January 21, 2026 ASM Discovery Engine Release

Attack Surface Management Discovery Engine release v2026.01.21

This Attack Surface Management Discovery Engine release includes:

Vulnerability Checks

  • Added CVE-2025-6174 - Qwizcards Reflected XSS
  • Added CVE-2021-35042 - Django SQL Injection
  • Added CVE-2023-6266 - WordPress Backup Migration Unauthorized Access
  • Added CVE-2025-14611 - Gladinet CentreStack and Triofox Hardcoded Cryptographic Keys
  • Added CVE-2025-20393 - Cisco Email Appliances Remote Code Execution
  • Added CVE-2025-14847 - MongoDB Uninitialized Memory Read (MongoBleed)
  • Added CVE-2017-10271 - Oracle WebLogic XMLDecoder Remote Code Execution
  • Added CVE-2023-5914 - Citrix StoreFront XSS

Technology Fingerprints

  • Added BackupBliss Backup Migration technology fingerprint
  • Added Cisco Secure Email and Web Manager technology fingerprint
  • Added Citrix StoreFront technology fingerprint
  • Added Qwizcards Wordpress Plugin technology fingerprint
© Copyright Mandiant. All rights reserved
  • First Published: January 21, 2026
  • Last updated: March 19, 2026
In This Article
Related Articles
  • None
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.