| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39354 | Scoold has an Authenticated Arbitrary Question Overwrite via Client-Controlled postId in POST /questions/ask | Erudika | scoold | Medium | 6.5 | 2026-04-07 18:54:36 | Deep Dive |
| CVE-2026-34832 | Scoold: Cross-Account Feedback Deletion (IDOR) | Erudika | scoold | Medium | 6.5 | 2026-04-02 19:08:03 | Deep Dive |
| CVE-2024-50334 | Semicolon Path Injection on API /api;/config | Erudika | scoold | - | - | 2024-10-29 14:36:13 | Deep Dive |
| CVE-2022-1543 | Improper handling of Length parameter in erudika/scoold | erudika | erudika/scoold | 高危 | - | 2022-04-29 18:10:09 | Deep Dive |