| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32792 | Packet of death with DNSCrypt | NLnet Labs | Unbound | - | - | 2026-05-20 09:17:48 | Deep Dive |
| CVE-2026-9064 | 389-ds-base: 389-ds-base: unbounded ldap controls count in get_ldapmessage_controls_ext() causes cpu and heap amplification (remote dos) | Red Hat | Red Hat Directory Server 11 | High | 7.5 | 2026-05-20 09:00:43 | Deep Dive |
| CVE-2026-41054 | Missing exit out of permission check in haveged could lead to root exploit | SUSE | Container suse/sle-micro-rancher/5.3:latest | High | 7.8 | 2026-05-20 08:56:14 | Deep Dive |
| CVE-2026-44933 | Path Traversal in Plugin Loading in libzypp | SUSE | SUSE Linux Enterprise | High | 7.8 | 2026-05-20 08:51:13 | Deep Dive |
| CVE-2026-9065 | Surecart - SQL Injection | brainstormforce | Surecart | - | - | 2026-05-20 08:23:55 | Deep Dive |
| CVE-2026-9059 | NextGEN Gallery - SQL Injection | awesomemotive | NextGEN Gallery | - | - | 2026-05-20 07:41:28 | Deep Dive |
| CVE-2026-5200 | AcyMailing <= 10.8.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via 'acymailing_router' | acyba | AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress | High | 8.8 | 2026-05-20 06:46:04 | Deep Dive |
| CVE-2026-6405 | Anomify AI <= 0.3.6 - Cross-Site Request Forgery | simonholliday | Anomify AI – Anomaly Detection and Alerting | Medium | 4.3 | 2026-05-20 06:46:03 | Deep Dive |
| CVE-2026-7385 | Decent Comments < 3.0.2 - Unauthenticated Email Address Disclosure | Unknown | Decent Comments | - | - | 2026-05-20 06:00:09 | Deep Dive |
| CVE-2026-5776 | Email Encoder < 2.4.7 - Unauthenticated Stored XSS | Unknown | Email Encoder | - | - | 2026-05-20 06:00:02 | Deep Dive |
| CVE-2026-47784🧪 | Memcached<1.6.42旁路漏洞 | memcached | memcached | High | 8.1 | 2026-05-20 05:45:38 | Deep Dive |
| CVE-2026-47783🧪 | memcached<1.6.42 SASL时序侧信道漏洞 | memcached | memcached | High | 8.1 | 2026-05-20 05:43:47 | Deep Dive |
| CVE-2026-2955 | AI Chatbot & Workflow Automation by AIWU <= 1.4.14 - Unauthenticated Stored Cross-Site Scripting via 'X-Forwarded-For' Header | wupsales | AI Chatbot & Workflow Automation by AIWU | Medium | 6.4 | 2026-05-20 05:31:16 | Deep Dive |
| CVE-2026-6566 | Photo Gallery, Sliders, Proofing and Themes <= 4.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Image Deletion via REST API | smub | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery | Medium | 4.3 | 2026-05-20 05:31:11 | Deep Dive |
| CVE-2026-44392 | Movable Type权限绕过漏洞 | Six Apart Ltd. | Movable Type | - | - | 2026-05-20 05:28:15 | Deep Dive |
| CVE-2026-9057 | Security fix for Qlik Talend Administration Center URL access control vulnerability | Talend | Talend Administration Center | High | 8.2 | 2026-05-20 04:39:39 | Deep Dive |
| CVE-2026-9056 | Security fix for Qlik Talend Administration Center cross-site scripting vulnerability | Talend | Talend Administration Center | Medium | 5.4 | 2026-05-20 04:35:39 | Deep Dive |
| CVE-2026-7522 | Advanced Database Cleaner – Premium <= 4.1.0 - Authenticated (Subscriber+) Local File Inclusion via 'template' | SigmaPlugin | Advanced Database Cleaner – Premium | High | 8.8 | 2026-05-20 04:27:48 | Deep Dive |
| CVE-2026-5075 | All in One SEO <= 4.9.7 - Authenticated (Contributor+) Sensitive Information Exposure via 'internalOptions' Localized Script Data | smub | All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic | Medium | 4.3 | 2026-05-20 03:28:14 | Deep Dive |
| CVE-2026-24163 | NVIDIA TRT-LLM反序列化漏洞 | NVIDIA | TensorRT-LLM | High | 7.5 | 2026-05-20 03:03:02 | Deep Dive |