| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4353 | CI HUB Connector <= 1.2.106 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute | cihubconnector | CI HUB Connector | Medium | 6.4 | 2026-04-22 07:45:43 | Deep Dive |
| CVE-2026-4667 | HP System Optimizer - Escalation of Privilege | HP Inc. | OMEN Gaming Hub | 中危 | - | 2026-04-15 14:22:55 | Deep Dive |
| CVE-2026-32173 | Azure SRE Agent Information Disclosure Vulnerability | Microsoft | Azure SRE Agent Gateway - SignalR Hub | High | 8.6 | 2026-04-02 23:27:00 | Deep Dive |
| CVE-2026-4649 | Auth bypass in Apache Artemis allows reading all internal messages | KNIME | KNIME Business Hub | 中危 | - | 2026-03-24 08:15:17 | Deep Dive |
| CVE-2026-4396 | Devolutions Hub Reporting Service 安全漏洞 | Devolutions | Hub Reporting Service | 高危 | - | 2026-03-18 19:41:35 | Deep Dive |
| CVE-2026-32229 | JetBrains Hub 安全漏洞 | JetBrains | Hub | Medium | 6.8 | 2026-03-11 15:03:38 | Deep Dive |
| CVE-2026-28806 | Improper authorization in device bulk actions and device update API allows cross-organization device control | nerves-hub | nerves_hub_web | - | - | 2026-03-10 21:30:59 | Deep Dive |
| CVE-2026-3118 | Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer hub orchestrator plugin | Red Hat | Red Hat Developer Hub 1.8 | Medium | 6.5 | 2026-02-25 11:25:55 | Deep Dive |
| CVE-2026-25848 | JetBrains Hub 访问控制错误漏洞 | JetBrains | Hub | Critical | 9.1 | 2026-02-09 10:39:02 | Deep Dive |
| CVE-2025-14472 | Acquia Content Hub - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-125 | Drupal | Acquia Content Hub | - | - | 2026-01-28 20:03:09 | Deep Dive |
| CVE-2025-64097 | NervesHub has Insufficient Token Entropy that Allows Authentication Bypass via Brute Force | nerves-hub | nerves_hub_web | - | - | 2026-01-22 14:57:00 | Deep Dive |
| CVE-2025-14874 | Nodemailer: nodemailer: denial of service via crafted email address header | nodemailer | nodemailer | High | 7.5 | 2025-12-18 08:40:32 | Deep Dive |
| CVE-2025-68065 | WordPress Hub Core plugin <= 5.0.8 - Local File Inclusion vulnerability | LiquidThemes | Hub Core | High | 7.5 | 2025-12-16 08:13:01 | Deep Dive |
| CVE-2025-14651 | MartialBE one-hub docker-compose.yml hard-coded key | MartialBE | one-hub | Low | 3.7 | 2025-12-14 08:32:07 | Deep Dive |
| CVE-2025-11531 | HP System Event Utility and Omen Gaming Hub – Potential Arbitrary Code Execution | HP Inc | HP System Event Utility | - | - | 2025-12-09 18:29:51 | Deep Dive |
| CVE-2025-14262 | Jobs can be saved as workflows with wrong permissions on KNIME Business Hub | KNIME | KNIME Business Hub | - | - | 2025-12-08 09:34:46 | Deep Dive |
| CVE-2025-64772 | Sony INZONE Hub 代码问题漏洞 | Sony Corporation | INZONE Hub | - | - | 2025-12-01 00:22:05 | Deep Dive |
| CVE-2025-13033 | Nodemailer: nodemailer: email to an unintended domain can occur due to interpretation conflict | nodemailer | nodemailer | High | 7.5 | 2025-11-14 19:37:08 | Deep Dive |
| CVE-2025-64683 | JetBrains Hub 竞争条件问题漏洞 | JetBrains | Hub | Medium | 5.3 | 2025-11-10 13:27:57 | Deep Dive |
| CVE-2025-64682 | JetBrains Hub 竞争条件问题漏洞 | JetBrains | Hub | Low | 2.7 | 2025-11-10 13:27:55 | Deep Dive |