浏览 60+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4111 | Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive | Red Hat | Red Hat Enterprise Linux 10 | High | 7.5 | 2026-03-13 11:45:21 | Deep Dive |
| CVE-2025-14831 | Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.3 | 2026-02-09 14:51:32 | Deep Dive |
| CVE-2025-30248 | Western Digital WD Discovery 安全漏洞 | Western Digital | WD Discovery | - | - | 2026-01-26 22:47:59 | Deep Dive |
| CVE-2025-9820 | Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.0 | 2026-01-26 19:58:33 | Deep Dive |
| CVE-2025-13601 | Glib: integer overflow in in g_escape_uri_string() | - | - | High | 7.7 | 2025-11-26 14:44:23 | Deep Dive |
| CVE-2025-9900 | Libtiff: libtiff write-what-where | - | - | High | 8.8 | 2025-09-23 16:26:23 | Deep Dive |
| CVE-2025-8941 | Linux-pam: incomplete fix for cve-2025-6020 | - | - | High | 7.8 | 2025-08-13 14:42:38 | Deep Dive |
| CVE-2025-6395 | Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() | - | - | Medium | 6.5 | 2025-07-10 15:20:46 | Deep Dive |
| CVE-2025-7425 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | GNOME | libxml2 | High | 7.8 | 2025-07-10 13:53:37 | Deep Dive |
| CVE-2025-32990 | Gnutls: vulnerability in gnutls certtool template parsing | - | - | Medium | 6.5 | 2025-07-10 09:41:46 | Deep Dive |
| CVE-2025-32989 | Gnutls: vulnerability in gnutls sct extension parsing | - | - | Medium | 5.3 | 2025-07-10 08:05:26 | Deep Dive |
| CVE-2025-32988 | Gnutls: vulnerability in gnutls othername san export | - | - | Medium | 6.5 | 2025-07-10 08:04:58 | Deep Dive |
| CVE-2025-6020 | Linux-pam: linux-pam directory traversal | - | - | High | 7.8 | 2025-06-17 12:44:09 | Deep Dive |
| CVE-2025-49796 | Libxml: type confusion leads to denial of service (dos) | - | - | Critical | 9.1 | 2025-06-16 15:14:28 | Deep Dive |
| CVE-2025-6021 | Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2 | - | - | High | 7.5 | 2025-06-12 12:49:16 | Deep Dive |
| CVE-2025-5914 | Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c | - | - | High | 7.8 | 2025-06-09 19:53:49 | Deep Dive |
| CVE-2025-4598 | Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump | - | - | Medium | 4.7 | 2025-05-30 13:13:26 | Deep Dive |
| CVE-2025-3576 | Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions | - | - | Medium | 5.9 | 2025-04-15 05:55:27 | Deep Dive |
| CVE-2024-8176 | Libexpat: expat: improper restriction of xml entity expansion depth in libexpat | - | - | High | 7.5 | 2025-03-14 08:19:49 | Deep Dive |
| CVE-2025-26465 | Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled | - | - | Medium | 6.8 | 2025-02-18 18:27:17 | Deep Dive |