| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-48682 | FastNetMon 1.2.9 IPv4解析越界读取漏洞 | - | - | - | - | 2026-06-02 00:00:00 | Deep Dive |
| CVE-2026-38967 | Crow HTTP响应头注入漏洞(v1.3.1及以下) | - | - | - | - | 2026-06-02 00:00:00 | Deep Dive |
| CVE-2026-30586 | Memos v0.26.0 存储型跨站脚本漏洞 | - | - | - | - | 2026-06-02 00:00:00 | Deep Dive |
| CVE-2026-33553 | CFEngine Enterprise 3.24.x/3.27.x跨站脚本漏洞 | - | - | - | - | 2026-06-02 00:00:00 | Deep Dive |
| CVE-2026-10514 | 1Panel-dev CordysCRM RequestParamTrimConfig.java cross site scripting | 1Panel-dev | CordysCRM | Low | 2.4 | 2026-06-01 23:45:12 | Deep Dive |
| CVE-2026-10302 | itsourcecode Fees Management System manage_fee.php sql injection | itsourcecode | Fees Management System | Medium | 6.3 | 2026-06-01 23:30:09 | Deep Dive |
| CVE-2026-9048 | Slider Revolution 7.0.0 - 7.0.14 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure | Revolution Slider | Slider Revolution | Medium | 4.3 | 2026-06-01 23:28:27 | Deep Dive |
| CVE-2026-9050 | Slider Revolution 6.0.0-6.7.55 and 7.0.0-7.0.14 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Deactivation | Revolution Slider | Slider Revolution | Medium | 4.3 | 2026-06-01 23:28:27 | Deep Dive |
| CVE-2026-10301 | itsourcecode Fees Management System index.php cross site scripting | itsourcecode | Fees Management System | Medium | 4.3 | 2026-06-01 23:15:09 | Deep Dive |
| CVE-2026-10300 | SGLang Inference HTTP Endpoint lora_manager.py assertion | - | SGLang | Low | 3.7 | 2026-06-01 23:00:13 | Deep Dive |
| CVE-2026-10299 | code-projects Online Hospital Management System viewdoctortimings.php resource injection | code-projects | Online Hospital Management System | Low | 3.8 | 2026-06-01 22:45:09 | Deep Dive |
| CVE-2026-10298 | ggml-org whisper.cpp ggml.c whisper_model_load null pointer dereference | ggml-org | whisper.cpp | Low | 3.3 | 2026-06-01 22:30:11 | Deep Dive |
| CVE-2026-25879🧪 | Langroid has Prompt to SQL Injection, Leading to RCE | langroid | langroid | Critical | 9.8 | 2026-06-01 22:27:13 | Deep Dive |
| CVE-2026-28511 | elabftw has entry title leakage through autocompletion search | elabftw | elabftw | Medium | 4.3 | 2026-06-01 22:24:19 | Deep Dive |
| CVE-2026-10297 | itsourcecode Fees Management System manage_course.php sql injection | itsourcecode | Fees Management System | Medium | 6.3 | 2026-06-01 22:15:09 | Deep Dive |
| CVE-2026-25277 | Buffer Copy Without Checking Size of Input in Secure Processor | Qualcomm, Inc. | Snapdragon | High | 8.8 | 2026-06-01 22:05:50 | Deep Dive |
| CVE-2026-25276 | Improper Validation of Array Index in Secure Processor | Qualcomm, Inc. | Snapdragon | High | 8.8 | 2026-06-01 22:05:49 | Deep Dive |
| CVE-2026-25260 | Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service | Qualcomm, Inc. | Snapdragon | High | 7.8 | 2026-06-01 22:05:45 | Deep Dive |
| CVE-2026-25259 | Out-of-bounds Write in DSP Service | Qualcomm, Inc. | Snapdragon | High | 7.8 | 2026-06-01 22:05:44 | Deep Dive |
| CVE-2026-25258 | Out-of-bounds Read in DSP Service | Qualcomm, Inc. | Snapdragon | High | 7.8 | 2026-06-01 22:05:43 | Deep Dive |