| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-31887 | Shopware unauthenticated data extraction possible through store-api.order endpoint | shopware | core | - | - | 2026-03-11 18:49:46 | Deep Dive |
| CVE-2018-25159 | Epross AVCON6 OGNL Remote Code Execution via login.action | Epross | AVCON6 systems management platform | Critical | 9.8 | 2026-03-11 18:23:07 | Deep Dive |
| CVE-2026-20163 | Remote Command Execution (RCE) through the '/splunkd/__upload/indexing/preview' REST endpoint in Splunk Enterprise | Splunk | Splunk Enterprise | High | 7.2 | 2026-03-11 16:18:27 | Deep Dive |
| CVE-2026-20162 | Stored Cross-Site Scripting (XSS) through Path Traversal in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.3 | 2026-03-11 16:18:23 | Deep Dive |
| CVE-2026-20166 | Sensitive Information Disclosure in Discover Splunk Observability Cloud app for Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 5.4 | 2026-03-11 16:18:17 | Deep Dive |
| CVE-2026-20164 | Sensitive Information Disclosure through Improper Access Control in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.5 | 2026-03-11 16:18:02 | Deep Dive |
| CVE-2026-20165 | Sensitive Information Disclosure in MongoClient logging channel in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.3 | 2026-03-11 16:17:54 | Deep Dive |
| CVE-2026-3429 | Org.keycloak.services.resources.account: improper access control leading to mfa deletion and account takeover in keycloak account rest api | Red Hat | Red Hat build of Keycloak 26.4 | Medium | 4.2 | 2026-03-11 16:17:24 | Deep Dive |
| CVE-2026-3009 | Org.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass) | Red Hat | Red Hat build of Keycloak 26.4 | High | 8.1 | 2026-03-05 18:27:43 | Deep Dive |
| CVE-2025-12801 | Nfs-utils: rpc.mountd in the nfs-utils privilege escalation | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-03-04 15:25:53 | Deep Dive |
| CVE-2025-11251 | SQLi in Dayneks Software's E-Commerce Platform | Dayneks Software Industry and Trade Inc. | E-Commerce Platform | Critical | 9.8 | 2026-02-27 11:58:03 | Deep Dive |
| CVE-2026-27776 | NTT DATA INTRAMART intra-mart Accel Platform 代码问题漏洞 | NTT DATA INTRAMART Corporation | intra-mart Accel Platform | 中危 | - | 2026-02-27 07:50:42 | Deep Dive |
| CVE-2026-0871 | Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators | Red Hat | Red Hat build of Keycloak 26.4 | Medium | 4.9 | 2026-02-27 07:30:27 | Deep Dive |
| CVE-2025-9909 | Aap-gateway: improper path validation in gateway allows credential exfiltration | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | Medium | 6.7 | 2026-02-27 07:30:01 | Deep Dive |
| CVE-2025-9908 | Event-driven-ansible: sensitive internal headers disclosure in aap eda event streams | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | Medium | 6.7 | 2026-02-27 07:29:32 | Deep Dive |
| CVE-2025-9907 | Event-driven-ansible: event stream test mode exposes sensitive headers in aap eda | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | Medium | 6.7 | 2026-02-27 07:29:06 | Deep Dive |
| CVE-2026-0542 | Remote Code Execution in ServiceNow AI Platform | ServiceNow | ServiceNow AI Platform | - | - | 2026-02-25 20:35:27 | Deep Dive |
| CVE-2026-22721 | VMware Aria Operations privilege escalation vulnerability | VMware | VMware Aria Operations | Medium | 6.2 | 2026-02-25 20:00:16 | Deep Dive |
| CVE-2026-22720 | VMware Aria Operations stored cross-site scripting vulnerability | VMware | VMware Aria Operations | High | 8.0 | 2026-02-25 19:33:15 | Deep Dive |
| CVE-2026-22719 | VMware Aria Operations command injection vulnerability | VMware | VMware Aria Operations | High | 8.1 | 2026-02-25 19:18:59 | Deep Dive |