Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-501 (违背信任边界) — Vulnerability Class 19

19 vulnerabilities classified as CWE-501 (违背信任边界). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-24153 NVIDIA Jetson Linux 安全漏洞 — Jetson Xavier Series, Jetson Orin Series and Jetson Thor 5.2 Medium2026-03-31
CVE-2026-25725 Claude Code Has Sandbox Escape via Persistent Configuration Injection in settings.json — claude-code 8.4AIHighAI2026-02-06
CVE-2025-14542 Command execution in python-utcp allows attackers to achieve remote code execution when fetching a remote Manual from a malicious endpoint 7.5 High2025-12-13
CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability — Python extension for Visual Studio Code 7.8 High2025-07-08
CVE-2025-48938 Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server — go-gh 9.8AICriticalAI2025-05-30
CVE-2025-1118 Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled 4.4 Medium2025-02-19
CVE-2024-49050 Visual Studio Code Python Extension Remote Code Execution Vulnerability — Python extension for Visual Studio Code 8.8 High2024-11-12
CVE-2024-20265 Cisco Access Point 安全漏洞 — Cisco IOS XE Software 5.9 Medium2024-03-27
CVE-2024-1725 Kubevirt-csi: persistentvolume allows access to hcp's root node 6.5 Medium2024-03-07
CVE-2024-23682 Artemis Java Test Sandbox Class Loading Escape 9.6 -2024-01-19
CVE-2023-49788 Improper handling of browser-side provided input in richdocuments path handling — online 7.2 High2023-12-08
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass — Docker Desktop 6.7 Medium2023-09-25
CVE-2023-28597 Improper trust boundary implementation for SMB in Zoom Clients — Zoom (for Android, iOS, Linux, macOS, and Windows) 8.3 High2023-03-27
CVE-2022-20826 Cisco Firepower Threat Defense 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 6.4 Medium2022-11-10
CVE-2022-1799 Incorrect signature verification on Google play-services-basement in Google Play SDK — Google Play Services SDK 5.7 Medium2022-07-29
CVE-2020-15096 Context isolation bypass via Promise in Electron — electron 6.8 Medium2020-07-07
CVE-2020-4076 Context isolation bypass via leaked cross-context objects in Electron — electron 7.8 High2020-07-07
CVE-2020-4077 Context isolation bypass via contextBridge in Electron — electron 7.7 High2020-07-07
CVE-2019-0035 Junos OS: 'set system ports console insecure' allows root password recovery on OAM volumes — Junos OS 6.8 -2019-04-10

Vulnerabilities classified as CWE-501 (违背信任边界) represent 19 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.