📊 2026-06-01 漏洞情报日报 · 200 条 · 高危 95
每日漏洞情报汇总 · 2026-06-01
📊 2026-06-01 漏洞情报日报
📋 共 200 条
🔥 高危/严重 95 条
🐙 GitHub-Advisory 34 条 🔥14
🛡️ NVD-Latest 81 条 🔥81
⚔️ Sploitus 85 条
🤖 今日安全态势分析
🎯 今日重点关注
- CVE-2026-47396 (PraisonAI):未授权API访问漏洞。PraisonAI的`call server`在未配置`CALL_SERVER_TOKEN`时,暴露未认证的智能体控制API,攻击者可远程调用并执行任意智能体操作。利用条件:公网可达且未配置认证令牌。
- GHSA-fp6w-8wpg-74g5 (stigmem-node):匿名访问权限提升。关闭认证的stigmem节点若暴露于非回环地址,将授予匿名用户广泛的读写与联邦操作权限。利用条件:节点认证关闭且暴露于网络。
- CVE-2026-45312 (RAGFlow):服务端模板注入(SSTI)导致RCE。RAGFlow 0.24.0及更早版本的提示词生成器存在Jinja2模板注入,任何已认证用户可执行任意代码。利用条件:拥有合法账号。
- CVE-2026-9559 (Mautic):路径遍历导致任意文件写入。Mautic 7的营销活动导入功能在解压ZIP文件时存在路径穿越漏洞,可能导致远程代码执行。利用条件:拥有权限的管理员用户或可诱导管理员导入恶意ZIP。
- CVE-2026-3655 (WordPress OTP插件):认证绕过。WordPress的OTP Login插件(1.8.50-1.8.60版本)因Firebase验证流程缺陷,允许攻击者绕过认证并登录任意用户账户。利用条件:目标站点运行受影响插件版本。
📈 威胁趋势
- 远程代码执行(RCE):今日占比最高,如RAGFlow的SSTI漏洞(CVE-2026-45312)、Mautic的路径遍历与SSTI(CVE-2026-9559/9558)以及开源项目ouroboros-ai与Delta Sql的任意文件上传漏洞,攻击者可取得服务器控制权。
- 认证绕过与权限提升:集中出现,包括WordPress OTP插件(CVE-2026-3655)、WP Maps Pro插件(CVE-2026-8732)以及stigmem-node因配置错误导致的匿名宽权限。
- 服务端请求伪造(SSRF):出现两个相关漏洞,针对Koel的播客解析功能(CVE-2026-47260)和CC-Tweaked的HTTP API(CVE-2026-47695),后者利用NAT64绕过传统的内网IP黑名单。
- XML签名绕过:authentik的SAML组件存在签名封装攻击(CVE-2026-47201),允许攻击者复用上游IdP的签名断言冒充其他联邦用户。
- IoT设备漏洞:Totolink N300RH路由器Web管理接口存在未授权命令执行漏洞(CVE-2026-10187),CVSS 9.8,影响面广。
🛡️ 缓解建议
- 立即加固暴露的API与配置:针对PraisonAI和stigmem-node,立即启用认证机制(如API Token/Auth)并确保服务仅在本地回环地址监听,避免直接暴露于互联网。
- 更新易受攻击的软件与插件:将RAGFlow、Mautic、WordPress OTP插件、WP Maps Pro、authentik及Koel等升级至官方发布的最新安全版本,修复已知SSTI、路径遍历及认证绕过漏洞。
- 限制上传与模板执行能力:禁用或限制未受沙箱保护的模板引擎(如Mautic的Twig、RAGFlow的Jinja2)及文件上传功能,对上传文件进行严格类型和路径校验,防止任意文件写入和代码执行。
- 强化网络访问控制与配置审查:对于IoT设备(如Totolink路由器)和存在SSRF风险的应用(CC-Tweaked、Koel),建议隔离在内部网络,配置严格的白名单策略,并审查所有联邦传输配置确保启用mTLS。
🐙 GitHub-Advisory(34 条)
Critical (4 条)
- GHSA-fp6w-8wpg-74g5 - stigmem-node: Auth-disabled deployments may grant broad anonymous access outside Critical
Impact Stigmem nodes configured with authentication disabled could grant the anonymous identity broad read/write/federation capabilities if exposed outside a… - GHSA-jmfc-hfjq-pxcp - stigmem-node's federation insecure transport settings may allow non-loopback cle Critical
Impact Stigmem nodes with federation enabled could be configured to run without mTLS outside loopback-only local development. In affected deployments,… - GHSA-9vp8-3hmv-8fgh - stigmem-node's federation peer registration lacked explicit out-of-band approval Critical
Impact Federation peer registration accepted peer key material during registration without a separate administrator approval step based on an out-of-band… - CVE-2026-47396 - PraisonAI call server exposes unauthenticated agent listing, invocation, and del
CVE-2026-47396Critical
Summary PraisonAI's call server exposes a network-facing agent control API without authentication when `CALL_SERVER_TOKEN` is not configured. The affected…
High (10 条)
- CVE-2026-47260 - Koel Vulnerable to SSRF via Podcast Episode Enclosure URLs
CVE-2026-47260High
## Summary Koel validates the podcast feed URL via the `SafeUrl` rule (DNS resolution + public IP check), but the individual episode `<enclosure url="...">`… - CVE-2026-47695 - CC-Tweaked has an SSRF Protection Bypass with NAT64
CVE-2026-47695High
Summary CC-Tweaked's HTTP API (`http.request`, `http.websocket`) blocks requests to private network ranges to prevent server-side request forgery (SSRF). This… - CVE-2026-47201 - authentik's XML Signature Wrapping in SAML Source ACS allows authentication as a
CVE-2026-47201High
Summary authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at… - CVE-2026-47211 - ouroboros-ai Vulnerable to Remote Code Execution via Untrusted Project-Directory
CVE-2026-47211High
Impact A Remote Code Execution (RCE) vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros commands within that… - CVE-2026-47231 - Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder
CVE-2026-47231High
## Summary `modules/documents-files.php` gates state-changing modes by checking that the actor has `hasUploadRight()` on the URL parameter `folder_uuid`. The… - GHSA-xh5j-xjfq-qvvx - stigmem-node's federation peer token timestamp validation may reject valid peer High
Impact A mismatch in federation peer-token timestamp handling could cause valid peer tokens to be treated as expired. Impacted deployments are Stigmem nodes… - GHSA-9pc9-4crj-mhpj - stigmem-node's Postgres schema identifier handling required defensive quoting High
Impact Postgres backend schema identifiers were interpolated into SQL strings. In the reviewed code path the schema value is operator-controlled, but the… - GHSA-w7pm-9g55-mxfm - stigmem-node's unsigned plugin override could be enabled without a second explic High
Impact A single configuration flag could disable plugin signature enforcement. If an operator unintentionally carried that setting into an environment where… - CVE-2026-47266 - formie's unauthenticated front-end submission editing can overwrite existing sub
CVE-2026-47266High
Impact Unauthenticated users could modify existing submissions by posting a known or guessed submission ID to `formie/submissions/save-submission`. Patches… - CVE-2026-47398 - PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `
CVE-2026-47398High
<html><head></head><body><h2>Arbitrary code execution via ungated <code>spec.loader.exec_module</code> in <code>agents_generator.py</code> (v4.6.32 chokepoint…
Medium (19 条)
- CVE-2026-47121 - Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta
CVE-2026-47121Medium
## Summary Binary delta apply intermediate-symlink traversal in malicious .delta `Autoupdate/SUBinaryDeltaApply.m` enforces `relativePath.pathComponents… - CVE-2026-47122 - Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections
CVE-2026-47122Medium
## Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. ## Details… - GHSA-qjvr-435c-5fjh - Nerdbank.MessagePack has a memory amplification DoS in collection deserializatio
CVE-2026-21452CVE-2024-48924Medium
Nerdbank.MessagePack deserializers for many collection-shaped types trusted the element count declared in MessagePack array and map headers when allocating… - GHSA-92vj-hp7m-gwcj - Nerdbank.MessagePack has Inefficient CPU Computation Medium
Impact Applications that call `OptionalConverters.WithExpandoObjectConverter` and deserialize untrusted data are open to a vulnerability by which an attacker… - CVE-2026-47180 - zeroconf has unbounded recursion in DNS compression-pointer decoder that allows
CVE-2026-47180Medium
Impact `DNSIncoming._decode_labels_at_offset` recurses once per DNS-name compression pointer (RFC 1035 §4.1.4). Pointer cycles and label counts were capped,… - CVE-2026-47183 - zeroconf: Unbounded exception-dedup state retains packet buffers via traceback f
CVE-2026-47183Medium
Impact `DNSIncoming._log_exception_debug` and the four `QuietLogger` exception-dedup methods stored an unbounded `_seen_logs` dict keyed by… - CVE-2026-47184 - zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion
CVE-2026-47184Medium
Impact `DNSCache._async_add` inserted every response record into `cache`, `_expirations`, `_expire_heap`, and `service_cache` with no cap on entry count. The… - CVE-2026-47212 - Symfony: Twilio SMS Notifier allows unauthenticated webhook injection due to mis
CVE-2026-47212Medium
Description The Twilio SMS notifier bridge ships a webhook request parser used to authenticate and decode the status callbacks Twilio POSTs to an application's…
…另有 11 条 Medium 级漏洞(已省略)
Low (1 条)
- CVE-2026-47203 - Authelia Missing Username Canonicalization in Basic Auth (LDAP)
CVE-2026-47203Low 4.0
Impact **CVSSv4 Baseline Score:** Moderate 6.3 **CVSSv4 Weighted Score:** Low 2.9 The full CVSSv4 Vector for this vulnerability is: >…
🛡️ NVD-Latest(81 条)
Critical (8 条)
- CVE-2026-45312 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0
CVE-2026-45312Critical 9.9
CVE-2026-45312 CVSS:9.9 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt… - CVE-2026-9559 A path traversal vulnerability exists in the campaign import feature of Mautic 7
CVE-2026-9559Critical 9.9
CVE-2026-9559 CVSS:9.9 A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign… - CVE-2026-9558 A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme e
CVE-2026-9558Critical 9.9
CVE-2026-9558 CVSS:9.9 A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates… - CVE-2026-10187 A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by
CVE-2026-10187Critical 9.8
CVE-2026-10187 CVSS:9.8 A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the… - CVE-2018-25412 Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unau
CVE-2018-25412Critical 9.8
CVE-2018-25412 CVSS:9.8 Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by… - CVE-2026-10071 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, al
CVE-2026-10071Critical 9.8
CVE-2026-10071 CVSS:9.8 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and… - CVE-2026-3655 The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulner
CVE-2026-3655Critical 9.8
CVE-2026-3655 CVSS:9.8 The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through… - CVE-2026-8732 The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via A
CVE-2026-8732Critical 9.8
CVE-2026-8732 CVSS:9.8 The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and…
High (73 条)
- CVE-2026-10192 A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element
CVE-2026-10192High 8.8
CVE-2026-10192 CVSS:8.8 A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file… - CVE-2026-10191 A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the funct
CVE-2026-10191High 8.8
CVE-2026-10191 CVSS:8.8 A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This… - CVE-2026-10189 A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability af
CVE-2026-10189High 8.8
CVE-2026-10189 CVSS:8.8 A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file… - CVE-2026-10188 A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgis
CVE-2026-10188High 8.8
CVE-2026-10188 CVSS:8.8 A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a… - CVE-2026-10183 A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the
CVE-2026-10183High 8.8
CVE-2026-10183 CVSS:8.8 A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file… - CVE-2026-10181 A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element i
CVE-2026-10181High 8.8
CVE-2026-10181 CVSS:8.8 A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file… - CVE-2026-10179 A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the fun
CVE-2026-10179High 8.8
CVE-2026-10179 CVSS:8.8 A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file… - CVE-2026-10165 A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is
CVE-2026-10165High 8.8
CVE-2026-10165 CVSS:8.8 A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file… - CVE-2026-10164 A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function for
CVE-2026-10164High 8.8
CVE-2026-10164 CVSS:8.8 A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the… - CVE-2026-10163 A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the
CVE-2026-10163High 8.8
CVE-2026-10163 CVSS:8.8 A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file… - CVE-2026-10162 A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects
CVE-2026-10162High 8.8
CVE-2026-10162 CVSS:8.8 A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file… - CVE-2026-10161 A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the fu
CVE-2026-10161High 8.8
CVE-2026-10161 CVSS:8.8 A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file… - CVE-2026-10160 A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affec
CVE-2026-10160High 8.8
CVE-2026-10160 CVSS:8.8 A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard… - CVE-2026-10159 A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this
CVE-2026-10159High 8.8
CVE-2026-10159 CVSS:8.8 A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file… - CVE-2026-10158 A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is
CVE-2026-10158High 8.8
CVE-2026-10158 CVSS:8.8 A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw.… - CVE-2026-10126 A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this i
CVE-2026-10126High 8.8
CVE-2026-10126 CVSS:8.8 A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file… - CVE-2026-10125 A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulner
CVE-2026-10125High 8.8
CVE-2026-10125 CVSS:8.8 A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file… - CVE-2026-10124 A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the func
CVE-2026-10124High 8.8
CVE-2026-10124 CVSS:8.8 A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of… - CVE-2026-10123 A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the funct
CVE-2026-10123High 8.8
CVE-2026-10123 CVSS:8.8 A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file… - CVE-2026-10122 A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the
CVE-2026-10122High 8.8
CVE-2026-10122 CVSS:8.8 A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file… - CVE-2026-10121 A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is th
CVE-2026-10121High 8.8
CVE-2026-10121 CVSS:8.8 A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file… - CVE-2018-25409 SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authen
CVE-2018-25409High 8.8
CVE-2018-25409 CVSS:8.8 SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by… - CVE-2026-10120 A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected elemen
CVE-2026-10120High 8.8
CVE-2026-10120 CVSS:8.8 A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file… - CVE-2026-10119 A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impac
CVE-2026-10119High 8.8
CVE-2026-10119 CVSS:8.8 A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file… - CVE-2026-7465 The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for W
CVE-2026-7465High 8.8
CVE-2026-7465 CVSS:8.8 The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all… - CVE-2026-45578 WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cl
CVE-2026-45578High 8.8
CVE-2026-45578 CVSS:8.8 WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a classic shell-metacharacter injection. The YPTSocket… - CVE-2025-11993 The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vuln
CVE-2025-11993High 8.8
CVE-2025-11993 CVSS:8.8 The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,… - CVE-2026-48527 HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up
CVE-2026-48527High 8.7
CVE-2026-48527 CVSS:8.7 HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including 26.0.0 are affected by a stored… - CVE-2026-49489 OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirec
CVE-2026-49489High 8.5
CVE-2026-49489 CVSS:8.5 OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows… - CVE-2026-44698 Home Assistant is open source home automation software that puts local control a
CVE-2026-44698High 8.3
CVE-2026-44698 CVSS:8.3 Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and… - CVE-2018-25425 Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticate
CVE-2018-25425High 8.2
CVE-2018-25425 CVSS:8.2 Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25424 Gate Pass Management System 2.1 contains an SQL injection vulnerability that all
CVE-2018-25424High 8.2
CVE-2018-25424 CVSS:8.2 Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication… - CVE-2018-25422 MOGG web simulator Script contains an SQL injection vulnerability that allows un
CVE-2018-25422High 8.2
CVE-2018-25422 CVSS:8.2 MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL… - CVE-2018-25420 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25420High 8.2
CVE-2018-25420 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25419 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25419High 8.2
CVE-2018-25419 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25418 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25418High 8.2
CVE-2018-25418 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25417 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25417High 8.2
CVE-2018-25417 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25416 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25416High 8.2
CVE-2018-25416 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25415 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25415High 8.2
CVE-2018-25415 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25414 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25414High 8.2
CVE-2018-25414 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25413 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthen
CVE-2018-25413High 8.2
CVE-2018-25413 CVSS:8.2 AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by… - CVE-2018-25411 MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that al
CVE-2018-25411High 8.2
CVE-2018-25411 CVSS:8.2 MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL… - CVE-2018-25407 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow
CVE-2018-25407High 8.2
CVE-2018-25407 CVSS:8.2 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL… - CVE-2018-25406 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow
CVE-2018-25406High 8.2
CVE-2018-25406 CVSS:8.2 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL… - CVE-2018-25405 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow
CVE-2018-25405High 8.2
CVE-2018-25405 CVSS:8.2 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL… - CVE-2026-46510 form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-obje
CVE-2026-46510High 8.2
CVE-2026-46510 CVSS:8.2 form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys (e.g.… - CVE-2026-45615 mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulne
CVE-2026-45615High 8.2
CVE-2026-45615 CVSS:8.2 mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton… - CVE-2026-49490 OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid
CVE-2026-49490High 8.1
CVE-2026-49490 CVSS:8.1 OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to… - CVE-2026-45707 n8n-MCP is an MCP server that provides AI assistants access to n8n node document
CVE-2026-45707High 8.1
CVE-2026-45707 CVSS:8.1 n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2,… - CVE-2026-6075 The Media Library Assistant plugin for WordPress is vulnerable to Cross-Site Req
CVE-2026-6075High 8.1
CVE-2026-6075 CVSS:8.1 The Media Library Assistant plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.35 This… - CVE-2026-45555 Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code
CVE-2026-45555High 7.8
CVE-2026-45555 CVSS:7.8 Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code intelligence for .NET codebases. From 0.0.9 to 1.17.0,… - CVE-2026-42965 A flaw was found in the OpenShift Router. A user with EndpointSlice write access
CVE-2026-42965High 7.7
CVE-2026-42965 CVSS:7.7 A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service… - CVE-2026-9809 A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects compone
CVE-2026-9809High 7.6
CVE-2026-9809 CVSS:7.6 A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects component of Mautic 7. When displaying project tags and… - CVE-2018-25426 WinMTR 0.91 contains a denial of service vulnerability that allows attackers to
CVE-2018-25426High 7.5
CVE-2018-25426 CVSS:7.5 WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload… - CVE-2018-25408 The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/
CVE-2018-25408High 7.5
CVE-2018-25408 CVSS:7.5 The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/download.php endpoint that allows unauthenticated… - CVE-2026-9757 The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlat
CVE-2026-9757High 7.5
CVE-2026-9757 CVSS:7.5 The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to,… - CVE-2026-7459 The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPres
CVE-2026-7459High 7.5
CVE-2026-7459 CVSS:7.5 The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated (Subscriber+) account… - CVE-2026-10073 DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allo
CVE-2026-10073High 7.5
CVE-2026-10073 CVSS:7.5 DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit… - CVE-2026-10056 CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before ver
CVE-2026-10056High 7.5
CVE-2026-10056 CVSS:7.5 CORS misconfiguration in the REST API of Network Optix Nx Witness VMS before version 6.1.2, when running in the default Standard… - CVE-2026-46579 A flaw was found in the OpenShift Router. When a Route has `insecureEdgeTerminat
CVE-2026-46579High 7.4
CVE-2026-46579 CVSS:7.4 A flaw was found in the OpenShift Router. When a Route has `insecureEdgeTerminationPolicy` set to Allow, the HTTP frontend does not… - CVE-2026-10186 A security vulnerability has been detected in code-projects Online Hospital Mana
CVE-2026-10186High 7.3
CVE-2026-10186 CVSS:7.3 A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an… - CVE-2026-10185 A weakness has been identified in SourceCodester Hospitals Patient Records Manag
CVE-2026-10185High 7.3
CVE-2026-10185 CVSS:7.3 A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of… - CVE-2026-10184 A security flaw has been discovered in SourceCodester Hospitals Patient Records
CVE-2026-10184High 7.3
CVE-2026-10184 CVSS:7.3 A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function… - CVE-2026-10178 A vulnerability was detected in code-projects Online Music Site 1.0. This vulner
CVE-2026-10178High 7.3
CVE-2026-10178 CVSS:7.3 A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file… - CVE-2026-10167 A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Manage
CVE-2026-10167High 7.3
CVE-2026-10167 CVSS:7.3 A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to… - CVE-2026-10157 A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown f
CVE-2026-10157High 7.3
CVE-2026-10157 CVSS:7.3 A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the… - CVE-2026-10111 A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts a
CVE-2026-10111High 7.3
CVE-2026-10111 CVSS:7.3 A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page.… - CVE-2026-10110 A vulnerability was detected in code-projects Student Details Management System
CVE-2026-10110High 7.3
CVE-2026-10110 CVSS:7.3 A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file… - CVE-2026-10072 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, al
CVE-2026-10072High 7.2
CVE-2026-10072 CVSS:7.2 DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and… - CVE-2025-11262 The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Sc
CVE-2025-11262High 7.2
CVE-2025-11262 CVSS:7.2 The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up… - CVE-2018-25410 SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated
CVE-2018-25410High 7.1
CVE-2018-25410 CVSS:7.1 SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting… - CVE-2026-9808 An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints (u
CVE-2026-9808High 7.1
CVE-2026-9808 CVSS:7.1 An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints (utilizing API Platform). Under certain conditions, roles… - CVE-2026-4776 An SQL injection vulnerability exists in Mautic's API contact filtering mechanis
CVE-2026-4776High 7.1
CVE-2026-4776 CVSS:7.1 An SQL injection vulnerability exists in Mautic's API contact filtering mechanism. Due to insufficient recursive sanitization of nested…
⚔️ Sploitus(85 条)
Unknown (85 条)
- Software-Security-Exploits exploit
Software-Security-Exploits exploit - Exploit for Missing Authentication for Critical Function in Mcpjam Inspector exploit
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector exploit
…另有 83 条 Unknown 级漏洞(已省略)
🤖 漏洞情报自动汇总 · 2026-06-01 · 数据来源: NVD / GitHub Advisory / Sploitus / CISA-KEV