快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359799
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-26045 |
Moodle: moodle: improper validation in file restore functionality leading to remote code execution
|
HIGH | 7.2 | 2026-02-21 |
moodle moodle
|
CVE NVD | |
| CVE-2026-27211 |
Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
|
CRITICAL | 9.1 | 2026-02-21 |
cloud-hypervisor cloud-hypervisor
cloudhypervisor cloud_hypervisor
|
CVE NVD | |
| CVE-2026-27210 |
Pannellum has a XSS vulnerability in hot spot attributes
|
MEDIUM | 5.3 | 2026-02-21 |
mpetroff pannellum
pannellum pannellum
|
CVE NVD | |
| CVE-2026-27205 |
Flask session does not add `Vary: Cookie` header when accessed in some ways
|
LOW | 2.3 | 2026-02-21 |
pallets flask
palletsprojects flask
|
CVE NVD | |
| CVE-2026-27199 |
Werkzeug safe_join() allows Windows special device names
|
MEDIUM | 6.3 | 2026-02-21 |
pallets werkzeug
palletsprojects werkzeug
|
CVE NVD | |
| CVE-2026-27198 |
Formwork Improperly Manages Privileges During User Creation
|
HIGH | 8.8 | 2026-02-21 |
getformwork formwork
formwork_project formwork
|
CVE NVD | |
| CVE-2026-27197 |
Sentry: Improper Authentication on SAML SSO process allows user identity linking
|
CRITICAL | 9.1 | 2026-02-21 |
getsentry sentry
sentry sentry
|
CVE NVD | |
| CVE-2026-2860 |
feng_ha_ha/megagao ssm-erp/production_ssm EmployeeController.java improper authorization
|
MEDIUM | 5.3 | 2026-02-21 |
feng_ha_ha ssm-erp
feng_ha_ha production_ssm
+2个
|
CVE NVD | |
| CVE-2026-27196 |
Statamic affected by privilege escalation via stored Cross-site Scripting
|
HIGH | 8.1 | 2026-02-21 |
statamic cms
statamic cms
|
CVE NVD | |
| CVE-2026-27194 |
D-Tale affected by Remote Code Execution through the /save-column-filter endpoint
|
HIGH | 8.1 | 2026-02-21 |
man-group dtale
man d-tale
|
CVE NVD | |
| CVE-2026-27193 |
Feathers exposes internal headers via unencrypted session cookie
|
HIGH | 8.2 | 2026-02-21 |
feathersjs feathers
feathersjs feathers
|
CVE NVD | |
| CVE-2026-27192 |
Feathers has an origin validation bypass via prefix matching
|
HIGH | 7.6 | 2026-02-21 |
feathersjs feathers
feathersjs feathers
|
CVE NVD | |
| CVE-2026-27191 |
Feathers: Open Redirect in OAuth callback enables account takeover
|
HIGH | 7.4 | 2026-02-21 |
feathersjs feathers
feathersjs feathers
|
CVE NVD | |
| CVE-2025-65995 |
Apache Airflow: Disclosure of secrets to UI via kwargs
|
MEDIUM | 6.5 | 2026-02-21 |
Apache Software Foundation Apache Airflow
apache airflow
|
CVE NVD | |
| CVE-2026-27189 |
OpenSift: Race-prone local persistence could cause state corruption/loss
|
MEDIUM | 6.6 | 2026-02-21 |
OpenSift OpenSift
opensift opensift
|
CVE NVD | |
| CVE-2026-27170 |
OpenSift: SSRF risk in URL ingestion endpoint
|
HIGH | 7.1 | 2026-02-20 |
OpenSift OpenSift
opensift opensift
|
CVE NVD | |
| CVE-2026-27169 |
OpenSift: Persistent XSS Chat Tool Rendering
|
HIGH | 8.9 | 2026-02-20 |
OpenSift OpenSift
opensift opensift
|
CVE NVD | |
| CVE-2026-27168 |
SAIL: Heap-based Buffer Overflow in Sail-codecs-xwd
|
HIGH | 8.8 | 2026-02-20 |
HappySeaFox sail
sail sail
|
CVE NVD | |
| CVE-2026-27203 |
eBay API MCP Server Affected by Environment Variable Injection
|
HIGH | 8.3 | 2026-02-20 |
YosefHayim ebay-mcp
|
CVE NVD | |
| CVE-2026-27202 |
GetSimple CMS: Uploaded Files (feature) Arbitrary File Read Vulnerability
|
HIGH | 8.8 | 2026-02-20 |
GetSimpleCMS-CE GetSimpleCMS-CE
getsimple-ce getsimple_cms
|
CVE NVD |