浏览 67+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-21536 | Microsoft Devices Pricing Program Remote Code Execution Vulnerability | Microsoft | Microsoft Devices Pricing Program | Critical | 9.8 | 2026-03-05 22:18:20 | Deep Dive |
| CVE-2026-0550 | myCred <= 2.9.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'mycred_load_coupon' Shortcode | saadiqbal | Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred | Medium | 6.4 | 2026-02-14 08:26:48 | Deep Dive |
| CVE-2020-36987 | Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path | Gearboxcomputers | Program Access Controller | High | 7.8 | 2026-01-28 12:29:00 | Deep Dive |
| CVE-2025-11065 | Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure | - | - | Medium | 5.3 | 2026-01-26 19:36:29 | Deep Dive |
| CVE-2025-14450 | Wallet System for WooCommerce <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance Manipulation | wpswings | Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription Payments | Medium | 6.5 | 2026-01-17 02:22:32 | Deep Dive |
| CVE-2025-12361 | myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7.1 - Missing Authorization to Sensitive Information Exposure | saadiqbal | Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred | Medium | 4.3 | 2025-12-19 09:29:48 | Deep Dive |
| CVE-2025-12362 | myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request Approval | saadiqbal | Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred | Medium | 5.3 | 2025-12-13 05:42:41 | Deep Dive |
| CVE-2025-61932 | MOTEX Lanscope Endpoint Manager 安全漏洞 | MOTEX Inc. | Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) | - | - | 2025-10-20 07:25:40 | Deep Dive |
| CVE-2025-26861 | RSUPPORT RemoteCall Remote Support Program 代码问题漏洞 | RSUPPORT CO., LTD. | RemoteCall Remote Support Program (for Operator) | - | - | 2025-10-15 06:07:01 | Deep Dive |
| CVE-2025-26860 | RSUPPORT RemoteCall Remote Support Program 代码问题漏洞 | RSUPPORT CO., LTD. | RemoteCall Remote Support Program (for Operator) | - | - | 2025-10-15 06:06:42 | Deep Dive |
| CVE-2025-30604 | WordPress JiangQie Official Website Mini Program plugin <= 1.8.2 - SQL Injection Vulnerability | jiangqie | JiangQie Official Website Mini Program | High | 7.6 | 2025-03-24 13:47:24 | Deep Dive |
| CVE-2024-57964 | Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program | Hitachi | HVAC Energy Saving Program | High | 7.3 | 2025-02-18 06:33:58 | Deep Dive |
| CVE-2024-12454 | Affiliate Program Suite — SliceWP Affiliates <= 1.1.23 - Cross-Site Request Forgery to Reflected Cross-Site Scripting | iovamihai | Affiliate Program Suite — SliceWP Affiliates | Medium | 6.1 | 2024-12-18 09:22:40 | Deep Dive |
| CVE-2024-8259 | Unauthenticated SQLi in Eryaz IT's NatraCar B2B Dealer Management Program | Eryaz Information Technologies | NatraCar B2B Dealer Management Program | Critical | 9.8 | 2024-12-09 13:23:07 | Deep Dive |
| CVE-2024-11380 | Mini Program API <= 1.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | imahui | Mini Program API | Medium | 6.4 | 2024-12-07 11:09:54 | Deep Dive |
| CVE-2024-49314 | WordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerability | jiangqie | JiangQie Free Mini Program | - | - | 2024-10-17 17:19:17 | Deep Dive |
| CVE-2024-9289 | WordPress & WooCommerce Affiliate Program <= 8.4.1 - Authentication Bypass to Account Takeover and Privilege Escalation | RedefiningTheWeb | WordPress & WooCommerce Affiliate Program | Critical | 9.8 | 2024-10-01 08:30:20 | Deep Dive |
| CVE-2024-47045 | e-Tax Reception System 安全漏洞 | National Tax Agency | The installer of e-Tax software(common program) | - | - | 2024-09-26 03:33:49 | Deep Dive |
| CVE-2024-21843 | Intel Computing Improvement Program 安全漏洞 | - | Intel(R) Computing Improvement Program software | Medium | 6.7 | 2024-05-16 20:47:04 | Deep Dive |
| CVE-2024-1394 | Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads | Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 | High | 7.5 | 2024-03-21 12:16:39 | Deep Dive |