Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 7

Clear Filters
Found 2886 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-41607 Apache Thrift: C++ JSON OOB read Apache Software FoundationApache Thrift--2026-04-28 09:21:49 Deep Dive
CVE-2026-41606 Apache Thrift: c_glib dispatch stack overflow Apache Software FoundationApache Thrift--2026-04-28 09:21:13 Deep Dive
CVE-2026-41605 Apache Thrift: Swift Compact Protocol integer overflow Apache Software FoundationApache Thrift--2026-04-28 09:20:44 Deep Dive
CVE-2026-41604 Apache Thrift: Swift Range crash in skip() Apache Software FoundationApache Thrift--2026-04-28 09:20:14 Deep Dive
CVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verification Apache Software FoundationApache Thrift--2026-04-28 09:19:41 Deep Dive
CVE-2026-41602 Apache Thrift: Go TFramedTransport uint32 overflow Apache Software FoundationApache Thrift--2026-04-28 09:19:07 Deep Dive
CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error. Apache Software FoundationApache Thrift--2026-04-28 09:11:44 Deep Dive
CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs Python Software FoundationCPython--2026-04-27 20:46:43 Deep Dive
CVE-2026-40557 Apache Storm Prometheus Reporter: Disabling TLS verification for Prometheus Reporter also disables it for all other connections Apache Software FoundationApache Storm Prometheus Reporter--2026-04-27 13:12:11 Deep Dive
CVE-2026-41081 Apache Storm Client: Anonymous principal assigned on TLS client certificate verification failure Apache Software FoundationApache Storm Client--2026-04-27 13:10:46 Deep Dive
CVE-2026-27172 Apache Camel: Unsafe Java deserialization in camel-consul ConsulRegistry allows arbitrary code execution via malicious values read from the Consul KV store Apache Software FoundationApache Camel--2026-04-27 09:59:46 Deep Dive
CVE-2026-33453 Apache Camel: CoAP URI Query Parameter to Exchange Header Injection in camel-coap Allows Single-Packet Pre-Auth Remote Code Execution Apache Software FoundationApache Camel--2026-04-27 09:58:49 Deep Dive
CVE-2026-33454 Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant) Apache Software FoundationApache Camel--2026-04-27 09:42:40 Deep Dive
CVE-2026-40022 Apache Camel Platform HTTP Main: Authentication Bypass on Non-Root Context Paths in camel main runtime Apache Software FoundationApache Camel Platform HTTP Main--2026-04-27 09:40:28 Deep Dive
CVE-2026-40858 Apache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository Apache Software FoundationApache Camel--2026-04-27 09:38:55 Deep Dive
CVE-2026-41409 Apache MINA: CWE-502 Deserialization of Untrusted Data Apache Software FoundationApache MINA Critical 9.8 2026-04-27 09:20:13 Deep Dive
CVE-2026-41635 Apache MINA: AbstractIoBuffer.resolveClass() null-clazz Branch Skips acceptMatchers Filter — Full Object Deserialization RCE Apache Software FoundationApache MINA Critical 9.8 2026-04-27 08:59:51 Deep Dive
CVE-2026-40453 Apache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows case-variant header injection Apache Software FoundationApache Camel JMS--2026-04-27 08:23:20 Deep Dive
CVE-2026-40860 Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp Apache Software FoundationApache Camel--2026-04-27 08:03:20 Deep Dive
CVE-2026-40048 Apache Camel PQC: Unsafe Deserialization from FileBasedKeyLifecycleManager Apache Software FoundationApache Camel PQC--2026-04-27 07:53:55 Deep Dive