聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2026-10521 | An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability. | 8.6 | 0.31% | 2026-06-23 | 2026-06-23 |
| CVE-2023-45796 | A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability. | 8.1 | 0.35% | 2026-06-22 | 2026-06-22 |
| CVE-2023-45795 | A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticated attacker to inject malicious javascript and gain full control over the device. | 7.8 | 0.15% | 2026-06-22 | 2026-06-22 |
| CVE-2026-8024 | A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems. | 9.3 | 0.55% | 2026-06-18 | 2026-06-22 |
| CVE-2026-5416 | Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resulting in full system compromise. | 8.7 | 0.77% | 2026-06-16 | 2026-06-17 |
| CVE-2026-41031 | A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials. | 9.3 | 0.24% | 2026-06-09 | 2026-06-17 |
| CVE-2024-56123 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 无 | 2026-06-08 | 2026-06-08 |
| CVE-2024-56122 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 无 | 2026-06-08 | 2026-06-08 |
| CVE-2024-56121 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 无 | 2026-06-08 | 2026-06-08 |
| CVE-2024-56120 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 无 | 2026-06-08 | 2026-06-08 |
| CVE-2026-35085 | A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. | 8.7 | 0.47% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35084 | A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. | 8.7 | 0.46% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35083 | A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. | 8.7 | 0.46% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35082 | The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input. | 8.7 | 0.49% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35081 | The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input. | 7.2 | 0.37% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35080 | The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.36% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35079 | The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.36% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35078 | The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.37% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35077 | The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.37% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35076 | The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.36% | 2026-06-03 | 2026-06-17 |