| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35023 | Wimi Teamwork On-Premises < 8.2.0 IDOR via preview.php | Cloud Solutions SAS | Wimi Teamwork | Medium | 4.3 | 2026-04-08 12:59:26 | Deep Dive |
| CVE-2026-28261 | Dell ObjectScale和Dell Elastic Cloud Storage 日志信息泄露漏洞 | Dell | Elastic Cloud Storage | High | 7.8 | 2026-04-08 12:43:54 | Deep Dive |
| CVE-2025-14944 | Backup Migration <= 2.0.0 - Missing Authorization to Unauthenticated Backup Upload to Offline Storage | inisev | BackupBliss – Backup & Migration with Free Cloud Storage | Medium | 5.3 | 2026-04-07 16:26:25 | Deep Dive |
| CVE-2026-5601 | Acrel Electrical Prepaid Cloud Platform Backup File bin.rar information disclosure | Acrel Electrical | Prepaid Cloud Platform | Medium | 5.3 | 2026-04-05 22:00:14 | Deep Dive |
| CVE-2026-5529 | Dromara lamp-cloud DefUserController pageUser improper authorization | Dromara | lamp-cloud | Medium | 4.3 | 2026-04-05 00:15:13 | Deep Dive |
| CVE-2025-10681 | Gardyn Mobile Application and Device Firmware Use Hard-coded Credentials | Gardyn | Mobile Application | High | 8.6 | 2026-04-03 20:26:13 | Deep Dive |
| CVE-2026-25197 | Gardyn Cloud API Authorization Bypass Through User-Controlled Key | Gardyn | Cloud API | Critical | 9.1 | 2026-04-03 20:23:20 | Deep Dive |
| CVE-2026-28766 | Gardyn Cloud API Missing Authentication for Critical Function | Gardyn | Cloud API | Critical | 9.3 | 2026-04-03 20:20:57 | Deep Dive |
| CVE-2026-28767 | Gardyn Cloud API Missing Authentication for Critical Function | Gardyn | Cloud API | Medium | 5.3 | 2026-04-03 20:18:05 | Deep Dive |
| CVE-2026-32646 | Gardyn Cloud API Missing Authentication for Critical Function | Gardyn | Cloud API | High | 7.5 | 2026-04-03 20:15:46 | Deep Dive |
| CVE-2026-32662 | Gardyn Cloud API Active Debug Code | Gardyn | Cloud API | Medium | 5.3 | 2026-04-03 20:11:56 | Deep Dive |
| CVE-2026-5148 | YunaiV yudao-cloud page sql injection | YunaiV | yudao-cloud | Medium | 4.7 | 2026-03-30 19:45:10 | Deep Dive |
| CVE-2026-5147 | YunaiV yudao-cloud get-by-website sql injection | YunaiV | yudao-cloud | High | 7.3 | 2026-03-30 18:45:14 | Deep Dive |
| CVE-2026-1995 | IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability | IDrive | IDrive Cloud Backup Client for Windows | - | - | 2026-03-24 18:00:16 | Deep Dive |
| CVE-2026-22739 | Spring Cloud Config Profile Substitution Can Allow Unintended Access To Files And Enable SSRF Attacks | Spring | Spring Cloud | High | 8.6 | 2026-03-24 00:16:53 | Deep Dive |
| CVE-2026-2298 | Salesforce Marketing Cloud Engagement 安全漏洞 | Salesforce | Marketing Cloud Engagement | - | - | 2026-03-23 19:54:33 | Deep Dive |
| CVE-2026-4536 | Acrel Environmental Monitoring Cloud Platform unrestricted upload | Acrel | Environmental Monitoring Cloud Platform | High | 7.3 | 2026-03-22 04:02:11 | Deep Dive |
| CVE-2026-32169 | Azure Cloud Shell Elevation of Privilege Vulnerability | Microsoft | Azure Cloud Shell | Critical | 10.0 | 2026-03-19 21:06:21 | Deep Dive |
| CVE-2026-32266 | Google Cloud Storage for Craft CMS has an Information Disclosure Vulnerability | craftcms | google-cloud | 中危 | - | 2026-03-18 03:46:00 | Deep Dive |
| CVE-2026-22727 | Cloud Foundry unprotected internal endpoints | Cloudfoundry | Cloud Foundry | High | 7.5 | 2026-03-17 22:45:09 | Deep Dive |