| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-34788 | Emlog: SQL Injection in tag_model::updateTagName() via unsanitized parameters | emlog | emlog | Medium | 6.5 | 2026-04-03 22:37:09 | Deep Dive |
| CVE-2026-34787 | Emlog: Local File Inclusion in plugin.php via unsanitized plugin parameter | emlog | emlog | Medium | 6.5 | 2026-04-03 22:36:36 | Deep Dive |
| CVE-2026-34607 | Emlog: Path Traversal in emUnZip() allows arbitrary file write leading to RCE | emlog | emlog | High | 7.2 | 2026-04-03 22:35:57 | Deep Dive |
| CVE-2026-34229 | Emlog: Stored XSS in Comment Module via URI Scheme Validation Bypass | emlog | emlog | Medium | 6.1 | 2026-04-03 22:31:45 | Deep Dive |
| CVE-2026-34228 | Emlog: CSRF in Backend Upgrade Interface Leading to Arbitrary Remote SQL Execution and Arbitrary File Write | emlog | emlog | - | - | 2026-04-03 22:28:46 | Deep Dive |
| CVE-2026-31954 | Emlog asynchronous media file deletion missing CSRF protection | emlog | emlog | None | 0.0 | 2026-03-11 19:21:53 | Deep Dive |
| CVE-2026-22799 | emlog Arbitrary File Upload Vulnerability | emlog | emlog | - | - | 2026-01-12 22:05:01 | Deep Dive |
| CVE-2026-21433 | Emlog vulnerable to Server-Side Request Forgery (SSRF) | emlog | emlog | High | 7.7 | 2026-01-02 19:00:23 | Deep Dive |
| CVE-2026-21432 | Emlog has stored Cross-site Scripting issue that can lead to admin or another account ATO | emlog | emlog | 中危 | - | 2026-01-02 18:58:38 | Deep Dive |
| CVE-2026-21431 | Emlog vulnerable to stored Cross-site Scripting via image name | emlog | emlog | 中危 | - | 2026-01-02 18:49:03 | Deep Dive |
| CVE-2026-21430 | Emlog: CSRF chained with stored XSS leads to ATO | emlog | emlog | 中危 | - | 2026-01-02 18:44:24 | Deep Dive |
| CVE-2026-21429 | Emlog has Broken Access Control (BAC) | emlog | emlog | 中危 | - | 2026-01-02 17:23:17 | Deep Dive |
| CVE-2025-62717 | Emlog Pro session verification code error due to clearing logic error | emlog | emlog | 中危 | - | 2025-10-24 20:13:47 | Deep Dive |
| CVE-2025-61930 | Emlog Pro has CSRF issue that Enables Admin Password Reset | emlog | emlog | High | 8.1 | 2025-10-10 20:01:42 | Deep Dive |
| CVE-2025-61769 | Emlog vulnerable to stored XSS in file upload functionality in emlog | emlog | emlog | - | - | 2025-10-06 16:09:54 | Deep Dive |
| CVE-2025-61599 | Emlog is Vulnerable to Stored Cross-Site Scripting (XSS) in "Twitter" Feature via Markdown Input | emlog | emlog | 中危 | - | 2025-10-03 06:27:46 | Deep Dive |
| CVE-2025-61597 | Emlog Pro is vulnerable to stored XSS attack through HTML template injection | emlog | emlog | High | 7.6 | 2025-10-03 06:16:14 | Deep Dive |
| CVE-2025-9296 | Emlog Pro blogger.php unrestricted upload | - | Emlog Pro | Medium | 4.7 | 2025-08-21 11:32:06 | Deep Dive |
| CVE-2025-53926 | Emlog has Stored Cross-site Scripting vulnerability due to error | emlog | emlog | Medium | 6.1 | 2025-07-16 15:37:45 | Deep Dive |
| CVE-2025-53925 | Emlog has Stored Cross-site Scripting vulnerability in file upload functionality | emlog | emlog | Medium | 5.4 | 2025-07-16 14:21:42 | Deep Dive |