| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-22753 | Servlet Path Not Correctly Included in Path Matching of HttpSecurity#securityMatchers | Spring | Spring Security | High | 7.5 | 2026-04-22 05:20:31 | Deep Dive |
| CVE-2026-22748 | Potential Security Misconfiguration when Using withIssuerLocation | Spring | Spring Security | Medium | 5.3 | 2026-04-22 05:15:04 | Deep Dive |
| CVE-2026-22747 | Unauthorized User Impersonation when Using X.509 Client Certificates | Spring | Spring Security | Medium | 6.8 | 2026-04-22 05:08:41 | Deep Dive |
| CVE-2026-22746 | User Attribute Enumeration when Using DaoAuthenticationProvider | Spring | Spring Security | Low | 3.7 | 2026-04-22 05:02:24 | Deep Dive |
| CVE-2026-40451 | DeepL for Chrome 跨站脚本漏洞 | DeepL | Chrome browser extension | - | - | 2026-04-22 04:28:50 | Deep Dive |
| CVE-2026-6835 | aEnrich|a+HCM - Arbitrary File Upload | aEnrich | a+HCM | Medium | 6.1 | 2026-04-22 03:40:37 | Deep Dive |
| CVE-2026-6834 | aEnrich|a+HRD - Missing Authorization | aEnrich | a+HRD | Medium | 6.5 | 2026-04-22 03:36:58 | Deep Dive |
| CVE-2026-6833 | aEnrich|a+HRD - SQL Injection | aEnrich | a+HRD | Medium | 6.5 | 2026-04-22 03:32:29 | Deep Dive |
| CVE-2026-6386 | Missing large page handling in pmap_pkru_update_range() | FreeBSD | FreeBSD | - | - | 2026-04-22 02:33:25 | Deep Dive |
| CVE-2026-5398 | Kernel use-after-free bug in the TIOCNOTTY handler | FreeBSD | FreeBSD | - | - | 2026-04-22 02:23:57 | Deep Dive |
| CVE-2026-6408 | Tanium addressed an information disclosure vulnerability in Tanium Server. | Tanium | Tanium Server | Low | 2.7 | 2026-04-22 01:46:41 | Deep Dive |
| CVE-2026-6392 | Tanium addressed an information disclosure vulnerability in Threat Response. | Tanium | Threat Response | Low | 2.7 | 2026-04-22 01:46:30 | Deep Dive |
| CVE-2026-41458 | OwnTone Server < 29.1 Race Condition DoS via DAAP Login | owntone | owntone-server | - | - | 2026-04-22 01:46:28 | Deep Dive |
| CVE-2026-6416 | Tanium addressed an uncontrolled resource consumption vulnerability in Interact. | Tanium | Interact | Low | 2.7 | 2026-04-22 01:46:19 | Deep Dive |
| CVE-2026-41457 | OwnTone Server < 29.1 SQL Injection via query and filter Parameters | owntone | owntone-server | - | - | 2026-04-22 01:46:12 | Deep Dive |
| CVE-2026-41146 | facil.io and downstream iodine ruby gem vulnerable to uncontrolled resource consumption and loop with unreachable exit condition | boazsegev | facil.io | - | - | 2026-04-22 01:07:29 | Deep Dive |
| CVE-2026-41145 | MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads | minio | minio | - | - | 2026-04-22 00:54:09 | Deep Dive |
| CVE-2026-40344 | MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads | minio | minio | - | - | 2026-04-22 00:49:30 | Deep Dive |
| CVE-2026-31192 | Raindrop.io Bookmark Manager Web App 输入验证错误漏洞 | - | - | - | - | 2026-04-22 00:00:00 | Deep Dive |
| CVE-2026-35548 | guardsix ODBC Enrichment Plugins 代码问题漏洞 | - | - | - | - | 2026-04-22 00:00:00 | Deep Dive |