| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2018-25188 | Webiness Inventory 2.3 SQL Injection via WsModelGrid.php | Github | Webiness Inventory | High | 8.2 | 2026-03-06 12:19:14 | Deep Dive |
| CVE-2026-2836 | Cache poisoning via insecure-by-default cache key | Cloudflare | https://github.com/cloudflare/pingora | - | - | 2026-03-04 23:44:56 | Deep Dive |
| CVE-2026-2835 | HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing | Cloudflare | https://github.com/cloudflare/pingora | - | - | 2026-03-04 23:32:41 | Deep Dive |
| CVE-2026-2833 | HTTP Request Smuggling via Premature Upgrade | Cloudflare | https://github.com/cloudflare/pingora | - | - | 2026-03-04 23:20:52 | Deep Dive |
| CVE-2026-26957 | Libredesk has an SSRF Vulnerability via Webhooks | abhinavxd | github.com/abhinavxd/libredesk | - | - | 2026-02-19 23:30:48 | Deep Dive |
| CVE-2026-1999 | Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requests | GitHub | Enterprise Server | 中危 | - | 2026-02-18 20:44:51 | Deep Dive |
| CVE-2026-1355 | Missing Authorization Check in GitHub Enterprise Server Allows Unauthorized Uploads to Repository Migration Exports | GitHub | Enterprise Server | 中危 | - | 2026-02-18 20:42:07 | Deep Dive |
| CVE-2026-0573 | Improper Handling of HTTP Redirects vulnerability was identified in GitHub Enterprise Server that allowed leaking of authorization token and enabled remote code execution | GitHub | Enterprise Server | 超危 | - | 2026-02-18 20:37:40 | Deep Dive |
| CVE-2026-1200 | Remote code execution via segmentation fault in increasebufferto function | https://github.com/rgaufman/live555 | rgaufman/live555 | Medium | 6.3 | 2026-02-18 20:21:56 | Deep Dive |
| CVE-2025-14282 | Dropbear: privilege escalation via unix domain socket forwardings | https://github.com/mkj/dropbear/ | dropbear | Medium | 5.4 | 2026-02-12 21:37:57 | Deep Dive |
| CVE-2026-21516 | GitHub Copilot for Jetbrains Remote Code Execution Vulnerability | Microsoft | GitHub Copilot Plugin for JetBrains IDEs | High | 8.8 | 2026-02-10 17:51:35 | Deep Dive |
| CVE-2026-0756 | github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability | github-kanban-mcp-server | github-kanban-mcp-server | 超危 | - | 2026-01-23 03:26:23 | Deep Dive |
| CVE-2025-14338 | Polkit authentication dis isabled by default in inputplumber | https://github.com/ShadowBlip | inputplumber | - | - | 2026-01-14 11:55:32 | Deep Dive |
| CVE-2025-66005 | Lack of Authentication in the InputManager D-Bus interface | https://github.com/ShadowBlip | inputplumber | - | - | 2026-01-14 11:53:50 | Deep Dive |
| CVE-2025-67859 | Polkit Authorization Check can be Bypassed in the TLP power daemon | https://github.com/linrunner | TLP | - | - | 2026-01-14 11:34:12 | Deep Dive |
| CVE-2025-67858 | A crafted "interface" input parameter can lead to integrity loss of the firewall configuration | https://github.com/FoobarOy/ | Foomuuri | 中危 | - | 2026-01-08 15:23:46 | Deep Dive |
| CVE-2025-67603 | Lack of client authorization allows arbitrary users to influence the firewall configuration | https://github.com/FoobarOy/ | Foomuuri | 中危 | - | 2026-01-08 15:04:43 | Deep Dive |
| CVE-2025-66003 | Local users can perform a local root exploit via smb4k mounthelper | https://github.com/KDE/ | smb4k | 高危 | - | 2026-01-08 14:58:46 | Deep Dive |
| CVE-2025-66002 | Local users can perform arbitrary unmounts via smb4k mount helper due to lack of input validation | https://github.com/KDE/ | smb4k | 高危 | - | 2026-01-08 14:25:44 | Deep Dive |
| CVE-2025-14147 | Easy GitHub Gist Shortcodes <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute | corsonr | Easy GitHub Gist Shortcodes | Medium | 6.4 | 2026-01-07 09:21:03 | Deep Dive |