聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2025-66123 | Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions. | 5.3 | 0.23% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57663 | Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8.2.7 versions. | 8.5 | 0.21% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57657 | Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions. | 4.3 | 0.10% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57651 | Contributor Cross Site Scripting (XSS) in Ghost Kit <= 3.6.0 versions. | 6.5 | 0.13% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57645 | newsletters_subscribers Broken Access Control in Newsletters <= 4.13 versions. | 8.1 | 0.19% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57638 | Contributor Cross Site Scripting (XSS) in Fluent Booking <= 2.1.0 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57632 | Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend <= 1.19.0 versions. | 5.4 | 0.27% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57631 | Administrator SQL Injection in Popup box <= 6.0.1 versions. | 7.6 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57622 | Subscriber Broken Access Control in WPCafe <= 3.0.14 versions. | 4.3 | 0.26% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57618 | Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57324 | Unauthenticated Broken Access Control in GIFT4U <= 1.0.10 versions. | 6.5 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57323 | Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions. | 5.8 | 0.23% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57317 | Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments <= 1.6.12.2 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57316 | Subscriber Sensitive Data Exposure in GetGenie <= 4.4.2 versions. | 6.5 | 0.36% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56072 | Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56070 | Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions. | 9.3 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56064 | Subscriber SQL Injection in Tourfic <= 2.22.5 versions. | 8.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56063 | Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions. | 8.3 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56058 | Subscriber Arbitrary File Upload in Quform <= 2.23.0 versions. | 9.9 | 0.36% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56057 | Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions. | 9.8 | 0.43% | 2026-06-26 | 2026-06-26 |