| CVE-2026-39412 |
LiquidJS原型属性泄露漏洞 |
中危 |
5.3 |
2026-04-08 |
| CVE-2026-39411 |
LobeHub WebAPI认证绕过漏洞 |
中危 |
5.0 |
2026-04-08 |
| CVE-2026-39410 |
Hono Cookie前缀安全绕过漏洞 |
中危 |
4.8 |
2026-04-08 |
| CVE-2026-39409 |
Hono IP限制绕过漏洞 |
中危 |
5.3 |
2026-04-08 |
| CVE-2026-39408 |
Hono框架路径遍历漏洞 |
高危 |
7.5 |
2026-04-08 |
| CVE-2026-39407 |
Hono中间件绕过漏洞 |
中危 |
5.3 |
2026-04-08 |
| CVE-2026-39406 |
@hono/node-server授权绕过漏洞 |
中危 |
5.3 |
2026-04-08 |
| CVE-2026-39394 |
CI4MS .env文件配置注入漏洞 |
高危 |
8.1 |
2026-04-08 |
| CVE-2026-39393 |
CI4MS安装守卫绕过漏洞 |
高危 |
8.1 |
2026-04-08 |
| CVE-2026-39392 |
CI4MS存储型XSS漏洞 |
中危 |
5.5 |
2026-04-08 |
| CVE-2026-39391 |
CI4MS存储型XSS漏洞 |
中危 |
4.8 |
2026-04-08 |
| CVE-2026-39390 |
CI4MS存储型XSS漏洞 |
中危 |
5.5 |
2026-04-08 |
| CVE-2026-39389 |
CI4MS远程代码执行漏洞 |
中危 |
6.7 |
2026-04-08 |
| CVE-2026-39362 |
InvenTree服务器端请求伪造漏洞 |
高危 |
7.1 |
2026-04-08 |
| CVE-2026-3781 |
WordPress Attendance Manager SQL注入漏洞 |
中危 |
5.4 |
2026-04-08 |
| CVE-2026-3646 |
WordPress插件权限缺失漏洞 |
中危 |
5.3 |
2026-04-08 |
| CVE-2026-3618 |
WordPress Columns插件存储型XSS漏洞 |
中危 |
6.4 |
2026-04-08 |
| CVE-2026-3600 |
WordPress Investi插件存储型XSS漏洞 |
中危 |
6.4 |
2026-04-08 |
| CVE-2026-3594 |
WordPress插件敏感信息泄露 |
中危 |
5.3 |
2026-04-08 |
| CVE-2026-35525 |
LiquidJS 路径遍历漏洞导致任意文件读取 |
高危 |
7.5 |
2026-04-08 |
| CVE-2026-35479 |
InvenTree权限提升漏洞 |
中危 |
6.6 |
2026-04-08 |
| CVE-2026-35478 |
InvenTree API令牌伪造漏洞 |
高危 |
8.3 |
2026-04-08 |
| CVE-2026-35477 |
InvenTree沙箱绕过致RCE |
中危 |
5.5 |
2026-04-08 |
| CVE-2026-35476 |
InvenTree权限提升漏洞 |
高危 |
7.2 |
2026-04-08 |
| CVE-2026-35455 |
Immich存储型XSS漏洞 |
高危 |
7.3 |
2026-04-08 |
| CVE-2026-35446 |
LORIS路径遍历漏洞 |
高危 |
7.7 |
2026-04-08 |
| CVE-2026-35407 |
Saleor 邮箱更改逻辑漏洞 |
中危 |
6.5 |
2026-04-08 |
| CVE-2026-35403 |
LORIS跨站脚本漏洞 |
中危 |
6.5 |
2026-04-08 |
| CVE-2026-35401 |
Saleor GraphQL资源耗尽漏洞 |
高危 |
7.5 |
2026-04-08 |
| CVE-2026-35400 |
LORIS邮件伪造漏洞 |
低危 |
3.5 |
2026-04-08 |