| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-8556 | Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results | - | - | Low | 3.7 | 2025-08-06 08:48:18 | Deep Dive |
| CVE-2025-33013 | IBM MQ Operator information disclosure | IBM | MQ Operator | Medium | 6.2 | 2025-07-24 14:55:05 | Deep Dive |
| CVE-2025-36005 | IBM MQ Operator information disclosure | IBM | MQ Operator | Medium | 5.9 | 2025-07-24 14:52:53 | Deep Dive |
| CVE-2025-7021 | OpenAI Operator - API Spoofing through Locking Operator on FullScreen | OpenAI | Operator | - | - | 2025-07-10 19:09:41 | Deep Dive |
| CVE-2025-7425 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | GNOME | libxml2 | High | 7.8 | 2025-07-10 13:53:37 | Deep Dive |
| CVE-2025-6020 | Linux-pam: linux-pam directory traversal | - | - | High | 7.8 | 2025-06-17 12:44:09 | Deep Dive |
| CVE-2025-49794 | Libxml: heap use after free (uaf) leads to denial of service (dos) | - | - | Critical | 9.1 | 2025-06-16 15:24:31 | Deep Dive |
| CVE-2025-49796 | Libxml: type confusion leads to denial of service (dos) | - | - | Critical | 9.1 | 2025-06-16 15:14:28 | Deep Dive |
| CVE-2025-36041 | IBM MQ improper certificate validation | IBM | MQ Operator | Medium | 4.7 | 2025-06-15 12:51:06 | Deep Dive |
| CVE-2025-5282 | WP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | wptravelengine | WP Travel Engine – Tour Booking Plugin – Tour Operator Software | High | 7.5 | 2025-06-13 03:41:45 | Deep Dive |
| CVE-2025-5914 | Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c | - | - | High | 7.8 | 2025-06-09 19:53:49 | Deep Dive |
| CVE-2025-43004 | Security Misconfiguration Vulnerability in SAP Digital Manufacturing (Production Operator Dashboard) | SAP_SE | SAP Digital Manufacturing (Production Operator Dashboard) | Medium | 5.3 | 2025-05-13 00:18:35 | Deep Dive |
| CVE-2025-1333 | IBM MQ Operator information disclosure | IBM | MQ Operator | Medium | 6.0 | 2025-05-01 22:07:09 | Deep Dive |
| CVE-2025-27365 | IBM MQ Operator denial of service | IBM | MQ Operator | Medium | 6.5 | 2025-05-01 21:24:25 | Deep Dive |
| CVE-2025-32963 | Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS | minio | operator | 中危 | - | 2025-04-22 17:14:57 | Deep Dive |
| CVE-2025-24375 | MySQL K8s charm could leak credentials for root-level user `serverconfig` | canonical | mysql-k8s-operator | Medium | 5.0 | 2025-04-09 22:21:38 | Deep Dive |
| CVE-2025-23680 | WordPress Narnoo Operator plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability | Narnoo | Narnoo Operator | High | 7.1 | 2025-03-26 14:24:16 | Deep Dive |
| CVE-2025-29781 | Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD | metal3-io | baremetal-operator | Medium | 6.5 | 2025-03-17 21:37:32 | Deep Dive |
| CVE-2024-8176 | Libexpat: expat: improper restriction of xml entity expansion depth in libexpat | - | - | High | 7.5 | 2025-03-14 08:19:49 | Deep Dive |
| CVE-2025-23359 | NVIDIA Container Toolkit 安全漏洞 | NVIDIA | Container Toolkit | High | 8.3 | 2025-02-12 00:52:44 | Deep Dive |