Latest Vulnerabilities Updates: AppSecWorld's CVE Daily Digest for January 24-25, 2026

In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 24-25, 2026.
During this period, The National Vulnerability Database published 79, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:

Critical: 2
High: 14
Medium: 43
Low: 2
Severity Not Assigned: 18

Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.

1. CVE-2026-24399
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 5.8
Description: ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an