| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39971 | Serendipity: Host Header Injection leads to SMTP header injection via unvalidated HTTP_HOST | s9y | Serendipity | High | 7.2 | 2026-04-14 23:35:49 | Deep Dive |
| CVE-2026-39963 | Serendipity: Host Header Injection enables authentication cookie scoping to an attacker-controlled domain | s9y | Serendipity | Medium | 6.9 | 2026-04-14 23:31:14 | Deep Dive |
| CVE-2023-53933 | Serendipity 2.4.0 Authenticated Remote Code Execution via File Upload | s9y | Serendipity | High | 8.8 | 2025-12-17 22:45:00 | Deep Dive |
| CVE-2023-53932 | Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation | s9y | Serendipity | Medium | 5.4 | 2025-12-17 22:44:59 | Deep Dive |
| CVE-2024-58282 | Serendipity 2.5.0 Remote Code Execution via Authenticated Media Upload | Serendipity | Serendipity | - | - | 2025-12-10 21:14:20 | Deep Dive |
| CVE-2011-3610 | Serendipity freetag 跨站脚本漏洞 | Serendipity | serendipity freetag plugin | 中危 | - | 2020-01-22 15:43:42 | Deep Dive |
| CVE-2011-4090 | Serendipity karma插件跨站脚本漏洞 | serendipity | serendipity | 中危 | - | 2019-11-26 04:09:48 | Deep Dive |