浏览 23+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-31864 | JumpServer has a Server-Side Template Injection Leading to RCE via YAML Rendering | jumpserver | jumpserver | Medium | 6.8 | 2026-03-13 19:22:05 | Deep Dive |
| CVE-2026-31798 | JumpServer Improper Certificate Validation in Custom SMS API Client | jumpserver | jumpserver | Medium | 5.0 | 2026-03-13 19:15:26 | Deep Dive |
| CVE-2025-58044 | JumpServer has an Open Redirect Vulnerability | jumpserver | jumpserver | - | - | 2025-12-01 20:17:44 | Deep Dive |
| CVE-2025-62795 | JumpServer Unauthorized LDAP Configuration Access via WebSocket | jumpserver | jumpserver | High | 7.1 | 2025-10-30 16:56:09 | Deep Dive |
| CVE-2025-62712 | JumpServer Connection Token Leak Vulnerability | jumpserver | jumpserver | Critical | 9.6 | 2025-10-30 16:08:33 | Deep Dive |
| CVE-2025-27095 | JumpServer has a Kubernetes Token Leak Vulnerability | jumpserver | jumpserver | Medium | 4.3 | 2025-03-31 15:08:21 | Deep Dive |
| CVE-2024-40628 | Arbitrary File Read in Ansible Playbooks in Jumpserver | jumpserver | jumpserver | Critical | 10.0 | 2024-07-18 17:05:22 | Deep Dive |
| CVE-2024-40629 | Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver | jumpserver | jumpserver | Critical | 10.0 | 2024-07-18 17:04:10 | Deep Dive |
| CVE-2024-29202 | JumpServer vulnerable to Jinja2 template injection in Ansible leads to RCE in Celery | jumpserver | jumpserver | Critical | 9.9 | 2024-03-29 14:57:44 | Deep Dive |
| CVE-2024-29201 | JumpServer's insecure Ansible playbook validation leads to RCE in Celery | jumpserver | jumpserver | Critical | 9.9 | 2024-03-29 14:57:40 | Deep Dive |
| CVE-2024-29020 | JumpServer allows nn authorized attacker to get sensitive information in playbook files when playbook_id is leaked | jumpserver | jumpserver | Medium | 4.6 | 2024-03-29 14:46:00 | Deep Dive |
| CVE-2024-29024 | JumpServer Direct Object Reference (IDOR) Vulnerability in File Manager Bulk Transfer Functionality | jumpserver | jumpserver | Medium | 4.6 | 2024-03-29 14:45:56 | Deep Dive |
| CVE-2024-24763 | JumpServer Open Redirect Vulnerability | jumpserver | jumpserver | Medium | 4.3 | 2024-02-20 17:35:09 | Deep Dive |
| CVE-2023-46138 | JumpServer default admin user email leak password reset | jumpserver | jumpserver | Low | 3.7 | 2023-10-30 23:53:15 | Deep Dive |
| CVE-2023-46123 | jumpserver is vulnerable to password brute-force protection bypass via arbitrary IP values | jumpserver | jumpserver | Medium | 5.3 | 2023-10-25 00:13:01 | Deep Dive |
| CVE-2023-42818 | SSH public key login without private key challenge if mfa is enabled in jumpserver | jumpserver | jumpserver | Medium | 5.4 | 2023-09-27 20:28:31 | Deep Dive |
| CVE-2023-43651 | Remote code execution on the host system via MongoDB shell in jumpserver | jumpserver | jumpserver | High | 8.5 | 2023-09-27 20:24:09 | Deep Dive |
| CVE-2023-43650 | Non-MFA account takeover via brute-force attack on weak password reset code in jumpserver | jumpserver | jumpserver | High | 8.2 | 2023-09-27 18:33:46 | Deep Dive |
| CVE-2023-43652 | Non-MFA account takeover via using only SSH public key to login in jumpserver | jumpserver | jumpserver | High | 8.2 | 2023-09-27 18:31:41 | Deep Dive |
| CVE-2023-42819 | Path traversal in Jumpserver | jumpserver | jumpserver | High | 8.9 | 2023-09-26 20:40:42 | Deep Dive |