(TLP CLEAR) Weekly Vulnerabilities to Prioritize – January 15, 2026
Created: Thursday, January 15, 2026 - 10:31
Categories: Cybersecurity, Security Preparedness
The below vulnerabilities have been identified by WaterISAC analysts as important for water and wastewater utilities to prioritize in their vulnerability management efforts. WaterISAC shares critical vulnerabilities that affect widely used products and may be under active exploitation. WaterISAC draws additional awareness in alerts and advisories when vulnerabilities are confirmed to be impacting, or have a high likelihood of impacting, water and wastewater utilities. Members are encouraged to regularly review these vulnerabilities, many of which are often included in CISA’s Known Exploited Vulnerabilities (KEV) Catalog.
Gogs Path Traversal Zero-Day Vulnerability
CVSS v4.0: 8.7
CVE: CVE-2025-8110
Description: Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code. CISA has added this vulnerability to its KEV catalog.
Source: https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit
Microsoft Windows Information Disclosure Vulnerability
CVSS v3.1: 5.5
CVE: CVE-2026-20805
Description: Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. CISA has added this vulnerability to its KEV catalog.
Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20805
Fortinet FortiSIEM Command-Injection Vulnerability (Exploit Code Released)
CVSS 3.1: 9.8
CVEs: CVE-2025-25256
Description: Public exploit code is now available for a critical FortiSIEM vulnerability enabling unauthenticated command execution, sharply increasing exploitation likelihood. An improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.
Source: https://fortiguard.fortinet.com/psirt/FG-IR-25-152
Additional Reading: