| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-48189 | Bypass DedicatedAgentToCustomerGroups Setting | OTRS AG | OTRS | Medium | 5.7 | 2026-06-01 03:33:03 | Deep Dive |
| CVE-2026-48190 | Incorrect handling of permissions in External Interface Config Item List module | OTRS AG | OTRS | Low | 3.5 | 2026-06-01 03:32:54 | Deep Dive |
| CVE-2026-48191 | Wrong Permission Handling in Document Search Article Meta Filters | OTRS AG | OTRS | Low | 3.5 | 2026-06-01 03:32:48 | Deep Dive |
| CVE-2026-48208 | Denial-of-Service via SVG Rendering in Ticket | OTRS AG | OTRS | Medium | 6.5 | 2026-06-01 03:32:39 | Deep Dive |
| CVE-2026-48209 | Reflected XSS in authenticated agent context | OTRS AG | OTRS | High | 7.1 | 2026-06-01 03:32:28 | Deep Dive |
| CVE-2026-10220 | NousResearch hermes-agent skills_tool.py skill_view injection | NousResearch | hermes-agent | High | 7.3 | 2026-06-01 03:30:10 | Deep Dive |
| CVE-2026-20456 | wlan STA驱动越界检查缺失致DoS漏洞 | MediaTek, Inc. | MediaTek chipset | - | - | 2026-06-01 03:20:14 | Deep Dive |
| CVE-2026-20455 | Alps芯片越界写入致提权 | MediaTek, Inc. | MediaTek chipset | - | - | 2026-06-01 03:20:13 | Deep Dive |
| CVE-2026-20454 | GenieZone漏洞:竞态条件致越界写入 | MediaTek, Inc. | MediaTek chipset | - | - | 2026-06-01 03:20:11 | Deep Dive |
| CVE-2026-20453 | Alps geniezone缺失边界检查致特权提升 | MediaTek, Inc. | MediaTek chipset | - | - | 2026-06-01 03:20:10 | Deep Dive |
| CVE-2026-20452 | WLAN AP驱动堆溢出致远程代码执行 | MediaTek, Inc. | MediaTek chipset | - | - | 2026-06-01 03:20:08 | Deep Dive |
| CVE-2026-10219 | nextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injection | nextlevelbuilder | GoClaw | High | 7.3 | 2026-06-01 03:15:09 | Deep Dive |
| CVE-2026-10218 | nextlevelbuilder GoClaw evolution_handlers.go auth improper authorization | nextlevelbuilder | GoClaw | Medium | 5.4 | 2026-06-01 03:00:13 | Deep Dive |
| CVE-2026-10217 | nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management | nextlevelbuilder | GoClaw | Medium | 6.3 | 2026-06-01 02:45:09 | Deep Dive |
| CVE-2026-10216 | unitedbyai droidclaw claim Endpoint pairing.ts excessive authentication | unitedbyai | droidclaw | Low | 3.7 | 2026-06-01 02:30:10 | Deep Dive |
| CVE-2026-10215 | Dolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization | Dolibarr | ERP CRM | Medium | 4.3 | 2026-06-01 02:15:09 | Deep Dive |
| CVE-2026-10214 | zhayujie chatgpt-on-wechat Bash Tool bash.py _get_safety_warning os command injection | zhayujie | chatgpt-on-wechat | High | 7.3 | 2026-06-01 02:00:11 | Deep Dive |
| CVE-2026-10213 | AstrBotDevs AstrBot API Endpoint delete path traversal | AstrBotDevs | AstrBot | Medium | 5.4 | 2026-06-01 01:45:07 | Deep Dive |
| CVE-2026-10212 | AstrBotDevs AstrBot astr_main_agent.py astr_main_agent authorization | AstrBotDevs | AstrBot | Medium | 6.3 | 2026-06-01 01:30:10 | Deep Dive |
| CVE-2026-10211 | AstrBotDevs AstrBot fs.py _normalize_rw_path authorization | AstrBotDevs | AstrBot | Medium | 6.3 | 2026-06-01 01:15:10 | Deep Dive |