| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-7218 | Totolink N300RT libapmib.so formWsc is_cmd_string_valid buffer overflow | Totolink | N300RT | High | 7.2 | 2026-04-28 02:45:13 | Deep Dive |
| CVE-2026-7217 | Deepractice PromptX Document File index.ts read_pdf absolute path traversal | Deepractice | PromptX | Medium | 5.3 | 2026-04-28 02:30:15 | Deep Dive |
| CVE-2026-7216 | donchelo processing-claude-mcp-bridge create_sketch Tool processing_server.py path traversal | donchelo | processing-claude-mcp-bridge | High | 7.3 | 2026-04-28 02:15:11 | Deep Dive |
| CVE-2026-1460 | Zyxel DX3301-T0和Zyxel EX3301-T0 操作系统命令注入漏洞 | Zyxel | DX3301-T0 firmware | High | 7.2 | 2026-04-28 02:06:23 | Deep Dive |
| CVE-2026-7215 | egtai gmx-vmd-mcp VMD Launch mcp_server.py launch_vmd_gui_tool command injection | egtai | gmx-vmd-mcp | High | 7.3 | 2026-04-28 02:00:22 | Deep Dive |
| CVE-2026-0711 | Zyxel DX3300-T0 操作系统命令注入漏洞 | Zyxel | DX3300-T0 firmware | Medium | 6.8 | 2026-04-28 01:57:54 | Deep Dive |
| CVE-2026-7214 | eghuzefa engineer-your-data server.py file_inf path traversal | eghuzefa | engineer-your-data | High | 7.3 | 2026-04-28 01:45:12 | Deep Dive |
| CVE-2026-7213 | ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal | ef10007 | MLOps_MCP | High | 7.3 | 2026-04-28 01:30:27 | Deep Dive |
| CVE-2026-7212 | edvardlindelof notes-mcp notes_mcp.py path traversal | edvardlindelof | notes-mcp | High | 7.3 | 2026-04-28 01:15:13 | Deep Dive |
| CVE-2026-7211 | dvladimirov MCP Git Search API mcp_server.py GitSearchRequest command injection | dvladimirov | MCP | High | 7.3 | 2026-04-28 01:00:21 | Deep Dive |
| CVE-2026-7206 | dubydu sqlite-mcp entry.py extract_to_json sql injection | dubydu | sqlite-mcp | High | 7.3 | 2026-04-28 00:45:13 | Deep Dive |
| CVE-2026-7205 | duartium papers-mcp-server main.py search_papers path traversal | duartium | papers-mcp-server | High | 7.3 | 2026-04-28 00:30:17 | Deep Dive |
| CVE-2026-7204 | Totolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injection | Totolink | A8000RU | Critical | 9.8 | 2026-04-28 00:15:15 | Deep Dive |
| CVE-2026-7203 | Totolink A8000RU CGI cstecgi.cgi setUrlFilterRules os command injection | Totolink | A8000RU | Critical | 9.8 | 2026-04-28 00:00:23 | Deep Dive |
| CVE-2026-40355 | MIT Kerberos 代码问题漏洞 | MIT | Kerberos 5 | Medium | 5.9 | 2026-04-28 00:00:00 | Deep Dive |
| CVE-2026-41525 | Dolphin 安全漏洞 | KDE | Dolphin | Medium | 6.5 | 2026-04-28 00:00:00 | Deep Dive |
| CVE-2026-41526 | KCoreAddons 安全漏洞 | KDE | KCoreAddons | Medium | 6.5 | 2026-04-28 00:00:00 | Deep Dive |
| CVE-2026-40356 | MIT Kerberos 数字错误漏洞 | MIT | Kerberos 5 | Medium | 5.9 | 2026-04-28 00:00:00 | Deep Dive |
| CVE-2025-67223 | Aranda Service Desk 安全漏洞 | - | - | - | - | 2026-04-28 00:00:00 | Deep Dive |
| CVE-2026-38651 | Gravitl Netmaker 数据伪造问题漏洞 | - | - | - | - | 2026-04-28 00:00:00 | Deep Dive |