General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-61489 | A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute a… | Medium (6.5) | 2026-01-07 | General-Purpose |
| CVE-2025-12543 | A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. Th… | Critical (9.6) | 2026-01-07 | General-Purpose |
| CVE-2025-66838 | In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, … | Medium (6.5) | 2026-01-07 | General-Purpose |
| CVE-2025-62327 | In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credent… | Medium (4.9) | 2026-01-07 | General-Purpose |
| CVE-2025-49335 | Server-Side Request Forgery (SSRF) vulnerability in minnur External Media allows Server Side Request Forgery.This issue… | Medium (4.9) | 2026-01-07 | General-Purpose |