神龙 AI 精选 POC 榜

近期 50 条由神龙 Agent 完整分析的高 CVSS CVE，每条含漏洞原理、触发条件、利用链与可复现 POC。免费用户每月可解锁 3 条。 JSON

CVE-2026-45132CriticalCVSS 10.0

CloudPirates Helm Charts GitHub Actions工作流凭据泄露漏洞

CloudPirates-io / helm-charts

CVE-2026-45131CriticalCVSS 10.0

CloudPirates Helm Charts GitHub Actions 秘密泄露漏洞

CloudPirates-io / helm-charts

CVE-2026-47117CriticalCVSS 9.8

OpenMed < 1.5.2 PII模型加载远程代码执行漏洞

maziyarpanahi / openmed

CVE-2026-25879CriticalCVSS 9.8

Langroid 提示词SQL注入导致远程代码执行漏洞

langroid / langroid

CVE-2026-49448CriticalCVSS 9.8

authentik 通过空POST绕过SourceStage

goauthentik / authentik

CVE-2015-10135CriticalCVSS 9.8

WordPress plugin WPshop 2 – E-Commerce 代码问题漏洞

eoxia / WPshop 2 – E-Commerce

CVE-2023-54330CriticalCVSS 9.8

Linbit csync2 安全漏洞

Inbit / Inbit Messenger

CVE-2026-44211CriticalCVSS 9.6

Cline Kanban Server 跨站WebSocket劫持漏洞

cline / cline

CVE-2026-32625CriticalCVSS 9.6

LibreChat MCP URL注入泄露服务器秘密

danny-avila / LibreChat

CVE-2026-42849CriticalCVSS 9.3

authentik SFE AutosubmitStage 反射型XSS漏洞导致IDP账号接管

goauthentik / authentik

CVE-2026-10259HighCVSS 8.8

H3C Magic B0 aspForm SetMobileAPInfoById 栈溢出漏洞

H3C / Magic B0

CVE-2026-10270HighCVSS 8.8

D-Link DI-7001 MINI httpd_debug.asp 栈溢出漏洞

D-Link / DI-7001 MINI

CVE-2026-43623HighCVSS 8.8

microtar 0.1.0 raw_to_header()栈缓冲区溢出漏洞

rxi / microtar

CVE-2026-10292HighCVSS 8.8

UTT HiPER 1200GW formTaskEdit 栈溢出漏洞

UTT / HiPER 1200GW

CVE-2026-10293HighCVSS 8.8

UTT HiPER 1200GW 防火墙 strcpy 栈溢出漏洞

UTT / HiPER 1200GW

CVE-2026-9631HighCVSS 8.8

UTT HiPER 1250GW 安全漏洞

UTT / HiPER 1250GW

CVE-2026-9628HighCVSS 8.8

UTT HiPER 1200GW 安全漏洞

UTT / HiPER 1200GW

CVE-2026-9632HighCVSS 8.8

UTT HiPER 1250GW 安全漏洞

UTT / HiPER 1250GW

CVE-2026-49143HighCVSS 8.8

BrowserStack Runner 0.9.5 未授权远程代码执行漏洞

browserstack / browserstack-runner

CVE-2026-49443HighCVSS 8.8

authentik UserSourceConnection.group可被API修改

goauthentik / authentik

CVE-2025-6732HighCVSS 8.8

UTT HiPER 840G 安全漏洞

UTT / HiPER 840G

CVE-2026-5211HighCVSS 8.8

多款D-Link产品安全漏洞

D-Link / DNS-120

CVE-2026-5349HighCVSS 8.8

TRENDnet TEW-657BRM 安全漏洞

Trendnet / TEW-657BRM

CVE-2026-3972HighCVSS 8.8

Tenda W3 安全漏洞

Tenda / W3

CVE-2026-3978HighCVSS 8.8

D-Link DIR-513 安全漏洞

D-Link / DIR-513

CVE-2026-4862HighCVSS 8.8

UTT HiPER 1250GW 安全漏洞

UTT / HiPER 1250GW

CVE-2026-5045HighCVSS 8.8

Tenda FH1201 安全漏洞

Tenda / FH1201

CVE-2025-7571HighCVSS 8.8

UTT HiPER 840G 安全漏洞

UTT / HiPER 840G

CVE-2026-0840HighCVSS 8.8

UTT 520W 安全漏洞

UTT / 进取 520W

CVE-2025-6372HighCVSS 8.8

D-Link DIR-619L 安全漏洞

D-Link / DIR-619L

CVE-2025-66419HighCVSS 8.8

MaxKB 竞争条件问题漏洞

1Panel-dev / MaxKB

CVE-2025-5911HighCVSS 8.8

TOTOLINK EX1200T 安全漏洞

TOTOLINK / EX1200T

CVE-2025-5910HighCVSS 8.8

TOTOLINK EX1200T 安全漏洞

TOTOLINK / EX1200T

CVE-2025-6486HighCVSS 8.8

TOTOLINK A3002R 安全漏洞

TOTOLINK / A3002R

CVE-2025-6130HighCVSS 8.8

TOTOLINK EX1200T 安全漏洞

TOTOLINK / EX1200T

CVE-2024-40646HighCVSS 8.6

Vertex 路径遍历漏洞

vertex-app / vertex

CVE-2026-49120HighCVSS 8.5

Medplum < 5.1.14 FHIR订阅端点SSRF漏洞

medplum / medplum

CVE-2026-47201HighCVSS 8.5

authentik SAML ACS XML签名包装漏洞允许伪造认证

goauthentik / authentik

CVE-2024-41125HighCVSS 8.4

Contiki-NG 缓冲区错误漏洞

contiki-ng / contiki-ng

CVE-2026-45545HighCVSS 8.2

Nextcloud 列类型参数SQL注入漏洞

nextcloud / security-advisories

CVE-2026-45302HighCVSS 8.2

parse-nested-form-data 通过 FormData 字段名中的 `__proto__` 实现原型污染漏洞

milamer / parse-nested-form-data

CVE-2026-24751HighCVSS 8.2

Kiteworks Secure Data Forms 跨站脚本漏洞

kiteworks / Secure Data Forms

CVE-2026-24752HighCVSS 8.2

Kiteworks Secure Data Forms 跨站脚本漏洞

kiteworks / Secure Data Forms

CVE-2026-45156HighCVSS 8.1

Nextcloud ID4me OIDC认证绕过漏洞

nextcloud / security-advisories

CVE-2026-49121HighCVSS 8.1

AI Tensor Engine for ROCm 0.1.14 远程代码执行漏洞

ROCm / aiter

CVE-2026-42211HighCVSS 8.1

React Router 任意构造函数调用导致未授权远程代码执行漏洞

remix-run / react-router

CVE-2026-28681HighCVSS 8.1

Internet Routing Registry Daemon 授权问题漏洞

irrdnet / irrd

CVE-2026-35482HighCVSS 8.0

alf.io 通过扩展脚本沙箱逃逸实现认证远程代码执行漏洞

alfio-event / alf.io

CVE-2026-33245HighCVSS 8.0

React Router 不稳定 RSC 重定向处理中的 XSS 漏洞

remix-run / react-router

CVE-2026-26017HighCVSS 7.7

CoreDNS 安全漏洞

coredns / coredns

📥 拉 JSON 自动同步到你自己的工具：/api/featured-pocs.json

配套仓库：github.com/imfht/cve-cn — 每周从此榜单自动生成 README。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

神龙 AI 精选 POC 榜

CVE-2026-45132CriticalCVSS 10.0

CVE-2026-45131CriticalCVSS 10.0

CVE-2026-47117CriticalCVSS 9.8

CVE-2026-25879CriticalCVSS 9.8

CVE-2026-49448CriticalCVSS 9.8

CVE-2015-10135CriticalCVSS 9.8

CVE-2023-54330CriticalCVSS 9.8

CVE-2026-44211CriticalCVSS 9.6

CVE-2026-32625CriticalCVSS 9.6

CVE-2026-42849CriticalCVSS 9.3

CVE-2026-10259HighCVSS 8.8

CVE-2026-10270HighCVSS 8.8

CVE-2026-43623HighCVSS 8.8

CVE-2026-10292HighCVSS 8.8

CVE-2026-10293HighCVSS 8.8

CVE-2026-9631HighCVSS 8.8

CVE-2026-9628HighCVSS 8.8

CVE-2026-9632HighCVSS 8.8

CVE-2026-49143HighCVSS 8.8

CVE-2026-49443HighCVSS 8.8

CVE-2025-6732HighCVSS 8.8

CVE-2026-5211HighCVSS 8.8

CVE-2026-5349HighCVSS 8.8

CVE-2026-3972HighCVSS 8.8

CVE-2026-3978HighCVSS 8.8

CVE-2026-4862HighCVSS 8.8

CVE-2026-5045HighCVSS 8.8

CVE-2025-7571HighCVSS 8.8

CVE-2026-0840HighCVSS 8.8

CVE-2025-6372HighCVSS 8.8

CVE-2025-66419HighCVSS 8.8

CVE-2025-5911HighCVSS 8.8

CVE-2025-5910HighCVSS 8.8

CVE-2025-6486HighCVSS 8.8

CVE-2025-6130HighCVSS 8.8

CVE-2024-40646HighCVSS 8.6

CVE-2026-49120HighCVSS 8.5

CVE-2026-47201HighCVSS 8.5

CVE-2024-41125HighCVSS 8.4

CVE-2026-45545HighCVSS 8.2

CVE-2026-45302HighCVSS 8.2

CVE-2026-24751HighCVSS 8.2

CVE-2026-24752HighCVSS 8.2

CVE-2026-45156HighCVSS 8.1

CVE-2026-49121HighCVSS 8.1

CVE-2026-42211HighCVSS 8.1

CVE-2026-28681HighCVSS 8.1

CVE-2026-35482HighCVSS 8.0

CVE-2026-33245HighCVSS 8.0

CVE-2026-26017HighCVSS 7.7

目标达成感谢每一位支持者 — 我们达成了 100% 目标！