| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-28355 | "PWA" Canarytoken Vulnerable to Stored Self Cross-Site Scripting | thinkst | canarytokens | 中危 | - | 2026-02-27 21:04:13 | Deep Dive |
| CVE-2024-41664 | Blind SSRF via Canarytoken Webhook | thinkst | canarytokens | Medium | 5.4 | 2024-07-23 17:00:00 | Deep Dive |
| CVE-2024-41663 | Canarytoken "Cloned Website" Vulnerable to Stored Cross-Site Scripting | thinkst | canarytokens | Low | 3.5 | 2024-07-23 16:06:15 | Deep Dive |
| CVE-2024-28111 | CSV Injection in exported history CSV files | thinkst | canarytokens | Medium | 6.5 | 2024-03-06 21:15:02 | Deep Dive |
| CVE-2023-22475 | Cross-Site Scripting in Canarytoken history | thinkst | canarytokens | Medium | 6.3 | 2023-01-06 14:31:02 | Deep Dive |
| CVE-2022-31113 | Cross-Site Scripting in Canarytoken history | thinkst | canarytokens | Medium | 6.3 | 2022-07-01 16:30:19 | Deep Dive |