浏览 22+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-25645 | Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function | psf | requests | Medium | 4.4 | 2026-03-25 17:02:48 | Deep Dive |
| CVE-2024-47081 | Requests vulnerable to .netrc credentials leak via malicious URLs | psf | requests | Medium | 5.3 | 2025-06-09 17:57:48 | Deep Dive |
| CVE-2025-25241 | Missing Authorization check in SAP Fiori Apps Reference Library (My Overtime Requests) | SAP_SE | SAP Fiori Apps Reference Library (My Overtime Requests) | Medium | 5.4 | 2025-02-11 00:37:54 | Deep Dive |
| CVE-2024-1682 | Unclaimed S3 Bucket Reference in psf/requests Documentation | psf | psf/requests | 中危 | - | 2024-11-14 17:32:13 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2023-37870 | WordPress WooCommerce Warranty Requests plugin <= 2.1.9 - Broken Access Control vulnerability | Woo | WooCommerce Warranty Requests | High | 8.1 | 2024-06-19 12:29:21 | Deep Dive |
| CVE-2023-51495 | WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability | Woo | WooCommerce Warranty Requests | Medium | 6.5 | 2024-06-14 05:42:34 | Deep Dive |
| CVE-2023-51496 | WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability | Woo | WooCommerce Warranty Requests | Medium | 5.3 | 2024-06-14 05:40:13 | Deep Dive |
| CVE-2024-35195 | Requests `Session` object does not verify requests after making first request with verify=False | psf | requests | Medium | 5.6 | 2024-05-20 20:14:48 | Deep Dive |
| CVE-2024-32731 | Missing Authorization check in SAP My Travel Requests | SAP_SE | SAP My Travel Requests | Medium | 5.5 | 2024-05-14 03:07:12 | Deep Dive |
| CVE-2024-25643 | Missing authorization check in SAP Fiori app (My Overtime Requests) | SAP_SE | SAP Fiori app (My Overtime Requests) | Medium | 4.3 | 2024-02-13 03:37:15 | Deep Dive |
| CVE-2023-33317 | WordPress WooCommerce Warranty Requests Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | Returns and Warranty Requests | High | 7.1 | 2023-08-30 12:29:05 | Deep Dive |
| CVE-2023-36867 | Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | Microsoft | Visual Studio Code - GitHub Pull Requests and Issues Extension | High | 7.8 | 2023-07-11 17:03:30 | Deep Dive |
| CVE-2023-32681 | Unintended leak of Proxy-Authorization header in requests | psf | requests | Medium | 6.1 | 2023-05-26 17:02:53 | Deep Dive |
| CVE-2023-24528 | SAP ERP 安全漏洞 | SAP | Fiori apps 1.0 for travel management in SAP ERP (My Travel Requests) | Medium | 6.5 | 2023-02-14 03:18:54 | Deep Dive |
| CVE-2022-3402 | Log HTTP Requests <= 1.3.1 - Stored Cross-Site Scripting | mgibbs189 | Log HTTP Requests | Medium | 6.1 | 2022-10-28 18:57:42 | Deep Dive |
| CVE-2022-34782 | Jenkins Plugin requests-plugin 安全漏洞 | Jenkins project | Jenkins requests-plugin Plugin | 中危 | - | 2022-06-30 17:46:21 | Deep Dive |
| CVE-2021-21676 | Jenkins 安全漏洞 | Jenkins project | Jenkins requests-plugin Plugin | 中危 | - | 2021-06-30 16:45:25 | Deep Dive |
| CVE-2021-21675 | Jenkins 跨站请求伪造漏洞 | Jenkins project | Jenkins requests-plugin Plugin | 中危 | - | 2021-06-30 16:45:24 | Deep Dive |
| CVE-2021-21674 | Jenkins 安全漏洞 | Jenkins project | Jenkins requests-plugin Plugin | 中危 | - | 2021-06-30 16:45:22 | Deep Dive |