| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40545 | Reflected XSS in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:03:53 | Deep Dive |
| CVE-2026-40544 | Stored XSS in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:03:50 | Deep Dive |
| CVE-2026-40543 | Missing Authorization in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:03:45 | Deep Dive |
| CVE-2026-10243 | code-projects Smart Parking System Admin Endpoint missing authentication | code-projects | Smart Parking System | High | 7.3 | 2026-06-01 09:00:13 | Deep Dive |
| CVE-2026-10242 | itsourcecode Content Management System instructions.php sql injection | itsourcecode | Content Management System | Medium | 6.3 | 2026-06-01 08:45:08 | Deep Dive |
| CVE-2026-48827 | Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git | Apache Software Foundation | Apache MINA SSHD | High | 7.1 | 2026-06-01 08:37:42 | Deep Dive |
| CVE-2026-10241 | jeecgboot The server processes these URLs Cloud Instance Metadata Endpoint debug FileDownloadUtils.download2DiskFromNet server-side request forgery | jeecgboot | The server processes these URLs | Medium | 6.3 | 2026-06-01 08:30:10 | Deep Dive |
| CVE-2026-9024 | Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x | Dassault Systèmes | DELMIA Service Process Engineer | High | 8.7 | 2026-06-01 08:21:07 | Deep Dive |
| CVE-2026-10240 | JeecgBoot test server-side request forgery | - | JeecgBoot | Medium | 6.3 | 2026-06-01 08:15:09 | Deep Dive |
| CVE-2026-44825 | Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users | Apache Software Foundation | Apache Solr | High | 8.1 | 2026-06-01 08:02:15 | Deep Dive |
| CVE-2026-10239 | JeecgBoot edit WordUtil.addImage server-side request forgery | - | JeecgBoot | Medium | 6.3 | 2026-06-01 08:00:17 | Deep Dive |
| CVE-2026-49361 | Apache Fluss Netty Frame Decoder Memory Exhaustion Vulnerability | Apache Software Foundation | Apache Fluss (incubating) | - | - | 2026-06-01 07:57:27 | Deep Dive |
| CVE-2026-10517 | Clair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissance | Red Hat | Red Hat Quay 3 | Medium | 5.8 | 2026-06-01 07:56:09 | Deep Dive |
| CVE-2026-40861 | Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:55:38 | Deep Dive |
| CVE-2026-40961 | Apache Airflow: Open Redirect Bypass Vulnerability | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:55:05 | Deep Dive |
| CVE-2026-40963 | Apache Airflow: DAG authorization bypass on /ui/structure/structure_data | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:54:34 | Deep Dive |
| CVE-2026-41014 | Apache Airflow: per-DAG RBAC bypass on /ui/partitioned_dag_runs endpoints | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:53:52 | Deep Dive |
| CVE-2026-49267 | Apache Airflow: No certificate validation on SMTP STARTTLS connections | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:53:13 | Deep Dive |
| CVE-2026-41017 | Apache Airflow: JWT cookie missing Secure flag in JWTRefreshMiddleware behind HTTPS-terminating proxy | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:52:34 | Deep Dive |
| CVE-2026-41084 | Apache Airflow: API authorization bypass: bulk TaskInstances allows cross-DAG mutation | Apache Software Foundation | Apache Airflow | - | - | 2026-06-01 07:51:57 | Deep Dive |