| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-27818 | Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration | Apache Software Foundation | Apache Kafka | 高危 | - | 2025-06-10 07:52:32 | Deep Dive |
| CVE-2025-27531 | Apache InLong: An arbitrary file read vulnerability for JDBC | Apache Software Foundation | Apache InLong | - | - | 2025-06-06 14:55:29 | Deep Dive |
| CVE-2025-5601 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2025-06-04 10:30:46 | Deep Dive |
| CVE-2025-46548 | Apache Pekko Management, Apache Pekko Management, Apache Pekko Management, Akka Management, Akka Management, Akka Management: management API basic authentication is not effective | Apache Software Foundation | Apache Pekko Management | - | - | 2025-06-03 14:45:33 | Deep Dive |
| CVE-2024-12718 | Bypass extraction filter to modify file metadata outside extraction directory | Python Software Foundation | CPython | Medium | 5.3 | 2025-06-03 12:59:11 | Deep Dive |
| CVE-2025-4435 | Tarfile extracts filtered members when errorlevel=0 | Python Software Foundation | CPython | High | 7.5 | 2025-06-03 12:59:07 | Deep Dive |
| CVE-2025-4138📌 | Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory | Python Software Foundation | CPython | High | 7.5 | 2025-06-03 12:59:03 | Deep Dive |
| CVE-2025-4330 | Extraction filter bypass for linking outside extraction directory | Python Software Foundation | CPython | High | 7.5 | 2025-06-03 12:58:57 | Deep Dive |
| CVE-2025-4517📌 | Arbitrary writes via tarfile realpath overflow | Python Software Foundation | CPython | Critical | 9.4 | 2025-06-03 12:58:50 | Deep Dive |
| CVE-2025-48912 | Apache Superset: Improper authorization bypass on row level security via SQL Injection | Apache Software Foundation | Apache Superset | - | - | 2025-05-30 08:26:16 | Deep Dive |
| CVE-2025-46701📌 | Apache Tomcat: Security constraint bypass for CGI scripts | Apache Software Foundation | Apache Tomcat | - | - | 2025-05-29 19:06:04 | Deep Dive |
| CVE-2025-48734 | Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default | Apache Software Foundation | Apache Commons BeanUtils 1.x | - | - | 2025-05-28 13:32:08 | Deep Dive |
| CVE-2025-27528 | Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read | Apache Software Foundation | Apache InLong | - | - | 2025-05-28 08:12:28 | Deep Dive |
| CVE-2025-27526 | Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass | Apache Software Foundation | Apache InLong | - | - | 2025-05-28 08:07:35 | Deep Dive |
| CVE-2025-27522 | Apache InLong: JDBC Vulnerability during verification processing | Apache Software Foundation | Apache InLong | - | - | 2025-05-28 08:06:04 | Deep Dive |
| CVE-2025-35003 | Apache NuttX RTOS: NuttX Bluetooth Stack HCI and UART DoS/RCE Vulnerabilities. | Apache Software Foundation | Apache NuttX RTOS | - | - | 2025-05-26 10:03:07 | Deep Dive |
| CVE-2025-41228💣 | VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability | VMware | vCenter Server | Medium | 4.3 | 2025-05-20 14:24:34 | Deep Dive |
| CVE-2025-41227 | Denial-of-Service Vulnerability | VMware | ESXi | Medium | 5.5 | 2025-05-20 14:24:29 | Deep Dive |
| CVE-2025-41226 | Guest Operations Denial-of-Service Vulnerability | VMware | ESXi | Medium | 6.8 | 2025-05-20 14:24:25 | Deep Dive |
| CVE-2025-41225 | VMware vCenter Server authenticated command-execution vulnerability | VMware | vCenter Server | High | 8.8 | 2025-05-20 14:24:17 | Deep Dive |