| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-23886 | Swift W3C TraceContext has malformed HTTP header that can cause a crash | swift-otel | swift-w3c-trace-context | Medium | 5.3 | 2026-01-19 21:01:53 | Deep Dive |
| CVE-2025-5258 | Conference Scheduler <= 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter | swift | Conference Scheduler | Medium | 6.4 | 2025-06-24 07:24:57 | Deep Dive |
| CVE-2025-23526 | WordPress Swift Calendar Online Appointment Scheduling plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability | SwiftCloud | Swift Calendar Online Appointment Scheduling | High | 7.1 | 2025-03-03 13:30:10 | Deep Dive |
| CVE-2024-49349 | IBM Financial Transaction Manager cross-site scripting | IBM | Financial Transaction Manager for SWIFT Services for Multiplatforms | Medium | 6.1 | 2025-01-31 16:14:23 | Deep Dive |
| CVE-2024-49339 | IBM Financial Transaction Manager cross-site scripting | IBM | Financial Transaction Manager for SWIFT Services for Multiplatforms | Medium | 6.4 | 2025-01-31 16:13:40 | Deep Dive |
| CVE-2025-0343 | SwiftASN1 安全漏洞 | Swift Project | Swift ASN1 | 高危 | - | 2025-01-15 00:48:08 | Deep Dive |
| CVE-2024-13242 | Swift Mailer - Moderately critical - Access bypass - SA-CONTRIB-2024-006 | Drupal | Swift Mailer (abandoned) | 中危 | - | 2025-01-09 18:49:16 | Deep Dive |
| CVE-2024-37511 | WordPress Swift Performance Lite plugin <= 2.3.6.20 - Cross Site Request Forgery (CSRF) vulnerability | swte | Swift Performance Lite | Medium | 4.3 | 2025-01-02 12:01:00 | Deep Dive |
| CVE-2024-10516 | Swift Performance Lite <= 2.3.7.1 - Unauthenticated Local PHP File Inclusion via 'ajaxify' | swte | Swift Performance Lite | High | 8.1 | 2024-12-06 13:45:20 | Deep Dive |
| CVE-2024-1630 | Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component | GE HealthCare | Venue | High | 7.7 | 2024-05-14 16:55:57 | Deep Dive |
| CVE-2024-1629 | Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component | GE HealthCare | Venue | Medium | 6.2 | 2024-05-14 16:32:44 | Deep Dive |
| CVE-2024-1628 | OS command injection vulnerabilities in GE HealthCare ultrasound devices | GE HealthCare | Venue | High | 8.4 | 2024-05-14 16:04:58 | Deep Dive |
| CVE-2024-3915 | Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update | Swift Ideas | Swift Framework | Medium | 5.3 | 2024-05-09 20:03:32 | Deep Dive |
| CVE-2024-3722 | Swift Performance Lite <= 2.3.6.18 - Incorrect Authorization to Authenticated (Subscriber+) Settings Modification | swte | Swift Performance Lite | Medium | 5.4 | 2024-05-09 20:03:28 | Deep Dive |
| CVE-2024-3916 | Swift Framework <= 2.7.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes | Swift Ideas | Swift Framework | Medium | 6.4 | 2024-05-09 20:03:27 | Deep Dive |
| CVE-2024-28867 | Swift Prometheus un-sanitized metric name or labels can be used to take over exported metrics | swift-server | swift-prometheus | Medium | 5.9 | 2024-03-29 14:26:22 | Deep Dive |
| CVE-2023-49880 | IBM Financial Transaction Manager for SWIFT Services data manipulation | IBM | Financial Transaction Manager for SWIFT Services | High | 7.5 | 2023-12-25 02:24:32 | Deep Dive |
| CVE-2023-6289 | Swift Performance Lite <= 2.3.6.14 - Unauthenticated Configuration Export | Unknown | Swift Performance Lite | 中危 | - | 2023-12-18 20:08:01 | Deep Dive |
| CVE-2023-26154 | PubNub 安全漏洞 | - | pubnub | Medium | 5.9 | 2023-12-06 05:00:03 | Deep Dive |
| CVE-2023-35892 | IBM Financial Transaction Manager for SWIFT Services XML external entity injection | IBM | Financial Transaction Manager for SWIFT Services | High | 7.1 | 2023-09-04 23:45:39 | Deep Dive |