| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40104 | XWiki's REST APIs can list all pages/spaces, leading to unavailability | xwiki | org.xwiki.platform:xwiki-platform-oldcore | 中危 | - | 2026-04-15 00:01:59 | Deep Dive |
| CVE-2026-33229 | XWiki Platform affected by remote code execution with script right through unprotected Velocity scripting API | xwiki | xwiki-platform | - | - | 2026-04-08 14:53:36 | Deep Dive |
| CVE-2026-22524 | WordPress Legacy Admin plugin <= 9.5 - Reflected Cross Site Scripting (XSS) vulnerability | themepassion | Legacy Admin | High | 7.1 | 2026-03-25 16:14:29 | Deep Dive |
| CVE-2025-58709 | WordPress Legacy theme <= 1.9 - Local File Inclusion vulnerability | axiomthemes | Legacy | - | - | 2025-12-18 07:21:51 | Deep Dive |
| CVE-2025-34141 | ETQ Reliance CG < SE.2025.1 Reflected XSS in `SQLConverterServlet` | ETQ | Reliance CG (legacy) | 中危 | - | 2025-07-22 12:35:58 | Deep Dive |
| CVE-2025-34140 | ETQ Reliance CG/NXG API Authorization Bypass via ;localized-text URI Suffix | ETQ | Reliance CG (legacy) | 高危 | - | 2025-07-22 12:34:31 | Deep Dive |
| CVE-2025-34142 | ETQ Reliance CG < SE.2025.1 / < 2025.1.2 XXE Injection in SSO SAML Handler | ETQ | Reliance CG (legacy) | 中危 | - | 2025-07-22 12:31:59 | Deep Dive |
| CVE-2025-34143 | ETQ Reliance CG Authentication Bypass via Trailing Space RCE | ETQ | Reliance CG (legacy) | 中危 | - | 2025-07-22 12:31:36 | Deep Dive |
| CVE-2025-5878 | ESAPI esapi-java-legacy SQL Injection Defense Encoder.encodeForSQL special element | ESAPI | esapi-java-legacy | High | 7.3 | 2025-06-29 11:11:47 | Deep Dive |
| CVE-2024-47935 | TXOne Networks StellarProtect (Legacy Mode), StellarEnforce, and Safe Lock Improper Validation of Integrity Check Value Vulnerability | TXOne Networks | StellarProtect (Legacy Mode) | Medium | 6.7 | 2025-02-17 06:11:47 | Deep Dive |
| CVE-2025-22572 | WordPress Legacy ePlayer plugin <= 0.9.9 - Cross Site Scripting (XSS) vulnerability | Brian | Legacy ePlayer | Medium | 6.5 | 2025-01-07 14:57:10 | Deep Dive |
| CVE-2024-4381 | CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS | Unknown | CB (legacy) | 中危 | - | 2024-06-21 06:00:04 | Deep Dive |
| CVE-2024-4382 | CB (legacy) <= 0.9.4.18 - Code/Timeframe/Booking Deletion via CSRF | Unknown | CB (legacy) | 中危 | - | 2024-06-21 06:00:04 | Deep Dive |
| CVE-2024-4420 | Denial of Service in Tink-cc | Tink | - | - | 2024-05-21 11:52:28 | Deep Dive | |
| CVE-2024-25552 | Wiesemann & Theis: Multiple products prone to unquoted search path | W&T | Com Redirector PnP | High | 7.8 | 2024-03-01 07:49:42 | Deep Dive |
| CVE-2023-4949 | Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation | Free Software Foundation | Grub-Legacy | High | 8.1 | 2023-11-10 16:57:03 | Deep Dive |
| CVE-2023-46604 | Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack | Apache Software Foundation | Apache ActiveMQ | Critical | 10.0 | 2023-10-27 14:59:31 | Deep Dive |
| CVE-2023-5615 | Skype Legacy Buttons <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | ravanh | Skype Legacy Buttons | Medium | 6.4 | 2023-10-20 07:29:23 | Deep Dive |
| CVE-2022-46680 | Schneider Electric PowerLogic 安全漏洞 | Schneider Electric | PowerLogic ION9000 | High | 8.8 | 2023-05-22 13:25:41 | Deep Dive |
| CVE-2023-25620 | Schneider Electric Modicon M580 代码问题漏洞 | Schneider Electric | Modicon M340 CPU (part numbers BMXP34*) | Medium | 6.5 | 2023-04-19 08:17:57 | Deep Dive |