| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-3287 | youlaitech youlai-mall App-side Product Pagination Endpoint SpuController.java listPagedSpuForApp sql injection | youlaitech | youlai-mall | Medium | 6.3 | 2026-02-27 04:02:43 | Deep Dive |
| CVE-2025-15372 | youlaitech vue3-element-admin Notice index.vue cross site scripting | youlaitech | vue3-element-admin | Low | 2.4 | 2025-12-31 02:02:07 | Deep Dive |
| CVE-2025-15087 | youlaitech youlai-mall OrderController.java submitOrderPayment improper authorization | youlaitech | youlai-mall | Medium | 4.3 | 2025-12-25 21:02:08 | Deep Dive |
| CVE-2025-15086 | youlaitech youlai-mall MemberController.java getMemberByMobile access control | youlaitech | youlai-mall | Medium | 4.3 | 2025-12-25 20:32:06 | Deep Dive |
| CVE-2025-15085 | youlaitech youlai-mall Balance MemberController.java deductBalance improper authorization | youlaitech | youlai-mall | Medium | 4.3 | 2025-12-25 19:32:08 | Deep Dive |
| CVE-2025-15084 | youlaitech youlai-mall Order Payment OrderController.java orderService.payOrder access control | youlaitech | youlai-mall | Low | 3.1 | 2025-12-25 18:32:06 | Deep Dive |
| CVE-2025-14086 | youlaitech youlai-mall openid access control | youlaitech | youlai-mall | Medium | 6.3 | 2025-12-05 14:02:08 | Deep Dive |
| CVE-2025-14085 | youlaitech youlai-mall orders improper control of dynamically-identified variables | youlaitech | youlai-mall | Medium | 6.3 | 2025-12-05 14:02:06 | Deep Dive |
| CVE-2025-14052 | youlaitech youlai-mall members getMemberById access control | youlaitech | youlai-mall | Medium | 6.3 | 2025-12-05 00:02:06 | Deep Dive |
| CVE-2025-14051 | youlaitech youlai-mall addresses deleteAddress improper control of dynamically-identified variables | youlaitech | youlai-mall | Medium | 6.3 | 2025-12-04 22:32:06 | Deep Dive |