| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-42255 | Technitium DNS Server <15.0 DNS放大漏洞 | Technitium | DnsServer | High | 7.2 | 2026-04-26 02:48:45 | Deep Dive |
| CVE-2026-7015 | MaxSite CMS Guestbook Plugin cross site scripting | MaxSite | CMS | Low | 2.4 | 2026-04-26 02:45:13 | Deep Dive |
| CVE-2026-42254 | Hickory DNS 0.1-0.25.2 域外缓存投毒漏洞 | Hickory Project | Hickory DNS | Medium | 4.0 | 2026-04-26 02:38:41 | Deep Dive |
| CVE-2026-7014 | MaxSite CMS down_count Plugin cross site scripting | MaxSite | CMS | Low | 2.4 | 2026-04-26 02:30:21 | Deep Dive |
| CVE-2026-7013 | MaxSite CMS mail_send Plugin cross site scripting | MaxSite | CMS | Low | 2.4 | 2026-04-26 02:00:20 | Deep Dive |
| CVE-2026-7012 | MaxSite CMS Redirect Plugin cross site scripting | MaxSite | CMS | Low | 2.4 | 2026-04-26 01:15:17 | Deep Dive |
| CVE-2026-7011 | MaxSite CMS Antispam Plugin plugin_antispam cross site scripting | MaxSite | CMS | Low | 2.4 | 2026-04-26 00:30:21 | Deep Dive |
| CVE-2026-7002 | KLiK SocialMediaWebsite Private Message get_message_ajax.php sql injection | KLiK | SocialMediaWebsite | High | 7.3 | 2026-04-25 21:30:16 | Deep Dive |
| CVE-2026-7001 | Datacom DM4100 Ethernet Configuration cross site scripting | Datacom | DM4100 | Low | 2.4 | 2026-04-25 21:15:14 | Deep Dive |
| CVE-2026-7000 | Datacom DM4100 VLAN Page cross site scripting | Datacom | DM4100 | Low | 2.4 | 2026-04-25 21:00:24 | Deep Dive |
| CVE-2026-6999 | BIVOCOM TR321 Wireless Setting cross site scripting | BIVOCOM | TR321 | Low | 2.4 | 2026-04-25 20:45:15 | Deep Dive |
| CVE-2026-6998 | BDCOM P3310D New RMON Statistics cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 20:15:15 | Deep Dive |
| CVE-2026-6997 | BDCOM P3310D New RMON History cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 20:00:19 | Deep Dive |
| CVE-2026-6996 | BDCOM P3310D rmon event Tab cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 19:45:12 | Deep Dive |
| CVE-2026-6995 | BDCOM P3310D New User index.asp cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 19:15:14 | Deep Dive |
| CVE-2026-6994 | Envoy Query Parameter header_mutation.cc params.add injection | - | Envoy | Medium | 6.3 | 2026-04-25 19:00:19 | Deep Dive |
| CVE-2026-6993 | go-kratos http.DefaultServeMux Fallback server.go NewServer confused deputy | go-kratos | kratos | Medium | 5.3 | 2026-04-25 18:30:16 | Deep Dive |
| CVE-2026-6992 | Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection | Linksys | MR9600 | High | 7.2 | 2026-04-25 18:00:20 | Deep Dive |
| CVE-2026-6991 | colinhacks Zod CUID Data Type regexes.ts sql injection | colinhacks | Zod | Medium | 6.3 | 2026-04-25 17:45:14 | Deep Dive |
| CVE-2026-6990 | projeto-siga novo cross site scripting | projeto-siga | siga | Low | 3.5 | 2026-04-25 17:30:16 | Deep Dive |