π Weekly CVE Roundup
December 29 - January 4, 2026
π΄ Critical & High Severity Vulnerabilities
These are the most dangerous vulnerabilities disclosed this week. Prioritize patching these.
The Branda WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to reset passwords for any user account, ...
Jan 2This SQL injection vulnerability in the online-movie-booking system allows attackers to execute arbitrary SQL commands through the movie_details.php e...
Jan 2This critical vulnerability in Malware Remover allows remote attackers to bypass security protections through improper code generation control. Attack...
Jan 2An SQL injection vulnerability in Hyper Data Protector allows remote attackers to execute unauthorized SQL commands. This affects all systems running ...
Jan 2This vulnerability in gpsd allows attackers to trigger heap-based out-of-bounds writes by sending specially crafted NMEA2000 PGN 129540 packets with e...
Jan 2Signal K Server versions before 2.19.0 allow unauthenticated attackers to steal JWT authentication tokens through two chained vulnerabilities: unauthe...
Jan 1This CVE describes a remote buffer overflow vulnerability in UTT θΏε 512W router firmware version 1.7.7-171114. Attackers can exploit the strcpy fu...
Jan 2A remote buffer overflow vulnerability in UTT θΏε 512W firmware version 1.7.7-171114 allows attackers to execute arbitrary code or cause denial of ...
Jan 2This vulnerability allows remote attackers to execute arbitrary code on UTT θΏε 512W devices via a buffer overflow in the FTP server configuration ...
Jan 2A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects QNAP...
Jan 2A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects user...
Jan 2A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects user...
Jan 2A path traversal vulnerability in Qfiling allows remote attackers to read arbitrary files on the system by manipulating file paths. This affects all Q...
Jan 2An integer underflow vulnerability in gpsd's NAVCOM packet parser causes a denial of service condition. When processing malicious packets, the parser ...
Jan 2This CVE-2025-9110 vulnerability allows remote attackers to read sensitive system information from affected QNAP devices without authorization. Attack...
Jan 2This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0's /worksheet/agent_work_report.jsp endpoint via the ID parameter. Attackers can re...
Jan 2This vulnerability allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /worksheet/agent_worksadd.jsp endpoint of Yon...
Jan 2This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 through the /worksheet/agent_worksdel.jsp endpoint. Attackers can manipulate the I...
Jan 2This vulnerability in jackying H-ui.admin allows attackers to upload arbitrary files without restrictions via the /lib/webuploader/0.1.5/server/previe...
Jan 2This vulnerability allows remote attackers to execute SQL injection attacks against Yonyou KSOA 9.0 through the /kp/PrintZPYG.jsp file by manipulating...
Jan 2Signal K Server versions before 2.19.0 allow authenticated administrators to install npm packages from arbitrary sources via the appstore interface. T...
Jan 1π’ Most Affected Vendors
π Common Vulnerability Types
π All CVEs This Week
The Branda WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to reset pa...
This SQL injection vulnerability in the online-movie-booking system allows attackers to execute arbitrary SQL commands t...
This critical vulnerability in Malware Remover allows remote attackers to bypass security protections through improper c...
An SQL injection vulnerability in Hyper Data Protector allows remote attackers to execute unauthorized SQL commands. Thi...
This vulnerability in gpsd allows attackers to trigger heap-based out-of-bounds writes by sending specially crafted NMEA...
Signal K Server versions before 2.19.0 allow unauthenticated attackers to steal JWT authentication tokens through two ch...
This CVE describes a remote buffer overflow vulnerability in UTT θΏε 512W router firmware version 1.7.7-171114. Attac...
A remote buffer overflow vulnerability in UTT θΏε 512W firmware version 1.7.7-171114 allows attackers to execute arbi...
This vulnerability allows remote attackers to execute arbitrary code on UTT θΏε 512W devices via a buffer overflow in...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or cras...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or cras...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or cras...
A path traversal vulnerability in Qfiling allows remote attackers to read arbitrary files on the system by manipulating ...
An integer underflow vulnerability in gpsd's NAVCOM packet parser causes a denial of service condition. When processing ...
This CVE-2025-9110 vulnerability allows remote attackers to read sensitive system information from affected QNAP devices...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0's /worksheet/agent_work_report.jsp endpoint via the ...
This vulnerability allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /worksheet/agen...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 through the /worksheet/agent_worksdel.jsp endpoint. ...
This vulnerability in jackying H-ui.admin allows attackers to upload arbitrary files without restrictions via the /lib/w...
This vulnerability allows remote attackers to execute SQL injection attacks against Yonyou KSOA 9.0 through the /kp/Prin...
Signal K Server versions before 2.19.0 allow authenticated administrators to install npm packages from arbitrary sources...
A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attackers to cause denial...
This CVE describes a resource exhaustion vulnerability in QNAP operating systems where authenticated remote attackers ca...
A format string vulnerability in QNAP operating systems allows attackers with administrator access to read sensitive dat...
A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attackers to cause denial...
A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modi...
A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modi...
An out-of-bounds read vulnerability in QNAP License Center allows authenticated remote attackers to read sensitive memor...
A buffer overflow vulnerability in QNAP License Center allows authenticated administrators to modify memory or crash pro...
A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modi...
Signal K Server versions before 2.19.0 have vulnerabilities that allow attackers to craft convincing social engineering ...
This vulnerability allows remote attackers to upload arbitrary files via the photo parameter in the student registration...
This SQL injection vulnerability in Daptin's Aggregate API allows remote attackers to execute arbitrary SQL commands by ...
The Logo Slider WordPress plugin before version 4.9.0 contains a stored cross-site scripting (XSS) vulnerability. Users ...
ShopBuilder WordPress plugin before version 3.2.2 contains a reflected cross-site scripting (XSS) vulnerability where un...
This CVE describes a cross-site scripting (XSS) vulnerability in mccutchen httpbin v2.17.1 that allows attackers to inje...
A cross-site scripting (XSS) vulnerability in QuMagie allows remote attackers to inject malicious scripts that execute i...
Signal K Server versions before 2.19.0 have an unauthenticated information disclosure vulnerability that allows any user...
An out-of-bounds read vulnerability in wabt's wasm-decompile tool allows local attackers to read memory beyond intended ...
A memory corruption vulnerability in wasm3 up to version 0.5.0 allows local attackers to potentially execute arbitrary c...
This vulnerability in the WP User Frontend WordPress plugin allows unauthenticated attackers to delete attachments witho...
This is a path traversal vulnerability in yeqifu carRental software that allows attackers to access arbitrary files on t...
REDCap 14.3.13 has a username enumeration vulnerability where attackers can distinguish between valid and invalid userna...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credential...
An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to ...
An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to ...
An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to ...
This CVE describes a resource allocation vulnerability in QNAP operating systems where an authenticated attacker with ad...
This CVE describes a path traversal vulnerability in QNAP operating systems that allows authenticated attackers with adm...
A path traversal vulnerability in QNAP operating systems allows authenticated administrators to read arbitrary files. Th...
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in go-sonic's Theme Fetching API. Attackers can ma...
This vulnerability in PluXml's Media Management Module allows remote attackers to execute arbitrary code through deseria...
This vulnerability in Plane.io allows guest users to access an API endpoint that lists workspace members, potentially ex...
This CVE describes a cross-site scripting (XSS) vulnerability in LigeroSmart's Environment Variable Handler component. A...
KDE messagelib versions before 25.11.90 ignore SSL certificate validation errors when contacting Google's Safe Browsing ...
A local denial-of-service vulnerability exists in Open5GS versions up to 2.7.6 where the ogs_gtp2_parse_bearer_qos funct...
This vulnerability allows attackers to inject malicious scripts into the 'Remark' or 'Variable Value' parameters of the ...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for this identi...
This CVE ID was reserved but never assigned to an actual vulnerability. No software or systems are affected by this iden...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists under this iden...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for this identi...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID was reserved but not used for any actual vulnerability disclosure. No vulnerability exists, and no systems a...
This CVE ID (CVE-2025-34385) was rejected and never assigned to an actual vulnerability. It was reserved but not used fo...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for this identi...
This CVE ID was reserved but not used for any actual vulnerability disclosure. No vulnerability exists under this identi...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID (CVE-2025-34390) was rejected because it was reserved but never used for an actual vulnerability disclosure....
This CVE ID was reserved but not used for any actual vulnerability disclosure. No vulnerability exists, and no systems a...
This CVE ID (CVE-2025-34405) was rejected and never assigned to an actual vulnerability. It was reserved but not used fo...
This CVE ID was reserved but never assigned to an actual vulnerability. No software or systems are affected by this iden...
This CVE ID (CVE-2025-34426) was rejected and never assigned to an actual vulnerability. It was reserved but not used fo...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists under this iden...
This CVE ID (CVE-2025-34432) was reserved but never assigned to an actual vulnerability. It represents a placeholder tha...
CVE-2025-34443 is not an actual vulnerability. It was a CVE ID that was reserved but never assigned to a real security i...
This CVE ID was reserved but not used for any actual vulnerability disclosure. No vulnerability exists, and no systems a...
This CVE ID was reserved but never assigned to an actual vulnerability. No software or systems are affected by this iden...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for this identi...
This CVE ID (CVE-2025-34447) was rejected because it was reserved but never used for an actual vulnerability disclosure....
This CVE ID was reserved but not used for any actual vulnerability disclosure. No vulnerability exists under this identi...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for this identi...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID (CVE-2025-34455) was rejected because it was reserved but never used for an actual vulnerability disclosure....
This CVE ID was reserved but never assigned to an actual vulnerability. No software or systems are affected by this iden...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists under this iden...
This CVE has been reserved by a CVE Numbering Authority but no details have been published yet. The vulnerability descri...
This CVE ID (CVE-2025-34461) was reserved but never assigned to an actual vulnerability. It represents a placeholder tha...
This CVE ID was reserved but never assigned to an actual vulnerability. No security vulnerability exists for CVE-2025-34...
This CVE ID was reserved but not used for any actual vulnerability disclosure. No vulnerability exists under this identi...
