| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35568 | MCP Java-SDK has a DNS Rebinding Vulnerability | modelcontextprotocol | java-sdk | - | - | 2026-04-07 21:06:10 | Deep Dive |
| CVE-2026-34237 | MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *) | modelcontextprotocol | java-sdk | Medium | 6.1 | 2026-03-31 15:40:01 | Deep Dive |
| CVE-2025-33042 | Apache Avro Java SDK: Code injection on Java generated code | Apache Software Foundation | Apache Avro Java SDK | 中危 | - | 2026-02-13 11:47:04 | Deep Dive |
| CVE-2025-67505 | Race condition in the Okta Java SDK | okta | okta-sdk-java | High | 8.4 | 2025-12-10 22:19:21 | Deep Dive |
| CVE-2025-66033 | Improper Memory Cleanup in the Okta Java SDK | okta | okta-sdk-java | Medium | 5.3 | 2025-12-10 21:46:13 | Deep Dive |
| CVE-2024-47561 | Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK) | Apache Software Foundation | Apache Avro Java SDK | 高危 | - | 2024-10-03 10:23:16 | Deep Dive |
| CVE-2024-27267 | IBM SDK, Java Technology Edition denial of service | IBM | SDK, Java Technology Edition | Medium | 5.9 | 2024-08-14 15:59:47 | Deep Dive |
| CVE-2023-38264 | IBM SDK, Java Technology Edition denial of service | IBM | SDK, Java Technology Edition | Medium | 5.9 | 2024-05-10 17:21:51 | Deep Dive |
| CVE-2023-39913 | Apache UIMA Java SDK Core, Apache UIMA Java SDK CPE, Apache UIMA Java SDK Vinci adapter, Apache UIMA Java SDK tools: Potential untrusted code execution when deserializing certain binary CAS formats | Apache Software Foundation | Apache UIMA Java SDK Core | 高危 | - | 2023-11-08 08:04:24 | Deep Dive |
| CVE-2023-36415 | Azure Identity SDK Remote Code Execution Vulnerability | Microsoft | Azure Identity SDK for Java | High | 8.8 | 2023-10-10 17:08:16 | Deep Dive |
| CVE-2023-36566 | Microsoft Common Data Model SDK Denial of Service Vulnerability | Microsoft | Microsoft Common Data Model SDK for Java | Medium | 6.5 | 2023-10-10 17:08:14 | Deep Dive |
| CVE-2023-39410 | Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK | Apache Software Foundation | Apache Avro Java SDK | 高危 | - | 2023-09-29 16:23:34 | Deep Dive |
| CVE-2022-40609 | IBM SDK, Java Technology Edition code execution | IBM | SDK, Java Technology Edition | High | 8.1 | 2023-08-02 14:21:52 | Deep Dive |
| CVE-2022-31159 | Partial Path Traversal in com.amazonaws:aws-java-sdk-s3 | aws | aws-sdk-java | High | 7.9 | 2022-07-15 17:45:12 | Deep Dive |
| CVE-2021-40831 | Missing SNI validation and inconsistent CA override function behavior within AWS IoT Device SDKs on Apple devices | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:19 | Deep Dive |
| CVE-2021-40830 | Inconsistent CA override function behavior within AWS IoT Device SDKs on Unix systems | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:18 | Deep Dive |
| CVE-2021-40829 | TLS hostname validation issues within AWS IoT Device SDKs on macOS | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:17 | Deep Dive |
| CVE-2021-40828 | TLS hostname validation issues within AWS IoT Device SDKs on Windows | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:16 | Deep Dive |
| CVE-2020-16971 | Azure SDK for Java Security Feature Bypass Vulnerability | Microsoft | Azure SDK for Java | High | 7.4 | 2020-12-09 23:36:37 | Deep Dive |
| CVE-2019-0741 | Microsoft Azure IoT Java SDK 信息泄露漏洞 | Microsoft | Java SDK for Azure IoT | 高危 | - | 2019-03-06 00:00:00 | Deep Dive |