| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4995 | wandb OpenUI Window Message Event index.html cross site scripting | wandb | OpenUI | Low | 3.5 | 2026-03-28 10:45:11 | Deep Dive |
| CVE-2026-4994 | wandb OpenUI APIStatusError server.py generic_exception_handler information exposure | wandb | OpenUI | Low | 3.5 | 2026-03-28 09:15:12 | Deep Dive |
| CVE-2026-4993 | wandb OpenUI config.py hard-coded credentials | wandb | OpenUI | Low | 3.3 | 2026-03-28 09:15:10 | Deep Dive |
| CVE-2026-4992 | wandb OpenUI HTMLAnnotator server.py get_share HTML injection | wandb | OpenUI | Medium | 4.3 | 2026-03-27 22:03:46 | Deep Dive |
| CVE-2025-0192 | Stored Cross-site Scripting (XSS) in wandb/openui | wandb | wandb/openui | 中危 | - | 2025-03-20 10:10:22 | Deep Dive |
| CVE-2024-10649 | Unauthenticated File Upload in wandb/openui | wandb | wandb/openui | 中危 | - | 2025-02-10 18:50:27 | Deep Dive |