| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-31382 | Gainsight Assist reflected XSS/HTML injection | Gainsight | Gainsight Assist | Medium | 6.1 | 2026-03-20 13:04:45 | Deep Dive |
| CVE-2026-31381 | Gainsight Assist plugin information disclosure | Gainsight | Gainsight Assist | Medium | 5.3 | 2026-03-20 13:02:07 | Deep Dive |
| CVE-2025-12420 | Unauthenticated Privilege Escalation in ServiceNow AI Platform | ServiceNow | Now Assist AI Agents | - | - | 2026-01-12 21:29:37 | Deep Dive |
| CVE-2025-68596 | WordPress Bit Assist plugin <= 1.5.11 - Broken Access Control vulnerability | Bit Apps | Bit Assist | Medium | 5.3 | 2025-12-24 13:10:45 | Deep Dive |
| CVE-2025-53710 | Network boundaries not respected in certain Foundry namespaces. | Palantir | com.palantir.compute:compute-service | High | 7.5 | 2025-12-18 21:05:52 | Deep Dive |
| CVE-2025-34352 | JumpCloud Remote Assist < 0.317.0 Arbitrary File Write/Delete via Insecure Temp Directory | JumpCloud Inc. | Remote Assist | - | - | 2025-12-02 18:39:33 | Deep Dive |
| CVE-2025-0642 | Hard-coded Credentials in PosCube's Assist | PosCube Hardware Software and Consulting Ltd. Co. | Assist | Medium | 6.3 | 2025-10-02 12:37:30 | Deep Dive |
| CVE-2025-53508 | iND多款产品 操作系统命令注入漏洞 | iND Co.,Ltd | HL330-DLS (for module MC7700) | 高危 | - | 2025-08-29 04:14:39 | Deep Dive |
| CVE-2025-53507 | iND多款产品 安全漏洞 | iND Co.,Ltd | HL330-DLS (for module MC7700) | 中危 | - | 2025-08-29 04:13:58 | Deep Dive |
| CVE-2025-53783 | Microsoft Teams Remote Code Execution Vulnerability | Microsoft | Microsoft Teams for Android | High | 7.5 | 2025-08-12 17:10:41 | Deep Dive |
| CVE-2025-30834 | WordPress Bit Assist plugin <= 1.5.4 - Path Traversal vulnerability | Bit Apps | Bit Assist | High | 7.5 | 2025-04-01 05:31:38 | Deep Dive |
| CVE-2025-0822 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-15 12:43:03 | Deep Dive |
| CVE-2025-0821 | Bit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-14 11:10:58 | Deep Dive |
| CVE-2024-13791 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 4.9 | 2025-02-14 11:10:58 | Deep Dive |
| CVE-2023-51371 | WordPress Bit Assist Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS) | Bit Assist | Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget | Medium | 5.9 | 2023-12-29 10:58:40 | Deep Dive |
| CVE-2022-31689 | VMware Workspace ONE Assist 授权问题漏洞 | - | VMware Workspace ONE Assist | 超危 | - | 2022-11-09 00:00:00 | Deep Dive |
| CVE-2022-31688 | VMware Workspace ONE Assist 跨站脚本漏洞 | - | VMware Workspace ONE Assist | 中危 | - | 2022-11-09 00:00:00 | Deep Dive |
| CVE-2022-31687 | VMware Workspace ONE Assist 安全漏洞 | - | VMware Workspace ONE Assist | 超危 | - | 2022-11-09 00:00:00 | Deep Dive |
| CVE-2022-31686 | VMware Workspace ONE Assist 授权问题漏洞 | - | VMware Workspace ONE Assist | 超危 | - | 2022-11-09 00:00:00 | Deep Dive |
| CVE-2022-31685 | VMware Workspace ONE Assist 访问控制错误漏洞 | - | VMware Workspace ONE Assist | 超危 | - | 2022-11-09 00:00:00 | Deep Dive |