📊 2026-05-31 漏洞情报日报 · 200 条 · 高危 69
每日漏洞情报汇总 · 2026-05-31
📊 2026-05-31 漏洞情报日报
📋 共 200 条
🔥 高危/严重 69 条
🚨 CISA-KEV 1 条
💣 Exploit-DB-RSS 15 条
🐙 GitHub-Advisory 53 条 🔥28
🛡️ NVD-Latest 41 条 🔥41
⚔️ Sploitus 90 条
🤖 今日安全态势分析
🎯 今日重点关注
- PraisonAI 沙箱逃逸 (CVE-2026-47392):攻击者可通过
print.__self__获取 Python 内置模块实现沙箱逃逸,获取__import__后执行任意代码。CVSS 9.9,需紧急升级至 v1.6.37 以上。 - Mautic 路径遍历与 SSTI (CVE-2026-9559 / 9558):在导入 ZIP 文件时因路径校验缺陷导致任意文件写入;模板引擎支持无沙箱 Twig 渲染,可致远程代码执行。两个漏洞 CVSS 均为 9.9。
- Stigmem-node 匿名访问与 mTLS 缺失 (多个 Critical):认证关闭部署会暴露匿名读写能力;Federation 未启用 mTLS 可导致流量被窃听或篡改。需确认节点配置并强化传输层保护。
- Comet Backup 备份代理签名模块注入 (CVE-2026-32999):认证后的租户管理员可利用签名模块的字符过滤缺陷执行任意代码,提升至特权用户权限。影响备份系统核心安全。
- RAGFlow 提示模板注入 (CVE-2026-45312):Jinja2 模板注入可使任何认证用户在 RAG 引擎中执行任意代码,直接威胁大模型数据与内部网络安全。
📈 威胁趋势
- 远程代码执行 (RCE) / 任意代码执行:PraisonAI、Mautic、RAGFlow、Comet Backup、DreamMaker 等软件均暴露可直接执行系统命令的漏洞。攻击面广、利用链短。
- 权限提升与认证绕过:WordPress 插件(OTP Login、WP Maps Pro)存在无认证管理员创建;PraisonAI API 服务器未配置令牌;Stigmem-node 允许无认证访问。
- 信息泄露与传输保护缺失:Stigmem-node 的未授权 agent 列举和 Federation 无 mTLS 设计可能导致敏感数据暴露。
- 模板注入 / 注入类漏洞:SSTI 和 Jinja2 注入是 AI 应用及 CMS 中的新热点,影响范围持续扩大。
- 文件上传与路径穿越:DreamMaker 任意文件上传、Mautic 路径穿越可直接上传 webshell,导致服务器失陷。
🛡️ 缓解建议
- 立即升级受影响组件:升级 PraisonAI 至 v1.6.37 及以上版本;更新 Mautic 至最新安全版本;修复 Comet Backup 与 RAGFlow 已知漏洞。
- 强化认证与访问控制:为所有 PraisonAI/Stigmem 等服务强制配置 API 令牌和 mTLS;检查 WordPress 插件权限设置;禁止将 admin 界面暴露在公网。
- 启用安全沙箱与输入过滤:对模板引擎(Jinja2、Twig)启用沙箱模式;严格检验 ZIP 文件的路径解压过程;限制可上传文件类型及路径。
- 实施网络隔离与监控:将关键服务(备份系统、AI 平台)置于内网或 VPN 之后;部署 Web 应用防火墙(WAF)以检测并拦截文件上传和模板注入攻击。
🚨 CISA-KEV(1 条)
Unknown (1 条)
- CVE-2026-0257 - Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
CVE-2026-0257
CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability 产品: Palo Alto Networks PAN-OS 描述: Palo Alto Networks PAN-OS contains an…
💣 Exploit-DB-RSS(15 条)
Unknown (15 条)
- [dos] strongSwan 5.9.13 - DoS
CVE-2026-35333
# Exploit Title: strongSwan 5.9.13 - DoS # Date: 2026-05-13 # Exploit Author: Lukas Johannes Moeller # Vendor Homepage: https://www.strongswan.org/ # Software… - [remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow
CVE-2026-35330
* Exploit Title: strongSwan 5.9.13 - heap buffer overflow * Date: 2026-05-13 * Exploit Author: Lukas Johannes Moeller * Vendor Homepage:…
…另有 13 条 Unknown 级漏洞(已省略)
🐙 GitHub-Advisory(53 条)
Critical (10 条)
- CVE-2026-47392 - PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak
CVE-2026-47392Critical 3.1
## Summary `execute_code()` in `praisonaiagents/tools/python_tools.py` (v1.6.37, subprocess sandbox mode) can be fully bypassed using `print.__self__` to… - GHSA-fp6w-8wpg-74g5 - stigmem-node: Auth-disabled deployments may grant broad anonymous access outside Critical
Impact Stigmem nodes configured with authentication disabled could grant the anonymous identity broad read/write/federation capabilities if exposed outside a… - GHSA-jmfc-hfjq-pxcp - stigmem-node's federation insecure transport settings may allow non-loopback cle Critical
Impact Stigmem nodes with federation enabled could be configured to run without mTLS outside loopback-only local development. In affected deployments,… - GHSA-9vp8-3hmv-8fgh - stigmem-node's federation peer registration lacked explicit out-of-band approval Critical
Impact Federation peer registration accepted peer key material during registration without a separate administrator approval step based on an out-of-band… - CVE-2026-47396 - PraisonAI call server exposes unauthenticated agent listing, invocation, and del
CVE-2026-47396Critical
Summary PraisonAI's call server exposes a network-facing agent control API without authentication when `CALL_SERVER_TOKEN` is not configured. The affected… - CVE-2026-47393 - PraisonAI `deploy --type api` emits a Flask server with authentication disabled
CVE-2026-47393Critical
Summary CVE-2026-44338 (GHSA-6rmh-7xcm-cpxj) documents that PraisonAI ships a code-generator (`praisonai.deploy.api.generate_api_server_code`) that emits a… - CVE-2026-47391 - PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval
CVE-2026-47391Critical
## Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A… - CVE-2026-47407 - PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
CVE-2026-47407Critical
## Summary The Platform server exposes resources under `/api/v1/workspaces/{workspace_id}/...` and protects them with a… - CVE-2026-47410 - praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me"
CVE-2026-47410Critical
## Summary **Type:** Insecure default cryptographic key. The JWT signing secret defaults to the hardcoded literal `"dev-secret-change-me"` when… - CVE-2026-47416 - praisonai-platform: Any workspace member can promote themselves or others to own
CVE-2026-47416Critical
## Summary **Type:** Vertical privilege escalation. The `PATCH /workspaces/{workspace_id}/members/{user_id}` endpoint is gated by…
High (18 条)
- CVE-2026-47260 - Koel Vulnerable to SSRF via Podcast Episode Enclosure URLs
CVE-2026-47260High
## Summary Koel validates the podcast feed URL via the `SafeUrl` rule (DNS resolution + public IP check), but the individual episode `<enclosure url="...">`… - CVE-2026-47695 - CC-Tweaked has an SSRF Protection Bypass with NAT64
CVE-2026-47695High
Summary CC-Tweaked's HTTP API (`http.request`, `http.websocket`) blocks requests to private network ranges to prevent server-side request forgery (SSRF). This… - CVE-2026-47201 - authentik's XML Signature Wrapping in SAML Source ACS allows authentication as a
CVE-2026-47201High
Summary authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at… - CVE-2026-47211 - ouroboros-ai Vulnerable to Remote Code Execution via Untrusted Project-Directory
CVE-2026-47211High
Impact A Remote Code Execution (RCE) vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros commands within that… - CVE-2026-47231 - Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder
CVE-2026-47231High
## Summary `modules/documents-files.php` gates state-changing modes by checking that the actor has `hasUploadRight()` on the URL parameter `folder_uuid`. The… - GHSA-xh5j-xjfq-qvvx - stigmem-node's federation peer token timestamp validation may reject valid peer High
Impact A mismatch in federation peer-token timestamp handling could cause valid peer tokens to be treated as expired. Impacted deployments are Stigmem nodes… - GHSA-9pc9-4crj-mhpj - stigmem-node's Postgres schema identifier handling required defensive quoting High
Impact Postgres backend schema identifiers were interpolated into SQL strings. In the reviewed code path the schema value is operator-controlled, but the… - GHSA-w7pm-9g55-mxfm - stigmem-node's unsigned plugin override could be enabled without a second explic High
Impact A single configuration flag could disable plugin signature enforcement. If an operator unintentionally carried that setting into an environment where… - CVE-2026-47266 - formie's unauthenticated front-end submission editing can overwrite existing sub
CVE-2026-47266High
Impact Unauthenticated users could modify existing submissions by posting a known or guessed submission ID to `formie/submissions/save-submission`. Patches… - CVE-2026-47398 - PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `
CVE-2026-47398High
<html><head></head><body><h2>Arbitrary code execution via ungated <code>spec.loader.exec_module</code> in <code>agents_generator.py</code> (v4.6.32 chokepoint… - CVE-2026-47394 - PraisonAI vulnerable to unauthenticated arbitrary file read via MCP workflow.sho
CVE-2026-47394High
## Summary The fix for GHSA-9mqq-jqxf-grvw / CVE-2026-44336 is incomplete. The original advisory description named four vulnerable handlers in… - CVE-2026-47397 - PraisonAI has an Arbitrary File Write in Python API
CVE-2026-47397High
# Bug Report: Arbitrary File Write in Python API ## Summary Hidden metadata in a webpage causes PraisonAI agents to write attacker-controlled content to… - CVE-2026-48169 - PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
CVE-2026-48169High
Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs… - CVE-2026-47399 - PraisonAI Platform workspace-scoped routes allow cross-workspace object access b
CVE-2026-47399High
Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one… - CVE-2026-47405 - PraisonAI Platform: Missing role checks let any workspace member become owner an
CVE-2026-47405High
Summary PraisonAI Platform has a broken workspace authorization check that allows any authenticated low-privilege workspace member to escalate their own role… - CVE-2026-47406 - praisonai-platform: IDOR in dependency endpoints allows cross-workspace issue li
CVE-2026-47406High
## Summary **Type:** Insecure Direct Object Reference. The dependency endpoints (`POST/GET /workspaces/{workspace_id}/issues/{issue_id}/dependencies` and… - CVE-2026-47414 - praisonai-platform: Label endpoints' unchecked label_id/issue_id enable cross-wo
CVE-2026-47414High
## Summary **Type:** Insecure Direct Object Reference. Five label endpoints — `PATCH /workspaces/{workspace_id}/labels/{label_id}`, `DELETE… - CVE-2026-47409 - praisonai-platform: Missing authorization on member removal enables full workspa
CVE-2026-47409High
## Summary **Type:** Authorization bypass enabling owner lockout. The `DELETE /workspaces/{workspace_id}/members/{user_id}` endpoint is gated only by…
Medium (22 条)
- CVE-2026-47121 - Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta
CVE-2026-47121Medium
## Summary Binary delta apply intermediate-symlink traversal in malicious .delta `Autoupdate/SUBinaryDeltaApply.m` enforces `relativePath.pathComponents… - CVE-2026-47122 - Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections
CVE-2026-47122Medium
## Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. ## Details… - GHSA-qjvr-435c-5fjh - Nerdbank.MessagePack has a memory amplification DoS in collection deserializatio
CVE-2026-21452CVE-2024-48924Medium
Nerdbank.MessagePack deserializers for many collection-shaped types trusted the element count declared in MessagePack array and map headers when allocating… - GHSA-92vj-hp7m-gwcj - Nerdbank.MessagePack has Inefficient CPU Computation Medium
Impact Applications that call `OptionalConverters.WithExpandoObjectConverter` and deserialize untrusted data are open to a vulnerability by which an attacker… - CVE-2026-47180 - zeroconf has unbounded recursion in DNS compression-pointer decoder that allows
CVE-2026-47180Medium
Impact `DNSIncoming._decode_labels_at_offset` recurses once per DNS-name compression pointer (RFC 1035 §4.1.4). Pointer cycles and label counts were capped,… - CVE-2026-47183 - zeroconf: Unbounded exception-dedup state retains packet buffers via traceback f
CVE-2026-47183Medium
Impact `DNSIncoming._log_exception_debug` and the four `QuietLogger` exception-dedup methods stored an unbounded `_seen_logs` dict keyed by… - CVE-2026-47184 - zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion
CVE-2026-47184Medium
Impact `DNSCache._async_add` inserted every response record into `cache`, `_expirations`, `_expire_heap`, and `service_cache` with no cap on entry count. The… - CVE-2026-47212 - Symfony: Twilio SMS Notifier allows unauthenticated webhook injection due to mis
CVE-2026-47212Medium
Description The Twilio SMS notifier bridge ships a webhook request parser used to authenticate and decode the status callbacks Twilio POSTs to an application's…
…另有 14 条 Medium 级漏洞(已省略)
Low (3 条)
- CVE-2026-47203 - Authelia Missing Username Canonicalization in Basic Auth (LDAP)
CVE-2026-47203Low 4.0
Impact **CVSSv4 Baseline Score:** Moderate 6.3 **CVSSv4 Weighted Score:** Low 2.9 The full CVSSv4 Vector for this vulnerability is: >… - CVE-2026-45753 - Symfony's HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cit
CVE-2026-45753Low
Description `symfony/html-sanitizer` lets applications sanitise untrusted HTML. `UrlAttributeSanitizer` is the visitor responsible for validating URL-valued… - CVE-2026-30963 - Capsule Namespace Hijacking via subresource
CVE-2026-30963Low
Summary To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate update requests…
🛡️ NVD-Latest(41 条)
Critical (8 条)
- CVE-2026-45312 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0
CVE-2026-45312Critical 9.9
CVE-2026-45312 CVSS:9.9 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt… - CVE-2026-9559 A path traversal vulnerability exists in the campaign import feature of Mautic 7
CVE-2026-9559Critical 9.9
CVE-2026-9559 CVSS:9.9 A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign… - CVE-2026-9558 A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme e
CVE-2026-9558Critical 9.9
CVE-2026-9558 CVSS:9.9 A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates… - CVE-2026-10071 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, al
CVE-2026-10071Critical 9.8
CVE-2026-10071 CVSS:9.8 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and… - CVE-2026-3655 The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulner
CVE-2026-3655Critical 9.8
CVE-2026-3655 CVSS:9.8 The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through… - CVE-2026-8732 The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via A
CVE-2026-8732Critical 9.8
CVE-2026-8732 CVSS:9.8 The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and… - CVE-2026-4408 A flaw was found in Samba. A remote attacker can exploit a misconfiguration in S
CVE-2026-4408Critical 9.0
CVE-2026-4408 CVSS:9.0 A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that… - CVE-2026-32999 Insufficient character filtering in backup agent signing module on Comet Backup
CVE-2026-32999Critical 9.0
CVE-2026-32999 CVSS:9.0 Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to…
High (33 条)
- CVE-2026-45578 WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cl
CVE-2026-45578High 8.8
CVE-2026-45578 CVSS:8.8 WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a classic shell-metacharacter injection. The YPTSocket… - CVE-2025-11993 The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vuln
CVE-2025-11993High 8.8
CVE-2025-11993 CVSS:8.8 The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,… - CVE-2026-6226 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthent
CVE-2026-6226High 8.8
CVE-2026-6226 CVSS:8.8 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions up to and… - CVE-2026-9227 The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Arbitrary
CVE-2026-9227High 8.8
CVE-2026-9227 CVSS:8.8 The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.20.1… - CVE-2026-9009 The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnera
CVE-2026-9009High 8.8
CVE-2026-9009 CVSS:8.8 The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and… - CVE-2026-7802 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authoriza
CVE-2026-7802High 8.8
CVE-2026-7802 CVSS:8.8 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including,… - CVE-2026-8915 Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflo
CVE-2026-8915High 8.8
CVE-2026-8915 CVSS:8.8 Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot:… - CVE-2026-48527 HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up
CVE-2026-48527High 8.7
CVE-2026-48527 CVSS:8.7 HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including 26.0.0 are affected by a stored… - CVE-2026-7862 The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not proper
CVE-2026-7862High 8.6
CVE-2026-7862 CVSS:8.6 The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not properly restrict access to its refund request handler,… - CVE-2026-44698 Home Assistant is open source home automation software that puts local control a
CVE-2026-44698High 8.3
CVE-2026-44698 CVSS:8.3 Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and… - CVE-2026-46510 form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-obje
CVE-2026-46510High 8.2
CVE-2026-46510 CVSS:8.2 form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys (e.g.… - CVE-2026-45615 mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulne
CVE-2026-45615High 8.2
CVE-2026-45615 CVSS:8.2 mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton… - CVE-2026-45707 n8n-MCP is an MCP server that provides AI assistants access to n8n node document
CVE-2026-45707High 8.1
CVE-2026-45707 CVSS:8.1 n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2,… - CVE-2026-6075 The Media Library Assistant plugin for WordPress is vulnerable to Cross-Site Req
CVE-2026-6075High 8.1
CVE-2026-6075 CVSS:8.1 The Media Library Assistant plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.35 This… - CVE-2026-6455 The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Sit
CVE-2026-6455High 8.1
CVE-2026-6455 CVSS:8.1 The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Deletion via… - CVE-2026-45555 Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code
CVE-2026-45555High 7.8
CVE-2026-45555 CVSS:7.8 Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code intelligence for .NET codebases. From 0.0.9 to 1.17.0,… - CVE-2026-42965 A flaw was found in the OpenShift Router. A user with EndpointSlice write access
CVE-2026-42965High 7.7
CVE-2026-42965 CVSS:7.7 A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service… - CVE-2026-9804 A flaw was found in KubeVirt's virt-exportserver component. An attacker with spe
CVE-2026-9804High 7.7
CVE-2026-9804 CVSS:7.7 A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path… - CVE-2026-9809 A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects compone
CVE-2026-9809High 7.6
CVE-2026-9809 CVSS:7.6 A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects component of Mautic 7. When displaying project tags and… - CVE-2026-10073 DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allo
CVE-2026-10073High 7.5
CVE-2026-10073 CVSS:7.5 DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit… - CVE-2026-10056 CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before ver
CVE-2026-10056High 7.5
CVE-2026-10056 CVSS:7.5 CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard… - CVE-2026-7797 The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin p
CVE-2026-7797High 7.5
CVE-2026-7797 CVSS:7.5 The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind… - CVE-2026-32995 The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8
CVE-2026-32995High 7.5
CVE-2026-32995 CVSS:7.5 The Rocket.Chat DDP method autoTranslate.translateMessage in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.5, <7.13.8, and… - CVE-2026-46579 A flaw was found in the OpenShift Router. When a Route has `insecureEdgeTerminat
CVE-2026-46579High 7.4
CVE-2026-46579 CVSS:7.4 A flaw was found in the OpenShift Router. When a Route has `insecureEdgeTerminationPolicy` set to Allow, the HTTP frontend does not… - CVE-2026-9795 A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature.
CVE-2026-9795High 7.3
CVE-2026-9795 CVSS:7.3 A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management… - CVE-2026-10072 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, al
CVE-2026-10072High 7.2
CVE-2026-10072 CVSS:7.2 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and… - CVE-2025-11262 The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Sc
CVE-2025-11262High 7.2
CVE-2025-11262 CVSS:7.2 The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up… - CVE-2026-7634 The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site S
CVE-2026-7634High 7.2
CVE-2026-7634 CVSS:7.2 The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'User-Agent' header in all versions up… - CVE-2026-7052 The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPres
CVE-2026-7052High 7.2
CVE-2026-7052 CVSS:7.2 The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the… - CVE-2026-2374 The Login No Captcha reCAPTCHA plugin for WordPress is vulnerable to Stored Cros
CVE-2026-2374High 7.2
CVE-2026-2374 CVSS:7.2 The Login No Captcha reCAPTCHA plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `$_SERVER['PHP_SELF']`… - CVE-2026-9808 An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints (u
CVE-2026-9808High 7.1
CVE-2026-9808 CVSS:7.1 An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints (utilizing API Platform). Under certain conditions, roles… - CVE-2026-4776 An SQL injection vulnerability exists in Mautic's API contact filtering mechanis
CVE-2026-4776High 7.1
CVE-2026-4776 CVSS:7.1 An SQL injection vulnerability exists in Mautic's API contact filtering mechanism. Due to insufficient recursive sanitization of nested… - CVE-2026-44604 A command injection vulnerability was discovered in the `rpmuncompress` utility
CVE-2026-44604High 7.0
CVE-2026-44604 CVSS:7.0 A command injection vulnerability was discovered in the `rpmuncompress` utility of RPM. When extracting certain archive formats (ZIP,…
⚔️ Sploitus(90 条)
Unknown (90 条)
- Exploit for CVE-2025-10162 exploit
CVE-2025-10162
Exploit for CVE-2025-10162 exploit - Exploit for Write-what-where Condition in Linux Linux_Kernel exploit
Exploit for Write-what-where Condition in Linux Linux_Kernel exploit
…另有 88 条 Unknown 级漏洞(已省略)
🤖 漏洞情报自动汇总 · 2026-05-31 · 数据来源: NVD / GitHub Advisory / Sploitus / CISA-KEV