快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359799
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-26193 |
Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages
|
HIGH | 7.3 | 2026-02-19 |
open-webui open-webui
openwebui open_webui
|
CVE NVD | |
| CVE-2026-26192 |
Open WebUI vulnerable to Stored XSS via iFrame in citations model
|
HIGH | 7.3 | 2026-02-19 |
open-webui open-webui
openwebui open_webui
|
CVE NVD | |
| CVE-2026-26189 |
Trivy Action has a script injection via sourced env file in composite action
|
MEDIUM | 5.9 | 2026-02-19 |
aquasecurity trivy-action
aquasec trivy_action
|
CVE NVD | |
| CVE-2026-26063 |
CediPay Affected by Improper Input Validation in Payment Processing
|
HIGH | 8.8 | 2026-02-19 |
xpertforextradeinc CediPay
|
CVE NVD | |
| CVE-2026-26059 |
ChurchCRM has Stored Cross-Site Scripting (XSS) in GroupEditor.php
|
LOW | 2.1 | 2026-02-19 |
ChurchCRM CRM
churchcrm churchcrm
|
CVE NVD | |
| CVE-2026-26057 |
Skill Scanner Unsecured Network Binding Vulnerability
|
MEDIUM | 6.5 | 2026-02-19 |
cisco-ai-defense skill-scanner
cisco skill_scanner
|
CVE NVD | |
| CVE-2026-27475 |
SPIP < 4.4.9 Insecure Deserialization
|
CRITICAL | 9.2 | 2026-02-19 |
SPIP SPIP
spip spip
|
CVE NVD | |
| CVE-2026-27474 |
SPIP < 4.4.9 Cross-Site Scripting in Private Area (Incomplete Fix)
|
MEDIUM | 4.8 | 2026-02-19 |
SPIP SPIP
spip spip
|
CVE NVD | |
| CVE-2026-27473 |
SPIP < 4.4.9 Stored Cross-Site Scripting via Syndicated Sites
|
MEDIUM | 5.1 | 2026-02-19 |
SPIP SPIP
spip spip
|
CVE NVD | |
| CVE-2026-27472 |
SPIP < 4.4.9 Blind Server-Side Request Forgery via Syndicated Sites
|
MEDIUM | 5.3 | 2026-02-19 |
SPIP SPIP
spip spip
|
CVE NVD | |
| CVE-2026-23621 |
GFI MailEssentials AI < 22.4 ListServer.IsPathExist() Absolute Directory Traversal to File Enumeration
|
MEDIUM | 5.3 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23620 |
GFI MailEssentials AI < 22.4 ListServer.IsDbExist() Absolute Directory Traversal to File Enumeration
|
MEDIUM | 5.3 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23619 |
GFI MailEssentials AI < 22.4 General Settings Local Domains Domain Description Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23618 |
GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23617 |
GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23616 |
GFI MailEssentials AI < 22.4 Anti-Spam Anti-Spoofing Description Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23615 |
GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework Email Exceptions Description Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23614 |
GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework IP Exceptions Description Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23613 |
GFI MailEssentials AI < 22.4 Anti-Spam URI DNS Blocklist Domain Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD | |
| CVE-2026-23612 |
GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS
|
MEDIUM | 5.1 | 2026-02-19 |
GFI Software MailEssentials AI
gfi mailessentials
|
CVE NVD |