Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 243 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-54059 melange creates SBOM files in APKs with world-writable permissions chainguard-devmelange Medium 4.4 2025-07-18 15:40:43 Deep Dive
CVE-2025-53945 apko has incorrect permission (0666) in /etc/ld.so.cache and other files chainguard-devapko High 7.0 2025-07-18 15:35:17 Deep Dive
CVE-2025-53941 Hollo renders posts received with form elements and allows submission fedify-devhollo Medium 6.1 2025-07-17 14:01:34 Deep Dive
CVE-2025-53928 MaxKB has RCE in MCP call 1Panel-devMaxKB Medium 4.6 2025-07-17 13:56:03 Deep Dive
CVE-2025-53927 MaxKB sandbox bypass 1Panel-devMaxKB Medium 4.6 2025-07-17 13:50:18 Deep Dive
CVE-2025-52778 WordPress xili-dictionary plugin <= 2.12.5.2 - Cross Site Scripting (XSS) Vulnerability Michel - xiligroup devxili-dictionary High 7.1 2025-06-27 11:52:23 Deep Dive
CVE-2025-6518 PySpur-Dev pyspur Jinja2 Template single_llm_call.py SingleLLMCallNode special elements used in a template engine PySpur-Devpyspur Medium 6.3 2025-06-23 19:00:11 Deep Dive
CVE-2025-48950 MaxKB Python Sandbox Bypass in Function Library 1Panel-devMaxKB--2025-06-03 18:16:09 Deep Dive
CVE-2025-30360 webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser webpackwebpack-dev-server Medium 6.5 2025-06-03 17:41:59 Deep Dive
CVE-2025-30359 webpack-dev-server users' source code may be stolen when they access a malicious web site webpackwebpack-dev-server Medium 5.3 2025-06-03 17:39:17 Deep Dive
CVE-2025-47680 WordPress xili-tidy-tags plugin <= 1.12.06 - Reflected Cross Site Scripting (XSS) vulnerability Michel - xiligroup devxili-tidy-tags High 7.1 2025-05-23 12:43:19 Deep Dive
CVE-2025-47928 Spotipy repo vulnerable to secrets exfiltration via `pull_request_target` spotipy-devspotipy Critical 9.1 2025-05-15 20:09:48 Deep Dive
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection 1Panel-devMaxKB Medium 4.7 2025-05-11 20:00:07 Deep Dive
CVE-2025-46559 Misskey Directory Traversal Vulnerability in AiScript via `Mk:api` misskey-devmisskey Medium 5.4 2025-05-05 18:38:36 Deep Dive
CVE-2025-46340 Misskey CSS Style Injection Vulnerability In `MkUrlPreview` misskey-devmisskey High 7.2 2025-05-05 18:35:38 Deep Dive
CVE-2025-46553 @misskey-dev/summaly Redirect Filter Bypass misskey-devsummaly--2025-05-05 18:28:50 Deep Dive
CVE-2024-56156 Halo Vulnerable to Stored XSS and RCE via File Upload Bypass halo-devhalo 中危 -2025-04-25 15:08:01 Deep Dive
CVE-2025-39519 WordPress Bulk Page Stub Creator plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability runthings.devBulk Page Stub Creator High 7.1 2025-04-17 15:46:57 Deep Dive
CVE-2025-22655 WordPress CWD - Stealth Links plugin <= 1.3 - SQL Injection vulnerability Caio Web DevCWD – Stealth Links Critical 9.3 2025-04-17 15:17:19 Deep Dive
CVE-2025-32383 MaxKB has a reverse shell vulnerability in function library 1Panel-devMaxKB Medium 4.3 2025-04-10 13:07:12 Deep Dive