快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358219
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-20781 |
CloudCharge cloudcharge.se Missing Authentication for Critical Function
|
CRITICAL | 9.4 | 2026-02-26 |
CloudCharge cloudcharge.se
cloudcharge cloudcharge.se
|
CVE NVD | |
| CVE-2026-20791 |
Chargemap chargemap.com Insufficiently Protected Credentials
|
MEDIUM | 6.5 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-25711 |
Chargemap chargemap.com Insufficient Session Expiration
|
HIGH | 7.3 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-20792 |
Chargemap chargemap.com Improper Restriction of Excessive Authentication Attempts
|
HIGH | 7.5 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-25851 |
Chargemap chargemap.com Missing Authentication for Critical Function
|
CRITICAL | 9.4 | 2026-02-26 |
Chargemap chargemap.com
chargemap chargemap.com
|
CVE NVD | |
| CVE-2026-3268 |
psi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access control
|
MEDIUM | 5.3 | 2026-02-26 |
psi-probe PSI Probe
psi-probe PSI Probe
+2个
|
CVE NVD | |
| CVE-2026-28280 |
`osctrl-admin` has Stored Cross-Site Scripting (XSS) in On-Demand Query List
|
MEDIUM | 6.1 | 2026-02-26 |
jmpsec osctrl
jmpsec osctrl
|
CVE NVD | |
| CVE-2026-28279 |
`osctrl-admin` Vulnerable to OS Command Injection via Environment Configuration
|
HIGH | 7.4 | 2026-02-26 |
jmpsec osctrl
jmpsec osctrl
|
CVE NVD | |
| CVE-2026-28276 |
Initiative Allows Unauthenticated Access to Uploaded Documents via Public /uploads/ Endpoint
|
HIGH | 7.5 | 2026-02-26 |
Morelitea initiative
morelitea initiative
|
CVE NVD | |
| CVE-2026-28275 |
Initiative Vulnerable to Improper Session Invalidation (JWT Remains Valid)
|
HIGH | 8.1 | 2026-02-26 |
Morelitea initiative
morelitea initiative
|
CVE NVD | |
| CVE-2026-28274 |
Initiative Vulnerable to Token Theft via Stored XSS in Document Uploads
|
HIGH | 8.7 | 2026-02-26 |
Morelitea initiative
morelitea initiative
|
CVE NVD | |
| CVE-2026-28269 |
Kiteworks Core has an OS Command Injection
|
MEDIUM | 5.9 | 2026-02-26 |
kiteworks security-advisories
accellion kiteworks
|
CVE NVD | |
| CVE-2026-28230 |
In SteVe, any authenticated charger can terminate any other charger's active transaction (missing ownership verification on StopTransaction)
|
MEDIUM | 5.7 | 2026-02-26 |
steve-community steve
steve-community steve
|
CVE NVD | |
| CVE-2026-28226 |
Phishing Club has Authenticated Blind SQL Injection in GetOrphaned Recipient Listing
|
MEDIUM | 6.5 | 2026-02-26 |
phishingclub phishingclub
phishing.club phishing_club
|
CVE NVD | |
| CVE-2026-28225 |
Manyfold has IDOR in ModelFilesController
|
MEDIUM | 5.3 | 2026-02-26 |
manyfold3d manyfold
manyfold manyfold
|
CVE NVD | |
| CVE-2026-28217 |
IDOR in GraphQL userCollection Query Exposes Other Users' Private Collections
|
MEDIUM | 6.5 | 2026-02-26 |
hoppscotch hoppscotch
hoppscotch hoppscotch
|
CVE NVD | |
| CVE-2026-28216 |
hoppscotch has IDOR in updateUserEnvironment / deleteUserEnvironment
|
HIGH | 8.3 | 2026-02-26 |
hoppscotch hoppscotch
hoppscotch hoppscotch
|
CVE NVD | |
| CVE-2026-28215 |
hoppscotch Vulnerable to Unauthenticated Onboarding Config Takeover
|
CRITICAL | 9.1 | 2026-02-26 |
hoppscotch hoppscotch
hoppscotch hoppscotch
|
CVE NVD | |
| CVE-2026-3265 |
go2ismail Free-CRM Security API improper authorization
|
MEDIUM | 5.3 | 2026-02-26 |
go2ismail Free-CRM
go2ismail free-crm
|
CVE NVD | |
| CVE-2026-28213 |
EverShop Vulnerable to Arbitrary Customer Account Takeover via Exposure of Password Reset Token in API Response
|
CRITICAL | 9.8 | 2026-02-26 |
evershopcommerce evershop
evershop evershop
|
CVE NVD |