| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-3484 | PhialsBasement nmap-mcp-server Nmap CLI index.ts child_process.exec command injection | PhialsBasement | nmap-mcp-server | Medium | 6.3 | 2026-03-03 19:32:09 | Deep Dive |
| CVE-2026-3494 | MariaDB Server Audit Plugin Comment Handling Bypass | MariaDB Foundation | MariaDB Server | Medium | 4.3 | 2026-03-03 18:12:12 | Deep Dive |
| CVE-2026-20757 | Gallagher Command Centre Server 安全漏洞 | Gallagher | Command Centre Server | Low | 2.5 | 2026-03-03 02:40:46 | Deep Dive |
| CVE-2026-23600 | HPE AutoPass License Server 安全漏洞 | Hewlett Packard Enterprise (HPE) | HPE AutoPass License Server (APLS) | - | - | 2026-03-02 14:18:08 | Deep Dive |
| CVE-2026-2750 | Command Injection via CLAPI generatetraps | Centreon | Centreon Open Tickets on Central Server | Critical | 9.1 | 2026-02-27 14:58:29 | Deep Dive |
| CVE-2026-2751 | Blind SQL Injection | Centreon | Centreon Web on Central Server | High | 8.3 | 2026-02-27 13:33:45 | Deep Dive |
| CVE-2025-13327 | Uv: uv: specially crafted zip archives lead to arbitrary code execution due to parsing differentials | astral-sh | uv | Medium | 6.3 | 2026-02-27 07:30:20 | Deep Dive |
| CVE-2026-27818 | TerriaJS-Server has a domain validation bypass vulnerability in its proxy allowlist | TerriaJS | terriajs-server | - | - | 2026-02-26 00:02:45 | Deep Dive |
| CVE-2026-27804 | Parse Server: Account takeover via JWT algorithm confusion in Google auth adapter | parse-community | parse-server | - | - | 2026-02-25 23:48:21 | Deep Dive |
| CVE-2026-3221 | Devolutions Server 安全漏洞 | Devolutions | Server | - | - | 2026-02-25 18:29:12 | Deep Dive |
| CVE-2026-0704 | Octopus Deploy 安全漏洞 | Octopus Deploy | Octopus Server | - | - | 2026-02-25 12:22:18 | Deep Dive |
| CVE-2026-25785 | MOTEX LanScope Endpoint Manager 路径遍历漏洞 | MOTEX Inc. | Lanscope Endpoint Manager (On-Premises) Sub-Manager Server | - | - | 2026-02-25 06:01:05 | Deep Dive |
| CVE-2025-46320 | FileMaker Server 安全漏洞 | Claris | FileMaker Server | - | - | 2026-02-24 20:30:26 | Deep Dive |
| CVE-2026-3131 | Devolutions Server 安全漏洞 | Devolutions | Server | 中危 | - | 2026-02-24 19:01:29 | Deep Dive |
| CVE-2026-1768 | Devolutions Server 安全漏洞 | Devolutions | Devolutions Server | 中危 | - | 2026-02-24 19:01:08 | Deep Dive |
| CVE-2026-27571 | nats-server websockets are vulnerable to pre-auth memory DoS | nats-io | nats-server | Medium | 5.9 | 2026-02-24 15:59:18 | Deep Dive |
| CVE-2024-1524 | A local user can be impersonated when using federated authentication with Silent JIT Provisioning. | WSO2 | WSO2 API Manager | High | 7.7 | 2026-02-24 08:51:11 | Deep Dive |
| CVE-2025-9120 | RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup. | OpenText™ | Carbonite Safe Server Backup | - | - | 2026-02-24 00:03:09 | Deep Dive |
| CVE-2025-14905 | 389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow | Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 | High | 7.2 | 2026-02-23 15:41:48 | Deep Dive |
| CVE-2026-27480 | Static Web Server: Timing-Based Username Enumeration in Basic Authentication | static-web-server | static-web-server | Medium | 5.3 | 2026-02-21 09:14:30 | Deep Dive |