快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-26316 |
OpenClaw has BlueBubbles webhook auth bypass via loopback proxy trust
|
HIGH | 7.5 | 2026-02-19 |
openclaw openclaw
openclaw @openclaw/bluebubbles
+1个
|
CVE NVD | |
| CVE-2026-26275 |
httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass
|
HIGH | 7.5 | 2026-02-19 |
junkurihara httpsig-rs
junkurihara httpsig-hyper
|
CVE NVD | |
| CVE-2026-26315 |
Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake
|
MEDIUM | 6.9 | 2026-02-19 |
ethereum go-ethereum
ethereum go_ethereum
|
CVE NVD | |
| CVE-2026-26314 |
Go Ethereum affected by DoS via malicious p2p message
|
HIGH | 8.7 | 2026-02-19 |
ethereum go-ethereum
ethereum go_ethereum
|
CVE NVD | |
| CVE-2026-26313 |
Go Ethereum affected by DoS via malicious p2p message
|
MEDIUM | 6.9 | 2026-02-19 |
ethereum go-ethereum
ethereum go_ethereum
|
CVE NVD | |
| CVE-2026-26312 |
Stalwart Mail Server has Out-of-Memory Denial of Service via Malformed Nested MIME Messages
|
MEDIUM | 6.5 | 2026-02-19 |
stalwartlabs stalwart
stalw stalwart
|
CVE NVD | |
| CVE-2026-26286 |
SillyTavern has Server-Side Request Forgery (SSRF) via Asset Download Endpoint that Allows Reading Internal Services
|
HIGH | 7.1 | 2026-02-19 |
SillyTavern SillyTavern
sillytavern sillytavern
|
CVE NVD | |
| CVE-2026-27114 |
NanaZip has ROMFS Archive Infinite Loop
|
MEDIUM | 5.1 | 2026-02-19 |
M2Team NanaZip
m2team nanazip
|
CVE NVD | |
| CVE-2026-27014 |
NanZip has ROMFS Archive Infinite Loop / Stack Overflow
|
MEDIUM | 5.1 | 2026-02-19 |
M2Team NanaZip
m2team nanazip
|
CVE NVD | |
| CVE-2026-27476 |
RustFly 2.0.0 Command Injection via UDP Remote Control
|
CRITICAL | 9.3 | 2026-02-19 |
Bixat RustFly
|
CVE NVD | |
| CVE-2026-26282 |
NanaZip has DotNet Single file OOB Heap Read
|
MEDIUM | 5.2 | 2026-02-19 |
M2Team NanaZip
m2team nanazip
|
CVE NVD | |
| CVE-2026-27440 |
WordPress myCred plugin <= 2.9.7.6 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 6.5 | 2026-02-19 |
Saad Iqbal myCred
|
CVE NVD | |
| CVE-2026-27387 |
WordPress DirectoryPress plugin <= 3.6.26 - Broken Access Control vulnerability
|
MEDIUM | 5.4 | 2026-02-19 |
designinvento DirectoryPress
|
CVE NVD | |
| CVE-2026-27368 |
WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.7 - Broken Access Control vulnerability
|
MEDIUM | 5.9 | 2026-02-19 |
SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd
|
CVE NVD | |
| CVE-2026-27360 |
WordPress Photo Gallery by 10Web plugin <= 1.8.37 - Cross Site Scripting (XSS) vulnerability
|
MEDIUM | 5.9 | 2026-02-19 |
10Web Photo Gallery by 10Web
|
CVE NVD | |
| CVE-2026-27343 |
WordPress Airtifact theme <= 1.2.91 - Local File Inclusion vulnerability
|
HIGH | 7.5 | 2026-02-19 |
VanKarWai Airtifact
|
CVE NVD | |
| CVE-2026-27328 |
WordPress EduBlink theme <= 2.0.7 - Broken Access Control vulnerability
|
MEDIUM | 5.3 | 2026-02-19 |
DevsBlink EduBlink
|
CVE NVD | |
| CVE-2026-27327 |
WordPress YayMail – WooCommerce Email Customizer plugin <= 4.3.2 - Broken Access Control vulnerability
|
MEDIUM | 4.3 | 2026-02-19 |
YayCommerce YayMail – WooCommerce Email Customizer
|
CVE NVD | |
| CVE-2026-2738 |
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by send...
|
MEDIUM | 5.6 | 2026-02-19 |
OpenVPN ovpn-dco-win
|
CVE NVD | |
| CVE-2026-26318 |
systeminformation has Command Injection via Unsanitized `locate` Output in `versions()`
|
HIGH | 8.8 | 2026-02-19 |
sebhildebrandt systeminformation
systeminformation systeminformation
|
CVE NVD |