CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 21401222 条结果
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-57625 Unauthenticated Cross Site Scripting (XSS) in Admin and Site Enhancements (ASE) Pro <= 8.8.5 versions. 9.6 0.27% 2026-07-02 2026-07-02
CVE-2026-57624 Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions. 10.0 0.70% 2026-07-02 2026-07-02
CVE-2026-57623 Unauthenticated Arbitrary Code Execution in W3 Total Cache <= 2.9.4 versions. 9.0 0.33% 2026-07-02 2026-07-02
CVE-2026-57621 Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions. 9.8 0.34% 2026-07-02 2026-07-02
CVE-2026-27436 Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions. 9.1 0.40% 2026-07-02 2026-07-02
CVE-2026-27419 Subscriber Arbitrary File Upload in Zegen <= 1.1.9 versions. 9.9 0.36% 2026-07-02 2026-07-02
CVE-2026-57692 Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2. 9.8 0.29% 2026-07-01 2026-07-01
CVE-2026-57331 Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions. 9.9 0.34% 2026-06-29 2026-06-29
CVE-2026-57658 Administrator Arbitrary File Upload in TemplateSpare <= 4.2.0 versions. 9.1 0.28% 2026-06-26 2026-06-26
CVE-2026-56070 Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions. 9.3 0.24% 2026-06-26 2026-06-26
CVE-2026-56068 Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions. 9.3 0.24% 2026-06-26 2026-06-29
CVE-2026-56067 Unauthenticated SQL Injection in JetSmartFilters <= 3.8.3 versions. 9.3 0.24% 2026-06-26 2026-06-26
CVE-2026-56062 Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions. 9.3 0.24% 2026-06-26 2026-06-26
CVE-2026-56059 Subscriber Arbitrary File Upload in Travel Booking <= 2.2.5 versions. 9.9 0.36% 2026-06-26 2026-06-26
CVE-2026-56058 Subscriber Arbitrary File Upload in Quform <= 2.23.0 versions. 9.9 0.36% 2026-06-26 2026-06-26
CVE-2026-56057 Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions. 9.8 0.43% 2026-06-26 2026-06-26
CVE-2026-56036 Unauthenticated SQL Injection in 워드프레스 결제 심플페이 <= 5.5.6 versions. 9.3 0.24% 2026-06-26 2026-06-26
CVE-2026-56034 Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions. 9.3 0.29% 2026-06-26 2026-06-29
CVE-2026-56033 Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions. 9.8 0.33% 2026-06-26 2026-06-26
CVE-2026-56032 Subscriber PHP Object Injection in Buddyboss Platform <= 3.0.4 versions. 9.8 0.53% 2026-06-26 2026-06-26
cvelogic Threat Intelligence