浏览 36+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33634 | Trivy ecosystem supply chain briefly compromised | aquasecurity | setup-trivy | 高危 | - | 2026-03-23 21:47:30 | Deep Dive |
| CVE-2025-15595 | Privilege escalation via dll hijacking in Inno Setup | mlsoft | Inno Setup | - | - | 2026-03-03 06:13:08 | Deep Dive |
| CVE-2026-22082 | Insecure Session ID Management Vulnerability in Tenda Wireless Routers | Tenda | 300Mbps Wireless Router F3 and N300 Easy Setup Router | 中危 | - | 2026-01-09 11:24:54 | Deep Dive |
| CVE-2026-22081 | Cookie without HTTPOnly Flag Vulnerability in Tenda Wireless Routers | Tenda | 300Mbps Wireless Router F3 and N300 Easy Setup Router | 中危 | - | 2026-01-09 11:16:22 | Deep Dive |
| CVE-2026-22080 | Insecure Transmission Vulnerability in Tenda Wireless Routers | Tenda | 300Mbps Wireless Router F3 and N300 Easy Setup Router | 中危 | - | 2026-01-09 11:05:07 | Deep Dive |
| CVE-2026-22079 | Cleartext Transmission Vulnerability in Tenda Wireless Routers | Tenda | 300Mbps Wireless Router F3 and N300 Easy Setup Router | 中危 | - | 2026-01-09 11:02:51 | Deep Dive |
| CVE-2025-48862 | BOSCH ctrlX OS 安全漏洞 | Bosch Rexroth AG | ctrlX OS - Setup | High | 7.1 | 2025-08-14 09:08:02 | Deep Dive |
| CVE-2025-48861 | BOSCH ctrlX OS 安全漏洞 | Bosch Rexroth AG | ctrlX OS - Setup | Medium | 5.3 | 2025-08-14 09:07:24 | Deep Dive |
| CVE-2025-48860 | Bosch Rexroth ctrlX OS 安全漏洞 | Bosch Rexroth AG | ctrlX OS - Setup | High | 8.0 | 2025-08-14 09:06:37 | Deep Dive |
| CVE-2025-30033 | Siemens多款产品 代码问题漏洞 | Siemens | Automation License Manager V6.0 | High | 7.8 | 2025-08-12 11:16:57 | Deep Dive |
| CVE-2025-49598 | conda-forge-ci-setup Allows Arbitrary Code Execution via Insecure Version Parsing | conda-forge | conda-forge-ci-setup-feedstock | - | - | 2025-06-13 20:22:38 | Deep Dive |
| CVE-2025-29795 | Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability | Microsoft | Microsoft Edge Update Setup | High | 7.8 | 2025-03-23 16:11:56 | Deep Dive |
| CVE-2025-27256 | GE Vernova EnerVista UR 访问控制错误漏洞 | GE Vernova | EnerVista UR Setup | High | 8.3 | 2025-03-10 09:05:26 | Deep Dive |
| CVE-2025-27255 | GE Vernova EnerVista UR 信任管理问题漏洞 | GE Vernova | EnerVista UR Setup | High | 8.0 | 2025-03-10 09:05:17 | Deep Dive |
| CVE-2025-27254 | GE Vernova EnerVista UR 授权问题漏洞 | GE Vernova | EnerVista UR Setup | High | 8.0 | 2025-03-10 09:05:09 | Deep Dive |
| CVE-2025-24642 | WordPress Setup Default Featured Image plugin <= 1.2 - Broken Access Control vulnerability | theme funda | Setup Default Featured Image | Medium | 6.5 | 2025-02-03 14:22:48 | Deep Dive |
| CVE-2024-13694 | WooCommerce Wishlist <= 1.8.7 - Unauthenticated Wishlist Disclosure via download_pdf_file Function | moreconvert | MoreConvert Wishlist for WooCommerce | High | 7.5 | 2025-01-30 08:21:26 | Deep Dive |
| CVE-2025-21399 | Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability | Microsoft | Microsoft Edge Update Setup | High | 7.4 | 2025-01-17 19:19:50 | Deep Dive |
| CVE-2024-52429 | WordPress WP Quick Setup plugin <= 2.0 - Arbitrary Plugin and Theme Installation to Remote Code Execution vulnerability | AntonHoelstad | WP Quick Setup | Critical | 9.9 | 2024-11-18 14:19:19 | Deep Dive |
| CVE-2024-25917 | WordPress WP Setup Wizard plugin <= 1.0.8.1 - Auth. Full Database Download Vulnerability | CodeRevolution | WP Setup Wizard | High | 8.8 | 2024-04-25 08:39:27 | Deep Dive |