快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359293
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27120 |
Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster
|
MEDIUM | 6.1 | 2026-02-20 |
vapor leaf-kit
vapor leafkit
|
CVE NVD | |
| CVE-2026-27118 |
Cache poisoning in @sveltejs/adapter-vercel
|
MEDIUM | 5.3 | 2026-02-20 |
sveltejs kit
|
CVE NVD | |
| CVE-2026-27112 |
Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints
|
CRITICAL | 9.4 | 2026-02-20 |
akuity kargo
akuity kargo
+2个
|
CVE NVD | |
| CVE-2026-27111 |
Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints
|
MEDIUM | 5.3 | 2026-02-20 |
akuity kargo
akuity kargo
|
CVE NVD | |
| CVE-2026-27026 |
pypdf possibly has long runtimes for malformed FlateDecode streams
|
MEDIUM | 6.9 | 2026-02-20 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27025 |
pypdf has possible long runtimes/large memory usage for large /ToUnicode streams
|
MEDIUM | 6.9 | 2026-02-20 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27024 |
pypdf has a possible infinite loop when processing TreeObject
|
MEDIUM | 6.9 | 2026-02-20 |
py-pdf pypdf
pypdf_project pypdf
|
CVE NVD | |
| CVE-2026-27022 |
RediSearch Query Injection in @langchain/langgraph-checkpoint-redis
|
MEDIUM | 6.5 | 2026-02-20 |
langchain-ai langgraphjs
|
CVE NVD | |
| CVE-2026-27020 |
Photobooth has a XSS vulnerability in user input
|
MEDIUM | 5.3 | 2026-02-20 |
lukas12000 photobooth
|
CVE NVD | |
| CVE-2026-2857 |
D-Link DWR-M960 Port Forwarding Configuration Endpoint formPortFw sub_423E00 stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-25896 |
fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names
|
CRITICAL | 9.3 | 2026-02-20 |
NaturalIntelligence fast-xml-parser
naturalintelligence fast-xml-parser
|
CVE NVD | |
| CVE-2026-24892 |
openITCOCKPIT has Unsafe Deserialization in openITCOCKPIT Changelog Handling
|
HIGH | 7.5 | 2026-02-20 |
openITCOCKPIT openITCOCKPIT
it-novum openitcockpit
|
CVE NVD | |
| CVE-2026-27190 |
Deno has a Command Injection via Incomplete shell metacharacter blocklist in node:child_process
|
HIGH | 8.1 | 2026-02-20 |
denoland deno
deno deno
|
CVE NVD | |
| CVE-2026-2856 |
D-Link DWR-M960 Filter Configuration Endpoint formFilter sub_424AFC stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-2855 |
D-Link DWR-M960 DDNS Settings formDdns sub_4648F0 stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2025-62326 |
HCL Digital Experience is susceptible to stored cross-site scripting (XSS)
|
MEDIUM | 6.1 | 2026-02-20 |
HCLSoftware Digital Experience
hcltech digital_experience
|
CVE NVD | |
| CVE-2026-2473 |
Bucket Squatting in Vertex AI Experiments leads to RCE and Model Theft.
|
HIGH | 7.7 | 2026-02-20 |
Google Cloud Vertex AI Experiments
|
CVE NVD | |
| CVE-2026-2472 |
Stored Cross-Site Scripting (XSS) in Vertex AI Python SDK Visualization
|
HIGH | 8.6 | 2026-02-20 |
Google Cloud Vertex AI SDK for Python
|
CVE NVD | |
| CVE-2026-2854 |
D-Link DWR-M960 NTP Configuration Endpoint formNtp sub_4611CC stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD | |
| CVE-2026-2853 |
D-Link DWR-M960 System Log Configuration Endpoint formSysLog sub_462E14 stack-based overflow
|
HIGH | 8.7 | 2026-02-20 |
D-Link DWR-M960
dlink dwr-m960_firmware
|
CVE NVD |