聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2025-69158 | Unauthenticated Local File Inclusion in Granola <= 1.13 versions. | 8.1 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69157 | Unauthenticated Local File Inclusion in Gamic <= 1.15 versions. | 8.1 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69144 | Unauthenticated Local File Inclusion in Preservation <= 1.10 versions. | 8.1 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69140 | Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions. | 7.1 | 0.18% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69130 | Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions. | 8.8 | 0.48% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69128 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3. | 8.6 | 0.46% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69127 | Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69126 | Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions. | 8.1 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69123 | Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions. | 8.1 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69120 | Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions. | 8.1 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69115 | Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions. | 8.1 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69111 | Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69106 | Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions. | 8.1 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-68524 | Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions. | 7.1 | 0.23% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60236 | Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5. | 9.8 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60231 | Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection. This issue affects The Hospital: from n/a through 1.8.1. | 9.8 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60230 | Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9. | 9.8 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60229 | Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0. | 9.8 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-59554 | Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions. | 9.3 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2025-15657 | Unauthenticated Insecure Direct Object References (IDOR) in School Management <= 93.1.0 versions. | 5.3 | 0.23% | 2026-06-17 | 2026-06-17 |