浏览 46+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24321 | Information Disclosure vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Medium | 5.3 | 2026-02-10 03:03:53 | Deep Dive |
| CVE-2026-23684 | Race condition vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Medium | 5.9 | 2026-02-10 03:02:15 | Deep Dive |
| CVE-2025-42906 | Directory Traversal vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Medium | 5.3 | 2025-10-14 00:17:48 | Deep Dive |
| CVE-2025-27435 | Information Disclosure Vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Medium | 4.2 | 2025-04-08 07:13:49 | Deep Dive |
| CVE-2025-26654 | Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud) | SAP_SE | SAP Commerce Cloud (Public Cloud) | Medium | 6.8 | 2025-04-08 07:13:04 | Deep Dive |
| CVE-2025-27434 | Cross-Site Scripting (XSS) vulnerability in SAP Commerce (Swagger UI) | SAP_SE | SAP Commerce (Swagger UI) | High | 8.8 | 2025-03-11 00:39:02 | Deep Dive |
| CVE-2025-24875 | SameSite Defense in Depth not applied for some cookies in SAP Commerce | SAP_SE | SAP Commerce | Medium | 6.8 | 2025-02-11 00:37:32 | Deep Dive |
| CVE-2025-24874 | Missing Defense in Depth Against Clickjacking in SAP Commerce Backoffice | SAP_SE | SAP Commerce (Backoffice) | Medium | 6.8 | 2025-02-11 00:37:23 | Deep Dive |
| CVE-2024-47577 | Information Disclosure vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Low | 2.7 | 2024-12-10 00:11:50 | Deep Dive |
| CVE-2024-45278 | Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice | SAP_SE | SAP Commerce Backoffice | Medium | 5.4 | 2024-10-08 03:21:26 | Deep Dive |
| CVE-2024-41733 | Information Disclosure Vulnerability in SAP Commerce | SAP_SE | SAP Commerce | Medium | 5.3 | 2024-08-13 03:52:26 | Deep Dive |
| CVE-2024-41735 | Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice | SAP_SE | SAP Commerce Backoffice | Medium | 5.4 | 2024-08-13 03:49:48 | Deep Dive |
| CVE-2024-33003 | Information Disclosure Vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | High | 7.4 | 2024-08-13 03:36:55 | Deep Dive |
| CVE-2024-39597 | [CVE-2024-39597] Improper Authorization Checks on Early Login Composable Storefront B2B sites of SAP Commerce | SAP_SE | SAP Commerce | High | 7.2 | 2024-07-09 03:48:11 | Deep Dive |
| CVE-2023-42481 | Improper Access Control vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | High | 8.1 | 2023-12-12 01:00:19 | Deep Dive |
| CVE-2023-37486 | Information Disclosure vulnerability in SAP Commerce (OCC API) | SAP_SE | SAP Commerce (OCC API) | Medium | 5.9 | 2023-08-08 00:56:52 | Deep Dive |
| CVE-2023-39439 | SAP Commerce accepts empty passphrases. | SAP_SE | SAP Commerce | High | 8.8 | 2023-08-08 00:49:02 | Deep Dive |
| CVE-2022-41266 | SAP Commerce跨站脚本漏洞 | SAP | Commerce Webservices 2.0 (Swagger UI) | High | 8.0 | 2022-12-13 02:34:12 | Deep Dive |
| CVE-2022-41204 | SAP Commerce 输入验证错误漏洞 | SAP SE | SAP Commerce | 高危 | - | 2022-10-11 00:00:00 | Deep Dive |
| CVE-2021-42064 | SAP Commerce SQL注入漏洞 | SAP SE | SAP Commerce | 超危 | - | 2021-12-14 15:44:14 | Deep Dive |