浏览 26+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-61735 | Apache Kylin: Server-Side Request Forgery | Apache Software Foundation | Apache Kylin | - | - | 2025-10-02 09:47:50 | Deep Dive |
| CVE-2025-61733 | Apache Kylin: Authentication bypass | Apache Software Foundation | Apache Kylin | - | - | 2025-10-02 09:47:39 | Deep Dive |
| CVE-2025-61734 | Apache Kylin: improper restriction of file read | Apache Software Foundation | Apache Kylin | - | - | 2025-10-02 09:47:15 | Deep Dive |
| CVE-2025-30067 | Apache Kylin: The remote code execution via jdbc url | Apache Software Foundation | Apache Kylin | - | - | 2025-03-27 15:06:37 | Deep Dive |
| CVE-2024-48944 | Apache Kylin: SSRF vulnerability in the diagnosis api | Apache Software Foundation | Apache Kylin | - | - | 2025-03-27 15:05:57 | Deep Dive |
| CVE-2024-23590 | Apache Kylin: Session fixation in web interface | Apache Software Foundation | Apache Kylin | - | - | 2024-11-04 09:27:06 | Deep Dive |
| CVE-2023-29055 | Apache Kylin: Insufficiently protected credentials in config file | Apache Software Foundation | Apache Kylin | 高危 | - | 2024-01-29 12:20:55 | Deep Dive |
| CVE-2023-7093 | KylinSoft kylin-system-updater com.kylin.systemupgrade Service UpgradeStrategiesDbus.py os command injection | KylinSoft | kylin-system-updater | Medium | 5.3 | 2023-12-24 23:31:04 | Deep Dive |
| CVE-2023-3097 | KylinSoft kylin-software-properties setMainSource os command injection | KylinSoft | kylin-software-properties | Medium | 5.3 | 2023-06-05 06:00:04 | Deep Dive |
| CVE-2023-3096 | KylinSoft kylin-software-properties changedSource access control | KylinSoft | kylin-software-properties | Medium | 5.3 | 2023-06-05 05:31:03 | Deep Dive |
| CVE-2023-1277 | kylin-system-updater Update InstallSnap command injection | - | kylin-system-updater | High | 7.8 | 2023-03-08 18:06:40 | Deep Dive |
| CVE-2023-1164 | KylinSoft kylin-activation File Import improper authorization | KylinSoft | kylin-activation | High | 8.4 | 2023-03-03 06:56:06 | Deep Dive |
| CVE-2022-44621 | Apache Kylin: Command injection by Diagnosis Controller | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-12-30 10:31:53 | Deep Dive |
| CVE-2022-43396 | Apache Kylin: Command injection by Useless configuration | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-12-30 10:30:46 | Deep Dive |
| CVE-2022-24697 | Apache Kylin prior to 4.0.2 allows command injection when the configuration overwrites function overwrites system parameters | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-10-13 00:00:00 | Deep Dive |
| CVE-2021-45458 | Hardcoded credentials | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:24 | Deep Dive |
| CVE-2021-45457 | Overly broad CORS configuration | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:22 | Deep Dive |
| CVE-2021-45456 | Command injection | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-01-06 12:35:21 | Deep Dive |
| CVE-2021-36774 | Mysql JDBC Connector Deserialize RCE | Apache Software Foundation | Apache Kylin | 中危 | - | 2022-01-06 12:35:20 | Deep Dive |
| CVE-2021-31522 | Apache Kylin unsafe class loading | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-01-06 12:35:18 | Deep Dive |