Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 7 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-33623 PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution pinchtabpinchtab Medium 6.7 2026-03-26 20:47:06 Deep Dive
CVE-2026-33622 A PinchTab Security Policy Bypass in /wait Allows Arbitrary JavaScript Execution pinchtabpinchtab 中危 -2026-03-26 20:44:48 Deep Dive
CVE-2026-33621 PinchTab: Unapplied Rate Limiting Middleware Allows Unbounded Brute-Force of API Token pinchtabpinchtab Medium 4.8 2026-03-26 20:42:13 Deep Dive
CVE-2026-33620 PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems pinchtabpinchtab Medium 4.3 2026-03-26 20:40:27 Deep Dive
CVE-2026-33619 PinchTab has Unauthenticated Blind SSRF in Task Scheduler via Unvalidated callbackUrl pinchtabpinchtab Medium 4.1 2026-03-26 20:34:02 Deep Dive
CVE-2026-33081 PinchTab has Blind SSRF via browser-side redirect bypass in /download URL validation pinchtabpinchtab Medium 5.8 2026-03-20 09:05:02 Deep Dive
CVE-2026-30834 PinchTab: SSRF with Full Response Exfiltration via Download Handler pinchtabpinchtab High 7.5 2026-03-07 15:36:30 Deep Dive