Browse 54+ CVEs from NVD & CNNVD with AI-powered analysis, AI-generated PoCs, KEV/EPSS tracking, and daily security intelligence. Filter by vendor, product, severity, or CWE.
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-10152 | TaleLin lin-cms-spring-boot book Endpoint BookController.java access control | TaleLin | lin-cms-spring-boot | Medium | 6.3 | 2026-05-30 19:15:09 | Deep Dive |
| CVE-2026-9370 | ulisesbocchio jasypt-spring-boot Password Hash SimpleGCMConfig.java getSecretKeySaltGenerator hash predictable salt | ulisesbocchio | jasypt-spring-boot | Low | 3.7 | 2026-05-24 09:15:09 | Deep Dive |
| CVE-2026-40977 | VMware Spring Boot 后置链接漏洞 | Spring | Spring Boot | Medium | 4.7 | 2026-04-27 23:36:07 | Deep Dive |
| CVE-2026-40976 | VMware Spring Boot 安全漏洞 | Spring | Spring Boot | Critical | 9.1 | 2026-04-27 23:34:51 | Deep Dive |
| CVE-2026-40975 | VMware Spring Boot 安全特征问题漏洞 | Spring | Spring Boot | Medium | 4.8 | 2026-04-27 23:32:59 | Deep Dive |
| CVE-2026-40974 | VMware Spring Boot 信任管理问题漏洞 | Spring | Spring Boot | Medium | 5.0 | 2026-04-27 23:31:41 | Deep Dive |
| CVE-2026-40973 | VMware Spring Boot 安全漏洞 | Spring | Spring Boot | High | 7.0 | 2026-04-27 23:29:52 | Deep Dive |
| CVE-2026-40972 | VMware Spring Boot 安全漏洞 | Spring | Spring Boot | High | 7.5 | 2026-04-27 23:15:19 | Deep Dive |
| CVE-2026-40971 | VMware Spring Boot 信任管理问题漏洞 | Spring | Spring Boot | Medium | 5.0 | 2026-04-27 22:45:13 | Deep Dive |
| CVE-2026-40970 | VMware Spring Boot 信任管理问题漏洞 | Spring | Spring Boot | Medium | 5.0 | 2026-04-27 19:09:59 | Deep Dive |
| CVE-2026-6857 | Camel-infinispan: camel-infinispan: remote code execution via unsafe deserialization | Red Hat | Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14 | High | 7.5 | 2026-04-22 12:55:01 | Deep Dive |
| CVE-2026-28369 | Undertow: undertow: request smuggling via malformed http request headers | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | High | 8.7 | 2026-03-27 16:13:06 | Deep Dive |
| CVE-2026-28367 | Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | High | 8.7 | 2026-03-27 16:13:05 | Deep Dive |
| CVE-2026-28368 | Undertow: undertow: request smuggling via inconsistent header parsing | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | High | 8.7 | 2026-03-27 16:13:04 | Deep Dive |
| CVE-2026-3260 | Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests | Red Hat | Red Hat build of Apache Camel for Spring Boot 4 | Medium | 5.9 | 2026-03-24 04:11:16 | Deep Dive |
| CVE-2026-22731 | Authentication Bypass under Actuator Health groups paths | Spring | Spring Boot | High | 8.2 | 2026-03-19 22:36:15 | Deep Dive |
| CVE-2024-4027 | Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks | Red Hat | OpenShift Serverless | High | 7.5 | 2026-01-30 14:25:54 | Deep Dive |
| CVE-2025-12543 | Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf | Red Hat | Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11 | Critical | 9.6 | 2026-01-07 16:04:22 | Deep Dive |
| CVE-2024-3884 | Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded | Red Hat | Red Hat JBoss Enterprise Application Platform | High | 7.5 | 2025-12-03 18:40:26 | Deep Dive |
| CVE-2025-9784🧪 | Undertow: undertow madeyoureset http/2 ddos vulnerability | - | - | High | 7.5 | 2025-09-02 13:38:00 | Deep Dive |