| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4250 | Albert Sağlık Hizmetleri ve Ticaret Albert Health Google Cloud Service Account Key service-account.json credentials storage | Albert Sağlık Hizmetleri ve Ticaret | Albert Health | Low | 2.5 | 2026-03-16 15:32:09 | Deep Dive |
| CVE-2026-28137 | WordPress MediCenter - Health Medical Clinic WordPress Theme theme <= 14.9 - Reflected Cross Site Scripting (XSS) vulnerability | QuanticaLabs | MediCenter - Health Medical Clinic | 中危 | - | 2026-03-05 05:54:32 | Deep Dive |
| CVE-2025-15567 | Vivo Health 安全漏洞 | vivo | Health | 中危 | - | 2026-02-27 06:54:30 | Deep Dive |
| CVE-2026-3046 | itsourcecode E-Logbook with Health Monitoring System for COVID-19 check_profile_old.php sql injection | itsourcecode | E-Logbook with Health Monitoring System for COVID-19 | High | 7.3 | 2026-02-24 00:32:08 | Deep Dive |
| CVE-2026-22800 | PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences | THM-Health | PILOS | Low | 2.4 | 2026-01-12 22:09:57 | Deep Dive |
| CVE-2025-64253 | WordPress Health Check & Troubleshooting plugin <= 1.7.1 - Path Traversal vulnerability | WordPress.org | Health Check & Troubleshooting | - | - | 2025-12-16 08:12:50 | Deep Dive |
| CVE-2025-35029 | Medical Informatics Engineering Enterprise Health stored cross site scripting via Demographic Information page | Medical Informatics Engineering | Enterprise Health | Low | 3.5 | 2025-11-20 19:34:31 | Deep Dive |
| CVE-2025-54719 | WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 - Deserialization of untrusted data Vulnerability | NooTheme | Yogi - Health Beauty & Yoga | 中危 | - | 2025-11-06 15:54:15 | Deep Dive |
| CVE-2025-54718 | WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 - Cross Site Scripting (XSS) vulnerability | NooTheme | Yogi - Health Beauty & Yoga | 中危 | - | 2025-11-06 15:54:15 | Deep Dive |
| CVE-2025-62781 | PILOS is missing session regeneration after password change | THM-Health | PILOS | Medium | 5.0 | 2025-10-27 21:22:07 | Deep Dive |
| CVE-2025-62524 | PILOS Exposes PHP version | THM-Health | PILOS | Medium | 5.3 | 2025-10-27 20:18:42 | Deep Dive |
| CVE-2025-62523 | PILOS Misconfigured the Access-Control-Allow-Origin Header | THM-Health | PILOS | Medium | 6.3 | 2025-10-27 20:10:51 | Deep Dive |
| CVE-2025-62288 | Oracle Health Sciences Applications 安全漏洞 | Oracle Corporation | Oracle Health Sciences Data Management Workbench | Medium | 4.9 | 2025-10-21 20:03:16 | Deep Dive |
| CVE-2025-21059 | SAMSUNG Health 安全漏洞 | Samsung Mobile | Samsung Health | Medium | 6.2 | 2025-10-10 06:33:18 | Deep Dive |
| CVE-2025-10212 | SiteAlert (Formerly WP Health) <= 1.9.8 - Missing Authorization to Unauthenticated Site Health Information Exposure | sitealert | SiteAlert (Formerly WP Health) | Medium | 5.3 | 2025-10-03 11:17:06 | Deep Dive |
| CVE-2025-35034 | Medical Informatics Engineering Enterprise Health reflected cross site scripting via portlet_user_id | Medical Informatics Engineering | Enterprise Health | Medium | 4.3 | 2025-09-29 20:01:58 | Deep Dive |
| CVE-2025-35033 | Medical Informatics Engineering Enterprise Health CSV injection | Medical Informatics Engineering | Enterprise Health | Medium | 4.1 | 2025-09-29 20:01:38 | Deep Dive |
| CVE-2025-35032 | Medical Informatics Engineering Enterprise Health arbitrary file upload | Medical Informatics Engineering | Enterprise Health | Low | 3.4 | 2025-09-29 20:01:09 | Deep Dive |
| CVE-2025-35031 | Medical Informatics Engineering Enterprise Health includes session token in debug output | Medical Informatics Engineering | Enterprise Health | Low | 3.3 | 2025-09-29 20:00:43 | Deep Dive |
| CVE-2025-35030 | Medical Informatics Engineering Enterprise Health cross site request forgery | Medical Informatics Engineering | Enterprise Health | High | 8.1 | 2025-09-29 20:00:17 | Deep Dive |