All 2 CVE vulnerabilities found in pmd, with AI-generated Chinese analysis, references, and POCs.
Vendor: pmd
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28338 | PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages CWE-79 | 6.8 | Medium | 2026-02-27 |
| CVE-2025-23215 | PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext CWE-200 | 9.8 | - | 2025-01-31 |
All 2 known CVE vulnerabilities affecting pmd with full Chinese analysis, references, and POCs where available.