浏览 29+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4549 | mickasmt next-saas-stripe-starter Stripe API open-customer-portal.ts openCustomerPortal authorization | mickasmt | next-saas-stripe-starter | Low | 3.1 | 2026-03-22 13:47:25 | Deep Dive |
| CVE-2026-4548 | mickasmt next-saas-stripe-starter update-user-role.ts updateUserrole improper authorization | mickasmt | next-saas-stripe-starter | Medium | 6.3 | 2026-03-22 13:02:44 | Deep Dive |
| CVE-2026-4547 | mickasmt next-saas-stripe-starter Checkout generate-user-stripe.ts generateUserStripe logic error | mickasmt | next-saas-stripe-starter | Medium | 4.3 | 2026-03-22 13:02:42 | Deep Dive |
| CVE-2026-2247 | SQL Injection in Clickedu's SaaS platform | Clickedu | SaaS platform | - | - | 2026-02-17 11:35:50 | Deep Dive |
| CVE-2025-40978 | Multiple vulnerabilities in WorkDo products | WorkDo | eCommerceGo SaaS | - | - | 2026-01-12 11:28:35 | Deep Dive |
| CVE-2025-40977 | Multiple vulnerabilities in WorkDo products | WorkDo | eCommerceGo SaaS | - | - | 2026-01-12 11:28:02 | Deep Dive |
| CVE-2025-36746 | SolarEdge Monitoring Platform contains a XSS upon report deletion | SolarEdge | SolarEdge Monitoring platform (SaaS) | - | - | 2025-12-12 15:05:40 | Deep Dive |
| CVE-2025-52622 | HCL BigFix SaaS Remediate is affected by a security vulnerability | HCL Software | BigFix SaaS Remediate | Medium | 5.4 | 2025-12-02 17:59:06 | Deep Dive |
| CVE-2025-34206 | Vasion Print (formerly PrinterLogic) Insecure Shared Storage Permissions | Vasion | Print Virtual Appliance Host | 中危 | - | 2025-09-19 18:48:58 | Deep Dive |
| CVE-2025-52618 | HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability | HCL Software | BigFix SaaS Remediate | Medium | 4.3 | 2025-08-15 22:49:24 | Deep Dive |
| CVE-2025-52619 | HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure | HCL Software | BigFix SaaS Remediate | Medium | 5.3 | 2025-08-15 22:48:40 | Deep Dive |
| CVE-2025-52620 | HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability | HCL Software | BigFix SaaS Remediate | Medium | 4.3 | 2025-08-15 22:47:49 | Deep Dive |
| CVE-2025-52621 | HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning | HCL Software | BigFix SaaS Remediate | Medium | 5.3 | 2025-08-15 22:45:56 | Deep Dive |
| CVE-2025-53341 | WordPress Stratus Theme <= 4.2.5 - Broken Access Control Vulnerability | Themovation | App, SaaS & Software Startup Tech Theme - Stratus | Medium | 4.3 | 2025-08-14 18:21:57 | Deep Dive |
| CVE-2025-55077 | Tyler Technologies ERP Pro 9 SaaS application escape | Tyler Technologies | ERP Pro 9 SaaS | High | 7.4 | 2025-08-07 18:37:33 | Deep Dive |
| CVE-2025-34140 | ETQ Reliance CG/NXG API Authorization Bypass via ;localized-text URI Suffix | ETQ | Reliance CG (legacy) | 高危 | - | 2025-07-22 12:34:31 | Deep Dive |
| CVE-2025-4606 | Sala - Startup & SaaS WordPress Theme <= 1.1.4 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover | uxper | Sala - Startup & SaaS WordPress Theme | Critical | 9.8 | 2025-07-09 03:22:04 | Deep Dive |
| CVE-2025-21380 | Azure Marketplace SaaS Resources Information Disclosure Vulnerability | Microsoft | Marketplace SaaS | High | 8.8 | 2025-01-09 22:32:47 | Deep Dive |
| CVE-2024-52271 | PDF Document Spoofing in Documenso | Documenso | Documenso | 中危 | - | 2024-12-05 13:56:08 | Deep Dive |
| CVE-2024-10250 | Nioland <= 1.2.6 - Reflected Cross-Site Scripting via s | SteelThemes | Nioland - SaaS & Software Startup Tech WordPress Theme | Medium | 6.1 | 2024-10-23 13:58:41 | Deep Dive |