354'485

条目总数

168.5

每日新增数量 ø

267.1

每日更新数量 ø

13'421

每日提交数量 ø

101'547

覆盖产品数量

社区

自1970年以来，记录和解释安全漏洞，威胁和漏洞的第一大漏洞数据库。

VulDB CTI Team just added IoC for APT actor "Mozi"

VulDB Mod Team just queued a new entry to be reviewed

VulDB Data Team just updated VDB-216840 and 1 other entry

zulu just submitted a new entry to be reviewed

zulu joined the community

本日漏洞

Red Hat Advanced Cluster Security OAuth Call Redirect

分类为棘手的漏洞已在Red Hat Advanced Cluster Security中发现。受此问题影响的是某些未知功能的组件:OAuth Call Handler。在参数error/error_uri被操纵的情况下，会引发 Redirect。该漏洞被命名为CVE-2026-4981，远程可以启动攻击，没有可用的漏洞利用。

威胁情报

10.00

Xiongmai AHB7008T-MH-V2 /NBD7024H-P DVRIP Protocol system 权限提升

9.50

Advantech Wireless Sensing and Equipment Modbus TCP 信息公开

8.65

GIGABYTE Control Center 目录遍历

8.00

Rockwell Automation ISaGRAF Workbench 目录遍历

7.32

OpenClaw Webhook 弱身份验证

最近

Discourse 信息公开

Squareapps My Location Travel Timeline 权限提升

PEAKSEL NIS Animal Sounds and Ringtones File Import 权限提升

Discourse Endpoint 权限提升

Discourse 信息公开

更新

magepeopleteam WpEvently Plugin 跨网站脚本

rascals Pendulum Plugin 权限提升

skygroup Nooni Plugin 跨网站脚本

rascals Meloo Plugin 权限提升

skygroup Yobazar Plugin 跨网站脚本

CVSS当前Top

9.8

PTC Windchill PDMLink/FlexPLM 权限提升

9.7

WAGO Lean Managed Switch 852-1816-010-000 010-001 Restricted 权限提升

9.6

Apple iOS/iPadOS Kernel Memory 内存损坏

9.6

MB connect line mbCONNECT24/mymbCONNECT24 com_mb24sysapi 权限提升

9.4

pi-hole web savesettings.php exec 权限提升

当前利用价格

$25k-$50k

Apple iOS/iPadOS Kernel Memory 内存损坏

$25k-$50k

Apple Safari/iOS/iPadOS/macOS/tvOS/visionOS/watchOS Website 内存损坏

$25k-$50k

Apple iOS/iPadOS/macOS/tvOS/visionOS/watchOS Web 内存损坏

$25k-$50k

Apple Safari/iOS/iPadOS/macOS/visionOS Web 内存损坏

$25k-$50k

Apple Safari/iOS/iPadOS/macOS/visionOS Web 内存损坏

最新漏洞利用

POC

code-projects Online Food Ordering System Order order.php

POC

Tenda CH22 Parameter QuickIndex formQuickIndex

POC

Tenda CH22 Parameter AdvSetWan fromAdvSetWan

POC

Tenda CH22 Parameter setcfm fromSetCfm

POC

Tenda CH22 WriteFacMac FormWriteFacMac

最新视频

YouTube

wpweaver Weaver Show Posts Plugin Parameters 跨网站脚本

YouTube

PluXml Anti Spam-Captcha

YouTube

PluXml Article Comments comments.php 跨网站脚本

YouTube

ZesleCP FTP Account Creation 权限提升

YouTube

FreePBX API Module 权限提升

Do you want to use VulDB in your project?

Use the official API to access entries easily!