| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24160 | NVIDIA TRT-LLM空指针解引用导致拒绝服务 | NVIDIA | TensorRT-LLM | Medium | 5.5 | 2026-05-20 03:01:50 | Deep Dive |
| CVE-2026-24142 | NVIDIA TRT-LLM反序列化漏洞导致代码执行 | NVIDIA | TensorRT-LLM | Medium | 6.3 | 2026-05-20 03:00:19 | Deep Dive |
| CVE-2025-33255 | NVIDIA TRT-LLM反序列化漏洞可导致代码执行 | NVIDIA | TensorRT-LLM | High | 7.5 | 2026-05-20 02:58:40 | Deep Dive |
| CVE-2026-24215 | NVIDIA Triton Inference Server DALI后端拒绝服务漏洞 | NVIDIA | Triton Inference Server | Medium | 5.7 | 2026-05-20 02:53:53 | Deep Dive |
| CVE-2026-24214 | NVIDIA Triton Inference Server DALI后端整数溢出漏洞 | NVIDIA | Triton Inference Server | High | 8.0 | 2026-05-20 02:52:10 | Deep Dive |
| CVE-2026-24213 | NVIDIA Triton Inference Server OOB读漏洞 | NVIDIA | Triton Inference Server | High | 8.0 | 2026-05-20 02:50:17 | Deep Dive |
| CVE-2026-24210 | NVIDIA Triton Inference Server 整数溢出致拒绝服务 | NVIDIA | Triton Inference Server | High | 7.5 | 2026-05-20 02:48:24 | Deep Dive |
| CVE-2026-24209 | NVIDIA Triton Inference Server路径穿越漏洞 | NVIDIA | Triton Inference Server | High | 7.5 | 2026-05-20 02:46:15 | Deep Dive |
| CVE-2026-24208 | NVIDIA Triton Inference Server路径穿越致拒绝服务漏洞 | NVIDIA | Triton Inference Server | Medium | 5.3 | 2026-05-20 02:44:37 | Deep Dive |
| CVE-2026-24207 | NVIDIA Triton Inference Server 认证绕过漏洞 | NVIDIA | Triton Inference Server | Critical | 9.8 | 2026-05-20 02:42:31 | Deep Dive |
| CVE-2026-9003 | TONNET|E-LAN Hybrid Recording System - SQL Injection | TONNET | TPR7308 | High | 7.5 | 2026-05-20 02:39:59 | Deep Dive |
| CVE-2026-24206 | NVIDIA Triton Inference Server认证绕过漏洞 | NVIDIA | Triton Inference Server | High | 7.3 | 2026-05-20 02:37:33 | Deep Dive |
| CVE-2026-7637 | Boost <= 2.0.3 - Unauthenticated PHP Object Injection via STYXKEY-BOOST_USER_LOCATION Cookie | PixelYourSite | Boost | Critical | 9.8 | 2026-05-20 02:27:48 | Deep Dive |
| CVE-2025-15369 | Xpro Addons — 140+ Widgets for Elementor <= 1.5.0 - Missing Authorization to Unauthenticated Xpro Template Creation | xpro | Xpro Addons — 140+ Widgets for Elementor | Medium | 5.3 | 2026-05-20 02:27:48 | Deep Dive |
| CVE-2026-9010 | Boost <= 2.0.3 - Unauthenticated Blind SQL Injection via Multiple Parameters | PixelYourSite | Boost | High | 7.5 | 2026-05-20 02:27:47 | Deep Dive |
| CVE-2026-7460 | mailcow-dockerized 2026-03b - Stored XSS in Queue Manager via unescaped | mailcow | mailcow-dockerized | - | - | 2026-05-20 02:19:08 | Deep Dive |
| CVE-2026-6549 | Logo Manager For Enamad <= 0.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute | goback2 | Logo Manager For Enamad | Medium | 6.4 | 2026-05-20 01:25:57 | Deep Dive |
| CVE-2026-8038 | Faces of Users <= 0.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'default' Shortcode Attribute | mcinvale | Faces of Users | Medium | 6.4 | 2026-05-20 01:25:57 | Deep Dive |
| CVE-2026-6395 | Word 2 Cash <= 0.9.2 - Cross-Site Request Forgeryto Stored Cross-Site Scripting via Settings Page | winking | Word 2 Cash | Medium | 6.1 | 2026-05-20 01:25:56 | Deep Dive |
| CVE-2026-6400 | Child Height Predictor by Ostheimer <= 1.3 - Cross-Site Request Forgery to Settings Update via Plugin Settings Form | helpstring | Child Height Predictor by Ostheimer | Medium | 4.3 | 2026-05-20 01:25:56 | Deep Dive |