Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 259+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 259 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-7206 dubydu sqlite-mcp entry.py extract_to_json sql injection dubydusqlite-mcp High 7.3 2026-04-28 00:45:13 Deep Dive
CVE-2026-41205 Mako: Path traversal via double-slash URI prefix in TemplateLookup sqlalchemymako--2026-04-23 18:52:24 Deep Dive
CVE-2026-40906 Electric: SQL Injection via ORDER BY Parameter in Shape API electric-sqlelectric Critical 9.9 2026-04-21 20:05:52 Deep Dive
CVE-2026-32176 SQL Server Elevation of Privilege Vulnerability MicrosoftMicrosoft SQL Server 2016 Service Pack 3 (GDR) Medium 6.7 2026-04-14 16:58:32 Deep Dive
CVE-2026-33120 Microsoft SQL Server Remote Code Execution Vulnerability MicrosoftMicrosoft SQL Server 2022 (GDR) High 8.8 2026-04-14 16:57:48 Deep Dive
CVE-2026-32167 SQL Server Elevation of Privilege Vulnerability MicrosoftMicrosoft SQL Server 2016 Service Pack 3 (GDR) Medium 6.7 2026-04-14 16:57:30 Deep Dive
CVE-2026-4079 SQL Chart Builder < 2.3.8 - Unauthenticated SQL Injection UnknownSQL Chart Builder--2026-04-07 06:00:12 Deep Dive
CVE-2026-5587 wbbeyourself MAC-SQL Refiner Agent agents.py _execute_sql sql injection wbbeyourselfMAC-SQL Medium 6.3 2026-04-05 18:15:11 Deep Dive
CVE-2026-5417 Dataease SQLbot Elasticsearch es_engine.py get_es_data_by_http server-side request forgery DataeaseSQLbot Medium 4.7 2026-04-02 18:15:12 Deep Dive
CVE-2026-32950 SQLBot: RCE via SQL Injection in Excel Upload Endpoint dataeaseSQLBot 中危 -2026-03-20 04:14:46 Deep Dive
CVE-2026-32949 SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL dataeaseSQLBot 中危 -2026-03-20 04:08:43 Deep Dive
CVE-2026-32622 SQLBot: Remote Code Execution via Terminology Poisoning dataeaseSQLBot 中危 -2026-03-19 20:55:52 Deep Dive
CVE-2019-25486 Varient 1.6.1 SQL Injection via user_id Parameter VarientVarient SQL Inj. High 8.2 2026-03-11 18:23:23 Deep Dive
CVE-2019-25475 SQL Server Password Changer 1.90 Denial of Service Buffer Overflow Top-PasswordSQL Server Password Changer Denial of Service Exploit Medium 6.2 2026-03-11 18:23:17 Deep Dive
CVE-2026-26116 SQL Server Elevation of Privilege Vulnerability MicrosoftMicrosoft SQL Server 2025 (CU 2) High 8.8 2026-03-10 17:05:08 Deep Dive
CVE-2026-26115 SQL Server Elevation of Privilege Vulnerability MicrosoftMicrosoft SQL Server 2016 Service Pack 3 (GDR) High 8.8 2026-03-10 17:05:07 Deep Dive
CVE-2026-21262 SQL Server Elevation of Privilege Vulnerability MicrosoftMicrosoft SQL Server 2016 Service Pack 3 (GDR) High 8.8 2026-03-10 17:04:32 Deep Dive
CVE-2025-15598 Dataease SQLBot JWT Token auth.py validateEmbedded signature verification DataeaseSQLBot Low 3.7 2026-03-03 09:32:07 Deep Dive
CVE-2025-15597 Dataease SQLBot API Endpoint assistant.py access control DataeaseSQLBot Medium 6.3 2026-03-02 06:16:35 Deep Dive
CVE-2024-39724 IBM Db2 Big SQL on Cloud Pak for Data is vulnerable to a denial of service due to lack of throttling on an API IBMDb2 Big SQL on Cloud Pak for Data Medium 5.3 2026-02-04 20:52:22 Deep Dive