General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-66686 | A stored Cross-Site Scripting (XSS) vulnerability exists in Perch CMS version 3.2. An authenticated attacker with admin… | Medium (6.1) | 2026-01-07 | General-Purpose |
| CVE-2025-65805 | OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote a… | High (7.5) | 2026-01-07 | General-Purpose |
| CVE-2025-61489 | A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute a… | Medium (6.5) | 2026-01-07 | General-Purpose |
| CVE-2025-12543 | A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. Th… | Critical (9.6) | 2026-01-07 | General-Purpose |
| CVE-2025-66838 | In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, … | Medium (6.5) | 2026-01-07 | General-Purpose |