| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-7002 | KLiK SocialMediaWebsite Private Message get_message_ajax.php sql injection | KLiK | SocialMediaWebsite | High | 7.3 | 2026-04-25 21:30:16 | Deep Dive |
| CVE-2026-7001 | Datacom DM4100 Ethernet Configuration cross site scripting | Datacom | DM4100 | Low | 2.4 | 2026-04-25 21:15:14 | Deep Dive |
| CVE-2026-7000 | Datacom DM4100 VLAN Page cross site scripting | Datacom | DM4100 | Low | 2.4 | 2026-04-25 21:00:24 | Deep Dive |
| CVE-2026-6999 | BIVOCOM TR321 Wireless Setting cross site scripting | BIVOCOM | TR321 | Low | 2.4 | 2026-04-25 20:45:15 | Deep Dive |
| CVE-2026-6998 | BDCOM P3310D New RMON Statistics cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 20:15:15 | Deep Dive |
| CVE-2026-6997 | BDCOM P3310D New RMON History cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 20:00:19 | Deep Dive |
| CVE-2026-6996 | BDCOM P3310D rmon event Tab cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 19:45:12 | Deep Dive |
| CVE-2026-6995 | BDCOM P3310D New User index.asp cross site scripting | BDCOM | P3310D | Low | 2.4 | 2026-04-25 19:15:14 | Deep Dive |
| CVE-2026-6994 | Envoy Query Parameter header_mutation.cc params.add injection | - | Envoy | Medium | 6.3 | 2026-04-25 19:00:19 | Deep Dive |
| CVE-2026-6993 | go-kratos http.DefaultServeMux Fallback server.go NewServer confused deputy | go-kratos | kratos | Medium | 5.3 | 2026-04-25 18:30:16 | Deep Dive |
| CVE-2026-6992 | Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection | Linksys | MR9600 | High | 7.2 | 2026-04-25 18:00:20 | Deep Dive |
| CVE-2026-6991 | colinhacks Zod CUID Data Type regexes.ts sql injection | colinhacks | Zod | Medium | 6.3 | 2026-04-25 17:45:14 | Deep Dive |
| CVE-2026-6990 | projeto-siga novo cross site scripting | projeto-siga | siga | Low | 3.5 | 2026-04-25 17:30:16 | Deep Dive |
| CVE-2026-6989 | Tenda F453 Telnet Service telnet TendaTelnet command injection | Tenda | F453 | Medium | 6.3 | 2026-04-25 17:15:18 | Deep Dive |
| CVE-2026-6988 | Tenda HG10 Boa Service formRouting formRoute buffer overflow | Tenda | HG10 | High | 8.8 | 2026-04-25 17:00:24 | Deep Dive |
| CVE-2026-6987 | PicoClaw Web Launcher Management Plane restart command injection | - | PicoClaw | High | 7.3 | 2026-04-25 16:45:10 | Deep Dive |
| CVE-2026-6986 | Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification | Cesanta | Mongoose | Low | 3.7 | 2026-04-25 16:30:13 | Deep Dive |
| CVE-2026-6985 | Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop | Cesanta | Mongoose | Medium | 5.3 | 2026-04-25 16:15:14 | Deep Dive |
| CVE-2026-6984 | AstrBotDevs AstrBot Dashboard API t2i.py create_template special elements used in a template engine | AstrBotDevs | AstrBot | Medium | 4.7 | 2026-04-25 15:30:25 | Deep Dive |
| CVE-2026-6983 | pagekit download server-side request forgery | - | pagekit | Medium | 4.7 | 2026-04-25 15:15:17 | Deep Dive |