📊 2026-06-10 漏洞情报日报 · 200 条 · 高危 79
每日漏洞情报汇总 · 2026-06-10
📊 2026-06-10 漏洞情报日报
📋 共 200 条
🔥 高危/严重 79 条
🚨 CISA-KEV 5 条
💣 Exploit-DB-RSS 1 条
🐙 GitHub-Advisory 42 条 🔥26
🛡️ NVD-Latest 53 条 🔥53
⚔️ Sploitus 99 条
🤖 今日安全态势分析
🎯 今日重点关注
- CVE-2026-8467 (PhoenixStorybook):未授权远程代码执行。攻击者通过WebSocket发送恶意HEEx模板属性值,可直接在服务器执行任意代码,危害极大。
- CVE-2026-48030 (Pheditor):OS命令注入。已认证用户可通过不受信任的'dir'参数注入shell元字符,完全绕过终端命令限制,获取服务器控制权。
- CVE-2026-11499 (Tenda HG系列路由器):堆栈缓冲区溢出。攻击者通过操纵formDOMAINBLK函数的blkDomain参数触发,CVSS评分高达9.8,可能导致设备完全沦陷。
- CVE-2026-47724 (nebula-mesh):API缺乏所有权检查。API仅依赖Bearer Token鉴权,未对跨操作者资源进行隔离,可导致越权访问和控制其他用户的资源。
- CVE-2026-50751 (VPN产品):认证绕过。由于IKEv1密钥交换中证书验证逻辑缺陷,未授权远程攻击者可建立VPN会话,绕过用户身份验证。
📈 威胁趋势
- 远程代码执行 (RCE):最突出的威胁类型。涉及PhoenixStorybook (HEEx模板注入)、WordPress多款主题插件(任意文件上传)、Tenda路由器(缓冲区溢出)。攻击面覆盖Web应用、设备固件和动态模板。
- 命令注入:在Pheditor终端处理程序和anyquery的AppleScript/JXA插件中集中爆发,表明对用户输入隔离不足仍是常见问题。
- 权限提升/绕过:nebula-mesh的API鉴权缺陷与VPN产品的IKEv1认证绕过,均暴露了信任模型设计缺陷,威胁多租户环境安全。
- 逻辑/数据篡改:PhoenixStorybook中的无界原子创建(CVE-2026-8469)可导致BEAM节点拒绝服务;PHPSpreadsheet的补丁绕过允许流包装器攻击。
🛡️ 缓解建议
- 紧急更新与补丁:立即将PhoenixStorybook、Pheditor、shell-quote、anyquery等软件升级至最新修复版本;针对Tenda路由器,建议限制管理界面公网暴露或检查厂商固件更新。
- 输入验证与最小权限:对所有用户输入(尤其是WebSocket、POST参数和文件上传)实施严格的输入验证和消毒;确认nebula-mesh等API已开启细粒度的所有权校验。
- 加固网络边界:禁用不安全的IKEv1协议,转向IKEv2;对Puma服务器禁用PROXY协议v1或限制在可信网络中使用,防止源IP欺骗。
- 监控与检测:重点监控异常WebSocket连接、/boaform路径的访问以及PHP文件上传行为;启用WAF规则以拦截常见命令注入和模板注入尝试。
🚨 CISA-KEV(5 条)
Unknown (5 条)
- CVE-2026-20245 - Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
CVE-2026-20245
CVE-2026-20245 Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability 产品: Cisco Catalyst SD-WAN Manager 描述: Cisco Catalyst SD-WAN… - CVE-2026-7473 - Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
CVE-2026-7473
CVE-2026-7473 Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability 产品: Arista Extensible Operating System 描述: Arista…
…另有 3 条 Unknown 级漏洞(已省略)
💣 Exploit-DB-RSS(1 条)
Unknown (1 条)
- [webapps] OpenEMR 7.0.2 - Arbitrary File Read
CVE-2026-24849
# Exploit Title: OpenEMR 7.0.2 - Arbitrary File Read # Google Dork: intitle:"OpenEMR" inurl:"interface/login/login.php" # Date: 2026-06-06 # Exploit Author:…
🐙 GitHub-Advisory(42 条)
Critical (6 条)
- CVE-2026-9277 - shell-quote quote() does not escape newlines in object .op values
CVE-2026-9277Critical
Summary `shell-quote`'s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was… - CVE-2026-8467 - PhoenixStorybook: Unauthenticated remote code execution via HEEx template inject
CVE-2026-8467Critical
Summary An unsafe HEEx template generation vulnerability allows any unauthenticated user to execute arbitrary code on the server. The phoenix_storybook… - CVE-2026-48030 - Pheditor: OS Command Injection in terminal handler via unsanitized 'dir' paramet
CVE-2026-48030Critical
Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell… - CVE-2026-45034 - PHPSpreadsheet has a patch bypass for CVE-2026-34084
CVE-2026-45034Critical
## Summary CVE-2026-34084 was patched by the helper `File::prohibitWrappers`. The helper calls `parse_url($filename, PHP_URL_SCHEME)` and then checks… - CVE-2026-47252 - Anyquery: AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugi
CVE-2026-47252Critical
# AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin | Field | Value | | ---------------- | ----- | | Repository |… - CVE-2026-47724 - nebula-mesh: API endpoints lack ownership checks, enabling cross-operator privil
CVE-2026-47724Critical
The `/api/v1/*` route surface trusts the bearer token alone for authorisation on most endpoints. The codebase itself admits this at…
High (20 条)
- CVE-2026-47737 - Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connectio
CVE-2026-47737High
Impact Puma is vulnerable to source IP spoofing when `set_remote_address proxy_protocol: :v1` is enabled and persistent connections are used. PROXY protocol v1… - CVE-2026-8469 - PhoenixStorybook: Unbounded atom creation from LiveView event params (atom-table
CVE-2026-8469High
Summary An attacker who can deliver `psb-assign`, `psb-toggle`, `psb-set-theme`, `upper-tab-navigation`, `lower-tab-navigation`, `playground-change`, or… - GHSA-7qjx-gp9h-65qj - Dex: Token-exchange endpoint is missing AllowedConnectors enforcement High
## Summary `server/handlers.go::handleTokenExchange` (lines 1804-1893) does not call `isConnectorAllowed(client.AllowedConnectors, connID)` before issuing… - CVE-2026-44249 - Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
CVE-2026-44249High
Summary An attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Valid public IP addresses can bypass… - CVE-2026-44250 - Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays
CVE-2026-44250High
Summary An attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive number of state… - CVE-2026-44890 - Netty has Unbounded Direct Memory Consumption in its RedisDecoder
CVE-2026-44890High
Summary An attacker can cause DoS by sending crafted Redis payloads across multiple connections without `\r\n`. This exhausts the server's direct memory pool… - CVE-2026-44892 - Netty has a Vulnerable Default Configuration Which Leads to Denial of Service vi
CVE-2026-44892High
Summary The default configuration of the `Http3ConnectionHandler` in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not… - CVE-2026-44893 - Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length
CVE-2026-44893High
When decoding a PP2_TYPE_SSL TLV, HAProxyMessage.readNextTLV() first calls `header.retainedSlice(header.readerIndex(), length)` and only then reads the 1-byte… - CVE-2026-44894 - Netty's Default QUIC token handler accepts any client-supplied token
CVE-2026-44894High
NoQuicTokenHandler is the tokenHandler used when the application does not set one. Its writeToken() returns false (server will not send Retry — acceptable),… - CVE-2026-45416 - Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
CVE-2026-45416High
SslClientHelloHandler.decode() reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates… - CVE-2026-45674 - Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Re
CVE-2026-45674High
Summary Netty's DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Details In… - CVE-2026-46340 - Netty: SCTP reassembly nests buffers without bound
CVE-2026-46340High
For each non-complete SctpMessage fragment the handler does `fragments.put(streamId, Unpooled.wrappedBuffer(frag, byteBuf))`, wrapping the previous accumulator… - CVE-2026-47691 - Netty has Insufficient Bailiwick Validation for NS Records
CVE-2026-47691High
Summary Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an… - CVE-2026-47719 - FUXA: Unauthenticated SSRF via Socket.IO DEVICE_WEBAPI_REQUEST and DEVICE_PROPER
CVE-2026-47719High
## Summary An unauthenticated attacker (Alice) connects to FUXA's Socket.IO endpoint and emits a `device-webapi-request` event whose `property.address` field… - CVE-2026-47722 - nebula-mesh: Host advanced overrides allow YAML injection into agent config.yml
CVE-2026-47722High
`internal/configgen/generator.go:86,108,119` interpolates the operator-supplied `ListenHost` and `TunDevice` fields raw into a `text/template` that produces… - CVE-2026-47723 - nebula-mesh: Web UI and API responses lack security headers (CSP, X-Frame-Option
CVE-2026-47723High
None of the response paths in `internal/web/` or `internal/api/` set the standard browser-security headers. `grep` for `Content-Security-Policy`,… - CVE-2026-47725 - nebula-mesh's web UI lacks CSRF tokens on /ui/* mutating endpoints
CVE-2026-47725High
Every `/ui/*` POST / PUT / PATCH / DELETE route processes the request as soon as the session cookie validates. `SameSite=Lax` on the session cookie prevents… - CVE-2026-47726 - nebula-mesh: GET /api/v1/audit-log discloses all entries to any operator
CVE-2026-47726High
`internal/api/audit.go:12` — `handleGetAuditLog` does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via… - CVE-2026-47735 - Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that
CVE-2026-47735High
Summary Arc's user-SQL validator (`internal/api/query.go:ValidateSQLRequest`) blocked only `read_parquet(` and `arc_partition_agg(` via regex denylist. The… - CVE-2026-47736 - Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion
CVE-2026-47736High
Impact [PROXY protocol support for Puma](https://github.com/puma/puma/issues/2651) was added in version 5.5.0. When PROXY protocol v1 support is enabled, Puma…
Medium (13 条)
- CVE-2026-47720 - FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of esc
CVE-2026-47720Medium 3.1
## Summary The TDengine DAQ storage connector's `escapeTdString` at `server/runtime/storage/tdengine/index.js:10` doubles single quotes but does not escape… - CVE-2026-47721 - FUXA's scheduler API missing admin check enables operator-to-admin escalation vi
CVE-2026-47721Medium 3.1
## Summary An authorization issue in the Scheduler API allowed authenticated non-admin users to create or modify scheduled actions that should be restricted to… - CVE-2026-47240 - Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument
CVE-2026-47240Medium
Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not… - CVE-2026-47242 - Net::IMAP: Command Injection via ID command argument
CVE-2026-47242Medium
Summary Two `Net::IMAP` commands, `#id` and `#enable`, do not validate their arguments. Arguments to either command could be used by an attacker to inject… - CVE-2026-47767 - SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/A
CVE-2026-47767Medium
Description CVE-2024-50340 (GHSA-x8vp-gf4q-mw5j) addressed an issue where, with `register_argc_argv=On`, a crafted query string let an unauthenticated GET… - CVE-2026-39922 - GeoNode contains a server-side request forgery vulnerability in the service regi
CVE-2026-39922Medium
GeoNode versions 4.4.5 and 5.0.2 (and prior within their respective releases) contain a server-side request forgery vulnerability in the service registration… - CVE-2026-41479 - Authlib OAuth 2.0 has Open Redirect in Authorization API that allows attacker-co
CVE-2026-41479Medium
Summary Authlib's OAuth 2.0 authorization endpoint can be turned into an unauthenticated open redirect when a request uses an unsupported response_type and… - CVE-2026-42890 - actual Allows Electron to Run As Node
CVE-2026-42890Medium
## Summary A electron run as node vulnerability was identified in `actual` (macOS application, version `25.x (Electron 39.2.7)`). **Vulnerability Type:**…
…另有 5 条 Medium 级漏洞(已省略)
Low (3 条)
- CVE-2026-47241 - Net::IMAP: Denial of Service via incomplete raw argument validation
CVE-2026-47241Low
Summary Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is… - CVE-2026-47068 - PhoenixStorybook has cross-session PubSub topic injection via URL parameter
CVE-2026-47068Low
Summary The storybook iframe LiveView accepts a PubSub topic from the URL query string and broadcasts its own pid onto that topic with no check that the topic… - CVE-2026-47712 - Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`
CVE-2026-47712Low
Impact dulwich.porcelain.format_patch(outdir=...) derives each patch filename from the commit's subject line. Prior to this fix, get_summary only replaced…
🛡️ NVD-Latest(53 条)
Critical (5 条)
- CVE-2026-11499 A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This
CVE-2026-11499Critical 9.8
CVE-2026-11499 CVSS:9.8 A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file… - CVE-2024-58349 WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerabilit
CVE-2024-58349Critical 9.8
CVE-2024-58349 CVSS:9.8 WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload… - CVE-2024-58348 WordPress Background Image Cropper version 1.2 contains a remote code execution
CVE-2024-58348Critical 9.8
CVE-2024-58348 CVSS:9.8 WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to… - CVE-2023-54352 WordPress Seotheme contains a remote code execution vulnerability that allows un
CVE-2023-54352Critical 9.8
CVE-2023-54352 CVSS:9.8 WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code… - CVE-2026-50751 A logic flow weakness in Remote Access and Mobile Access certificate validation
CVE-2026-50751Critical 9.3
CVE-2026-50751 CVSS:9.3 A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an…
High (48 条)
- CVE-2026-11528 A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the
CVE-2026-11528High 8.8
CVE-2026-11528 CVSS:8.8 A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub_45304 of the file /goform/getRebootStatus… - CVE-2026-11524 A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function
CVE-2026-11524High 8.8
CVE-2026-11524 CVSS:8.8 A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file… - CVE-2026-11523 A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function f
CVE-2026-11523High 8.8
CVE-2026-11523 CVSS:8.8 A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the… - CVE-2026-11522 A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects
CVE-2026-11522High 8.8
CVE-2026-11522 CVSS:8.8 A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file… - CVE-2026-11517 A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impac
CVE-2026-11517High 8.8
CVE-2026-11517 CVSS:8.8 A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file… - CVE-2026-11504 A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is
CVE-2026-11504High 8.8
CVE-2026-11504 CVSS:8.8 A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file… - CVE-2026-11503 A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affec
CVE-2026-11503High 8.8
CVE-2026-11503 CVSS:8.8 A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function form_fast_setting_wifi_set… - CVE-2026-11498 A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected b
CVE-2026-11498High 8.8
CVE-2026-11498 CVSS:8.8 A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected by this issue is the function asp_voip_OtherSet of the… - CVE-2026-11413 A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3
CVE-2026-11413High 8.8
CVE-2026-11413 CVSS:8.8 A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function… - CVE-2026-26422 clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading
CVE-2026-26422High 8.4
CVE-2026-26422 CVSS:8.4 clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation. 产品: - CVE-2026-41724 VMware Cloud Foundation Operations contains multiple stored cross-site scripting
CVE-2026-41724High 8.0
CVE-2026-41724 CVSS:8.0 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to… - CVE-2026-41723 VMware Cloud Foundation Operations contains multiple stored cross-site scripting
CVE-2026-41723High 8.0
CVE-2026-41723 CVSS:8.0 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to… - CVE-2026-41722 VMware Cloud Foundation Operations contains multiple stored cross-site scripting
CVE-2026-41722High 8.0
CVE-2026-41722 CVSS:8.0 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to… - CVE-2026-22164 Software installed and run as a non-privileged user may conduct improper GPU sys
CVE-2026-22164High 7.5
CVE-2026-22164 CVSS:7.5 Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory. By creating… - CVE-2026-36789 Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to c
CVE-2026-36789High 7.5
CVE-2026-36789 CVSS:7.5 Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the… - CVE-2026-3238 A flaw was found in Samba’s WINS server component when running as an Active Dire
CVE-2026-3238High 7.5
CVE-2026-3238 CVSS:7.5 A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for… - CVE-2023-54350 WordPress Augmented-Reality plugin contains a remote code execution vulnerabilit
CVE-2023-54350High 7.5
CVE-2023-54350 CVSS:7.5 WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated… - CVE-2026-49494 Comodo Internet Security's firewall driver Inspect.sys contains an integer under
CVE-2026-49494High 7.5
CVE-2026-49494 CVSS:7.5 Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements… - CVE-2026-9290 The WP User Manager – User Profile Builder & Membership plugin for WordPress is
CVE-2026-9290High 7.5
CVE-2026-9290 CVSS:7.5 The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up… - CVE-2026-50752 A weakness in the certificate validation logic of the deprecated IKEv1 key excha
CVE-2026-50752High 7.4
CVE-2026-50752 CVSS:7.4 A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as… - CVE-2026-11501 A security flaw has been discovered in SourceCodester Hospitals Patient Records
CVE-2026-11501High 7.3
CVE-2026-11501 CVSS:7.3 A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown… - CVE-2026-11490 A vulnerability was determined in code-projects Online Music Site 1.0. This issu
CVE-2026-11490High 7.3
CVE-2026-11490 CVSS:7.3 A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file… - CVE-2026-11489 A vulnerability was found in code-projects Online Music Site 1.0. This vulnerabi
CVE-2026-11489High 7.3
CVE-2026-11489 CVSS:7.3 A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file… - CVE-2026-11488 A vulnerability has been found in code-projects Simple Flight Ticket Booking Sys
CVE-2026-11488High 7.3
CVE-2026-11488 CVSS:7.3 A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file… - CVE-2026-11486 A vulnerability was detected in SourceCodester Class and Exam Timetabling System
CVE-2026-11486High 7.3
CVE-2026-11486 CVSS:7.3 A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown… - CVE-2026-11485 A security vulnerability has been detected in SourceCodester Class and Exam Time
CVE-2026-11485High 7.3
CVE-2026-11485 CVSS:7.3 A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of… - CVE-2026-11484 A weakness has been identified in SourceCodester Class and Exam Timetabling Syst
CVE-2026-11484High 7.3
CVE-2026-11484 CVSS:7.3 A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file… - CVE-2026-11483 A security flaw has been discovered in SourceCodester Class and Exam Timetabling
CVE-2026-11483High 7.3
CVE-2026-11483 CVSS:7.3 A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the… - CVE-2026-11482 A vulnerability was identified in SourceCodester Class and Exam Timetabling Syst
CVE-2026-11482High 7.3
CVE-2026-11482 CVSS:7.3 A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of… - CVE-2026-11474 A security flaw has been discovered in Kushan2k student-management-system up to
CVE-2026-11474High 7.3
CVE-2026-11474 CVSS:7.3 A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is… - CVE-2026-11472 A vulnerability was determined in SourceCodester Class and Exam Timetabling Syst
CVE-2026-11472High 7.3
CVE-2026-11472 CVSS:7.3 A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file… - CVE-2026-11471 A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.
CVE-2026-11471High 7.3
CVE-2026-11471 CVSS:7.3 A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the… - CVE-2026-11463 A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unk
CVE-2026-11463High 7.3
CVE-2026-11463 CVSS:7.3 A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler.… - CVE-2026-11462 A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up t
CVE-2026-11462High 7.3
CVE-2026-11462 CVSS:7.3 A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the… - CVE-2026-11460 A flaw has been found in Boost Serialization up to 1.91. The impacted element is
CVE-2026-11460High 7.3
CVE-2026-11460 CVSS:7.3 A flaw has been found in Boost Serialization up to 1.91. The impacted element is an unknown function. This manipulation causes improper… - CVE-2026-11457 A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d44
CVE-2026-11457High 7.3
CVE-2026-11457 CVSS:7.3 A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects… - CVE-2026-11456 A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part
CVE-2026-11456High 7.3
CVE-2026-11456 CVSS:7.3 A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxf_dump_systable.php of the… - CVE-2026-11452 A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the
CVE-2026-11452High 7.3
CVE-2026-11452 CVSS:7.3 A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN_0042e200 of the file /cgi-bin/glc of the… - CVE-2026-11451 A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snpr
CVE-2026-11451High 7.3
CVE-2026-11451 CVSS:7.3 A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP… - CVE-2026-11450 A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the functi
CVE-2026-11450High 7.3
CVE-2026-11450 CVSS:7.3 A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the… - CVE-2026-11437 A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the fun
CVE-2026-11437High 7.3
CVE-2026-11437 CVSS:7.3 A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of… - CVE-2026-11435 A security vulnerability has been detected in Jinher OA 1.0. This affects an unk
CVE-2026-11435High 7.3
CVE-2026-11435 CVSS:7.3 A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx. Such… - CVE-2026-11577 A flaw was found in Keycloak. A limited administrator can exploit an improper ac
CVE-2026-11577High 7.2
CVE-2026-11577 CVSS:7.2 A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST… - CVE-2023-54351 WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnera
CVE-2023-54351High 7.2
CVE-2023-54351 CVSS:7.2 WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject… - CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation v
CVE-2026-9851High 7.2
CVE-2026-9851 CVSS:7.2 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in versions up to, and including,… - CVE-2026-7537 The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File U
CVE-2026-7537High 7.2
CVE-2026-7537 CVSS:7.2 The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7.8.3 via… - CVE-2026-8901 The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity For
CVE-2026-8901High 7.2
CVE-2026-8901 CVSS:7.2 The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress is vulnerable to Stored… - CVE-2026-8438 The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is v
CVE-2026-8438High 7.2
CVE-2026-8438 CVSS:7.2 The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up…
⚔️ Sploitus(99 条)
Unknown (99 条)
- ollama-silent-patches exploit
ollama-silent-patches exploit - Exploit for Deserialization of Untrusted Data in Mirasvit Full_Page_Cache_Warmer exploit
Exploit for Deserialization of Untrusted Data in Mirasvit Full_Page_Cache_Warmer exploit
…另有 97 条 Unknown 级漏洞(已省略)
🤖 漏洞情报自动汇总 · 2026-06-10 · 数据来源: NVD / GitHub Advisory / Sploitus / CISA-KEV