| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-10269 | decolua 9router HTTP Header dashboardGuard.js isAuthenticated improper authorization | decolua | 9router | Medium | 6.3 | 2026-06-01 15:15:10 | Deep Dive |
| CVE-2026-42678 | WordPress GiveWP plugin <= 4.14.5 - Cross Site Scripting (XSS) vulnerability | Liquid Web / StellarWP | GiveWP | High | 7.1 | 2026-06-01 15:14:24 | Deep Dive |
| CVE-2026-42679 | WordPress Classified Listing plugin <= 5.3.8 - Arbitrary File Download vulnerability | Mamunur Rashid | Classified Listing | Medium | 6.5 | 2026-06-01 15:13:24 | Deep Dive |
| CVE-2026-8643 | pip can extract console_scripts and gui_scripts outside installation directory | Python Packaging Authority | pip | 高危 | - | 2026-06-01 15:01:32 | Deep Dive |
| CVE-2026-10268 | janet-lang janet marsh.c unmarshal_one_fiber integer overflow | janet-lang | janet | Low | 3.3 | 2026-06-01 15:00:13 | Deep Dive |
| CVE-2026-0826 | Poly Voice – Possible Remote Control of Certain Poly Devices | HP Inc. | poly_trio_8300 | - | - | 2026-06-01 14:55:00 | Deep Dive |
| CVE-2026-42680 | WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability | Wasiliy Strecker / ContestGallery developer | Contest Gallery Pro | Critical | 9.8 | 2026-06-01 14:54:13 | Deep Dive |
| CVE-2026-42681 | WordPress e2pdf plugin <= 1.32.14 - Reflected Cross Site Scripting (XSS) vulnerability | E2Pdf.com | e2pdf | High | 7.1 | 2026-06-01 14:52:58 | Deep Dive |
| CVE-2026-42682 | WordPress wpForo Forum plugin <= 3.0.6 - Broken Access Control vulnerability | Tomdever | wpForo Forum | Critical | 9.1 | 2026-06-01 14:47:08 | Deep Dive |
| CVE-2026-10267 | janet-lang janet debug.c doframe out-of-bounds | janet-lang | janet | Low | 3.3 | 2026-06-01 14:45:11 | Deep Dive |
| CVE-2026-42683 | WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability | e4jvikwp | VikBooking Hotel Booking Engine & PMS | High | 7.1 | 2026-06-01 14:44:38 | Deep Dive |
| CVE-2026-48839 | WordPress WP Statistics plugin <= 14.16.6 - Cross Site Scripting (XSS) vulnerability | VeronaLabs | WP Statistics | High | 7.1 | 2026-06-01 14:43:30 | Deep Dive |
| CVE-2026-48865 | WordPress LearnPress plugin <= 4.3.6 - Reflected Cross Site Scripting (XSS) vulnerability | ThimPress | LearnPress | High | 7.1 | 2026-06-01 14:41:46 | Deep Dive |
| CVE-2026-48866 | WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability | Rocketgenius Inc. | Gravity Forms | Critical | 9.6 | 2026-06-01 14:39:47 | Deep Dive |
| CVE-2026-48879 | WordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerability | Sergey | AIWU | Critical | 9.8 | 2026-06-01 14:38:02 | Deep Dive |
| CVE-2026-8931 | Critical RCE vulnerability in Disig Web Signer | Disig | Web Signer | - | - | 2026-06-01 14:31:16 | Deep Dive |
| CVE-2026-10265 | itsourcecode Content Management System edit_topic.php sql injection | itsourcecode | Content Management System | Medium | 6.3 | 2026-06-01 14:30:11 | Deep Dive |
| CVE-2026-10264 | lharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversal | lharries | whatsapp-mcp | Low | 3.5 | 2026-06-01 14:15:11 | Deep Dive |
| CVE-2026-10263🧪 | SourceCodester Computer Repair Shop Management System manage_product.php sql injection | SourceCodester | Computer Repair Shop Management System | High | 7.3 | 2026-06-01 14:00:22 | Deep Dive |
| CVE-2026-10262🧪 | code-projects Real State Services Login loginuser.php sql injection | code-projects | Real State Services | High | 7.3 | 2026-06-01 13:45:08 | Deep Dive |