| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5832 | atototo api-lab-mcp HTTP http-server.ts test_http_endpoint server-side request forgery | atototo | api-lab-mcp | High | 7.3 | 2026-04-09 02:00:23 | Deep Dive |
| CVE-2025-69347 | WordPress WPSubscription plugin <= 1.8.10 - Insecure Direct Object References (IDOR) vulnerability | Convers Lab | WPSubscription | High | 8.6 | 2026-03-25 16:14:22 | Deep Dive |
| CVE-2026-3725 | 1024-lab/lab1024 SmartAdmin FreeMarker Template MailService.java freemarkerResolverContent special elements used in a template engine | 1024-lab | SmartAdmin | Medium | 6.3 | 2026-03-08 09:02:08 | Deep Dive |
| CVE-2026-3721 | 1024-lab/lab1024 SmartAdmin Help Documentation HelpDocAddForm.java cross site scripting | 1024-lab | SmartAdmin | Low | 3.5 | 2026-03-08 07:32:07 | Deep Dive |
| CVE-2026-3720 | 1024-lab/lab1024 SmartAdmin Notice notice-form-drawer.vue cross site scripting | 1024-lab | SmartAdmin | Low | 3.5 | 2026-03-08 07:02:13 | Deep Dive |
| CVE-2026-25384 | WordPress WP-Lister Lite for eBay plugin <= 3.8.5 - Broken Access Control vulnerability | WP Lab | WP-Lister Lite for eBay | - | - | 2026-02-19 08:27:01 | Deep Dive |
| CVE-2026-25933 | Arduino App Lab has Improper Data Validation in Internal Terminal Interface | arduino | arduino-app-lab | Medium | 6.8 | 2026-02-12 19:57:18 | Deep Dive |
| CVE-2025-33210 | NVIDIA Isaac Lab 代码问题漏洞 | NVIDIA | Isaac Lab | Critical | 9.0 | 2025-12-16 17:29:12 | Deep Dive |
| CVE-2025-8385 | Zombify <= 1.7.5 - Authenticated (Subscriber+) Path Traversal to Arbitrary File Read | PX-lab | Zombify | Medium | 6.8 | 2025-10-31 07:26:41 | Deep Dive |
| CVE-2025-62881 | WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Broken Access Control vulnerability | WP Lab | WP-Lister Lite for eBay | Medium | 4.3 | 2025-10-27 01:33:43 | Deep Dive |
| CVE-2025-23356 | NVIDIA Isaac Lab 访问控制错误漏洞 | NVIDIA | Isaac Lab | High | 8.4 | 2025-10-14 17:39:52 | Deep Dive |
| CVE-2025-11570 | Drupal Unified Twig Extensions 安全漏洞 | - | drupal-pattern-lab/unified-twig-extensions | Medium | 4.6 | 2025-10-10 05:00:07 | Deep Dive |
| CVE-2025-32689 | WordPress Download Manager and Payment Form plugin <= 2.8.2 - Price Manipulation vulnerability | Convers Lab | WP SmartPay | - | - | 2025-09-09 16:25:32 | Deep Dive |
| CVE-2025-25171 | WordPress WP SmartPay plugin <= 2.7.13 - Account Takeover vulnerability | Convers Lab | WP SmartPay | High | 8.8 | 2025-06-27 11:52:47 | Deep Dive |
| CVE-2025-4592 | AI Image Lab – Free AI Image Generator <= 1.0.6 - Cross-Site Request Forgery to API Key Update | aspengrovestudios | AI Image Lab – Free AI Image Generator | Medium | 4.3 | 2025-06-14 08:23:25 | Deep Dive |
| CVE-2025-26592 | WordPress Lab Theme <= 1.0.0 - Local File Inclusion Vulnerability | axiomthemes | Lab | High | 8.1 | 2025-06-09 15:56:54 | Deep Dive |
| CVE-2025-39574 | WordPress Uix Shortcodes plugin <= 2.0.4 - Cross Site Scripting (XSS) Vulnerability | UIUX Lab | Uix Shortcodes | Medium | 6.5 | 2025-04-16 12:44:28 | Deep Dive |
| CVE-2024-12295 | BoomBox Theme Extensions <= 1.8.0 - Authenticated (Subscriber+) Privilege Escalation via Password Reset/Account Takeover in boombox_ajax_reset_password | PX-lab | BoomBox Theme Extensions | High | 8.8 | 2025-03-19 04:21:06 | Deep Dive |
| CVE-2025-24616 | WordPress Uix Page Builder Plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability | UIUX Lab | Uix Page Builder | High | 7.1 | 2025-02-14 12:44:35 | Deep Dive |
| CVE-2025-1157 | Allims lab.online model_recuperar_senha.php sql injection | Allims | lab.online | Medium | 6.3 | 2025-02-10 21:00:09 | Deep Dive |