| CVE-2025-26521 | Apache CloudStack: CKS cluster in project exposes user API keys | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:08:49 | Deep Dive |
| CVE-2025-47849 | Apache CloudStack: Insecure access of user's API/Secret Keys in the same domain | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:07:55 | Deep Dive |
| CVE-2025-47713 | Apache CloudStack: Domain Admin can reset Admin password in Root Domain | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:06:46 | Deep Dive |
| CVE-2025-27817 | Apache Kafka Client: Arbitrary file read and SSRF vulnerability | Apache Software Foundation | Apache Kafka Client | 高危 | - | 2025-06-10 07:55:14 | Deep Dive |
| CVE-2025-27819 | Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration | Apache Software Foundation | Apache Kafka | 高危 | - | 2025-06-10 07:54:42 | Deep Dive |
| CVE-2025-27818 | Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration | Apache Software Foundation | Apache Kafka | 高危 | - | 2025-06-10 07:52:32 | Deep Dive |
| CVE-2025-27531 | Apache InLong: An arbitrary file read vulnerability for JDBC | Apache Software Foundation | Apache InLong | - | - | 2025-06-06 14:55:29 | Deep Dive |
| CVE-2025-5601 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2025-06-04 10:30:46 | Deep Dive |
| CVE-2025-46548 | Apache Pekko Management, Apache Pekko Management, Apache Pekko Management, Akka Management, Akka Management, Akka Management: management API basic authentication is not effective | Apache Software Foundation | Apache Pekko Management | - | - | 2025-06-03 14:45:33 | Deep Dive |
| CVE-2024-12718 | Bypass extraction filter to modify file metadata outside extraction directory | Python Software Foundation | CPython | Medium | 5.3 | 2025-06-03 12:59:11 | Deep Dive |
| CVE-2025-4435 | Tarfile extracts filtered members when errorlevel=0 | Python Software Foundation | CPython | High | 7.5 | 2025-06-03 12:59:07 | Deep Dive |
| CVE-2025-4138 | Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory | Python Software Foundation | CPython | High | 7.5 | 2025-06-03 12:59:03 | Deep Dive |
| CVE-2025-4330 | Extraction filter bypass for linking outside extraction directory | Python Software Foundation | CPython | High | 7.5 | 2025-06-03 12:58:57 | Deep Dive |
| CVE-2025-4517 | Arbitrary writes via tarfile realpath overflow | Python Software Foundation | CPython | Critical | 9.4 | 2025-06-03 12:58:50 | Deep Dive |
| CVE-2025-48912 | Apache Superset: Improper authorization bypass on row level security via SQL Injection | Apache Software Foundation | Apache Superset | - | - | 2025-05-30 08:26:16 | Deep Dive |
| CVE-2025-46701 | Apache Tomcat: Security constraint bypass for CGI scripts | Apache Software Foundation | Apache Tomcat | - | - | 2025-05-29 19:06:04 | Deep Dive |
| CVE-2025-48734 | Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default | Apache Software Foundation | Apache Commons BeanUtils 1.x | - | - | 2025-05-28 13:32:08 | Deep Dive |
| CVE-2025-27528 | Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read | Apache Software Foundation | Apache InLong | - | - | 2025-05-28 08:12:28 | Deep Dive |
| CVE-2025-27526 | Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass | Apache Software Foundation | Apache InLong | - | - | 2025-05-28 08:07:35 | Deep Dive |
| CVE-2025-27522 | Apache InLong: JDBC Vulnerability during verification processing | Apache Software Foundation | Apache InLong | - | - | 2025-05-28 08:06:04 | Deep Dive |