| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27730 | esm.sh has SSRF localhost/private-network bypass in `/http(s)` module route | esm-dev | esm.sh | - | - | 2026-02-25 15:37:02 | Deep Dive |
| CVE-2025-50180 | esm.sh is vulnerable to full-response SSRF | esm-dev | esm.sh | - | - | 2026-02-25 15:32:56 | Deep Dive |
| CVE-2026-23644 | esm.sh has path traversal in `extractPackageTarball` that enables file writes from malicious packages | esm-dev | esm.sh | 中危 | - | 2026-01-18 22:49:30 | Deep Dive |
| CVE-2025-65026 | esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript | esm-dev | esm.sh | Medium | 6.1 | 2025-11-19 17:33:11 | Deep Dive |
| CVE-2025-65025 | esm.sh CDN service has arbitrary file write via tarslip | esm-dev | esm.sh | High | 8.2 | 2025-11-19 17:32:47 | Deep Dive |
| CVE-2025-59342 | esm.sh writes arbitrary files via path traversal in `X-Zone-Id` header | esm-dev | esm.sh | - | - | 2025-09-17 17:59:34 | Deep Dive |
| CVE-2025-59341 | Local File Inclusion in esm.sh | esm-dev | esm.sh | - | - | 2025-09-17 17:55:26 | Deep Dive |
| CVE-2024-11482 | Trellix Enterprise Security Manager 安全漏洞 | Trellix | Trellix Enterprise Security Manager (ESM) | Critical | 9.8 | 2024-11-29 07:03:33 | Deep Dive |
| CVE-2024-11481 | Trellix Enterprise Security Manager 安全漏洞 | Trellix | Trellix Enterprise Security Manager (ESM) | High | 8.2 | 2024-11-29 07:01:45 | Deep Dive |
| CVE-2023-6071 | Trellix Enterprise Security Manager 安全漏洞 | Trellix | ESM | High | 8.4 | 2023-11-30 12:48:52 | Deep Dive |
| CVE-2023-6070 | Trellix Enterprise Security Manager 代码问题漏洞 | Trellix | Trellix Enterprise Security Manager (ESM) | Medium | 4.3 | 2023-11-29 08:53:58 | Deep Dive |
| CVE-2021-38127 | Micro Focus ArcSight Enterprise Security Manager跨站脚本漏洞 | - | ArcSight Enterprise Security Manager (ESM) | 中危 | - | 2022-01-14 19:11:33 | Deep Dive |
| CVE-2021-38126 | ArcSight Enterprise Security Manager 跨站脚本漏洞 | - | ArcSight Enterprise Security Manager (ESM) | 中危 | - | 2022-01-14 19:11:32 | Deep Dive |
| CVE-2021-38124 | Micro Focus ArcSight Enterprise Security Manager 命令注入漏洞 | - | ArcSight Enterprise Security Manager (ESM). | 超危 | - | 2021-09-28 13:56:04 | Deep Dive |
| CVE-2021-29445 | Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime | panva | jose-node-esm-runtime | Medium | 5.9 | 2021-04-16 21:50:13 | Deep Dive |
| CVE-2020-9522 | Micro Focus ArcSight Enterprise Security Manager 跨站脚本漏洞 | - | ArcSight Enterprise Security Manager (ESM). | 中危 | - | 2020-06-16 13:07:40 | Deep Dive |
| CVE-2020-11844 | Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products. | Micro Focus | Hybrid Cloud Management | Critical | 10.0 | 2020-05-29 21:15:23 | Deep Dive |
| CVE-2019-3632 | Directory Traversal vulnerability could lead to elevated privileges | McAfee, LLC | McAfee Enterprise Security Manager (ESM) | 高危 | - | 2019-06-27 20:44:36 | Deep Dive |
| CVE-2019-3631 | Command Injection could allow authenticated users to execute arbitrary code | McAfee, LLC | McAfee Enterprise Security Manager (ESM) | 高危 | - | 2019-06-27 20:42:42 | Deep Dive |
| CVE-2019-3630 | Command Injection could allow authenticated users to execute arbitrary code | McAfee, LLC | McAfee Enterprise Security Manager (ESM) | 高危 | - | 2019-06-27 20:39:48 | Deep Dive |