聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2026-10521 | An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability. | 8.6 | 無 | 2026-06-23 | 2026-06-23 |
| CVE-2023-45796 | A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability. | 8.1 | 無 | 2026-06-22 | 2026-06-22 |
| CVE-2023-45795 | A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticated attacker to inject malicious javascript and gain full control over the device. | 7.8 | 無 | 2026-06-22 | 2026-06-22 |
| CVE-2026-8024 | A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems. | 9.3 | 0.55% | 2026-06-18 | 2026-06-22 |
| CVE-2026-5416 | Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resulting in full system compromise. | 8.7 | 0.77% | 2026-06-16 | 2026-06-17 |
| CVE-2026-41031 | A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials. | 9.3 | 0.24% | 2026-06-09 | 2026-06-17 |
| CVE-2024-56123 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 無 | 2026-06-08 | 2026-06-08 |
| CVE-2024-56122 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 無 | 2026-06-08 | 2026-06-08 |
| CVE-2024-56121 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 無 | 2026-06-08 | 2026-06-08 |
| CVE-2024-56120 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 無 | 2026-06-08 | 2026-06-08 |
| CVE-2026-35085 | A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. | 8.7 | 0.42% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35084 | A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. | 8.7 | 0.41% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35083 | A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. | 8.7 | 0.41% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35082 | The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input. | 8.7 | 0.49% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35081 | The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input. | 7.2 | 0.37% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35080 | The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.36% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35079 | The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.36% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35078 | The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.37% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35077 | The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.37% | 2026-06-03 | 2026-06-17 |
| CVE-2026-35076 | The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. | 7.2 | 0.36% | 2026-06-03 | 2026-06-17 |