浏览 59+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24177 | NVIDIA KAI Scheduler 访问控制错误漏洞 | NVIDIA | KAI Scheduler | High | 7.7 | 2026-04-21 16:17:26 | Deep Dive |
| CVE-2026-24176 | NVIDIA KAI Scheduler 安全漏洞 | NVIDIA | KAI Scheduler | Medium | 4.3 | 2026-04-21 16:17:01 | Deep Dive |
| CVE-2026-4330 | Blog2Social: Social Media Auto Post & Scheduler <= 8.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Schedule Modification via 'b2s_id' Parameter | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.3 | 2026-04-08 07:43:03 | Deep Dive |
| CVE-2026-1877 | Auto Post Scheduler <= 1.84 - Cross-Site Request Forgery to Stored Cross-Site Scripting via aps_options_page | johnh10 | Auto Post Scheduler | Medium | 6.1 | 2026-03-31 05:28:53 | Deep Dive |
| CVE-2026-1797 | Truebooker - Appointment Booking and Scheduler Plugin <= 1.1.4 - Sensitive Information Exposure via Views Files | themetechmount | TrueBooker – Appointment Booking and Scheduler System | Medium | 5.3 | 2026-03-31 04:25:32 | Deep Dive |
| CVE-2026-4331 | Blog2Social: Social Media Auto Post & Scheduler <= 8.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Deletion via 'b2s_reset_social_meta_tags' AJAX Action | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.3 | 2026-03-26 03:37:28 | Deep Dive |
| CVE-2026-1942 | Blog2Social: Social Media Auto Post & Scheduler <= 8.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 6.5 | 2026-02-18 10:20:49 | Deep Dive |
| CVE-2026-1987 | Scheduler Widget <= 0.1.6 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Event Modification | morelmathieuj | Scheduler Widget | Medium | 5.4 | 2026-02-14 06:42:37 | Deep Dive |
| CVE-2020-37077 | Booked Scheduler 2.7.7 - Authenticated Directory Traversal | Twinkle Toes Software | Booked Scheduler | Medium | 6.5 | 2026-02-03 22:01:44 | Deep Dive |
| CVE-2025-14943 | Blog2Social: Social Media Auto Post & Scheduler <= 8.7.2 - Incorrect Authorization to Authenticated (Subscriber+) Sensitive Information Exposure | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.3 | 2026-01-10 06:32:34 | Deep Dive |
| CVE-2024-42197 | HCL Workload Scheduler is vulnerable to plain text storage of a password | HCL Software | Workload Scheduler | Medium | 5.5 | 2025-12-11 19:40:12 | Deep Dive |
| CVE-2025-13558 | Blog2Social <= 8.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Trashing | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 5.4 | 2025-11-25 04:38:00 | Deep Dive |
| CVE-2025-12560 | Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via post_url | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.3 | 2025-11-06 05:31:25 | Deep Dive |
| CVE-2025-12563 | Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Incorrect Authorization to Video File Upload | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.3 | 2025-11-06 04:36:22 | Deep Dive |
| CVE-2025-10056 | Task Scheduler <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery | miunosoft | Task Scheduler | Medium | 4.4 | 2025-10-15 08:26:04 | Deep Dive |
| CVE-2025-5258 | Conference Scheduler <= 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter | swift | Conference Scheduler | Medium | 6.4 | 2025-06-24 07:24:57 | Deep Dive |
| CVE-2025-5673 | Blog2Social <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 6.5 | 2025-06-17 01:44:11 | Deep Dive |
| CVE-2025-4133 | Blog2Social: Social Media Auto Post & Scheduler < 8.4.0 - Contributor+ Stored XSS | Unknown | Blog2Social: Social Media Auto Post & Scheduler | - | - | 2025-05-22 06:00:09 | Deep Dive |
| CVE-2025-32599 | WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability | miunosoft | Task Scheduler | High | 7.1 | 2025-04-11 08:42:59 | Deep Dive |
| CVE-2025-31601 | WordPress Appointy Appointment Scheduler plugin <= 4.2.1 - CSRF to Settings Change vulnerability | appointy | Appointy Appointment Scheduler | Medium | 6.5 | 2025-03-31 12:55:34 | Deep Dive |