All 7 CVE vulnerabilities found in rt, with AI-generated Chinese analysis, references, and POCs.
Vendor: bestpractical
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41076 | RT: LDAP authentication bypass via empty password CWE-287 | 8.1 | High | 2026-05-22 |
| CVE-2026-41075 | RT: SQL injection via entry_aggregator parameter in JSON search CWE-89 | 8.8 | High | 2026-05-22 |
| CVE-2026-41074 | RT has broken CSRF protection for authenticated users CWE-352 | 7.1 | High | 2026-05-22 |
| CVE-2026-41073 | RT: Spreadsheet downloads vulnerable to CSV/formula injection in Microsoft Excel and similar apps CWE-1236 | 4.6 | Medium | 2026-05-22 |
| CVE-2025-30087 | Best Practical RT 跨站脚本漏洞 CWE-79 | 7.2 | High | 2025-05-28 |
| CVE-2025-31501 | Best Practical RT 跨站脚本漏洞 CWE-79 | 7.2 | High | 2025-05-28 |
| CVE-2025-31500 | Best Practical RT 跨站脚本漏洞 CWE-79 | 7.2 | High | 2025-05-28 |
All 7 known CVE vulnerabilities affecting rt with full Chinese analysis, references, and POCs where available.