| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-10662 | ahujasid blender-mcp ZIP File server.py requests.get server-side request forgery | ahujasid | blender-mcp | Medium | 6.3 | 2026-06-02 22:00:13 | Deep Dive |
| CVE-2021-4481 | Dräger Protector Software Local Privilege Escalation via Insecure File Permissions | Dräger | Protector Software | High | 8.2 | 2026-06-02 21:32:26 | Deep Dive |
| CVE-2021-4480 | Dräger Protector Software Local Privilege Escalation via Insecure File Permissions | Dräger | Protector Software | High | 8.2 | 2026-06-02 21:31:34 | Deep Dive |
| CVE-2026-10661 | ahujasid blender-mcp server.py open injection | ahujasid | blender-mcp | Medium | 4.3 | 2026-06-02 21:30:11 | Deep Dive |
| CVE-2026-35212 | OpenCTI has XSS in the rendering of email-message observable body data | OpenCTI-Platform | opencti | - | - | 2026-06-02 21:28:59 | Deep Dive |
| CVE-2025-15653 | Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation | Dräger | Zeus IE | Medium | 6.8 | 2026-06-02 21:27:38 | Deep Dive |
| CVE-2024-14036 | Dräger Core 1.0.5 Denial of Service via Malformed SDC Message | Dräger | Core | High | 7.5 | 2026-06-02 21:22:13 | Deep Dive |
| CVE-2026-10650 | warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption | warmcat | libwebsockets | Medium | 5.3 | 2026-06-02 21:15:11 | Deep Dive |
| CVE-2026-8936 | Unbounded recursion in grpcfuse kernel module allows container to crash Docker Desktop VM | Docker | Docker Desktop | - | - | 2026-06-02 21:09:03 | Deep Dive |
| CVE-2022-4992 | Dräger Infinity M540 VG4.1.1 Spoofed Network Message Handling DoS/Tampering | Dräger | Infinity Acute Care System | High | 8.6 | 2026-06-02 21:06:40 | Deep Dive |
| CVE-2026-45289 | CloudburstMC Protocol: Partially missing validation for FULL type authentication tokens | CloudburstMC | Protocol | Medium | 5.3 | 2026-06-02 20:36:02 | Deep Dive |
| CVE-2026-49144 | BrowserStack Runner 0.9.5 Path Traversal via _default HTTP Handler | browserstack | browserstack-runner | Medium | 6.5 | 2026-06-02 20:34:55 | Deep Dive |
| CVE-2026-49448🧪 | authentik: SourceStage bypass via empty POST | goauthentik | authentik | Critical | 9.8 | 2026-06-02 20:31:20 | Deep Dive |
| CVE-2026-49143🧪 | BrowserStack Runner 0.9.5 Unauthenticated RCE via /_log HTTP Handler | browserstack | browserstack-runner | High | 8.8 | 2026-06-02 20:31:17 | Deep Dive |
| CVE-2026-49443🧪 | authentik: `UserSourceConnection.user` and `GroupSourceConnection.group` are changeable through the API | goauthentik | authentik | High | 8.8 | 2026-06-02 20:31:09 | Deep Dive |
| CVE-2026-47201🧪 | authentik: XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user | goauthentik | authentik | High | 8.5 | 2026-06-02 20:30:56 | Deep Dive |
| CVE-2026-42849🧪 | authentik: Reflected XSS in SFE AutosubmitStage allows IDP account takeover | goauthentik | authentik | Critical | 9.3 | 2026-06-02 20:30:44 | Deep Dive |
| CVE-2026-41569 | authentik: WS-Federation wreply origin bypass can exfiltrate signed login responses to attacker-controlled endpoints | goauthentik | authentik | - | - | 2026-06-02 20:30:22 | Deep Dive |
| CVE-2026-10624 | SourceCodester Human Resource Management Employee View detailview.php resource injection | SourceCodester | Human Resource Management | Medium | 4.3 | 2026-06-02 20:30:11 | Deep Dive |
| CVE-2026-10620🧪 | code-projects Student Admission System index.php sql injection | code-projects | Student Admission System | High | 7.3 | 2026-06-02 20:15:13 | Deep Dive |