CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 811001222 条结果
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-49075 Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions. 9.8 0.39% 2026-06-17 2026-06-17
CVE-2026-49058 Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions. 9.8 0.33% 2026-06-17 2026-06-17
CVE-2026-48875 Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions. 9.3 0.37% 2026-06-17 2026-06-17
CVE-2026-42380 Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions. 9.8 0.51% 2026-06-17 2026-06-17
CVE-2026-40783 Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.37 versions. 9.9 0.54% 2026-06-17 2026-06-17
CVE-2026-40749 Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40748 Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40747 Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40746 Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40725 Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions. 9.8 0.38% 2026-06-17 2026-06-17
CVE-2026-39596 Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions. 9.3 0.37% 2026-06-17 2026-06-17
CVE-2026-39589 Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-39529 Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions. 9.8 0.38% 2026-06-17 2026-06-17
CVE-2026-39438 Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions. 9.3 0.37% 2026-06-17 2026-06-17
CVE-2026-27429 Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. 9.8 0.56% 2026-06-17 2026-06-17
CVE-2026-27395 Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions. 9.8 0.34% 2026-06-17 2026-06-17
CVE-2026-27041 Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions. 9.9 0.32% 2026-06-17 2026-06-17
CVE-2026-25470 Improper Control of Generation of Code ('Code Injection') vulnerability in ACPT ACPT (Pro) - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT (Pro) - Custom Post Types Plugin for WordPress: from n/a through 2.0.47. 10.0 0.41% 2026-06-17 2026-06-17
CVE-2026-25446 Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-24611 Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions. 9.1 0.44% 2026-06-17 2026-06-17
cvelogic Threat Intelligence