| CVE-2026-22706 | Strapi 密码重置未撤销现有刷新会话漏洞 | strapi | strapi | - | - | 2026-05-14 18:38:27 | 深度分析 |
| CVE-2026-22599 | Strapi Content Type Builder SQL注入漏洞 | strapi | strapi | - | - | 2026-05-14 18:35:58 | 深度分析 |
| CVE-2026-44589 | Nuxt OG Image v6.2.5 SSRF漏洞 | nuxt-modules | og-image | 低危 | 3.7 | 2026-05-14 18:35:29 | 深度分析 |
| CVE-2026-27680 | SAP NetWeaver ABAP CSS注入漏洞 | SAP_SE | SAP NetWeaver Application Server ABAP | 低危 | 3.1 | 2026-05-14 18:33:26 | 深度分析 |
| CVE-2025-64526 | Strapi 用户权限插件速率限制绕过漏洞 | strapi | strapi | - | - | 2026-05-14 18:32:02 | 深度分析 |
| CVE-2026-41315 | mdserver-web 操作系统命令注入漏洞 | midoks | mdserver-web | - | - | 2026-05-14 18:31:10 | 深度分析 |
| CVE-2026-44670 | 思源笔记:存储型XSS导致远程代码执行 | siyuan-note | siyuan | - | - | 2026-05-14 18:25:51 | 深度分析 |
| CVE-2026-44588 | 思源笔记 URL编码标题绕过导致XSS | siyuan-note | siyuan | - | - | 2026-05-14 18:23:28 | 深度分析 |
| CVE-2026-45147 | 思源笔记 /api/tag/getTag 越权修改配置漏洞 | siyuan-note | siyuan | 中危 | 4.3 | 2026-05-14 18:21:40 | 深度分析 |
| CVE-2026-45148 | 思源笔记发布模式读取者可枚举元数据漏洞 | siyuan-note | siyuan | 中危 | 4.3 | 2026-05-14 18:19:31 | 深度分析 |
| CVE-2026-45371 | 思源笔记发布模式读者通过8个未限制API修改配置和SQL索引漏洞 | siyuan-note | siyuan | - | - | 2026-05-14 18:14:51 | 深度分析 |
| CVE-2026-45375 | 思源 Bazaar 市场渲染未转义包名和版本信息,导致存储型XSS及Electron代码执行漏洞 | siyuan-note | siyuan | 超危 | 9.0 | 2026-05-14 18:13:13 | 深度分析 |
| CVE-2026-44586 | 思源笔记:Bazaar应用市场未转义作者元数据导致XSS与代码执行漏洞 | siyuan-note | siyuan | 高危 | 8.3 | 2026-05-14 18:11:50 | 深度分析 |
| CVE-2026-42598 | Pode静态路由目录遍历漏洞 | Badgerati | Pode | - | - | 2026-05-14 18:06:38 | 深度分析 |
| CVE-2026-42334 | Mongoose $nor 过滤消毒不当导致NoSQL注入漏洞 | Automattic | mongoose | 高危 | 7.5 | 2026-05-14 18:03:43 | 深度分析 |
| CVE-2025-15024 | Yordam Library Automation System 远程代码执行漏洞 | Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. | Library Automation System | 高危 | 8.8 | 2026-05-14 17:48:42 | 深度分析 |
| CVE-2026-46470 | GStreamer <1.28.2 存在除以零致服务拒绝漏洞 | GStreamer | Good Plug-ins | 中危 | 4.0 | 2026-05-14 17:40:47 | 深度分析 |
| CVE-2026-46469 | GStreamer <1.28.2 MP4解析整数除零致DoS | GStreamer | Good Plug-ins | 中危 | 4.0 | 2026-05-14 17:38:44 | 深度分析 |
| CVE-2025-15023 | Yordam Informatics 图书馆自动化系统访问控制漏洞 | Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. | Library Automation System | 高危 | 8.8 | 2026-05-14 17:36:14 | 深度分析 |
| CVE-2026-44544 | gittuf 策略回滚漏洞 | gittuf | gittuf | - | - | 2026-05-14 17:34:40 | 深度分析 |