| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-34460 | NamelessMC: OAuth callback `state` is not validated, allowing login CSRF / session swapping | NamelessMC | Nameless | Medium | 5.4 | 2026-06-02 15:29:15 | Deep Dive |
| CVE-2026-45686🧪 | OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI | open-telemetry | opentelemetry-ebpf-instrumentation | High | 7.5 | 2026-06-02 15:25:56 | Deep Dive |
| CVE-2026-45685🧪 | OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages | open-telemetry | opentelemetry-ebpf-instrumentation | High | 7.5 | 2026-06-02 15:25:47 | Deep Dive |
| CVE-2026-45684 | OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers | open-telemetry | opentelemetry-ebpf-instrumentation | Medium | 4.9 | 2026-06-02 15:25:33 | Deep Dive |
| CVE-2026-45683 | OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure | open-telemetry | opentelemetry-ebpf-instrumentation | Low | 3.8 | 2026-06-02 15:25:12 | Deep Dive |
| CVE-2026-45681 | OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size | open-telemetry | opentelemetry-ebpf-instrumentation | Medium | 5.9 | 2026-06-02 15:25:00 | Deep Dive |
| CVE-2026-45680 | OpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPU | open-telemetry | opentelemetry-ebpf-instrumentation | Medium | 5.9 | 2026-06-02 15:24:46 | Deep Dive |
| CVE-2026-45679 | OpenTelemetry eBPF Instrumentation: Redis error text is exported in span status messages | open-telemetry | opentelemetry-ebpf-instrumentation | Medium | 6.5 | 2026-06-02 15:24:31 | Deep Dive |
| CVE-2026-45678🧪 | OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads | open-telemetry | opentelemetry-ebpf-instrumentation | High | 7.5 | 2026-06-02 15:24:12 | Deep Dive |
| CVE-2026-45676 | OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent | open-telemetry | opentelemetry-ebpf-instrumentation | Medium | 5.5 | 2026-06-02 15:23:50 | Deep Dive |
| CVE-2026-45682 | OpenTelemetry eBPF Instrumentation: CappedConcurrentHashMap leaks keys after removals | open-telemetry | opentelemetry-ebpf-instrumentation | Medium | 5.1 | 2026-06-02 15:23:25 | Deep Dive |
| CVE-2026-33398 | Authenticated users can read hidden forum posts through `/forum/get_quotes` | NamelessMC | Nameless | - | - | 2026-06-02 15:19:30 | Deep Dive |
| CVE-2026-40780 | WordPress BookIt plugin < 2.5.4.1 - Broken Authentication vulnerability | Liquid Web / StellarWP | BookIt | High | 7.5 | 2026-06-02 15:08:00 | Deep Dive |
| CVE-2026-42654 | WordPress Wallet System for WooCommerce plugin <= 2.7.5 - Broken Authentication vulnerability | WP Swings | Wallet System for WooCommerce | High | 7.1 | 2026-06-02 14:48:11 | Deep Dive |
| CVE-2026-40619 | Security Center部分版本本地权限提升漏洞 | Genetec Inc. | Genetec Security Center | High | 7.8 | 2026-06-02 14:37:54 | Deep Dive |
| CVE-2026-10629 | CVE-2026-10629 | Verizon | VoLTE | - | - | 2026-06-02 14:35:08 | Deep Dive |
| CVE-2026-10047 | Out-of-bounds write in Napoca real-mode hook handler via guest-controlled SS:SP (VA-13905) | Bitdefender | Napoca bare-metal hypervisor | - | - | 2026-06-02 14:17:15 | Deep Dive |
| CVE-2026-10046 | Out-of-bounds write in Napoca BIOS INT 0x15 E820 memory map handler (VA-13905) | Bitdefender | Napoca bare-metal hypervisor | - | - | 2026-06-02 14:16:22 | Deep Dive |
| CVE-2026-47117🧪 | OpenMed < 1.5.2 Remote Code Execution via PII Model Loading | maziyarpanahi | openmed | Critical | 9.8 | 2026-06-02 14:15:18 | Deep Dive |
| CVE-2026-49753 | HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing | elixir-mint | mint | - | - | 2026-06-02 14:15:17 | Deep Dive |