| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1711 | Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role. | Pegasystems | Pega Infinity | 中危 | - | 2026-04-15 21:32:52 | Deep Dive |
| CVE-2026-1564 | Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role. | Pegasystems | Pega Infinity | 中危 | - | 2026-04-15 21:31:20 | Deep Dive |
| CVE-2025-62184 | Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. | Pegasystems | Pega Infinity | - | - | 2026-03-31 17:52:07 | Deep Dive |
| CVE-2025-62183 | Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low. | Pegasystems | Pega Infinity | - | - | 2026-02-17 22:53:23 | Deep Dive |
| CVE-2025-62182 | Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file. | Pegasystems | Pega Infinity | - | - | 2026-01-13 16:37:07 | Deep Dive |
| CVE-2025-59683 | Pexip Infinity 安全漏洞 | Pexip | Infinity | High | 8.2 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-66378 | Pexip Infinity 安全漏洞 | Pexip | Infinity | Medium | 5.9 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-66377 | Pexip Infinity 访问控制错误漏洞 | Pexip | Infinity | High | 7.5 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-66379 | Pexip Infinity 安全漏洞 | Pexip | Infinity | High | 7.5 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-49088 | Pexip Infinity 安全漏洞 | Pexip | Infinity | Medium | 5.9 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-48704 | Pexip Infinity 安全漏洞 | Pexip | Infinity | High | 7.5 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-32096 | Pexip Infinity 安全漏洞 | Pexip | Infinity | High | 7.5 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-32095 | Pexip Infinity 安全漏洞 | Pexip | Infinity | High | 7.5 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-66443 | Pexip Infinity 安全漏洞 | Pexip | Infinity | High | 7.5 | 2025-12-25 00:00:00 | Deep Dive |
| CVE-2025-62181 | Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration where during user authentication process, a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. | Pegasystems | Pega Infinity | Medium | 5.3 | 2025-12-10 20:41:09 | Deep Dive |
| CVE-2025-9559 | Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data | Pegasystems | Pega Infinity | Medium | 6.5 | 2025-10-16 15:28:19 | Deep Dive |
| CVE-2025-8681 | Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component | Pegasystems | Pega Infinity | Medium | 5.5 | 2025-09-10 16:00:15 | Deep Dive |
| CVE-2025-8341 | SSRF in Infinity Datasource Plugin | Grafana | grafana-infinity-datasource | Medium | 5.0 | 2025-08-04 08:34:51 | Deep Dive |
| CVE-2025-2161 | Pegasystem Pega Platform 安全漏洞 | Pegasystems | Pega Infinity | High | 7.1 | 2025-04-14 14:19:38 | Deep Dive |
| CVE-2025-2160 | Pegasystem Pega Platform 安全漏洞 | Pegasystems | Pega Infinity | High | 8.1 | 2025-04-14 14:16:35 | Deep Dive |