漏洞列表 - 漏洞数据展示平台

快速搜索提示： 按厂商查询（如：microsoft）| 按产品查询（如：microsoft sql_server）

搜索关键词支持模糊搜索，但速度较慢

严重程度

数据源

排序

常用厂商： microsoft cisco google apple oracle

示例： microsoft sql_server cisco ios apache http_server

漏洞列表 358424

CVE ID	标题	严重程度	CVSS	发布时间	受影响产品	数据源
CVE-2026-27887	Spin has memory leaks in various WIT interfaces	MEDIUM	6.9	2026-02-26	spinframework spin spinframework SpinKube +1个	CVE NVD
CVE-2026-27900	Terraform Provider Debug Logs Vulnerable to Sensitive Information Exposure	MEDIUM	5.0	2026-02-26	linode terraform-provider-linode	CVE NVD
CVE-2026-22728	sealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations	MEDIUM	4.9	2026-02-26	Bitnami sealed-secrets	CVE NVD
CVE-2026-27899	WireGuard Portal Vulnerable to Privilege Escalation to Admin via User Self-Update	HIGH	8.8	2026-02-26	h44z wg-portal wgportal wireguard_portal	CVE NVD
CVE-2026-27896	MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity	HIGH	7.0	2026-02-26	modelcontextprotocol go-sdk	CVE NVD
CVE-2026-27830	c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property	HIGH	8.9	2026-02-26	swaldman c3p0	CVE NVD
CVE-2026-27888	pypdf: Manipulated FlateDecode XFA streams can exhaust RAM	MEDIUM	6.6	2026-02-26	py-pdf pypdf pypdf_project pypdf	CVE NVD
CVE-2026-27884	NetExec vulnerable to arbitrary file write via path traversal in spider_plus module	MEDIUM	5.3	2026-02-26	Pennyw0rth NetExec	CVE NVD
CVE-2026-27829	Astro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSize	MEDIUM	6.5	2026-02-26	withastro astro	CVE NVD
CVE-2026-27946	ZITADEL Users Can Self-Verify Email/Phone via UpdateHumanUser API	HIGH	8.2	2026-02-26	zitadel zitadel zitadel zitadel	CVE NVD
CVE-2026-27945	ZITADEL has potential SSRF via Actions	LOW	2.1	2026-02-26	zitadel zitadel	CVE NVD
CVE-2026-27840	ZITADEL's truncated opaque tokens are still valid	MEDIUM	4.3	2026-02-26	zitadel zitadel zitadel zitadel +1个	CVE NVD
CVE-2026-27837	Dottie vulnerable to prototype pollution bypass via non-first path segments in set() and transform()	MEDIUM	6.3	2026-02-26	mickhansen dottie.js dottie_project dottie	CVE NVD
CVE-2026-27831	rldns Vulnerable to Heap-based Out-of-Bounds Read	HIGH	7.5	2026-02-26	bluedragonsecurity rldns	CVE NVD
CVE-2026-27821	GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow	HIGH	7.7	2026-02-26	gpac gpac	CVE NVD
CVE-2026-26186	Fleet has a SQL injection via backtick escape in ORDER BY parameter	MEDIUM	5.1	2026-02-26	fleetdm fleet fleetdm fleet	CVE NVD
CVE-2026-27818	TerriaJS-Server has a domain validation bypass vulnerability in its proxy allowlist	HIGH	8.7	2026-02-26	TerriaJS terriajs-server terria terriajs-server	CVE NVD
CVE-2026-27812	Sub2API Vulnerable to Password Reset Poisoning via Host Header Trust Issue, Leading to Account Takeover	HIGH	8.0	2026-02-26	Wei-Shaw sub2api	CVE NVD
CVE-2025-50857	ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. ...	CRITICAL	9.8	2026-02-26	未知	CVE NVD
CVE-2025-56605	A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of Pu...	MEDIUM	5.4	2026-02-26	未知	CVE NVD

耗时统计

总耗时:	235.51 ms
构建查询耗时:	0.0 ms
统计耗时:	229.95 ms
获取数据耗时:	4.17 ms
数据转换耗时:	1.38 ms

数据统计

匹配文档数:	358424
返回文档数:	20
当前页码:	48
每页数量:	20
跳过记录数:	940

查询详情

查询集合:	`uni_vulnerabilities`
使用过滤器:	否
搜索关键词:	-
严重程度:	-
数据源:	-
效率分析:	良好查询速度正常

优化建议：

匹配文档数量很大（358424），建议使用更精确的搜索条件
当前未使用任何过滤条件，查询全部数据可能较慢

漏洞列表 358424

参考链接