| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6181 | StrongDM Client 安全漏洞 | StrongDM | sdm-cli | - | - | 2025-08-20 16:43:40 | Deep Dive |
| CVE-2025-6180 | Authentication Hijack | StrongDM | sdm-cli | - | - | 2025-08-20 16:41:25 | Deep Dive |
| CVE-2025-54558 | OpenAI Codex CLI 安全漏洞 | OpenAI | Codex CLI | Medium | 4.1 | 2025-07-25 00:00:00 | Deep Dive |
| CVE-2025-5897 | vuejs vue-cli Markdown Code HtmlPwaPlugin.js HtmlPwaPlugin redos | vuejs | vue-cli | Medium | 4.3 | 2025-06-09 21:00:17 | Deep Dive |
| CVE-2025-48938 | Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server | cli | go-gh | - | - | 2025-05-30 18:46:00 | Deep Dive |
| CVE-2025-24049 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | Microsoft | Azure CLI | High | 8.4 | 2025-03-11 16:59:21 | Deep Dive |
| CVE-2025-25204 | `gh attestation verify` returns incorrect exit code during verification if no attestations are present | cli | cli | Medium | 6.3 | 2025-02-14 16:38:29 | Deep Dive |
| CVE-2024-54132 | GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability | cli | cli | 中危 | - | 2024-12-04 15:29:07 | Deep Dive |
| CVE-2024-53858 | Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in the gh cli | cli | cli | Medium | 6.5 | 2024-11-27 21:25:14 | Deep Dive |
| CVE-2024-53859 | go-gh `auth.TokenForHost` violates GitHub host security boundary within a codespace | cli | go-gh | Medium | 6.5 | 2024-11-27 21:25:12 | Deep Dive |
| CVE-2024-52308 | Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer | cli | cli | High | 8.0 | 2024-11-14 22:55:39 | Deep Dive |
| CVE-2024-48963 | Snyk CLI 安全漏洞 | Snyk | Snyk Cli | High | 7.5 | 2024-10-23 18:24:48 | Deep Dive |
| CVE-2024-48964 | Snyk CLI 安全漏洞 | Snyk | Snyk Cli | High | 7.5 | 2024-10-23 18:24:42 | Deep Dive |
| CVE-2024-43591 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | Microsoft | Azure CLI | High | 8.7 | 2024-10-08 17:36:15 | Deep Dive |
| CVE-2024-45401 | stripe-cli Path Traversal vulnerability | stripe | stripe-cli | High | 7.5 | 2024-09-05 17:09:09 | Deep Dive |
| CVE-2024-6916 | Zowe CLI --show-inputs-only displays securely stored properties | Open Mainframe Project | Zowe CLI - Imperative | Medium | 5.9 | 2024-07-19 10:47:08 | Deep Dive |
| CVE-2024-25129 | Limited data exfiltration in CodeQL CLI | github | codeql-cli-binaries | Low | 2.7 | 2024-02-22 18:23:33 | Deep Dive |
| CVE-2023-28114 | `cilium-cli` disables etcd authorization for clustermesh clusters | cilium | cilium-cli | Medium | 4.8 | 2023-03-22 18:30:17 | Deep Dive |
| CVE-2022-25992 | Intel OneApi Toolkits 安全漏洞 | - | Intel(R) oneAPI Toolkits oneapi-cli | High | 7.5 | 2023-02-16 19:59:45 | Deep Dive |
| CVE-2022-39327 | Improper Control of Generation of Code ('Code Injection') in Azure CLI | Azure | azure-cli | High | 8.1 | 2022-10-25 00:00:00 | Deep Dive |