| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-42834 | Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability | Microsoft | Windows Admin Center in Azure Portal | High | 7.8 | 2026-05-20 13:09:45 | Deep Dive |
| CVE-2026-45584 | Microsoft Defender Remote Code Execution Vulnerability | Microsoft | Microsoft Malware Protection Engine | High | 8.1 | 2026-05-20 13:09:44 | Deep Dive |
| CVE-2026-3592 | Amplification vulnerabilities via self-pointed glue records | ISC | BIND 9 | Medium | 5.3 | 2026-05-20 13:09:22 | Deep Dive |
| CVE-2026-41091 | Microsoft Defender Elevation of Privilege Vulnerability | Microsoft | Microsoft Malware Protection Engine | High | 7.8 | 2026-05-20 13:09:14 | Deep Dive |
| CVE-2026-45498 | Microsoft Defender Denial of Service Vulnerability | Microsoft | Microsoft Defender Antimalware Platform | Medium | 4.0 | 2026-05-20 13:09:13 | Deep Dive |
| CVE-2026-3039 | BIND 9 server memory exhaustion during GSS-API TKEY negotiation | ISC | BIND 9 | High | 7.5 | 2026-05-20 13:09:04 | Deep Dive |
| CVE-2026-42383 | WordPress YITH WooCommerce Product Add-Ons plugin <= 4.29.0 - SQL Injection vulnerability | YITH | YITH WooCommerce Product Add-Ons | High | 7.6 | 2026-05-20 12:55:50 | Deep Dive |
| CVE-2026-24573 | WordPress Visualizer plugin < 4.0.0 - Cross Site Scripting (XSS) vulnerability | Themeisle | Visualizer | Medium | 6.5 | 2026-05-20 12:54:05 | Deep Dive |
| CVE-2026-29518🧪 | Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write | RsyncProject | rsync | High | 7.0 | 2026-05-20 12:48:08 | Deep Dive |
| CVE-2026-27405 | WordPress WpBookingly plugin <= 1.2.9 - Broken Access Control vulnerability | Magepeople inc. | WpBookingly | Medium | 6.5 | 2026-05-20 12:16:27 | Deep Dive |
| CVE-2026-27424 | WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Broken Access Control vulnerability | WP Chill | Image Photo Gallery Final Tiles Grid | Medium | 4.3 | 2026-05-20 12:13:35 | Deep Dive |
| CVE-2025-11954 | CSRF in Sitemio's WISECP | Sitemio Information Technologies Trade Ltd. Co. | WISECP | High | 8.0 | 2026-05-20 12:13:27 | Deep Dive |
| CVE-2026-45443 | WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 5.5.1 - Broken Access Control vulnerability | ADD-ONS.ORG | PDF for Elementor Forms + Drag And Drop Template Builder | Medium | 5.0 | 2026-05-20 12:11:50 | Deep Dive |
| CVE-2025-31985 | HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header | HCL | BigFix Service Management (SM) | Low | 3.7 | 2026-05-20 11:28:04 | Deep Dive |
| CVE-2025-31973 | HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version' | HCL | BigFix Service Management (SM) | Medium | 4.0 | 2026-05-20 11:25:44 | Deep Dive |
| CVE-2026-25602 | Mesalvo Meona组件数据验证不足漏洞 | Mesalvo | Meona Client Launcher Component | Medium | 4.4 | 2026-05-20 10:54:13 | Deep Dive |
| CVE-2026-0857 | Meona客户端及服务器组件内存敏感信息明文存储漏洞 | Mesalvo | Meona Client Launcher Component | Medium | 6.0 | 2026-05-20 10:50:59 | Deep Dive |
| CVE-2026-22315 | Meona客户端及服务端越权漏洞(通过20.06及25.04) | Mesalvo | Meona Client Launcher Component | High | 7.2 | 2026-05-20 10:46:52 | Deep Dive |
| CVE-2026-0856 | Meona Client/Server Improper Access Control漏洞 | Mesalvo | Meona Client Launcher Component | High | 7.8 | 2026-05-20 10:38:54 | Deep Dive |
| CVE-2026-22314 | Meona Client/Server代码注入漏洞(<=19.06.2020/2025.04) | Mesalvo | Meona Client Launcher Component | Critical | 9.0 | 2026-05-20 10:29:39 | Deep Dive |