浏览 44+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27681 | SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse | SAP_SE | SAP Business Planning and Consolidation and SAP Business Warehouse | Critical | 9.9 | 2026-04-14 00:08:06 | Deep Dive |
| CVE-2026-27686 | Missing Authorization check in SAP Business Warehouse (Service API) | SAP_SE | SAP Business Warehouse (Service API) | Medium | 5.9 | 2026-03-10 00:18:33 | Deep Dive |
| CVE-2026-2852 | yeqifu warehouse Sales Endpoint SalesController.java deleteSales access control | yeqifu | warehouse | Medium | 6.3 | 2026-02-20 18:32:08 | Deep Dive |
| CVE-2026-2851 | yeqifu warehouse Inport Endpoint InportController.java deleteInport access control | yeqifu | warehouse | Medium | 6.3 | 2026-02-20 17:02:09 | Deep Dive |
| CVE-2026-2850 | yeqifu warehouse Customer Endpoint CustomerController.java deleteCustomer access control | yeqifu | warehouse | Medium | 6.3 | 2026-02-20 17:02:07 | Deep Dive |
| CVE-2026-2849 | yeqifu warehouse Cache Sync CacheController.java syncCache access control | yeqifu | warehouse | Medium | 5.4 | 2026-02-20 16:02:09 | Deep Dive |
| CVE-2026-2107 | yeqifu warehouse Log Info LoginfoController.java batchDeleteLoginfo improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 18:32:08 | Deep Dive |
| CVE-2026-2106 | yeqifu warehouse Notice Management NoticeController.java batchDeleteNotice improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 17:32:07 | Deep Dive |
| CVE-2026-2105 | yeqifu warehouse Department Management DeptController.java deleteDept improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 17:02:08 | Deep Dive |
| CVE-2026-2079 | yeqifu warehouse Menu Management MenuController.java deleteMenu improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 08:32:07 | Deep Dive |
| CVE-2026-2078 | yeqifu warehouse Permission Management PermissionController.java deletePermission improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 08:02:07 | Deep Dive |
| CVE-2026-2077 | yeqifu warehouse Role Management RoleController.java deleteRole improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 07:32:07 | Deep Dive |
| CVE-2026-2076 | yeqifu warehouse User Management Endpoint UserController.java deleteUser improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 06:32:08 | Deep Dive |
| CVE-2026-2075 | yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control | yeqifu | warehouse | Medium | 6.3 | 2026-02-07 05:02:09 | Deep Dive |
| CVE-2026-0574 | yeqifu warehouse Request UserController.java saveUserRole improper authorization | yeqifu | warehouse | Medium | 6.3 | 2026-01-04 02:02:06 | Deep Dive |
| CVE-2026-0571 | yeqifu warehouse AppFileUtils.java createResponseEntity path traversal | yeqifu | warehouse | Medium | 4.3 | 2026-01-02 20:02:06 | Deep Dive |
| CVE-2025-11962 | Stored XSS in DivvyDrive Information Technologies' Digital Corporate Warehouse | DivvyDrive Information Technologies Inc. | Digital Corporate Warehouse | High | 7.3 | 2025-11-12 09:14:06 | Deep Dive |
| CVE-2025-42962 | Cross-Site Scripting (XSS) vulnerability in SAP Business Warehouse (Business Explorer Web 3.5 loading animation) | SAP_SE | SAP Business Warehouse (Business Explorer Web 3.5 loading animation) | Medium | 6.1 | 2025-07-08 00:35:36 | Deep Dive |
| CVE-2025-42960 | Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA BEx Tools | SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | Medium | 4.3 | 2025-07-08 00:35:16 | Deep Dive |
| CVE-2025-42954 | Denial of service (DOS) in SAP NetWeaver Business Warehouse (CCAW application) | SAP_SE | SAP NetWeaver Business Warehouse (CCAW application) | Low | 2.7 | 2025-07-08 00:34:52 | Deep Dive |