| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33549 | SPIP 安全漏洞 | SPIP | SPIP | Medium | 6.7 | 2026-03-22 02:03:48 | Deep Dive |
| CVE-2026-22205 | SPIP < 4.4.10 Authentication Bypass via PHP Type Juggling | SPIP | SPIP | High | 7.5 | 2026-02-26 20:18:15 | Deep Dive |
| CVE-2026-22206 | SPIP < 4.4.10 SQL Injection RCE via Union & PHP Tags | SPIP | SPIP | High | 8.8 | 2026-02-26 20:17:58 | Deep Dive |
| CVE-2026-27743 | SPIP referer_spam <= 1.2.1 Unauthenticated SQL Injection | SPIP | referer_spam | Critical | 9.8 | 2026-02-25 03:08:39 | Deep Dive |
| CVE-2026-27744 | SPIP tickets < 4.3.3 Unauthenticated RCE | SPIP | tickets | Critical | 9.8 | 2026-02-25 03:08:25 | Deep Dive |
| CVE-2026-27745 | SPIP interface_traduction_objets < 2.2.2 Authenticated RCE | SPIP | interface_traduction_objets | High | 8.8 | 2026-02-25 03:08:12 | Deep Dive |
| CVE-2026-27746 | SPIP jeux < 4.1.1 Reflected XSS via index Parameters | SPIP | jeux | Medium | 6.1 | 2026-02-25 03:07:57 | Deep Dive |
| CVE-2026-27747 | SPIP interface_traduction_objets < 2.2.2 Authenticated SQL Injection | SPIP | interface_traduction_objets | High | 8.8 | 2026-02-25 03:07:45 | Deep Dive |
| CVE-2026-27475 | SPIP < 4.4.9 Insecure Deserialization | SPIP | SPIP | High | 8.1 | 2026-02-19 18:39:25 | Deep Dive |
| CVE-2026-27474 | SPIP < 4.4.9 Cross-Site Scripting in Private Area (Incomplete Fix) | SPIP | SPIP | Medium | 6.1 | 2026-02-19 18:38:58 | Deep Dive |
| CVE-2026-27473 | SPIP < 4.4.9 Stored Cross-Site Scripting via Syndicated Sites | SPIP | SPIP | Medium | 6.4 | 2026-02-19 18:38:27 | Deep Dive |
| CVE-2026-27472 | SPIP < 4.4.9 Blind Server-Side Request Forgery via Syndicated Sites | SPIP | SPIP | Medium | 4.3 | 2026-02-19 18:38:03 | Deep Dive |
| CVE-2026-26223 | SPIP < 4.4.8 Cross-Site Scripting via Iframe Tags in Private Area | SPIP | SPIP | Medium | 6.1 | 2026-02-19 15:26:06 | Deep Dive |
| CVE-2026-26345 | SPIP < 4.4.8 Cross-Site Scripting in Public Area | SPIP | SPIP | Medium | 5.4 | 2026-02-19 15:25:06 | Deep Dive |
| CVE-2025-71244 | SPIP < 4.4.5 Open Redirect via Login Form | SPIP | SPIP | Medium | 6.1 | 2026-02-19 14:58:16 | Deep Dive |
| CVE-2025-71243 | SPIP Saisies Plugin < 5.11.1 Remote Code Execution | SPIP | Saisies pour formulaire | Critical | 9.8 | 2026-02-19 14:58:15 | Deep Dive |
| CVE-2025-71242 | SPIP < 4.3.6 Authorization Bypass Leading to Content Disclosure | SPIP | SPIP | Medium | 6.5 | 2026-02-19 14:58:15 | Deep Dive |
| CVE-2025-71241 | SPIP < 4.3.6 Cross-Site Scripting in Private Area | SPIP | SPIP | Medium | 6.1 | 2026-02-19 14:58:14 | Deep Dive |
| CVE-2025-71240 | SPIP < 4.2.15 Cross-Site Scripting via Code Tags | SPIP | SPIP | Medium | 5.4 | 2026-02-19 14:58:13 | Deep Dive |
| CVE-2023-53900 | Spip 4.1.10 Admin Account Spoofing via Malicious SVG Upload | spip | spip | High | 8.8 | 2025-12-16 17:06:24 | Deep Dive |