聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2026-0848 | NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model poisoning, MITM attacks, or dependency poisoning, leading to remote code execution. The issue arise | 10.0 | 0.78% | 2026-03-05 | 2026-06-17 |
| CVE-2025-5120 | A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution (RCE). The vulnerability stems from the local_python_executor.py module, which inadequately restricts Python code execution despite employing static and dynamic checks. Attackers can exploit whitelisted modules and functions to execute arbitrary code, compromising the host system. This flaw undermines the core | 10.0 | 18.65% | 2025-07-27 | 2026-06-17 |
| CVE-2025-2828 | A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does not enforce restrictions on requests to remote internet addresses, allowing it to also access local addresses. As a result, an attacker could exploit this flaw to perform port scans, access local se | 10.0 | 14.06% | 2025-06-23 | 2026-06-17 |
| CVE-2025-15036 | A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in multi-tenant or shared c | 10.0 | 0.59% | 2026-03-29 | 2026-06-29 |
| CVE-2024-2912 | An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution (RCE) by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is triggered when a serialized object, crafted to execute OS commands upon deserialization, is sent to any valid BentoML endpoint. This issue poses a significant security risk, enabling attackers to comp | 10.0 | 1.50% | 2024-04-15 | 2026-06-17 |
| CVE-2023-3765 | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | 10.0 | 70.74% | 2023-07-18 | 2026-06-17 |
| CVE-2023-3432 | Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9. | 10.0 | 0.87% | 2023-06-27 | 2026-06-17 |
| CVE-2023-2583 | Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3. | 10.0 | 1.13% | 2023-05-08 | 2026-06-17 |
| CVE-2023-2564 | OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0. | 10.0 | 40.52% | 2023-05-07 | 2026-06-17 |
| CVE-2023-1283 | Code Injection in GitHub repository builderio/qwik prior to 0.21.0. | 10.0 | 1.15% | 2023-03-08 | 2026-06-17 |
| CVE-2022-2595 | Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1. | 10.0 | 1.07% | 2022-08-01 | 2026-06-17 |
| CVE-2026-5366 | Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage class. The `commit_sha` parameter, which is passed to git commands, lacks validation and does not include a `--` separator to distinguish user input from git flags. This allows attackers to inject arbitrary git flags, such as `--upload-pack`, enabling execution of external programs. Additionally, the `directories` parameter can be exploited to inject git | 9.9 | 0.57% | 2026-06-20 | 2026-06-22 |
| CVE-2024-3025 | mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can lead to unauthorized reading or deletion of files by utilizing the `/api/system/upload-logo` and `/api/system/logo` endpoints. The issue stems from the lack of filtering or validation on the logo filenam | 9.9 | 1.00% | 2024-04-10 | 2026-06-17 |
| CVE-2024-2083 | A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory. | 9.9 | 39.09% | 2024-04-15 | 2026-06-17 |
| CVE-2023-6069 | Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0. | 9.9 | 0.84% | 2023-11-09 | 2026-06-17 |
| CVE-2022-1509 | Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context. | 9.9 | 4.46% | 2022-04-28 | 2026-06-17 |
| CVE-2022-0939 | Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | 9.9 | 1.01% | 2022-04-04 | 2026-06-17 |
| CVE-2022-0767 | Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | 9.9 | 0.96% | 2022-03-07 | 2026-06-17 |
| CVE-2026-3960 | A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific dangerous parameters. An attacker can bypass these controls by switching the JDBC URL protocol to jdbc:postgresql: and exploiting PostgreSQL JDBC driver-specific parameters such as socketFactory and soc | 9.8 | 0.94% | 2026-04-23 | 2026-06-17 |
| CVE-2026-1114 | In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key for signing JSON Web Tokens (JWT). This vulnerability allows an attacker to perform an offline brute-force attack to recover the secret key. Once the secret key is obtained, the attacker can forge administrative tokens by modifying the JWT payload and resigning it with the cracked secret. This enables unauthorized users to escalate privileges, impers | 9.8 | 0.54% | 2026-04-07 | 2026-06-17 |