CVE-2025-22189 - Adobe Flash Player Unvalidated Redirects and Rewards (URR)
CVE ID : CVE-2025-22189
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22189
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22190 - Cisco WebEx Remote Code Execution Vulnerability
CVE ID : CVE-2025-22190
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22190
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22191 - Apache Struts Cross-Site Scripting
CVE ID : CVE-2025-22191
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22191
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22192 - Adobe Acrobat Untrusted Search Path Vulnerability
CVE ID : CVE-2025-22192
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22192
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22193 - Here is a title for the vulnerability: Apache Struts Deserialization Vulnerability
CVE ID : CVE-2025-22193
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22193
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22194 - Here is a title for the vulnerability: Apache Struts Deserialization Memory Corruption
CVE ID : CVE-2025-22194
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22194
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22195 - Apache Struts Command Injection Vulnerability
CVE ID : CVE-2025-22195
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22195
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22196 - Apache Struts Remote Code Execution Vulnerability
CVE ID : CVE-2025-22196
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22196
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22197 - Apache Struts Remote Code Execution Vulnerability
CVE ID : CVE-2025-22197
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22197
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22198 - Apache Struts Deserialization Remote Code Execution
CVE ID : CVE-2025-22198
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22198
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22199 - Apache Struts Remote Code Execution Vulnerability
CVE ID : CVE-2025-22199
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22199
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22200 - Apache HTTP Server SQL Injection
CVE ID : CVE-2025-22200
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22200
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22201 - VMware vCenter Server Remote Code Execution
CVE ID : CVE-2025-22201
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22201
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22202 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-22202
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22202
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22203 - Apache Struts Code Injection Vulnerability
CVE ID : CVE-2025-22203
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22203
Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago
Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-69413 - Gitea Authentication Information Disclosure
CVE ID : CVE-2025-69413
Published : Jan. 1, 2026, 5:16 a.m. | 3 hours, 6 minutes ago
Description : In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-69413
Published : Jan. 1, 2026, 5:16 a.m. | 3 hours, 6 minutes ago
Description : In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13820 - Comments – wpDiscuz < 7.6.40 - Unauthenticated Account Takeover
CVE ID : CVE-2025-13820
Published : Jan. 1, 2026, 6:15 a.m. | 2 hours, 6 minutes ago
Description : The Comments WordPress plugin before 7.6.40 does not properly validate user's identity when using the disqus.com provider, allowing an attacker to log in to any user (when knowing their email address) when such user does not have an account on disqus.com yet.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13820
Published : Jan. 1, 2026, 6:15 a.m. | 2 hours, 6 minutes ago
Description : The Comments WordPress plugin before 7.6.40 does not properly validate user's identity when using the disqus.com provider, allowing an attacker to log in to any user (when knowing their email address) when such user does not have an account on disqus.com yet.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11157 - Arbitrary Code Execution in feast-dev/feast
CVE ID : CVE-2025-11157
Published : Jan. 1, 2026, 7:16 a.m. | 1 hour, 6 minutes ago
Description : A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at `feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py`. The vulnerability arises from the use of `yaml.load(..., Loader=yaml.Loader)` to deserialize `/var/feast/feature_store.yaml` and `/var/feast/materialization_config.yaml`. This method allows for the instantiation of arbitrary Python objects, enabling an attacker with the ability to modify these YAML files to execute OS commands on the worker pod. This vulnerability can be exploited before the configuration is validated, potentially leading to cluster takeover, data poisoning, and supply-chain sabotage.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11157
Published : Jan. 1, 2026, 7:16 a.m. | 1 hour, 6 minutes ago
Description : A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at `feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py`. The vulnerability arises from the use of `yaml.load(..., Loader=yaml.Loader)` to deserialize `/var/feast/feature_store.yaml` and `/var/feast/materialization_config.yaml`. This method allows for the instantiation of arbitrary Python objects, enabling an attacker with the ability to modify these YAML files to execute OS commands on the worker pod. This vulnerability can be exploited before the configuration is validated, potentially leading to cluster takeover, data poisoning, and supply-chain sabotage.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0544 - itsourcecode School Management System index.php sql injection
CVE ID : CVE-2026-0544
Published : Jan. 1, 2026, 9:15 a.m. | 3 hours, 8 minutes ago
Description : A security flaw has been discovered in itsourcecode School Management System 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0544
Published : Jan. 1, 2026, 9:15 a.m. | 3 hours, 8 minutes ago
Description : A security flaw has been discovered in itsourcecode School Management System 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-15404 - campcodes School File Management System save_file.php unrestricted upload
CVE ID : CVE-2025-15404
Published : Jan. 1, 2026, 2:16 p.m. | 2 hours, 9 minutes ago
Description : A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /save_file.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-15404
Published : Jan. 1, 2026, 2:16 p.m. | 2 hours, 9 minutes ago
Description : A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /save_file.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-15405 - PHPEMS cross-site request forgery
CVE ID : CVE-2025-15405
Published : Jan. 1, 2026, 3:15 p.m. | 1 hour, 10 minutes ago
Description : A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-15405
Published : Jan. 1, 2026, 3:15 p.m. | 1 hour, 10 minutes ago
Description : A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...