快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358424
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27498 |
n8n has Arbitrary Command Execution via File Write and Git Operations
|
CRITICAL | 9.0 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+1个
|
CVE NVD | |
| CVE-2026-27578 |
n8n Vulnerable to Stored XSS via Various Nodes
|
HIGH | 8.5 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+2个
|
CVE NVD | |
| CVE-2026-27577 |
n8n: Expression Sandbox Escape Leads to RCE
|
CRITICAL | 9.4 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+2个
|
CVE NVD | |
| CVE-2026-27497 |
n8n has Potential Remote Code Execution via Merge Node
|
CRITICAL | 9.4 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+2个
|
CVE NVD | |
| CVE-2026-27495 |
n8n has a Sandbox Escape in its JavaScript Task Runner
|
CRITICAL | 9.4 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+2个
|
CVE NVD | |
| CVE-2026-27494 |
n8n has Arbitrary File Read via Python Code Node Sandbox Escape
|
HIGH | 7.1 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+1个
|
CVE NVD | |
| CVE-2026-27493 |
n8n has Unauthenticated Expression Evaluation via Form Node
|
CRITICAL | 9.5 | 2026-02-25 |
n8n-io n8n
n8n-io n8n
+1个
|
CVE NVD | |
| CVE-2026-27148 |
Storybook Dev Server Vulnerable to WebSocket Hijacking
|
HIGH | 8.9 | 2026-02-25 |
storybookjs storybook
storybookjs storybook
+2个
|
CVE NVD | |
| CVE-2026-27819 |
Vikunja has Path Traversal in CLI Restore
|
HIGH | 7.2 | 2026-02-25 |
go-vikunja vikunja
|
CVE NVD | |
| CVE-2026-27616 |
Vikunja Vulnerable to Stored Cross-Site Scripting (XSS) via Unsanitized SVG Attachment Upload Leading to Token Exposure
|
HIGH | 7.3 | 2026-02-25 |
go-vikunja vikunja
|
CVE NVD | |
| CVE-2026-27575 |
Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password Change
|
CRITICAL | 9.1 | 2026-02-25 |
go-vikunja vikunja
|
CVE NVD | |
| CVE-2026-27116 |
Vikunja has Reflected HTML Injection via filter Parameter in Projects Module
|
MEDIUM | 6.1 | 2026-02-25 |
go-vikunja vikunja
|
CVE NVD | |
| CVE-2026-26985 |
LORIS vulnerable to path traversal in electrophysiology_browser
|
HIGH | 8.1 | 2026-02-25 |
aces Loris
aces Loris
|
CVE NVD | |
| CVE-2026-2694 |
The Events Calendar <= 6.15.16 - Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST API
|
MEDIUM | 5.4 | 2026-02-25 |
stellarwp The Events Calendar
|
CVE NVD | |
| CVE-2026-26984 |
LORIS media module vulnerable to remote code execution
|
HIGH | 8.7 | 2026-02-25 |
aces Loris
aces Loris
|
CVE NVD | |
| CVE-2026-27951 |
FreeRDP has possible Integer overflow in Stream_EnsureCapacity
|
MEDIUM | 5.3 | 2026-02-25 |
FreeRDP FreeRDP
freerdp freerdp
|
CVE NVD | |
| CVE-2026-27950 |
FreeRDP heap-use-after-free in update_pointer_new(SDL): Fix Applied in the Wrong File
|
MEDIUM | 5.5 | 2026-02-25 |
FreeRDP FreeRDP
freerdp freerdp
|
CVE NVD | |
| CVE-2026-26986 |
FreeRDP has heap-use-after-free in rail_window_free
|
MEDIUM | 5.5 | 2026-02-25 |
FreeRDP FreeRDP
freerdp freerdp
|
CVE NVD | |
| CVE-2026-26965 |
FreeRDP has Out-of-bounds Write
|
HIGH | 8.8 | 2026-02-25 |
FreeRDP FreeRDP
freerdp freerdp
|
CVE NVD | |
| CVE-2026-3172 |
pgvector buffer overflow in parallel HNSW index build
|
HIGH | 8.1 | 2026-02-25 |
未知
|
CVE NVD |