| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33508 | Parse Server: LiveQuery subscription query depth bypass | parse-community | parse-server | 中危 | - | 2026-03-24 18:21:08 | Deep Dive |
| CVE-2026-33498 | Parse Server: Query condition depth bypass via pre-validation transform pipeline | parse-community | parse-server | 中危 | - | 2026-03-24 18:18:45 | Deep Dive |
| CVE-2026-33429 | Parse Server: Protected field change detection oracle via LiveQuery watch parameter | parse-community | parse-server | 中危 | - | 2026-03-24 18:16:35 | Deep Dive |
| CVE-2026-33421 | Parse Server: LiveQuery bypasses CLP pointer permission enforcement | parse-community | parse-server | 中危 | - | 2026-03-24 18:14:30 | Deep Dive |
| CVE-2026-33409 | Parse Server: Auth provider validation bypass on login via partial authData | parse-community | parse-server | 中危 | - | 2026-03-24 18:11:37 | Deep Dive |
| CVE-2026-33323 | Parse Server: Email verification resend page leaks user existence | parse-community | parse-server | 中危 | - | 2026-03-24 18:06:32 | Deep Dive |
| CVE-2019-25619 | FTP Shell Server 6.83 Buffer Overflow via Account Name | Ftpshell | FTP Shell Server | High | 8.4 | 2026-03-22 13:38:50 | Deep Dive |
| CVE-2019-25609 | JetAudio jetCast Server 2.0 Local SEH Buffer Overflow | Jetaudio | Server | High | 8.4 | 2026-03-22 13:38:43 | Deep Dive |
| CVE-2019-25593 | jetCast Server 2.0 Denial of Service via Log Directory | Jetaudio | jetCast Server | Medium | 5.5 | 2026-03-22 13:38:31 | Deep Dive |
| CVE-2019-25588 | BulletProof FTP Server 2019.0.0.50 Denial of Service via DNS Address | Bpftpserver | BulletProof FTP Server | Medium | 6.2 | 2026-03-22 00:11:10 | Deep Dive |
| CVE-2019-25587 | BulletProof FTP Server 2019.0.0.50 Storage-Path Denial of Service | Bpftpserver | BulletProof FTP Server | Medium | 6.2 | 2026-03-22 00:11:09 | Deep Dive |
| CVE-2026-24060 | Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information | Automated Logic | WebCTRL Premium Server | Critical | 9.1 | 2026-03-20 23:19:05 | Deep Dive |
| CVE-2026-32666 | Automated Logic WebCTRL Premium Server Authentication Bypass by Spoofing | Automated Logic | WebCTRL Premium Server | High | 7.5 | 2026-03-20 23:17:29 | Deep Dive |
| CVE-2026-25086 | Automated Logic WebCTRL Premium Server Multiple Binds to the Same Port | Automated Logic | WebCTRL Premium Server | High | 7.7 | 2026-03-20 23:14:23 | Deep Dive |
| CVE-2026-4496 | sigmade Git-MCP-Server gitUtils.ts child_process.exec os command injection | sigmade | Git-MCP-Server | Medium | 5.3 | 2026-03-20 18:32:13 | Deep Dive |
| CVE-2026-32710 | Heap-based Buffer Overflow in MariaDB | MariaDB | server | High | 8.5 | 2026-03-20 18:31:49 | Deep Dive |
| CVE-2026-4434 | Devolutions Server 安全漏洞 | Devolutions | Server | 中危 | - | 2026-03-20 12:52:56 | Deep Dive |
| CVE-2026-33060 | CKAN MCP Server: SSRF via base_url allows access to internal networks | ondata | ckan-mcp-server | Medium | 5.3 | 2026-03-20 07:21:31 | Deep Dive |
| CVE-2026-33163 | Parse Server leaks protected fields via LiveQuery afterEvent trigger | parse-community | parse-server | 中危 | - | 2026-03-18 21:58:04 | Deep Dive |
| CVE-2026-33042 | Parse Server affected by empty authData bypassing credential requirement on signup | parse-community | parse-server | 中危 | - | 2026-03-18 21:54:05 | Deep Dive |