浏览 2,316+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-7085 | HBAI-Ltd Toonflow-app downloadApp Endpoint downloadApp.ts z.url path traversal | HBAI-Ltd | Toonflow-app | Medium | 5.0 | 2026-04-27 04:00:14 | Deep Dive |
| CVE-2026-7084 | HBAI-Ltd Toonflow-app getCodeByLink Endpoint getCodeByLink.ts fetch server-side request forgery | HBAI-Ltd | Toonflow-app | Medium | 6.3 | 2026-04-27 03:45:12 | Deep Dive |
| CVE-2026-34488 | i-PRO IP Setting Software 代码问题漏洞 | i-PRO Co., Ltd. | IP Setting Software | - | - | 2026-04-23 06:17:14 | Deep Dive |
| CVE-2026-39454 | SKYSEA Client View 安全漏洞 | Sky Co.,LTD. | SKYSEA Client View | - | - | 2026-04-20 08:04:57 | Deep Dive |
| CVE-2025-15625 | Unauthenticated execution of arbitrary SQL queries in Sparx Pro Cloud Server | Sparx Systems Pty Ltd. | Sparx Pro Cloud Server | - | - | 2026-04-17 08:39:00 | Deep Dive |
| CVE-2025-15624 | Plaintext Storage of a Password in Sparx Pro Cloud Server. | Sparx Systems Pty Ltd. | Sparx Pro Cloud Server | - | - | 2026-04-17 08:38:37 | Deep Dive |
| CVE-2025-15623 | Sparx Pro Cloud Server reveals sensitive information to an unauthenticated user | Sparx Systems Pty Ltd. | Sparx Pro Cloud Server | - | - | 2026-04-17 08:37:28 | Deep Dive |
| CVE-2025-15622 | Sparx Enterprise Architect Client reveals plaintext OAuth2 client secret | Sparx Systems Pty Ltd. | Sparx Enterprise Architect | - | - | 2026-04-17 08:35:05 | Deep Dive |
| CVE-2025-15621 | Sparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authentication | Sparx Systems Pty Ltd. | Sparx Enterprise Architect | - | - | 2026-04-16 12:40:09 | Deep Dive |
| CVE-2026-5397 | Vulnerability Related to an Uncontrolled Search Path Element in a UPS Management Application | OMRON SOCIAL SOLUTIONS CO., Ltd. | PowerAttendant Standard Edition | High | 7.8 | 2026-04-15 04:11:30 | Deep Dive |
| CVE-2026-25776 | Six Apart Movable Type 代码注入漏洞 | Six Apart Ltd. | Movable Type | - | - | 2026-04-08 08:52:15 | Deep Dive |
| CVE-2026-33088 | Six Apart Movable Type SQL注入漏洞 | Six Apart Ltd. | Movable Type | - | - | 2026-04-08 08:51:46 | Deep Dive |
| CVE-2026-22679 | Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint | Weaver Network Co., Ltd. | E-cology | Critical | 9.8 | 2026-04-07 12:51:23 | Deep Dive |
| CVE-2021-4473 | Tianxin Internet Behavior Management System Command Injection via toQuery.php | Beijing Topsec Network Security Technology Co., Ltd. | Tianxin Internet Behavior Management System | Critical | 9.8 | 2026-04-07 12:50:58 | Deep Dive |
| CVE-2026-32929 | Fuji Electric V-SFT 缓冲区错误漏洞 | FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT | High | 7.8 | 2026-04-01 23:00:07 | Deep Dive |
| CVE-2026-32928 | Fuji Electric V-SFT 安全漏洞 | FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT | High | 7.8 | 2026-04-01 22:59:39 | Deep Dive |
| CVE-2026-32927 | Fuji Electric V-SFT 缓冲区错误漏洞 | FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT | High | 7.8 | 2026-04-01 22:59:22 | Deep Dive |
| CVE-2026-32926 | Fuji Electric V-SFT 缓冲区错误漏洞 | FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT | High | 7.8 | 2026-04-01 22:58:55 | Deep Dive |
| CVE-2026-32925 | Fuji Electric V-SFT 安全漏洞 | FUJI ELECTRIC CO., LTD. / Hakko Electronics Co., Ltd. | V-SFT | High | 7.8 | 2026-04-01 22:58:33 | Deep Dive |
| CVE-2026-4620 | NEC Platforms Aterm Series 安全漏洞 | NEC Platforms, Ltd. | Aterm WX1500HP | 中危 | - | 2026-03-27 11:53:42 | Deep Dive |