目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

Cybersecurity Vulnerability Intelligence: CVE, KEV, EPSS and PoC Tracking

A focused English hub for security teams tracking high-risk vulnerabilities, known exploited CVEs, exploitation probability, public exploit mappings, proof-of-concept availability, affected products and mitigation references.

Vendor Vulnerability Hubs

Recently Published Critical CVEs

12 CVEs
CVETitleCVSSVendorPublished
CVE-2026-14345WPFunnels <= 3.12.7 - Unauthenticated Remote Code Execution via 'postData' Parameter - WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click UpsellCWE-4349.8getwpfunnels2026-07-07
CVE-2026-34037Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo() - coolifyCWE-6399.9coollabsio2026-07-07
CVE-2026-34048Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers - coolifyCWE-2859.9coollabsio2026-07-07
CVE-2026-34047Coolify: WebSocket Endpoint Access Control Flaw Leading to Remote Code Execution - coolifyCWE-8639.9coollabsio2026-07-07
CVE-2026-34038Coolify authenticated remote command injection leading to RCE and secret exfiltration - coolifyCWE-789.9coollabsio2026-07-06
CVE-2026-57572Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args - crawl4aiCWE-8810.0unclecode2026-07-06
CVE-2026-57571Crawl4AI arbitrary file write via download filename path traversal - crawl4aiCWE-229.6unclecode2026-07-06
CVE-2026-9181Directory Traversal in ArcGIS Server - ArcGIS ServerCWE-229.8Esri2026-07-06
CVE-2026-48614CVE-2026-48614 - PleskCWE-949.9WebPros2026-07-06
CVE-2026-48316ColdFusion | Improper Input Validation (CWE-20) - ColdFusionCWE-2010.0Adobe2026-07-06
CVE-2025-53830Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) - Anti-Virus for ownCloudCWE-9189.1owncloud2026-07-06
CVE-2025-53827ownCloud Core: Updater has an exposed dangerous method or function - ownCloud CoreCWE-7499.1owncloud2026-07-06

Live Vulnerability Queues

How to use this vulnerability intelligence hub

Start with KEV and EPSS when prioritizing emergency patching. Use public exploit mappings and PoC pages to understand exploit availability, then open the CVE detail page for CVSS vectors, affected versions, CWE classification, references, AI deep analysis and mitigation context.