浏览 69+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-26342 | Tattile Smart+ / Vega / Basic <= 1.181.5 Insufficient Session Token Expiration | Tattile s.r.l. | Smart+ | - | - | 2026-02-24 18:41:10 | Deep Dive |
| CVE-2026-26341 | Tattile Smart+ / Vega / Basic <= 1.181.5 Default Credentials | Tattile s.r.l. | Smart+ | 超危 | - | 2026-02-24 18:40:54 | Deep Dive |
| CVE-2026-26340 | Tattile Smart+ / Vega / Basic <= 1.181.5 Unauthenticated RTSP Stream Disclosure | Tattile s.r.l. | Smart+ | 高危 | - | 2026-02-24 18:40:35 | Deep Dive |
| CVE-2026-1341 | Missing Authentication for Critical Function in Avation Light Engine Pro | Avation | Avation Light Engine Pro | - | - | 2026-02-03 21:26:42 | Deep Dive |
| CVE-2025-15021 | Gotham Block Extra Light <= 1.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings | gothamdev | Gotham Block Extra Light | Medium | 4.4 | 2026-01-14 05:28:12 | Deep Dive |
| CVE-2025-15020 | Gotham Block Extra Light <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode | gothamdev | Gotham Block Extra Light | Medium | 6.5 | 2026-01-14 05:28:11 | Deep Dive |
| CVE-2025-69007 | WordPress Popping Sidebars and Widgets Light plugin <= 1.27 - Cross Site Scripting (XSS) vulnerability | OTWthemes | Popping Sidebars and Widgets Light | 中危 | - | 2025-12-30 10:47:52 | Deep Dive |
| CVE-2025-62960 | WordPress Construction Light theme <= 1.6.7 - Broken Access Control vulnerability | sparklewpthemes | Construction Light | Medium | 5.4 | 2025-12-18 16:51:56 | Deep Dive |
| CVE-2025-10684 | Construction Light < 1.6.8 - Subscriber+ Arbitrary Plugin Activation | Unknown | Construction Light | - | - | 2025-12-12 06:00:02 | Deep Dive |
| CVE-2025-34501 | Shuffle Master Deck Mate 2 Hard-coded Credentials & Exposed Services | Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. | Deck Mate 2 | - | - | 2025-11-03 21:56:55 | Deep Dive |
| CVE-2025-34503 | Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firmware Execution | Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. | Deck Mate 1 | 中危 | - | 2025-10-24 23:04:44 | Deep Dive |
| CVE-2025-34502 | Shuffle Master Deck Mate 2 Missing Secure Boot | Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. | Deck Mate 2 | 中危 | - | 2025-10-24 23:04:12 | Deep Dive |
| CVE-2025-34500 | Shuffle Master Deck Mate 2 Insecure Update Chain | Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. | Deck Mate 2 | 中危 | - | 2025-10-24 23:02:30 | Deep Dive |
| CVE-2025-9991 | Tiny Bootstrap Elements Light <= 4.3.34 - Unauthenticated Local File Inclusion | migli | Tiny Bootstrap Elements Light | High | 8.1 | 2025-09-30 03:35:31 | Deep Dive |
| CVE-2025-9898 | cForms – Light speed fast Form Builder <= 3.0.0 - Cross-Site Request Forgery | compojoom | cForms – Light speed fast Form Builder | Medium | 4.3 | 2025-09-27 06:47:15 | Deep Dive |
| CVE-2025-58270 | WordPress NIX Anti-Spam Light Plugin <= 0.0.4 - Cross Site Request Forgery (CSRF) Vulnerability | NIX Solutions Ltd | NIX Anti-Spam Light | High | 7.1 | 2025-09-22 18:23:15 | Deep Dive |
| CVE-2025-58853 | WordPress Popping Sidebars and Widgets Light Plugin <= 1.27 - Cross Site Request Forgery (CSRF) Vulnerability | OTWthemes | Popping Sidebars and Widgets Light | High | 7.1 | 2025-09-05 13:45:36 | Deep Dive |
| CVE-2025-58805 | WordPress Widgetize Pages Light Plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability | OTWthemes | Widgetize Pages Light | Medium | 5.9 | 2025-09-05 13:45:10 | Deep Dive |
| CVE-2025-7202 | Cross-Site Request Forgery (CSRF) allowed remote control of Elgato Key Lights | Elgato | Key Light | - | - | 2025-08-06 08:28:23 | Deep Dive |
| CVE-2025-7705 | Authentication bypass due to compatibility mode enabled by default | ABB | Switch Actuator 4 DU-83330 | Medium | 6.8 | 2025-07-22 11:49:01 | Deep Dive |