Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 22+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 22 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-40074 SvelteKit's invalidated redirect in handle hook causes Denial-of-Service sveltejskit 中危 -2026-04-10 16:26:07 Deep Dive
CVE-2026-40073 SvelteKit has a BODY_SIZE_LIMIT bypass in @sveltejs/adapter-node sveltejskit 中危 -2026-04-10 16:24:40 Deep Dive
CVE-2026-30226 devalue has prototype pollution in devalue.parse and devalue.unflatten sveltejsdevalue--2026-03-11 17:47:40 Deep Dive
CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers sveltejssvelte--2026-02-26 00:58:55 Deep Dive
CVE-2026-27901 Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent` sveltejssvelte--2026-02-26 00:57:40 Deep Dive
CVE-2026-27125 Svelte SSR attribute spreading includes inherited properties from prototype chain sveltejssvelte 中危 -2026-02-20 22:29:45 Deep Dive
CVE-2026-27122 Svelte SSR does not validate dynamic element tag names in `<svelte:element>` sveltejssvelte 中危 -2026-02-20 22:28:38 Deep Dive
CVE-2026-27121 Svelte affected by cross-site scripting via spread attributes in Svelte SSR sveltejssvelte 中危 -2026-02-20 22:27:36 Deep Dive
CVE-2026-27119 Svelte affected by XSS in SSR `<option>` element sveltejssvelte 中危 -2026-02-20 22:25:43 Deep Dive
CVE-2026-27118 Cache poisoning in @sveltejs/adapter-vercel sveltejskit--2026-02-20 21:24:56 Deep Dive
CVE-2026-22775 devalue vulnerable to denial of service due to memory/CPU exhaustion in devalue.parse sveltejsdevalue High 7.5 2026-01-15 18:59:37 Deep Dive
CVE-2026-22774 devalue vulnerable to denial of service due to memory exhaustion in devalue.parse sveltejsdevalue High 7.5 2026-01-15 18:53:22 Deep Dive
CVE-2026-22803 SvelteKit has a memory amplification DoS in Remote Functions binary form deserializer sveltejskit--2026-01-15 18:37:58 Deep Dive
CVE-2025-67647 SvelteKit Denial of service and possible SSRF when using prerendering sveltejskit--2026-01-15 18:33:25 Deep Dive
CVE-2025-57820 Svelte devalue vulnerable to prototype pollution sveltejsdevalue--2025-08-26 22:33:19 Deep Dive
CVE-2025-32388 SvelteKit allows XSS via tracked search_params sveltejskit Medium 5.4 2025-04-15 22:32:06 Deep Dive
CVE-2024-53261 Cross-Site Scripting attack (XSS) on dev mode 404 page in SvelteKit sveltejskit--2024-11-25 19:15:28 Deep Dive
CVE-2024-53262 Unescaped error message included on error page in SvelteKit sveltejskit--2024-11-25 19:07:20 Deep Dive
CVE-2024-45047 Potential mXSS vulnerability due to improper HTML escaping in svelte sveltejssvelte Medium 5.4 2024-08-30 16:55:39 Deep Dive
CVE-2024-23641 Sending a GET or HEAD request with a body crashes SvelteKit sveltejskit High 7.5 2024-01-24 16:56:32 Deep Dive