Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 154 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-40602 hass-cli: Handling of user-supplied Jinja2 templates home-assistant-ecosystemhome-assistant-cli Medium 5.6 2026-04-21 17:40:10 Deep Dive
CVE-2026-34897 WordPress Media LIbrary Assistant plugin <= 3.34 - Cross Site Scripting (XSS) vulnerability David LingrenMedia LIbrary Assistant Medium 6.5 2026-04-06 14:50:48 Deep Dive
CVE-2026-34885 WordPress Media LIbrary Assistant plugin <= 3.34 - SQL Injection vulnerability David LingrenMedia LIbrary Assistant High 8.5 2026-04-06 14:47:32 Deep Dive
CVE-2026-34205 Home Assistant: Unauthenticated App (Add-on) Endpoints Exposed to Local Network via Host Network Mode home-assistantHome Assistant Operating System Critical 9.6 2026-03-27 19:41:11 Deep Dive
CVE-2026-33045 Home Assistant has stored XSS in history-graphs home-assistantcore 高危 -2026-03-27 19:39:04 Deep Dive
CVE-2026-33044 Home Assistant has stored XSS in Map-card through malicious device name home-assistantcore 中危 -2026-03-27 19:35:46 Deep Dive
CVE-2026-24068 Missing XPC Client & NSXPC endpoint validation leads to privilege escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library Vienna Symphonic Library GmbHVienna Assistant 中危 -2026-03-26 10:55:55 Deep Dive
CVE-2026-20993 SAMSUNG Assistant 安全漏洞 Samsung MobileSamsung Assistant--2026-03-16 04:32:00 Deep Dive
CVE-2026-32399 WordPress Media LIbrary Assistant plugin <= 3.32 - SQL Injection vulnerability David LingrenMedia LIbrary Assistant 中危 -2026-03-13 11:42:12 Deep Dive
CVE-2026-3072 Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification dglingrenMedia Library Assistant Medium 4.3 2026-03-05 05:26:32 Deep Dive
CVE-2026-26975 Music Assistant Server Path Traversal in Playlist Update API Allows Remote Code Execution music-assistantserver High 8.8 2026-02-20 00:49:03 Deep Dive
CVE-2025-12448 Smartsupp – live chat, AI shopping assistant and chatbots <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting smartsuppSmartsupp – live chat, AI shopping assistant and chatbots Medium 6.4 2026-02-19 03:25:12 Deep Dive
CVE-2025-22725 WordPress WP Virtual Assistant plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability loopusWP Virtual Assistant High 7.1 2026-01-08 09:17:40 Deep Dive
CVE-2025-62154 WordPress AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One plugin <= 1.1.7 - Broken Access Control vulnerability recorpAI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One Medium 4.3 2025-12-31 15:41:51 Deep Dive
CVE-2025-63065 WordPress Media LIbrary Assistant plugin <= 3.29 - Broken Access Control vulnerability David LingrenMedia LIbrary Assistant Medium 5.3 2025-12-09 14:52:35 Deep Dive
CVE-2025-13492 HP Image Assistant - Potential Escalation of Privilege HP IncHP Image Assistant--2025-12-03 16:33:39 Deep Dive
CVE-2025-58484 SAMSUNG Cloud Assistant 安全漏洞 Samsung MobileSamsung Cloud Assistant Medium 4.0 2025-12-02 01:24:30 Deep Dive
CVE-2025-12973 S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator <= 1.7.8 - Authenticated (Editor+) Arbitrary File Upload oc3dotsS2B AI Assistant – ChatBot, AI Agents, ChatGPT API, Image Generator High 7.2 2025-11-21 16:28:14 Deep Dive
CVE-2025-30506 Intel Driver and Support Assistant 代码问题漏洞 -Intel Driver and Support Assistant Medium 6.7 2025-11-11 16:50:38 Deep Dive
CVE-2025-12156 Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One 2.0.7 - 2.2.6 - Missing Authorization to Authenticated (Subscriber+) Post Creation aitoolAi Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One Medium 4.3 2025-11-04 04:27:19 Deep Dive