| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-22018 | Oracle多款产品 安全漏洞 | Oracle Corporation | Oracle Java SE | Low | 3.7 | 2026-04-21 20:35:11 | Deep Dive |
| CVE-2026-22016 | Oracle多款产品 安全漏洞 | Oracle Corporation | Oracle Java SE | High | 7.5 | 2026-04-21 20:35:10 | Deep Dive |
| CVE-2026-22013 | Oracle多款产品 安全漏洞 | Oracle Corporation | Oracle Java SE | Medium | 5.3 | 2026-04-21 20:35:09 | Deep Dive |
| CVE-2026-22007 | Oracle多款产品 安全漏洞 | Oracle Corporation | Oracle Java SE | Low | 2.9 | 2026-04-21 20:35:05 | Deep Dive |
| CVE-2026-22006 | Oracle PeopleSoft Enterprise HCM Human Resources 安全漏洞 | Oracle Corporation | PeopleSoft Enterprise HCM Human Resources | Medium | 5.4 | 2026-04-21 20:35:04 | Deep Dive |
| CVE-2026-22003 | Oracle Java SE和Oracle GraalVM Enterprise Edition 安全漏洞 | Oracle Corporation | Oracle Java SE | Medium | 6.0 | 2026-04-21 20:35:03 | Deep Dive |
| CVE-2025-13480 | Incorrect authorization in Fudo Enterprise | Fudo Security | Fudo Enterprise | - | - | 2026-04-20 09:00:16 | Deep Dive |
| CVE-2026-6564 | EMQ EMQX Enterprise Session Handling improper authorization | EMQ | EMQX Enterprise | Medium | 4.3 | 2026-04-19 09:30:15 | Deep Dive |
| CVE-2026-6507 | Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing | Red Hat | Red Hat Enterprise Linux 10 | High | 7.5 | 2026-04-17 12:23:32 | Deep Dive |
| CVE-2025-15622 | Sparx Enterprise Architect Client reveals plaintext OAuth2 client secret | Sparx Systems Pty Ltd. | Sparx Enterprise Architect | - | - | 2026-04-17 08:35:05 | Deep Dive |
| CVE-2026-5807 | Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations | HashiCorp | Vault | High | 7.5 | 2026-04-17 03:22:14 | Deep Dive |
| CVE-2026-4525 | Vault Token Leaked to Backends via Authorization: Bearer Passthrough Header | HashiCorp | Vault | High | 7.5 | 2026-04-17 03:00:48 | Deep Dive |
| CVE-2026-5052 | Vault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS | HashiCorp | Vault | Medium | 5.3 | 2026-04-17 02:55:25 | Deep Dive |
| CVE-2026-3605 | Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service | HashiCorp | Vault | High | 8.1 | 2026-04-17 02:44:42 | Deep Dive |
| CVE-2025-15621 | Sparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authentication | Sparx Systems Pty Ltd. | Sparx Enterprise Architect | - | - | 2026-04-16 12:40:09 | Deep Dive |
| CVE-2026-6385 | Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser | Red Hat | Lightspeed Core | Medium | 6.5 | 2026-04-15 19:18:39 | Deep Dive |
| CVE-2026-6384 | Gimp: gimp: arbitrary code execution or denial of service via buffer overflow in gif image processing | Red Hat | Red Hat Enterprise Linux 6 | High | 7.3 | 2026-04-15 19:09:11 | Deep Dive |
| CVE-2026-40919 | Gimp: gimp: denial of service via specially crafted seattle filmworks file | Red Hat | Red Hat Enterprise Linux 6 | Medium | 6.1 | 2026-04-15 18:59:16 | Deep Dive |
| CVE-2026-40918 | Gimp: gimp: denial of service via crafted pvr image file | Red Hat | Red Hat Enterprise Linux 6 | Medium | 5.5 | 2026-04-15 18:59:15 | Deep Dive |
| CVE-2026-40917 | Gimp: gimp: application crashes or information disclosure via crafted icns image files | Red Hat | Red Hat Enterprise Linux 6 | Medium | 5.0 | 2026-04-15 18:59:09 | Deep Dive |