📊 2026-06-09 漏洞情报日报 · 200 条 · 高危 99
每日漏洞情报汇总 · 2026-06-09
📊 2026-06-09 漏洞情报日报
📋 共 200 条
🔥 高危/严重 99 条
🚨 CISA-KEV 2 条
💣 Exploit-DB-RSS 1 条
🐙 GitHub-Advisory 31 条 🔥20
🛡️ NVD-Latest 79 条 🔥79
⚔️ Sploitus 87 条
🤖 今日安全态势分析
🎯 今日重点关注
- CVE-2026-45034 (Critical) - PHPSpreadsheet 路径遍历/Wrapper绕过: 攻击者可利用绕过补丁的方式,通过构造的输入文件触发
phar://或php://等流包装器,实现远程代码执行或文件读取。影响广泛使用的PHPExcel/Spreadsheet库,无需特殊权限即可触发。 - CVE-2026-49777 (CVSS 10.0) - WooCommerce Product Slider Pro 恶意软件植入: 未经身份验证的攻击者可通过未验证的输入字段,在服务器上植入恶意软件。影响所有使用该插件的WordPress站点,利用条件极低,危害极大。
- CVE-2026-47724 (Critical) - nebula-mesh 跨运营商授权缺失: API端点仅依赖Bearer Token进行鉴权,缺乏资源所有者检查,攻击者可利用窃取或伪造的Token访问任意用户的配置和数据,导致大规模横向移动和数据泄露。
- CVE-2026-7762 / CVE-2026-7763 (CVSS 9.8) - Morse Micro HaLow Wi-Fi 驱动堆缓冲区溢出: 在无线信号范围内的未认证攻击者,可通过发送特制的HaLow帧触发内核驱动中的堆缓冲区溢出,导致拒绝服务或潜在的远程代码执行。影响物联网和工业无线设备。
- CVE-2026-11499 (CVSS 9.8) - Tenda HG7/HG9/HG10 路由器栈溢出: 通过操控
/boaform/formDOMAINBLK接口的blkDomain参数,未经身份验证的攻击者(通常通过WAN口)可导致栈溢出,实现远程代码执行,直接控制路由器。
📈 威胁趋势
- 远程代码执行(RCE)与文件上传: 今日在WordPress生态中集中爆发,包括Theme Travelscape、Background Image Cropper、Seotheme及Product Slider Pro等多个插件/主题存在未授权文件上传漏洞。攻击者可上传Webshell直接控制服务器。
- 拒绝服务(DoS): 主要围绕Netty框架(CVE-2026-44249, 44250, 44890, 44892),涉及Redis协议解析、内存管理不善及IPv6过滤绕过导致的资源耗尽。同时Morse Micro的Wi-Fi驱动漏洞也可导致设备崩溃。
- 权限提升与身份验证绕过: nebula-mesh的API授权缺失(CVE-2026-47724)以及DTS Redline WR3200路由器的未认证访问(CVE-2026-6274),显示了网络设备和微服务间常见的“Token信任”与“垂直权限”缺失问题。
- 供应链与库漏洞: PHPSpreadsheet的补丁绕过(CVE-2026-45034)表明,针对流行库的漏洞利用链在补丁后仍可能被绕过,静态检查机制(如
parse_url)存在被规避的风险。
🛡️ 缓解建议
- 紧急更新与打补丁: 立即升级PHPSpreadsheet至完全修复CVE-2026-45034的版本;升级Netty至最新稳定版以修复多个DoS漏洞;更新Morse Micro HaLowLink固件至2.11.13及以上版本。
- 禁用非必要功能与端点: 在WordPress环境中,禁用或删除存在漏洞的插件(如Product Slider Pro, Background Image Cropper)直至官方修复;在nebula-mesh中启用细粒度的基于CA的权限校验,并审计已暴露的
/api/v1/*端点。 - 加强输入验证与访问控制: 对所有存在上传功能的接口实施严格的文件类型和内容验证;对Tenda等路由器执行默认口令修改,并关闭不必要的WAN口管理服务(如HTTP/HTTPS管理界面)。
- 网络分段与监控: 针对Morse Micro Wi-Fi漏洞,在关键区域部署无线入侵检测,并考虑对HaLow网络进行隔离;部署WAF规则以检测针对PHPSpreadsheet的恶意文件上传及Netty协议的异常慢速或嵌套请求。
🚨 CISA-KEV(2 条)
Unknown (2 条)
- CVE-2026-50751 - Check Point Security Gateway Improper Authentication Vulnerability
CVE-2026-50751
CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability 产品: Check Point Security Gateway 描述: Check Point Security Gateway contains an… - CVE-2026-42271 - BerriAI LiteLLM Command Injection Vulnerability
CVE-2026-42271
CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability 产品: BerriAI LiteLLM 描述: BerriAI LiteLLM contains a command injection vulnerability that could…
💣 Exploit-DB-RSS(1 条)
Unknown (1 条)
- [webapps] OpenEMR 7.0.2 - Arbitrary File Read
CVE-2026-24849
# Exploit Title: OpenEMR 7.0.2 - Arbitrary File Read # Google Dork: intitle:"OpenEMR" inurl:"interface/login/login.php" # Date: 2026-06-06 # Exploit Author:…
🐙 GitHub-Advisory(31 条)
Critical (3 条)
- CVE-2026-45034 - PHPSpreadsheet has a patch bypass for CVE-2026-34084
CVE-2026-45034Critical
## Summary CVE-2026-34084 was patched by the helper `File::prohibitWrappers`. The helper calls `parse_url($filename, PHP_URL_SCHEME)` and then checks… - CVE-2026-47252 - Anyquery: AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugi
CVE-2026-47252Critical
# AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin | Field | Value | | ---------------- | ----- | | Repository |… - CVE-2026-47724 - nebula-mesh: API endpoints lack ownership checks, enabling cross-operator privil
CVE-2026-47724Critical
The `/api/v1/*` route surface trusts the bearer token alone for authorisation on most endpoints. The codebase itself admits this at…
High (17 条)
- CVE-2026-44249 - Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
CVE-2026-44249High
Summary An attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Valid public IP addresses can bypass… - CVE-2026-44250 - Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays
CVE-2026-44250High
Summary An attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive number of state… - CVE-2026-44890 - Netty has Unbounded Direct Memory Consumption in its RedisDecoder
CVE-2026-44890High
Summary An attacker can cause DoS by sending crafted Redis payloads across multiple connections without `\r\n`. This exhausts the server's direct memory pool… - CVE-2026-44892 - Netty has a Vulnerable Default Configuration Which Leads to Denial of Service vi
CVE-2026-44892High
Summary The default configuration of the `Http3ConnectionHandler` in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not… - CVE-2026-44893 - Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length
CVE-2026-44893High
When decoding a PP2_TYPE_SSL TLV, HAProxyMessage.readNextTLV() first calls `header.retainedSlice(header.readerIndex(), length)` and only then reads the 1-byte… - CVE-2026-44894 - Netty's Default QUIC token handler accepts any client-supplied token
CVE-2026-44894High
NoQuicTokenHandler is the tokenHandler used when the application does not set one. Its writeToken() returns false (server will not send Retry — acceptable),… - CVE-2026-45416 - Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
CVE-2026-45416High
SslClientHelloHandler.decode() reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates… - CVE-2026-45674 - Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Re
CVE-2026-45674High
Summary Netty's DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Details In… - CVE-2026-46340 - Netty: SCTP reassembly nests buffers without bound
CVE-2026-46340High
For each non-complete SctpMessage fragment the handler does `fragments.put(streamId, Unpooled.wrappedBuffer(frag, byteBuf))`, wrapping the previous accumulator… - CVE-2026-47691 - Netty has Insufficient Bailiwick Validation for NS Records
CVE-2026-47691High
Summary Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an… - CVE-2026-47719 - FUXA: Unauthenticated SSRF via Socket.IO DEVICE_WEBAPI_REQUEST and DEVICE_PROPER
CVE-2026-47719High
## Summary An unauthenticated attacker (Alice) connects to FUXA's Socket.IO endpoint and emits a `device-webapi-request` event whose `property.address` field… - CVE-2026-47722 - nebula-mesh: Host advanced overrides allow YAML injection into agent config.yml
CVE-2026-47722High
`internal/configgen/generator.go:86,108,119` interpolates the operator-supplied `ListenHost` and `TunDevice` fields raw into a `text/template` that produces… - CVE-2026-47723 - nebula-mesh: Web UI and API responses lack security headers (CSP, X-Frame-Option
CVE-2026-47723High
None of the response paths in `internal/web/` or `internal/api/` set the standard browser-security headers. `grep` for `Content-Security-Policy`,… - CVE-2026-47725 - nebula-mesh's web UI lacks CSRF tokens on /ui/* mutating endpoints
CVE-2026-47725High
Every `/ui/*` POST / PUT / PATCH / DELETE route processes the request as soon as the session cookie validates. `SameSite=Lax` on the session cookie prevents… - CVE-2026-47726 - nebula-mesh: GET /api/v1/audit-log discloses all entries to any operator
CVE-2026-47726High
`internal/api/audit.go:12` — `handleGetAuditLog` does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via… - CVE-2026-47735 - Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that
CVE-2026-47735High
Summary Arc's user-SQL validator (`internal/api/query.go:ValidateSQLRequest`) blocked only `read_parquet(` and `arc_partition_agg(` via regex denylist. The… - CVE-2026-47736 - Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion
CVE-2026-47736High
Impact [PROXY protocol support for Puma](https://github.com/puma/puma/issues/2651) was added in version 5.5.0. When PROXY protocol v1 support is enabled, Puma…
Medium (10 条)
- CVE-2026-47720 - FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of esc
CVE-2026-47720Medium 3.1
## Summary The TDengine DAQ storage connector's `escapeTdString` at `server/runtime/storage/tdengine/index.js:10` doubles single quotes but does not escape… - CVE-2026-47721 - FUXA's scheduler API missing admin check enables operator-to-admin escalation vi
CVE-2026-47721Medium 3.1
## Summary An authorization issue in the Scheduler API allowed authenticated non-admin users to create or modify scheduled actions that should be restricted to… - CVE-2026-39922 - GeoNode contains a server-side request forgery vulnerability in the service regi
CVE-2026-39922Medium
GeoNode versions 4.4.5 and 5.0.2 (and prior within their respective releases) contain a server-side request forgery vulnerability in the service registration… - CVE-2026-41479 - Authlib OAuth 2.0 has Open Redirect in Authorization API that allows attacker-co
CVE-2026-41479Medium
Summary Authlib's OAuth 2.0 authorization endpoint can be turned into an unauthenticated open redirect when a request uses an unsupported response_type and… - CVE-2026-42890 - actual Allows Electron to Run As Node
CVE-2026-42890Medium
## Summary A electron run as node vulnerability was identified in `actual` (macOS application, version `25.x (Electron 39.2.7)`). **Vulnerability Type:**… - CVE-2026-45536 - Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
CVE-2026-45536Medium
netty_unix_socket_recvFd sets msg_control to `char control[CMSG_SPACE(sizeof(int))]` (line 940) — 24 bytes on 64-bit Linux. A peer-sent SCM_RIGHTS cmsg… - CVE-2026-45673 - Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Por
CVE-2026-45673Medium
Summary Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the… - CVE-2026-47244 - Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced
CVE-2026-47244Medium
Impact DefaultHttp2Connection.DefaultEndpoint initialises maxActiveStreams/maxStreams to Integer.MAX_VALUE, and Http2Settings never inserts…
…另有 2 条 Medium 级漏洞(已省略)
Low (1 条)
- CVE-2026-47712 - Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`
CVE-2026-47712Low
Impact dulwich.porcelain.format_patch(outdir=...) derives each patch filename from the commit's subject line. Prior to this fix, get_summary only replaced…
🛡️ NVD-Latest(79 条)
Critical (12 条)
- CVE-2026-49777 Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin
CVE-2026-49777Critical 10.0
CVE-2026-49777 CVSS:10.0 Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows… - CVE-2026-11499 A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This
CVE-2026-11499Critical 9.8
CVE-2026-11499 CVSS:9.8 A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file… - CVE-2024-58349 WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerabilit
CVE-2024-58349Critical 9.8
CVE-2024-58349 CVSS:9.8 WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload… - CVE-2024-58348 WordPress Background Image Cropper version 1.2 contains a remote code execution
CVE-2024-58348Critical 9.8
CVE-2024-58348 CVSS:9.8 WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to… - CVE-2023-54352 WordPress Seotheme contains a remote code execution vulnerability that allows un
CVE-2023-54352Critical 9.8
CVE-2023-54352 CVSS:9.8 WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code… - CVE-2026-6274 Improper Authentication, Missing authentication for critical function, Weak Auth
CVE-2026-6274Critical 9.8
CVE-2026-6274 CVSS:9.8 Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and… - CVE-2026-7763 A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel dr
CVE-2026-7763Critical 9.8
CVE-2026-7763 CVSS:9.8 A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior… - CVE-2026-7762 A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel
CVE-2026-7762Critical 9.8
CVE-2026-7762 CVSS:9.8 A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions… - CVE-2026-11293 Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote
CVE-2026-11293Critical 9.6
CVE-2026-11293 CVSS:9.6 Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a… - CVE-2026-11282 Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 14
CVE-2026-11282Critical 9.6
CVE-2026-11282 CVSS:9.6 Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially… - CVE-2026-11250 Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53
CVE-2026-11250Critical 9.6
CVE-2026-11250 CVSS:9.6 Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the… - CVE-2026-50751 A logic flow weakness in Remote Access and Mobile Access certificate validation
CVE-2026-50751Critical 9.3
CVE-2026-50751 CVSS:9.3 A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an…
High (67 条)
- CVE-2026-11517 A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impac
CVE-2026-11517High 8.8
CVE-2026-11517 CVSS:8.8 A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file… - CVE-2026-11504 A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is
CVE-2026-11504High 8.8
CVE-2026-11504 CVSS:8.8 A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file… - CVE-2026-11503 A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affec
CVE-2026-11503High 8.8
CVE-2026-11503 CVSS:8.8 A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function form_fast_setting_wifi_set… - CVE-2026-11498 A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected b
CVE-2026-11498High 8.8
CVE-2026-11498 CVSS:8.8 A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected by this issue is the function asp_voip_OtherSet of the… - CVE-2026-11413 A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3
CVE-2026-11413High 8.8
CVE-2026-11413 CVSS:8.8 A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function… - CVE-2026-11307 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remot
CVE-2026-11307High 8.8
CVE-2026-11307 CVSS:8.8 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox… - CVE-2026-11306 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remot
CVE-2026-11306High 8.8
CVE-2026-11306 CVSS:8.8 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox… - CVE-2026-11305 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remot
CVE-2026-11305High 8.8
CVE-2026-11305 CVSS:8.8 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox… - CVE-2026-11304 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remot
CVE-2026-11304High 8.8
CVE-2026-11304 CVSS:8.8 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a… - CVE-2026-11303 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remot
CVE-2026-11303High 8.8
CVE-2026-11303 CVSS:8.8 Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox… - CVE-2026-11301 Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827
CVE-2026-11301High 8.8
CVE-2026-11301 CVSS:8.8 Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform… - CVE-2026-11295 Inappropriate implementation in WebView in Google Chrome on Android prior to 149
CVE-2026-11295High 8.8
CVE-2026-11295 CVSS:8.8 Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform… - CVE-2026-11279 Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a
CVE-2026-11279High 8.8
CVE-2026-11279 CVSS:8.8 Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a… - CVE-2026-11272 Insufficient validation of untrusted input in Reading List in Google Chrome on i
CVE-2026-11272High 8.8
CVE-2026-11272 CVSS:8.8 Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who… - CVE-2026-11262 Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a rem
CVE-2026-11262High 8.8
CVE-2026-11262 CVSS:8.8 Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted… - CVE-2026-11248 Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827
CVE-2026-11248High 8.8
CVE-2026-11248 CVSS:8.8 Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation… - CVE-2026-26422 clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading
CVE-2026-26422High 8.4
CVE-2026-26422 CVSS:8.4 clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation. 产品: - CVE-2026-11256 Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote
CVE-2026-11256High 8.3
CVE-2026-11256 CVSS:8.3 Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to… - CVE-2026-41724 VMware Cloud Foundation Operations contains multiple stored cross-site scripting
CVE-2026-41724High 8.0
CVE-2026-41724 CVSS:8.0 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to… - CVE-2026-41723 VMware Cloud Foundation Operations contains multiple stored cross-site scripting
CVE-2026-41723High 8.0
CVE-2026-41723 CVSS:8.0 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to… - CVE-2026-41722 VMware Cloud Foundation Operations contains multiple stored cross-site scripting
CVE-2026-41722High 8.0
CVE-2026-41722 CVSS:8.0 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to… - CVE-2026-11241 Insufficient validation of untrusted input in Cast in Google Chrome prior to 149
CVE-2026-11241High 8.0
CVE-2026-11241 CVSS:8.0 Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network… - CVE-2026-11332 A flaw was found in ansible-core. The ansible-galaxy role install command proces
CVE-2026-11332High 7.8
CVE-2026-11332 CVSS:7.8 A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's… - CVE-2026-11297 Insufficient validation of untrusted input in Reader Mode in Google Chrome on An
CVE-2026-11297High 7.7
CVE-2026-11297 CVSS:7.7 Insufficient validation of untrusted input in Reader Mode in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker… - CVE-2026-3238 A flaw was found in Samba’s WINS server component when running as an Active Dire
CVE-2026-3238High 7.5
CVE-2026-3238 CVSS:7.5 A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for… - CVE-2023-54350 WordPress Augmented-Reality plugin contains a remote code execution vulnerabilit
CVE-2023-54350High 7.5
CVE-2023-54350 CVSS:7.5 WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated… - CVE-2026-49494 Comodo Internet Security's firewall driver Inspect.sys contains an integer under
CVE-2026-49494High 7.5
CVE-2026-49494 CVSS:7.5 Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements… - CVE-2026-9290 The WP User Manager – User Profile Builder & Membership plugin for WordPress is
CVE-2026-9290High 7.5
CVE-2026-9290 CVSS:7.5 The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up… - CVE-2026-11296 Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.782
CVE-2026-11296High 7.5
CVE-2026-11296 CVSS:7.5 Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the… - CVE-2026-11265 Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53
CVE-2026-11265High 7.5
CVE-2026-11265 CVSS:7.5 Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data… - CVE-2026-11255 Insufficient validation of untrusted input in Storage Access API in Google Chrom
CVE-2026-11255High 7.5
CVE-2026-11255 CVSS:7.5 Insufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who… - CVE-2026-11242 Insufficient validation of untrusted input in Plugins in Google Chrome prior to
CVE-2026-11242High 7.5
CVE-2026-11242 CVSS:7.5 Insufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had… - CVE-2026-11239 Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.
CVE-2026-11239High 7.5
CVE-2026-11239 CVSS:7.5 Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the… - CVE-2026-50752 A weakness in the certificate validation logic of the deprecated IKEv1 key excha
CVE-2026-50752High 7.4
CVE-2026-50752 CVSS:7.4 A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as… - CVE-2026-11501 A security flaw has been discovered in SourceCodester Hospitals Patient Records
CVE-2026-11501High 7.3
CVE-2026-11501 CVSS:7.3 A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown… - CVE-2026-11490 A vulnerability was determined in code-projects Online Music Site 1.0. This issu
CVE-2026-11490High 7.3
CVE-2026-11490 CVSS:7.3 A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file… - CVE-2026-11489 A vulnerability was found in code-projects Online Music Site 1.0. This vulnerabi
CVE-2026-11489High 7.3
CVE-2026-11489 CVSS:7.3 A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file… - CVE-2026-11488 A vulnerability has been found in code-projects Simple Flight Ticket Booking Sys
CVE-2026-11488High 7.3
CVE-2026-11488 CVSS:7.3 A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file… - CVE-2026-11486 A vulnerability was detected in SourceCodester Class and Exam Timetabling System
CVE-2026-11486High 7.3
CVE-2026-11486 CVSS:7.3 A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown… - CVE-2026-11485 A security vulnerability has been detected in SourceCodester Class and Exam Time
CVE-2026-11485High 7.3
CVE-2026-11485 CVSS:7.3 A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of… - CVE-2026-11484 A weakness has been identified in SourceCodester Class and Exam Timetabling Syst
CVE-2026-11484High 7.3
CVE-2026-11484 CVSS:7.3 A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file… - CVE-2026-11483 A security flaw has been discovered in SourceCodester Class and Exam Timetabling
CVE-2026-11483High 7.3
CVE-2026-11483 CVSS:7.3 A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the… - CVE-2026-11482 A vulnerability was identified in SourceCodester Class and Exam Timetabling Syst
CVE-2026-11482High 7.3
CVE-2026-11482 CVSS:7.3 A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of… - CVE-2026-11474 A security flaw has been discovered in Kushan2k student-management-system up to
CVE-2026-11474High 7.3
CVE-2026-11474 CVSS:7.3 A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is… - CVE-2026-11472 A vulnerability was determined in SourceCodester Class and Exam Timetabling Syst
CVE-2026-11472High 7.3
CVE-2026-11472 CVSS:7.3 A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file… - CVE-2026-11471 A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.
CVE-2026-11471High 7.3
CVE-2026-11471 CVSS:7.3 A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the… - CVE-2026-11463 A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unk
CVE-2026-11463High 7.3
CVE-2026-11463 CVSS:7.3 A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler.… - CVE-2026-11462 A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up t
CVE-2026-11462High 7.3
CVE-2026-11462 CVSS:7.3 A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the… - CVE-2026-11460 A flaw has been found in Boost Serialization up to 1.91. The impacted element is
CVE-2026-11460High 7.3
CVE-2026-11460 CVSS:7.3 A flaw has been found in Boost Serialization up to 1.91. The impacted element is an unknown function. This manipulation causes improper… - CVE-2026-11457 A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d44
CVE-2026-11457High 7.3
CVE-2026-11457 CVSS:7.3 A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects… - CVE-2026-11456 A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part
CVE-2026-11456High 7.3
CVE-2026-11456 CVSS:7.3 A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxf_dump_systable.php of the… - CVE-2026-11452 A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the
CVE-2026-11452High 7.3
CVE-2026-11452 CVSS:7.3 A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN_0042e200 of the file /cgi-bin/glc of the… - CVE-2026-11451 A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snpr
CVE-2026-11451High 7.3
CVE-2026-11451 CVSS:7.3 A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP… - CVE-2026-11450 A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the functi
CVE-2026-11450High 7.3
CVE-2026-11450 CVSS:7.3 A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the… - CVE-2026-11437 A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the fun
CVE-2026-11437High 7.3
CVE-2026-11437 CVSS:7.3 A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of… - CVE-2026-11435 A security vulnerability has been detected in Jinher OA 1.0. This affects an unk
CVE-2026-11435High 7.3
CVE-2026-11435 CVSS:7.3 A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx. Such… - CVE-2026-50593 Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds writ
CVE-2026-50593High 7.3
CVE-2026-50593 CVSS:7.3 Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure… - CVE-2026-10877 A security vulnerability has been detected in SourceCodester Ship Ferry Ticket R
CVE-2026-10877High 7.3
CVE-2026-10877 CVSS:7.3 A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown… - CVE-2026-11577 A flaw was found in Keycloak. A limited administrator can exploit an improper ac
CVE-2026-11577High 7.2
CVE-2026-11577 CVSS:7.2 A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST… - CVE-2023-54351 WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnera
CVE-2023-54351High 7.2
CVE-2023-54351 CVSS:7.2 WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject… - CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation v
CVE-2026-9851High 7.2
CVE-2026-9851 CVSS:7.2 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in versions up to, and including,… - CVE-2026-7537 The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File U
CVE-2026-7537High 7.2
CVE-2026-7537 CVSS:7.2 The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7.8.3 via… - CVE-2026-8901 The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity For
CVE-2026-8901High 7.2
CVE-2026-8901 CVSS:7.2 The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress is vulnerable to Stored… - CVE-2026-8438 The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is v
CVE-2026-8438High 7.2
CVE-2026-8438 CVSS:7.2 The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up… - CVE-2026-41567 Moby is an open source container framework. In versions prior to 29.5.1 and in m
CVE-2026-41567High 7.2
CVE-2026-41567 CVSS:7.2 Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed… - CVE-2026-10586 The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns pl
CVE-2026-10586High 7.2
CVE-2026-10586 CVSS:7.2 The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request… - CVE-2026-11269 Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.
CVE-2026-11269High 7.1
CVE-2026-11269 CVSS:7.1 Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position…
⚔️ Sploitus(87 条)
Unknown (87 条)
- coruna-postexploit exploit
coruna-postexploit exploit - Exploit for CVE-2026-43512 exploit
CVE-2026-43512
Exploit for CVE-2026-43512 exploit
…另有 85 条 Unknown 级漏洞(已省略)
🤖 漏洞情报自动汇总 · 2026-06-09 · 数据来源: NVD / GitHub Advisory / Sploitus / CISA-KEV