浏览 28+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1496 | Coverity CLI Authentication Bypass | Black Duck | Coverity | 中危 | - | 2026-03-27 14:14:02 | Deep Dive |
| CVE-2026-32274 | Black: Arbitrary file writes from unsanitized user input in cache file name | psf | black | 高危 | - | 2026-03-12 19:47:07 | Deep Dive |
| CVE-2026-31900 | Black's vulnerable version parsing leads to RCE in GitHub Action | psf | black | - | - | 2026-03-11 19:15:21 | Deep Dive |
| CVE-2025-0504 | Black Duck SCA Project Privilege Escalation | Black Duck | Black Duck SCA | Medium | 5.4 | 2025-11-21 21:30:54 | Deep Dive |
| CVE-2025-32252 | WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability | Black and White | WP Genealogy – Your Family History Website | Medium | 5.3 | 2025-04-04 15:59:27 | Deep Dive |
| CVE-2025-31869 | WordPress Black Widgets For Elementor plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability | Modernaweb Studio | Black Widgets For Elementor | Medium | 6.5 | 2025-04-01 14:52:10 | Deep Dive |
| CVE-2024-12021 | Stored Cross-Site Scripting | Black Duck | Coverity | 中危 | - | 2025-03-31 14:00:20 | Deep Dive |
| CVE-2024-11035 | Carbon Black Cloud Windows Sensor Information Leak | Symantec | Carbon Black Cloud Windows Sensor | Low | 2.5 | 2025-03-05 16:56:53 | Deep Dive |
| CVE-2025-25167 | WordPress BookPress – For Book Authors Plugin <= 1.2.7 - Broken Access Control vulnerability | Black and White | BookPress – For Book Authors | High | 8.2 | 2025-02-07 10:12:03 | Deep Dive |
| CVE-2025-25168 | WordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerability | Black and White | BookPress – For Book Authors | High | 7.1 | 2025-02-07 10:12:02 | Deep Dive |
| CVE-2025-22806 | WordPress Black Widgets For Elementor plugin <= 1.3.8 - Cross Site Scripting (XSS) vulnerability | Modernaweb Studio | Black Widgets For Elementor | Medium | 6.5 | 2025-01-09 15:39:08 | Deep Dive |
| CVE-2024-51807 | WordPress AgendaPress plugin <= 1.0.8 - Stored Cross Site Scripting (XSS) vulnerability | Black and White | AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress | Medium | 6.5 | 2024-11-19 16:31:55 | Deep Dive |
| CVE-2024-51662 | WordPress Black Widgets For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | Modernaweb Studio | Black Widgets For Elementor | Medium | 6.5 | 2024-11-09 13:12:56 | Deep Dive |
| CVE-2024-9388 | Black Widgets For Elementor <= 1.3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | modernaweb | Black Widgets For Elementor | Medium | 6.4 | 2024-10-30 11:01:03 | Deep Dive |
| CVE-2024-39644 | WordPress Black Widgets For Elementor plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability | Modernaweb Studio | Black Widgets For Elementor | Medium | 6.5 | 2024-08-01 22:17:12 | Deep Dive |
| CVE-2024-39662 | WordPress Black Widgets For Elementor plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability | Modernaweb Studio | Black Widgets For Elementor | Medium | 6.5 | 2024-08-01 21:38:40 | Deep Dive |
| CVE-2024-21503 | black 安全漏洞 | - | black | Medium | 5.3 | 2024-03-19 05:00:01 | Deep Dive |
| CVE-2023-23863 | WordPress TreePress – Easy Family Trees & Ancestor Profiles Plugin <= 2.0.22 is vulnerable to Cross Site Scripting (XSS) | Black and White Digital Ltd | TreePress – Easy Family Trees & Ancestor Profiles | Medium | 5.9 | 2023-05-09 07:38:39 | Deep Dive |
| CVE-2023-20858 | VMware Carbon Black App Control 注入漏洞 | - | VMware Carbon Black App Control | 高危 | - | 2023-02-21 00:00:00 | Deep Dive |
| CVE-2022-0316 | Multiple themes - Unauthenticated Arbitrary File Upload | Unknown | WeStand | 超危 | - | 2023-01-23 14:48:06 | Deep Dive |