| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-25604 | Apache Airflow AWS Auth Manager - Host Header Injection Leading to SAML Authentication Bypass | Apache Software Foundation | Apache Airflow Providers Amazon | - | - | 2026-03-09 10:39:06 | Deep Dive |
| CVE-2025-69219 | Apache Airflow Providers Http: Unsafe Pickle Deserialization in apache-airflow-providers-http leading to RCE via HttpOperator | Apache Software Foundation | Apache Airflow Providers Http | - | - | 2026-03-09 10:19:58 | Deep Dive |
| CVE-2026-24713 | Apache IoTDB: JEXL Expression Injection Vulnerability | Apache Software Foundation | Apache IoTDB | - | - | 2026-03-09 08:59:59 | Deep Dive |
| CVE-2026-24015 | Apache IoTDB: Insecure Default Configuration Vulnerability | Apache Software Foundation | Apache IoTDB | - | - | 2026-03-09 08:57:46 | Deep Dive |
| CVE-2026-24308 | Apache ZooKeeper: Sensitive information disclosure in client configuration handling | Apache Software Foundation | Apache ZooKeeper | 中危 | - | 2026-03-07 08:51:18 | Deep Dive |
| CVE-2026-24281 | Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager | Apache Software Foundation | Apache ZooKeeper | 中危 | - | 2026-03-07 08:50:33 | Deep Dive |
| CVE-2026-22723 | UAA User Token Revocation logic error | Cloudfoundry Foundation | UAA | Medium | 6.5 | 2026-03-05 20:40:28 | Deep Dive |
| CVE-2026-24457 | OpenMQ 安全漏洞 | Eclipse Foundation | Eclipse OpenMQ | Critical | 9.1 | 2026-03-05 16:27:31 | Deep Dive |
| CVE-2026-1605 | Eclipse Jetty 安全漏洞 | Eclipse Foundation | Eclipse Jetty | High | 7.5 | 2026-03-05 09:39:01 | Deep Dive |
| CVE-2025-11143 | Eclipse Jetty 输入验证错误漏洞 | Eclipse Foundation | Eclipse Jetty | Low | 3.7 | 2026-03-05 09:27:00 | Deep Dive |
| CVE-2026-2297 | SourcelessFileLoader does not use io.open_code() | Python Software Foundation | CPython | 低危 | - | 2026-03-04 22:10:43 | Deep Dive |
| CVE-2026-27446 | Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation | Apache Software Foundation | Apache Artemis | 超危 | - | 2026-03-04 08:48:48 | Deep Dive |
| CVE-2025-66168 | Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated | Apache Software Foundation | Apache ActiveMQ | Medium | 5.4 | 2026-03-04 08:45:01 | Deep Dive |
| CVE-2026-3494 | MariaDB Server Audit Plugin Comment Handling Bypass | MariaDB Foundation | MariaDB Server | Medium | 4.3 | 2026-03-03 18:12:12 | Deep Dive |
| CVE-2025-59060 | Apache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClient | Apache Software Foundation | Apache Ranger | - | - | 2026-03-03 10:46:52 | Deep Dive |
| CVE-2025-59059 | Apache Ranger: Remote Code Execution Vulnerability in NashornScriptEngineCreator | Apache Software Foundation | Apache Ranger | - | - | 2026-03-03 10:44:47 | Deep Dive |
| CVE-2026-22886 | OpenMQ 安全漏洞 | Eclipse Foundation | Eclipse OpenMQ | Critical | 9.8 | 2026-03-03 09:18:46 | Deep Dive |
| CVE-2026-22721 | VMware Aria Operations privilege escalation vulnerability | VMware | VMware Aria Operations | Medium | 6.2 | 2026-02-25 20:00:16 | Deep Dive |
| CVE-2026-22720 | VMware Aria Operations stored cross-site scripting vulnerability | VMware | VMware Aria Operations | High | 8.0 | 2026-02-25 19:33:15 | Deep Dive |
| CVE-2026-22719 | VMware Aria Operations command injection vulnerability | VMware | VMware Aria Operations | High | 8.1 | 2026-02-25 19:18:59 | Deep Dive |