| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58782 | Apache Jackrabbit Core, Apache Jackrabbit JCR Commons: JNDI injection risk with JndiRepositoryFactory | Apache Software Foundation | Apache Jackrabbit Core | - | - | 2025-09-08 08:53:16 | Deep Dive |
| CVE-2025-25048 | IBM Jazz Foundation path traversal | IBM | Jazz Foundation | Medium | 6.5 | 2025-09-04 15:06:15 | Deep Dive |
| CVE-2024-43184 | IBM Jazz Foundation cross-site scripting | IBM | Jazz Foundation | Medium | 6.1 | 2025-09-04 15:04:57 | Deep Dive |
| CVE-2024-43166 | Apache DolphinScheduler 安全漏洞 | Apache Software Foundation | Apache DolphinScheduler | - | - | 2025-09-03 09:10:24 | Deep Dive |
| CVE-2024-43115 | Apache DolphinScheduler: Alert Script Attack | Apache Software Foundation | Apache DolphinScheduler | - | - | 2025-09-03 08:38:32 | Deep Dive |
| CVE-2025-9817 | NULL Pointer Dereference in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2025-09-03 07:38:59 | Deep Dive |
| CVE-2025-26467 | Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions (4.0.16 only) | Apache Software Foundation | Apache Cassandra | 高危 | - | 2025-08-25 14:06:29 | Deep Dive |
| CVE-2025-54812 | Apache Log4cxx: Improper HTML escaping in HTMLLayout | Apache Software Foundation | Apache Log4cxx | - | - | 2025-08-22 18:46:46 | Deep Dive |
| CVE-2025-54813 | Apache Log4cxx: Improper escaping with JSONLayout | Apache Software Foundation | Apache Log4cxx | - | - | 2025-08-22 18:45:43 | Deep Dive |
| CVE-2024-48988 | Apache StreamPark: SQL injection vulnerability | Apache Software Foundation | Apache StreamPark | 高危 | - | 2025-08-22 18:24:22 | Deep Dive |
| CVE-2025-54988 | Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA | Apache Software Foundation | Apache Tika PDF parser module | High | 8.4 | 2025-08-20 20:08:49 | Deep Dive |
| CVE-2024-39954 | Apache EventMesh Runtime: SSRF | Apache Software Foundation | Apache EventMesh Runtime | 中危 | - | 2025-08-20 08:56:42 | Deep Dive |
| CVE-2025-53192 | Apache Commons OGNL: Expression Injection leading to RCE | Apache Software Foundation | Apache Commons OGNL | 高危 | - | 2025-08-18 20:09:31 | Deep Dive |
| CVE-2025-54466 | Apache OFBiz: RCE Vulnerability in scrum plugin | Apache Software Foundation | Apache OFBiz | - | - | 2025-08-15 14:13:53 | Deep Dive |
| CVE-2025-55675 | Apache Superset: Incorrect datasource authorization on REST API | Apache Software Foundation | Apache Superset | - | - | 2025-08-14 13:18:54 | Deep Dive |
| CVE-2025-55674 | Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions | Apache Software Foundation | Apache Superset | - | - | 2025-08-14 13:18:11 | Deep Dive |
| CVE-2025-55672 | Apache Superset: Stored XSS on charts metadata | Apache Software Foundation | Apache Superset | - | - | 2025-08-14 13:17:34 | Deep Dive |
| CVE-2025-55673 | Apache Superset: Metadata exposure in embedded charts | Apache Software Foundation | Apache Superset | - | - | 2025-08-14 13:16:27 | Deep Dive |
| CVE-2025-54472 | Apache bRPC: Redis Parser Remote Denial of Service | Apache Software Foundation | Apache bRPC | - | - | 2025-08-14 09:05:39 | Deep Dive |
| CVE-2025-55668 | Apache Tomcat: session fixation via rewrite valve | Apache Software Foundation | Apache Tomcat | 中危 | - | 2025-08-13 13:21:36 | Deep Dive |