384 - Qfiling",
"Content": "CVE ID : CVE-2025-59384
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : A path traversal vulnerability has been reported to affect Qfiling. The remote attackers can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
Qfiling 3.13.1 and later
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-59384 - Qfiling",
"Content": "CVE ID : CVE-2025-59384
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : A path traversal vulnerability has been reported to affect Qfiling. The remote attackers can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
Qfiling 3.13.1 and later
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-59381 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-59381
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-59381 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-59381
Published : Jan. 2, 2026, 3:19 p.m. | 42 minutes ago
Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-59380 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-59380
Published : Jan. 2, 2026, 3:18 p.m. | 42 minutes ago
Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-59380 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-59380
Published : Jan. 2, 2026, 3:18 p.m. | 42 minutes ago
Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-53597 - License Center",
"Content": "CVE ID : CVE-2025-53597
Published : Jan. 2, 2026, 3:18 p.m. | 43 minutes ago
Description : A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
License Center 2.0.36 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-53597 - License Center",
"Content": "CVE ID : CVE-2025-53597
Published : Jan. 2, 2026, 3:18 p.m. | 43 minutes ago
Description : A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
License Center 2.0.36 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-53594 - Qfinder Pro, Qsync, QVPN",
"Content": "CVE ID : CVE-2025-53594
Published : Jan. 2, 2026, 3:18 p.m. | 43 minutes ago
Description : A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
Qfinder Pro Mac 7.13.0 and later
Qsync for Mac 5.1.5 and later
QVPN Device Client for Mac 2.2.8 and later
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-53594 - Qfinder Pro, Qsync, QVPN",
"Content": "CVE ID : CVE-2025-53594
Published : Jan. 2, 2026, 3:18 p.m. | 43 minutes ago
Description : A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
Qfinder Pro Mac 7.13.0 and later
Qsync for Mac 5.1.5 and later
QVPN Device Client for Mac 2.2.8 and later
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-52871 - License Center",
"Content": "CVE ID : CVE-2025-52871
Published : Jan. 2, 2026, 3:18 p.m. | 43 minutes ago
Description : An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version:
License Center 2.0.36 and later
Severity: 1.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52871 - License Center",
"Content": "CVE ID : CVE-2025-52871
Published : Jan. 2, 2026, 3:18 p.m. | 43 minutes ago
Description : An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version:
License Center 2.0.36 and later
Severity: 1.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-48721 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-48721
Published : Jan. 2, 2026, 3:17 p.m. | 44 minutes ago
Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
QTS 5.2.8.3332 build 20251128 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-48721 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-48721
Published : Jan. 2, 2026, 3:17 p.m. | 44 minutes ago
Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
QTS 5.2.8.3332 build 20251128 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9110 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-9110
Published : Jan. 2, 2026, 3:17 p.m. | 44 minutes ago
Description : An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9110 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-9110
Published : Jan. 2, 2026, 3:17 p.m. | 44 minutes ago
Description : An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-54166 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-54166
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-54166 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-54166
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-57705 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-57705
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-57705 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-57705
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62857 - QuMagie",
"Content": "CVE ID : CVE-2025-62857
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following version:
QuMagie 2.8.1 and later
Severity: 2.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62857 - QuMagie",
"Content": "CVE ID : CVE-2025-62857
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following version:
QuMagie 2.8.1 and later
Severity: 2.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-65125 - Gosaliajainam Online-Movie-Booking SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-65125
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : SQL injection in gosaliajainam/online-movie-booking 5.5 in movie_details.php allows attackers to gain sensitive information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-65125 - Gosaliajainam Online-Movie-Booking SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-65125
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : SQL injection in gosaliajainam/online-movie-booking 5.5 in movie_details.php allows attackers to gain sensitive information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-53593 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-53593
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-53593 - QTS, QuTS hero",
"Content": "CVE ID : CVE-2025-53593
Published : Jan. 2, 2026, 3:16 p.m. | 45 minutes ago
Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity: 1.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2026-0567 - code-projects Content Management System pages.php sql injection",
"Content": "CVE ID : CVE-2026-0567
Published : Jan. 2, 2026, 5:32 p.m. | 32 minutes ago
Description : A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2026-0567 - code-projects Content Management System pages.php sql injection",
"Content": "CVE ID : CVE-2026-0567
Published : Jan. 2, 2026, 5:32 p.m. | 32 minutes ago
Description : A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2026-21429 - Emlog has Broken Access Control (BAC)",
"Content": "CVE ID : CVE-2026-21429
Published : Jan. 2, 2026, 5:23 p.m. | 40 minutes ago
Description : Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publication, no known patched versions are available.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2026-21429 - Emlog has Broken Access Control (BAC)",
"Content": "CVE ID : CVE-2026-21429
Published : Jan. 2, 2026, 5:23 p.m. | 40 minutes ago
Description : Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publication, no known patched versions are available.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2026-0566 - code-projects Content Management System edit_posts.php unrestricted upload",
"Content": "CVE ID : CVE-2026-0566
Published : Jan. 2, 2026, 5:16 p.m. | 47 minutes ago
Description : A security vulnerability has been detected in code-projects Content Management System 1.0. Impacted is an unknown function of the file /admin/edit_posts.php. The manipulation of the argument image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2026-0566 - code-projects Content Management System edit_posts.php unrestricted upload",
"Content": "CVE ID : CVE-2026-0566
Published : Jan. 2, 2026, 5:16 p.m. | 47 minutes ago
Description : A security vulnerability has been detected in code-projects Content Management System 1.0. Impacted is an unknown function of the file /admin/edit_posts.php. The manipulation of the argument image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-69416 - Plex Media Server Device Token Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-69416
Published : Jan. 2, 2026, 5:16 p.m. | 47 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve other tokens (intended for unrelated access) via clients.plex.tv/devices.xml.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-69416 - Plex Media Server Device Token Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-69416
Published : Jan. 2, 2026, 5:16 p.m. | 47 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve other tokens (intended for unrelated access) via clients.plex.tv/devices.xml.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-69417 - Plex Media Server Unauthorized Share Token Disclosure",
"Content": "CVE ID : CVE-2025-69417
Published : Jan. 2, 2026, 5:16 p.m. | 47 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-69417 - Plex Media Server Unauthorized Share Token Disclosure",
"Content": "CVE ID : CVE-2025-69417
Published : Jan. 2, 2026, 5:16 p.m. | 47 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "02 Jan 2026",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹