| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33658 | Rails Active Storage has a possible DoS vulnerability in proxy mode via multi-range requests | rails | activestorage | - | - | 2026-03-26 21:03:25 | Deep Dive |
| CVE-2026-33202 | Rails Active Storage has possible glob injection in its DiskService | rails | activestorage | 超危 | - | 2026-03-23 23:34:53 | Deep Dive |
| CVE-2026-33195 | Rails Active Storage has possible Path Traversal in DiskService | rails | activestorage | 超危 | - | 2026-03-23 23:31:42 | Deep Dive |
| CVE-2026-33176 | Rails Active Support has a possible DoS vulnerability in its number helpers | rails | activesupport | 高危 | - | 2026-03-23 23:29:28 | Deep Dive |
| CVE-2026-33174 | Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests | rails | activestorage | 高危 | - | 2026-03-23 23:24:56 | Deep Dive |
| CVE-2026-33173 | Rails Active Storage has possible content type bypass via metadata in direct uploads | rails | activestorage | 中危 | - | 2026-03-23 23:21:30 | Deep Dive |
| CVE-2026-33170 | Rails Active Support has a possible XSS vulnerability in SafeBuffer#% | rails | activesupport | 中危 | - | 2026-03-23 23:09:49 | Deep Dive |
| CVE-2026-33169 | Rails Active Support has a possible ReDoS vulnerability in number_to_delimited | rails | activesupport | 中危 | - | 2026-03-23 23:07:08 | Deep Dive |
| CVE-2026-33168 | Rails has a possible XSS vulnerability in its Action View tag helpers | rails | actionview | 中危 | - | 2026-03-23 23:01:22 | Deep Dive |
| CVE-2026-33167 | Rails has a possible XSS vulnerability in its Action Pack debug exceptions | rails | actionpack | 中危 | - | 2026-03-23 22:58:54 | Deep Dive |
| CVE-2025-24293 | Active Storage 安全漏洞 | Rails | activestorage | - | - | 2026-01-30 20:11:15 | Deep Dive |
| CVE-2025-55193 | Active Record logging vulnerable to ANSI escape injection | rails | rails | - | - | 2025-08-13 22:41:42 | Deep Dive |
| CVE-2023-38037 | rails 安全漏洞 | Rails | ActiveSupport | - | - | 2025-01-09 00:33:48 | Deep Dive |
| CVE-2023-23913 | Rails 安全漏洞 | Rails | rails-ujs | 中危 | - | 2025-01-09 00:33:48 | Deep Dive |
| CVE-2023-28362 | Rails 安全漏洞 | Rails | Action Pack | 中危 | - | 2025-01-09 00:33:48 | Deep Dive |
| CVE-2023-28120 | Rails 安全漏洞 | Rails | ActiveSupport | 中危 | - | 2025-01-09 00:33:48 | Deep Dive |
| CVE-2023-27539 | Rack 安全漏洞 | Rails | Rack | 中危 | - | 2025-01-09 00:33:48 | Deep Dive |
| CVE-2023-27531 | Kredis 安全漏洞 | Rails | Kredis JSON | 中危 | - | 2025-01-09 00:33:48 | Deep Dive |
| CVE-2024-54133 | Possible Content Security Policy bypass in Action Dispatch | rails | rails | 中危 | - | 2024-12-10 22:52:05 | Deep Dive |
| CVE-2024-53985 | Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0 | rails | rails-html-sanitizer | 低危 | - | 2024-12-02 21:15:58 | Deep Dive |