Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1188 (不安全的默认资源初始化) — Vulnerability Class 89

89 vulnerabilities classified as CWE-1188 (不安全的默认资源初始化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-39920 BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE — FileStore 9.8 Critical2026-04-24
CVE-2026-6043 Insecure Default Configuration in P4 Server — Helix Core Server (P4D) 9.8AICriticalAI2026-04-24
CVE-2026-32965 Silex SD-330AC和Silex AMC Manager 安全漏洞 — SD-330AC 7.5 High2026-04-20
CVE-2026-28205 Initialization of a resource with an insecure default in OpenPLC_V3 — OpenPLC_V3 9.8AICriticalAI2026-04-09
CVE-2026-34742 Model Context Protocol Go SDK: DNS Rebinding Protection Disabled by Default for Servers Running on Localhost — go-sdk 7.1AIHighAI2026-04-02
CVE-2026-24148 NVIDIA Jetson for JetPack 安全漏洞 — Jetson Xavier Series and Jetson Orin Series 8.3 High2026-03-31
CVE-2026-32046 OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag — OpenClaw 5.3 Medium2026-03-21
CVE-2026-33037 WWBN AVideo has predictable default admin credentials in official Docker deployment path — AVideo 8.1 High2026-03-20
CVE-2026-31957 Himmelblau unset domain configuration can allow any-tenant authentication at first login for remote deployments — himmelblau 10.0 Critical2026-03-11
CVE-2018-25193 Mongoose Web Server 6.9 Denial of Service via Socket Connection — Mongoose Web Server 7.5 High2026-03-06
CVE-2018-25169 AMPPS 2.7 Denial of Service via Malformed Socket Connection — AMPPS 7.5 High2026-03-06
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability — Microsoft ACI Confidential Containers 6.5 Medium2026-03-05
CVE-2026-28775 Unauthenticated RCE via SNMP Default Writable Community String — SFX2100 Series SuperFlex SatelliteReceiver 9.8AICriticalAI2026-03-04
CVE-2026-2617 Beetel 777VR1 Telnet Service/SSH Service insecure default initialization of resource — 777VR1 6.3 Medium2026-02-17
CVE-2026-1675 Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key — Advanced Country Blocker 5.3 Medium2026-02-07
CVE-2026-25499 terraform-provider-proxmox has insecure sudo recommendation in the documentation — terraform-provider-proxmox 7.5AIHighAI2026-02-04
CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer — harvester 9.8 Critical2026-01-08
CVE-2025-14758 Initialization of a Resource with an Insecure Default in YAOOK — YAOOK 6.5 Medium2025-12-16
CVE-2025-64781 Japan Total System多款产品 安全漏洞 — GroupSession Free edition 4.8AIMediumAI2025-12-12
CVE-2025-66416 DNS Rebinding Protection Disabled by Default in Model Context Protocol Python SDK for Servers Running on Localhost — python-sdk 7.1 -2025-12-02
CVE-2025-66414 DNS Rebinding Protection Disabled by Default in Model Context Protocol TypeScript SDK for Servers Running on Localhost — typescript-sdk 7.5AIHighAI2025-12-02
CVE-2025-52622 HCL BigFix SaaS Remediate is affected by a security vulnerability — BigFix SaaS Remediate 5.4 Medium2025-12-02
CVE-2025-13357 Vault Terraform Provider Applied Incorrect Defaults for LDAP Auth Method — Tooling 7.4 High2025-11-21
CVE-2025-35021 Abilis CPX Fallback Shell Connection Relay — CPX 6.5 Medium2025-11-04
CVE-2025-62802 DNN CKEditor Provider allows unauthenticated upload out-of-the-box — Dnn.Platform 4.3 Medium2025-10-28
CVE-2025-41245 VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) — VMware Aria Operations 4.9 Medium2025-09-29
CVE-2025-43797 Liferay Portal和Liferay DXP 安全漏洞 — Portal 7.1AIHighAI2025-09-15
CVE-2025-41713 WAGO: Vulnerability in hardware switch circuit — CC100 0751-9301 6.5 Medium2025-09-15
CVE-2025-36222 IBM Fusion insecure default configuration — Fusion 8.7 High2025-09-11
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation) — himmelblau 4.4 Medium2025-09-09

Vulnerabilities classified as CWE-1188 (不安全的默认资源初始化) represent 89 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.