Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 330,205+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-7627 8nite metatrader-4-mcp sync_ea_from_file index.ts CallToolRequestSchema path traversal 8nitemetatrader-4-mcp Medium 6.3 2026-05-02 11:00:15 Deep Dive
CVE-2026-7612 itsourcecode Courier Management System edit_user.php sql injection itsourcecodeCourier Management System Medium 4.7 2026-05-02 10:00:14 Deep Dive
CVE-2026-7611 TRENDnet TEW-821DAP Firmware Update cameo_dev.sh platform_do_upgrade_cameo_dev data authenticity TRENDnetTEW-821DAP Low 3.7 2026-05-02 09:30:12 Deep Dive
CVE-2026-5077 Total <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title in Blog Section Image alt Attribute hashthemesTotal Medium 5.4 2026-05-02 09:26:16 Deep Dive
CVE-2026-7610 TRENDnet TEW-821DAP Firmware Update ssi cleartext transmission TRENDnetTEW-821DAP Low 3.7 2026-05-02 09:15:11 Deep Dive
CVE-2026-7491 Zyosoft|School App - Insecure Direct Object Reference ZyosoftSchool App High 8.1 2026-05-02 09:14:26 Deep Dive
CVE-2026-7490 Sunnet|CTMS and CPAS - Arbitrary File Upload SunnetCTMS High 7.2 2026-05-02 09:06:25 Deep Dive
CVE-2026-7489 Sunnet|CTMS - SQL Injection SunnetCTMS High 8.8 2026-05-02 09:02:22 Deep Dive
CVE-2026-7609 TRENDnet TEW-821DAP Firmware Udpate diagnostic tools_diagnostic os command injection TRENDnetTEW-821DAP Medium 6.3 2026-05-02 09:00:19 Deep Dive
CVE-2026-7608 TRENDnet TEW-821DAP tools_diagnostic os command injection TRENDnetTEW-821DAP Medium 5.5 2026-05-02 08:45:12 Deep Dive
CVE-2026-4024 Royal Addons for Elementor <= 1.7.1056 - Missing Authorization to Unauthenticated Form Action Meta Modification wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor Medium 5.3 2026-05-02 08:27:05 Deep Dive
CVE-2026-5324 Brizy – Page Builder <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting via FileUpload Field Value themefusecomBrizy – Page Builder High 7.2 2026-05-02 08:27:05 Deep Dive
CVE-2026-6229 Royal Addons for Elementor <= 1.7.1057 - Authenticated (Contributor+) Server-Side Request Forgery via CSV URL Parameter wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor High 7.2 2026-05-02 07:46:42 Deep Dive
CVE-2026-6457 Geo Mashup <= 1.13.19 - Authenticated (Subscriber+) SQL Injection via 'geo_mashup_null_fields' Parameter cyberhoboGeo Mashup Medium 6.5 2026-05-02 07:46:41 Deep Dive
CVE-2026-6449 Booking for Appointments and Events Calendar – Amelia <= 2.1.2 - Unauthenticated Authorization Bypass via Remote Approval Endpoint ameliabookingBooking for Appointments and Events Calendar – Amelia Medium 5.3 2026-05-02 07:46:41 Deep Dive
CVE-2026-2052 Widget Options <= 4.2.2 - Authenticated (Contributor+) Remote Code Execution via Display Logic marketingfireWidget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets High 8.8 2026-05-02 07:46:41 Deep Dive
CVE-2026-4650 FundPress <= 2.0.8 - Missing Authorization to Unauthenticated Arbitrary Donation Status Modification via donate_action_status AJAX Handler thimpressFundPress – WordPress Donation Plugin Medium 5.3 2026-05-02 07:46:40 Deep Dive
CVE-2026-7607 TRENDnet TEW-821DAP Firmware Udpate auto_update_firmware buffer overflow TRENDnetTEW-821DAP High 8.8 2026-05-02 07:00:15 Deep Dive
CVE-2026-7606 TRENDnet TEW-821DAP Firmware Update new_gui_update_firmware data authenticity TRENDnetTEW-821DAP Low 3.7 2026-05-02 06:45:10 Deep Dive
CVE-2026-7649 ARMember <= 4.0.60 - Unauthenticated SQL Injection via 'orderby' Parameter reputeinfosystemsARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup High 7.5 2026-05-02 06:44:07 Deep Dive