| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5059 | aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability | aws-mcp-server | aws-mcp-server | - | - | 2026-04-11 00:15:03 | Deep Dive |
| CVE-2026-5058 | aws-mcp-server Command Injection Remote Code Execution Vulnerability | aws-mcp-server | aws-mcp-server | - | - | 2026-04-11 00:14:52 | Deep Dive |
| CVE-2026-25203 | SAMSUNG MagicINFO 9 Server 安全漏洞 | Samsung Electronics | MagicINFO 9 Server | High | 7.8 | 2026-04-10 01:24:07 | Deep Dive |
| CVE-2026-35577 | Missing Host Header Validation in Apollo MCP Server for Localhost Deployments | apollographql | apollo-mcp-server | Medium | 6.8 | 2026-04-09 19:40:26 | Deep Dive |
| CVE-2026-5439 | Memory Exhaustion via Forged ZIP Metadata | Orthanc | DICOM Server | - | - | 2026-04-09 14:44:37 | Deep Dive |
| CVE-2026-5437 | Out-of-Bounds Read in DicomStreamReader | Orthanc | DICOM Server | - | - | 2026-04-09 14:44:18 | Deep Dive |
| CVE-2026-5438 | Gzip Decompression Bomb via Content-Encoding Header | Orthanc | DICOM Server | - | - | 2026-04-09 14:44:05 | Deep Dive |
| CVE-2026-5440 | Memory Exhaustion via Unbounded Content-Length | Orthanc | DICOM Server | - | - | 2026-04-09 14:43:56 | Deep Dive |
| CVE-2026-5442 | Heap Buffer Overflow in DICOM Image Decoder via VR UL Dimensions | Orthanc | DICOM Server | - | - | 2026-04-09 14:43:44 | Deep Dive |
| CVE-2026-5443 | Heap Buffer Overflow in DICOM Image Decoder (Palette Color Decode) | Orthanc | DICOM Server | - | - | 2026-04-09 14:43:15 | Deep Dive |
| CVE-2026-5445 | Out-of-Bounds Read in DicomImageDecoder (DecodeLookupTable) | Orthanc | DICOM Server | - | - | 2026-04-09 14:42:52 | Deep Dive |
| CVE-2026-5444 | Heap Buffer Overflow in PAM Image Buffer Allocation | Orthanc | DICOM Server | - | - | 2026-04-09 14:42:31 | Deep Dive |
| CVE-2026-5441 | Out-of-Bounds Read in DicomImageDecoder (PMSCT_RLE1 Decompression) | Orthanc | DICOM Server | - | - | 2026-04-09 14:42:05 | Deep Dive |
| CVE-2026-5833 | awwaiid mcp-server-taskwarrior index.ts server.setRequestHandler command injection | awwaiid | mcp-server-taskwarrior | Medium | 5.3 | 2026-04-09 02:15:15 | Deep Dive |
| CVE-2026-5741 | suvarchal docker-mcp-server HTTP index.ts pull_image os command injection | suvarchal | docker-mcp-server | High | 7.3 | 2026-04-07 20:00:21 | Deep Dive |
| CVE-2026-39381 | Parse Server's Endpoint `/sessions/me` bypasses `_Session` `protectedFields` | parse-community | parse-server | - | - | 2026-04-07 19:51:03 | Deep Dive |
| CVE-2026-39321 | Parse Server has a login timing side-channel reveals user existence | parse-community | parse-server | - | - | 2026-04-07 18:11:11 | Deep Dive |
| CVE-2026-24175 | NVIDIA Triton Inference Server 安全漏洞 | NVIDIA | Triton Inference Server | High | 7.5 | 2026-04-07 17:13:04 | Deep Dive |
| CVE-2026-24174 | NVIDIA Triton Inference Server 安全漏洞 | NVIDIA | Triton Inference Server | High | 7.5 | 2026-04-07 17:12:43 | Deep Dive |
| CVE-2026-24173 | NVIDIA Triton Inference Server 输入验证错误漏洞 | NVIDIA | Triton Inference Server | High | 7.5 | 2026-04-07 17:12:28 | Deep Dive |