CWE-611 XML外部实体引用的不恰当限制(XXE) 类弱点 417 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | 发布日期 |
|---|---|---|---|---|
| CVE-2026-41066 | lxml 默认配置致XXE读取本地文件漏洞 — lxml | 7.5 | High | 2026-04-24 |
| CVE-2026-40882 | OpenRemote 代码问题漏洞 — openremote | 7.6 | High | 2026-04-22 |
| CVE-2024-8010 | WSO2 API Manager 安全漏洞 — WSO2 API Manager | 3.5 | Low | 2026-04-16 |
| CVE-2024-2374 | WSO2 Identity Server和WSO2 API Manager Developer Portal 安全漏洞 — WSO2 API Manager | 7.5 | High | 2026-04-16 |
| CVE-2026-33737 | Chamilo LMS 代码问题漏洞 — chamilo-lms | 5.3 | Medium | 2026-04-10 |
| CVE-2026-4374 | RTI Connext Professional 安全漏洞 — Connext Professional | 9.8AI | CriticalAI | 2026-04-01 |
| CVE-2026-34401 | XmlNotepad 代码问题漏洞 — XmlNotepad | 6.5 | Medium | 2026-03-31 |
| CVE-2026-4980 | Inkscape 代码问题漏洞 — Inkscape | 6.3 | Medium | 2026-03-27 |
| CVE-2026-33913 | OpenEMR 代码问题漏洞 — openemr | 7.7 | High | 2026-03-25 |
| CVE-2026-28809 | esaml 安全漏洞 — esaml | 9.1 | - | 2026-03-23 |
| CVE-2026-3511 | Autogram 安全漏洞 — Autogram | 8.6 | High | 2026-03-19 |
| CVE-2026-32251 | Tolgee 代码问题漏洞 — tolgee-platform | 6.5AI | MediumAI | 2026-03-12 |
| CVE-2026-1567 | IBM InfoSphere Information Server 代码问题漏洞 — InfoSphere Information Server | 7.1 | High | 2026-03-03 |
| CVE-2026-3404 | JeeSite 代码问题漏洞 — JeeSite | 5.0 | Medium | 2026-03-02 |
| CVE-2026-2252 | Xerox FreeFlow Core 安全漏洞 — FreeFlow Core | 7.5 | High | 2026-02-27 |
| CVE-2025-36247 | IBM Db2 代码问题漏洞 — Db2 for Linux, UNIX and Windows | 7.1 | High | 2026-02-17 |
| CVE-2026-2536 | JFlow 代码问题漏洞 — JFlow | 6.3 | Medium | 2026-02-16 |
| CVE-2020-37192 | Top Password MSN Password Recovery 代码问题漏洞 — MSN Password Recovery | 6.2 | Medium | 2026-02-11 |
| CVE-2026-1227 | Schneider Electric EcoStruxure Building Operation Workstation 代码问题漏洞 — EcoStruxure Building Operation Workstation | 7.8AI | HighAI | 2026-02-11 |
| CVE-2026-2074 | O2OA 代码问题漏洞 — O2OA | 6.3 | Medium | 2026-02-07 |
| CVE-2026-23739 | Asterisk 代码问题漏洞 — asterisk | 2.0 | Low | 2026-02-06 |
| CVE-2026-23795 | Apache Syncope 代码问题漏洞 — Apache Syncope | 4.9AI | MediumAI | 2026-02-03 |
| CVE-2026-24400 | AssertJ 代码问题漏洞 — assertj | 9.8AI | CriticalAI | 2026-01-26 |
| CVE-2026-1218 | Bjskzy Zhiyou ERP 代码问题漏洞 — Zhiyou ERP | 6.3 | Medium | 2026-01-20 |
| CVE-2025-14478 | WordPress plugin Demo Importer Plus 代码问题漏洞 — Demo Importer Plus | 7.5 | High | 2026-01-17 |
| CVE-2022-50899 | GeoNetwork 代码问题漏洞 — GeoNetwork | 6.5 | Medium | 2026-01-13 |
| CVE-2025-68493 | Apache Struts 安全漏洞 — Apache Struts | 7.5 | - | 2026-01-11 |
| CVE-2026-22186 | Bio-Formats 代码问题漏洞 — Bio-Formats | 8.4 | - | 2026-01-07 |
| CVE-2026-20029 | Cisco Identity Services Engine(Cisco ISE)和Cisco ISE Passive Identity Connector 代码问题漏洞 — Cisco Identity Services Engine Software | 4.9 | Medium | 2026-01-07 |
| CVE-2025-36589 | Dell Unisphere for PowerMax 代码问题漏洞 — Unisphere for PowerMax | 7.6 | High | 2026-01-06 |
CWE-611(XML外部实体引用的不恰当限制(XXE)) 是常见的弱点类别,本平台收录该类弱点关联的 417 条 CVE 漏洞。