聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2026-49108 | Unauthenticated PHP Object Injection in Moderno < 1.43 versions. | 9.8 | 0.30% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69127 | Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69111 | Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60236 | Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5. | 9.8 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60231 | Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection. This issue affects The Hospital: from n/a through 1.8.1. | 9.8 | 0.31% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60230 | Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9. | 9.8 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-60229 | Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0. | 9.8 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-59554 | Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions. | 9.3 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54811 | Unauthenticated SQL Injection in WP eMember < v10.9.4 versions. | 9.3 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54807 | Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions. | 9.8 | 0.45% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54806 | Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions. | 9.8 | 0.59% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54803 | Subscriber Privilege Escalation in SMS Alert Order Notifications <= 3.9.4 versions. | 9.8 | 0.45% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54194 | Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54187 | Unauthenticated SQL Injection in JetEngine <= 3.8.10.1 versions. | 9.3 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54186 | Unauthenticated SQL Injection in JobSearch <= 3.2.9 versions. | 9.3 | 0.30% | 2026-06-17 | 2026-06-17 |
| CVE-2026-52706 | Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions. | 9.8 | 0.47% | 2026-06-17 | 2026-06-17 |
| CVE-2026-52705 | Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions. | 9.0 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49767 | Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions. | 9.8 | 0.55% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49107 | Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions. | 9.8 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49084 | Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions. | 9.3 | 0.29% | 2026-06-17 | 2026-06-17 |