CWE-183 宽松定义的白名单 类弱点 24 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | 发布日期 |
|---|---|---|---|---|
| CVE-2026-42042 | Axios withXSRFToken 原型污染致跨源令牌泄露漏洞 — axios | 5.4 | Medium | 2026-04-24 |
| CVE-2026-42043 | Axios 1.15.0 NO_PROXY绕过 保护失效漏洞 — axios | 7.2 | High | 2026-04-24 |
| CVE-2026-41240 | DOMPurify 跨站脚本漏洞 — DOMPurify | 7.2AI | HighAI | 2026-04-23 |
| CVE-2026-40899 | DataEase 安全漏洞 — dataease | 8.3AI | HighAI | 2026-04-16 |
| CVE-2026-35649 | OpenClaw 安全漏洞 — OpenClaw | 6.5 | Medium | 2026-04-10 |
| CVE-2026-21915 | Juniper Networks Support Insights Virtual Lightweight Collector 安全漏洞 — JSI LWC | 6.7 | Medium | 2026-04-09 |
| CVE-2026-33979 | Express XSS Sanitizer 安全漏洞 — express-xss-sanitizer | 8.2 | High | 2026-03-27 |
| CVE-2026-32881 | ewe 安全漏洞 — ewe | 5.3 | Medium | 2026-03-20 |
| CVE-2026-2303 | MongoDB Go Driver 安全漏洞 — MongoDB Go Driver | 6.5 | Medium | 2026-02-10 |
| CVE-2025-59457 | JetBrains TeamCity 安全漏洞 — TeamCity | 7.7 | High | 2025-09-17 |
| CVE-2025-53762 | Microsoft Purview 安全漏洞 — Microsoft Purview | 8.7 | High | 2025-07-18 |
| CVE-2025-24349 | Bosch Rexroth ctrlX OS 安全漏洞 — ctrlX OS - Device Admin | 7.1 | High | 2025-04-30 |
| CVE-2024-47565 | Siemens SINEC Security Monitor 安全漏洞 — SINEC Security Monitor | 4.3 | Medium | 2024-10-08 |
| CVE-2024-38522 | Hush Line 安全漏洞 — hushline | 6.3 | Medium | 2024-06-28 |
| CVE-2023-7250 | iperf 安全漏洞 — Red Hat Enterprise Linux 8 | 5.3 | Medium | 2024-03-18 |
| CVE-2024-1654 | PaperCut NG/MF 安全漏洞 — PaperCut NG, PaperCut MF | 7.2 | High | 2024-03-14 |
| CVE-2023-4399 | Grafana 安全漏洞 — Grafana Enterprise | 6.6 | Medium | 2023-10-17 |
| CVE-2022-42469 | Fortinet FortiGate 安全漏洞 — FortiOS | 4.1 | Medium | 2023-04-11 |
| CVE-2022-34450 | Dell PowerPath Management Appliance 安全漏洞 — PowerPath Management Appliance | 6.7 | Medium | 2023-02-10 |
| CVE-2022-23158 | Dell Wyse Device Agent 信息泄露漏洞 — Dell Wyse Device Agent | 6.0 | Medium | 2022-04-01 |
| CVE-2021-40128 | Cisco Webex Meetings 安全漏洞 — Cisco Webex Meetings | 5.3 | Medium | 2021-11-04 |
| CVE-2021-34787 | Cisco Firepower Threat Defense(FTD)和Cisco Adaptive Security Appliances Software(ASA Software)安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software | 5.3 | Medium | 2021-10-27 |
| CVE-2020-25696 | PostgreSQL 安全漏洞 — PostgreSQL | 8.1 | - | 2020-11-23 |
| CVE-2020-1694 | Red Hat Keycloak 安全漏洞 — keycloak | 6.5 | - | 2020-09-16 |
CWE-183(宽松定义的白名单) 是常见的弱点类别,本平台收录该类弱点关联的 24 条 CVE 漏洞。