Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 10

CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-41416 PJSIP: Asymmetric ptime integer overflow in Media Stream pjsippjproject--2026-04-24 18:40:08 Deep Dive
CVE-2026-41415 PJSIP: SIP Multipart CID URI Length Underflow pjsippjproject--2026-04-24 18:38:36 Deep Dive
CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml skim-rsskim High 7.4 2026-04-24 18:32:36 Deep Dive
CVE-2026-41492 Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph dgraph-iodgraph Critical 9.8 2026-04-24 18:29:41 Deep Dive
CVE-2026-41327 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field dgraph-iodgraph Critical 9.1 2026-04-24 18:27:51 Deep Dive
CVE-2026-41328 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field dgraph-iodgraph Critical 9.1 2026-04-24 18:25:44 Deep Dive
CVE-2026-33666 Zserio: Integer Overflow in BitStreamReader on 32-bit platforms ndsevzserio High 7.5 2026-04-24 18:21:11 Deep Dive
CVE-2026-33524 Zserio: Integer Overflow in BitStreamReader and Unbounded Memory Allocation in Deserialization ndsevzserio High 7.5 2026-04-24 18:18:03 Deep Dive
CVE-2026-33662 OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode() OP-TEEoptee_os High 7.5 2026-04-24 18:13:29 Deep Dive
CVE-2026-41907 uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided uuidjsuuid--2026-04-24 18:09:25 Deep Dive
CVE-2026-42042 Axios: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean Coercion axiosaxios Medium 5.4 2026-04-24 18:03:30 Deep Dive
CVE-2026-42039 Axios: unbounded recursion in toFormData causes DoS via deeply nested request data axiosaxios--2026-04-24 18:01:31 Deep Dive
CVE-2026-42036 Axios: HTTP adapter streamed responses bypass maxContentLength axiosaxios Medium 5.3 2026-04-24 18:00:33 Deep Dive
CVE-2026-42034 Axios: HTTP adapter streamed uploads bypass maxBodyLength when maxRedirects: 0 axiosaxios Medium 5.3 2026-04-24 17:59:48 Deep Dive
CVE-2026-42037 Axios: CRLF Injection in multipart/form-data body via unsanitized blob.type in formDataToStream axiosaxios Medium 5.3 2026-04-24 17:58:16 Deep Dive
CVE-2026-42038 Axios: no_proxy bypass via IP alias allows SSRF axiosaxios Medium 6.8 2026-04-24 17:57:27 Deep Dive
CVE-2026-42041 Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy axiosaxios Medium 4.8 2026-04-24 17:55:30 Deep Dive
CVE-2026-42043 Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0 axiosaxios High 7.2 2026-04-24 17:54:43 Deep Dive
CVE-2026-42044 Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver` axiosaxios Medium 6.5 2026-04-24 17:49:50 Deep Dive
CVE-2026-42040 Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams axiosaxios Low 3.7 2026-04-24 17:40:31 Deep Dive