| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-53520 | Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing | nezhahq | nezha | Medium | 6.5 | 2026-06-12 21:03:59 | Deep Dive |
| CVE-2026-53519🧪 | Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key | nezhahq | nezha | Critical | 9.1 | 2026-06-12 21:03:49 | Deep Dive |
| CVE-2026-49397 | Nezha Monitoring: Private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing data | nezhahq | nezha | Medium | 5.3 | 2026-06-12 21:03:37 | Deep Dive |
| CVE-2026-49396🧪 | Nezha Monitoring: Cross-site GET request can trigger stored cron commands on a victim's agents | nezhahq | nezha | High | 7.1 | 2026-06-12 21:03:28 | Deep Dive |
| CVE-2026-48119🧪 | Nezha Monitoring: Authenticated agents can forge service-monitor results for other users' services | nezhahq | nezha | High | 7.1 | 2026-06-12 21:03:18 | Deep Dive |
| CVE-2026-47124 | Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members | nezhahq | nezha | Medium | 6.5 | 2026-06-12 21:03:09 | Deep Dive |
| CVE-2026-47120🧪 | Nezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.FailTriggerTasks (no ownership check) | nezhahq | nezha | High | 7.1 | 2026-06-12 21:02:50 | Deep Dive |
| CVE-2026-46717🧪 | Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notification | nezhahq | nezha | High | 7.7 | 2026-06-12 21:02:41 | Deep Dive |
| CVE-2026-46716🧪 | Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron | nezhahq | nezha | Critical | 9.9 | 2026-06-12 21:00:47 | Deep Dive |
| CVE-2026-53609🧪 | Apostrophe has Server-Side Prototype Pollution in apos.util.set via patch operators that leads to process-wide authorization bypass | apostrophecms | apostrophe | Critical | 9.1 | 2026-06-12 20:59:25 | Deep Dive |
| CVE-2026-53608🧪 | @apostrophecms/seo Vulnerable to Stored XSS via Unsanitized Google Analytics / GTM ID Injected into Script Tag | apostrophecms | @apostrophecms/seo | High | 8.7 | 2026-06-12 20:57:49 | Deep Dive |
| CVE-2026-47268 | Nezha Monitoring: Authenticated DDNS webhook configuration allows blind SSRF from the dashboard host | nezhahq | nezha | Medium | 6.4 | 2026-06-12 20:56:46 | Deep Dive |
| CVE-2026-54397 | MISP event editing allows unauthorized assignment to undisclosed sharing groups | misp | misp | 中危 | - | 2026-06-12 20:55:53 | Deep Dive |
| CVE-2026-53607 | @apostrophecms/file pretty-URL Vulnerable to Unauthenticated SSRF via Host header | apostrophecms | apostrophe | Low | 3.7 | 2026-06-12 20:54:31 | Deep Dive |
| CVE-2026-4870 | Qiskit SDK is vulnerable to specific functions may recurse too deeply and overflow the available stack space, when encountering certain classical expressions. | IBM | Qiskit SDK | High | 7.5 | 2026-06-12 20:52:59 | Deep Dive |
| CVE-2026-53606 | sanitize-html has an incomplete URI scheme validation that allows javascript: URIs through action, formaction, data, poster, and background attributes | apostrophecms | sanitize-html | Medium | 5.4 | 2026-06-12 20:50:47 | Deep Dive |
| CVE-2026-45014 | Apostrophe Vulnerable to Stored Cross-Site Scripting via Unsanitized User Display Name in Draft Version Tooltip | apostrophecms | apostrophe | 中危 | - | 2026-06-12 20:48:33 | Deep Dive |
| CVE-2026-54396 | MISP AuthKey edit endpoint allows authenticated user email enumeration | misp | misp | 中危 | - | 2026-06-12 20:48:19 | Deep Dive |
| CVE-2026-45013🧪 | Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation | apostrophecms | apostrophe | High | 8.1 | 2026-06-12 20:46:22 | Deep Dive |
| CVE-2026-24618 | WordPress Hash Elements plugin <= 1.5.4 - Sensitive Data Exposure vulnerability | HashThemes | Hash Elements | Medium | 4.3 | 2026-06-12 20:46:19 | Deep Dive |