浏览 438+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4970 | code-projects Social Networking Site Endpoint delete_photos.php sql injection | code-projects | Social Networking Site | Medium | 6.3 | 2026-03-27 18:24:14 | Deep Dive |
| CVE-2026-4969 | code-projects Social Networking Site Alert home.php cross site scripting | code-projects | Social Networking Site | Low | 3.5 | 2026-03-27 18:24:12 | Deep Dive |
| CVE-2026-23812 | Security Boundary Bypass via Routing Node Impersonation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) | Medium | 4.3 | 2026-03-04 16:13:48 | Deep Dive |
| CVE-2026-23811 | Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) | Medium | 4.3 | 2026-03-04 16:12:33 | Deep Dive |
| CVE-2026-23810 | Cross-BSSID GTK Re-encryption and Traffic Injection | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) | Medium | 4.3 | 2026-03-04 16:11:36 | Deep Dive |
| CVE-2026-23809 | MAC Address Spoofing leads to Inter-BSSID Isolation Bypass Resulting in Traffic Redirection | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) | Medium | 5.4 | 2026-03-04 16:10:03 | Deep Dive |
| CVE-2026-23808 | Client Isolation Bypass via GTK Manipulation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) | Medium | 5.4 | 2026-03-04 16:09:18 | Deep Dive |
| CVE-2026-23601 | Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) | Medium | 5.4 | 2026-03-04 16:07:43 | Deep Dive |
| CVE-2026-26994 | uTLS ServerHellos are accepted without checking TLS 1.3 downgrade canaries | refraction-networking | utls | Medium | 6.5 | 2026-02-20 02:50:18 | Deep Dive |
| CVE-2026-27017 | uTLS has a Chrome Parrot Fingerprint Vulnerability due to GREASE ECH Cipher Suite Mismatch | refraction-networking | utls | 中危 | - | 2026-02-20 02:47:18 | Deep Dive |
| CVE-2026-23599 | Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking ClearPass Policy Manager | High | 7.8 | 2026-02-17 23:04:36 | Deep Dive |
| CVE-2026-23598 | Unauthenticated Information Disclosure in application API allows sensitive system information exposure | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Private 5G Core | Medium | 6.5 | 2026-02-17 20:47:21 | Deep Dive |
| CVE-2026-23597 | Unauthenticated Information Disclosure in application API allows sensitive system information exposure | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Private 5G Core | Medium | 6.5 | 2026-02-17 20:46:45 | Deep Dive |
| CVE-2026-23596 | Unauthenticated Improper Access Control in management API allows unauthorized service disruption | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Private 5G Core | Medium | 6.5 | 2026-02-17 20:46:13 | Deep Dive |
| CVE-2026-23595 | Unauthenticated Authentication Bypass in application API allows unauthorized administrative account creation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Private 5G Core | High | 8.8 | 2026-02-17 20:45:44 | Deep Dive |
| CVE-2026-2083 | code-projects Social Networking Site delete_post.php sql injection | code-projects | Social Networking Site | High | 7.3 | 2026-02-07 10:32:06 | Deep Dive |
| CVE-2026-23593 | Unauthenticated Limited File Read allows Data Exposure in Web Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Fabric Composer | High | 7.5 | 2026-01-27 17:58:36 | Deep Dive |
| CVE-2026-23592 | Insecure File Handling allows Remote Code Execution in Backup Functionality | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Fabric Composer | High | 7.2 | 2026-01-27 17:57:57 | Deep Dive |
| CVE-2025-37162 | Authenticated Command Injection Vulnerability Leading to Arbitrary Remote Command Execution | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking 100 Series Cellular Bridge | Medium | 6.5 | 2025-11-18 19:23:21 | Deep Dive |
| CVE-2025-37161 | Unauthenticated Remote Denial-of-Service (DoS) Vulnerability in Web Management Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking 100 Series Cellular Bridge | High | 7.5 | 2025-11-18 19:21:23 | Deep Dive |