| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62625 | AMD Processors 安全漏洞 | AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | - | - | 2026-05-14 14:31:48 | Deep Dive |
| CVE-2026-41937🧪 | Vvveb < 1.0.8.3 Unrestricted File Upload RCE via Plugin Upload | givanz | Vvveb | High | 7.2 | 2026-05-14 14:30:52 | Deep Dive |
| CVE-2026-44374 | Backstage: Catalog unprocessed read endpoints allow authenticated cross-owner data access without permission checks | @backstage | plugin-catalog-backend-module-unprocessed | Medium | 4.3 | 2026-05-14 14:30:05 | Deep Dive |
| CVE-2025-62628 | AMD AIM-T Manageability Service 代码问题漏洞 | AMD | AIM-T Manageability Service | - | - | 2026-05-14 14:29:23 | Deep Dive |
| CVE-2026-41935🧪 | Vvveb < 1.0.8.3 Uncontrolled Recursion Denial of Service | givanz | Vvveb | High | 7.1 | 2026-05-14 14:27:07 | Deep Dive |
| CVE-2026-42559🧪 | RMCP: DNS rebinding vulnerability in rmcp Streamable HTTP server transport | modelcontextprotocol | rust-sdk | High | 8.8 | 2026-05-14 14:24:56 | Deep Dive |
| CVE-2026-41933 | Vvveb < 1.0.8.3 Directory Listing Information Disclosure | givanz | Vvveb | Medium | 5.3 | 2026-05-14 14:23:59 | Deep Dive |
| CVE-2026-41932 | Vvveb < 1.0.8.3 Stored XSS via Signup Controller | givanz | Vvveb | Medium | 6.1 | 2026-05-14 14:19:35 | Deep Dive |
| CVE-2026-21730 | Stored XSS in Verba | Verint | Verba | - | - | 2026-05-14 13:52:11 | Deep Dive |
| CVE-2026-1630 | Reflected XSS in WEBCON BPS | WEBCON | WEBCON BPS | - | - | 2026-05-14 13:24:15 | Deep Dive |
| CVE-2026-6638 | PostgreSQL REFRESH PUBLICATION allows SQL injection via table name | - | PostgreSQL | Low | 3.7 | 2026-05-14 13:00:16 | Deep Dive |
| CVE-2026-6575 | PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array | - | PostgreSQL | Medium | 4.3 | 2026-05-14 13:00:15 | Deep Dive |
| CVE-2026-6637 | PostgreSQL refint allows stack buffer overflow and SQL injection | - | PostgreSQL | High | 8.8 | 2026-05-14 13:00:15 | Deep Dive |
| CVE-2026-6479 | PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion | - | PostgreSQL | High | 7.5 | 2026-05-14 13:00:14 | Deep Dive |
| CVE-2026-6478 | PostgreSQL discloses MD5-hashed passwords via covert timing channel | - | PostgreSQL | Medium | 6.5 | 2026-05-14 13:00:13 | Deep Dive |
| CVE-2026-6476 | PostgreSQL pg_createsubscriber allows SQL injection via subscription name | - | PostgreSQL | High | 7.2 | 2026-05-14 13:00:12 | Deep Dive |
| CVE-2026-6477 | PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory | - | PostgreSQL | High | 8.8 | 2026-05-14 13:00:12 | Deep Dive |
| CVE-2026-6475 | PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice | - | PostgreSQL | High | 8.8 | 2026-05-14 13:00:11 | Deep Dive |
| CVE-2026-6474 | PostgreSQL timeofday() can disclose portions of server memory | - | PostgreSQL | Medium | 4.3 | 2026-05-14 13:00:10 | Deep Dive |
| CVE-2026-6473 | PostgreSQL server undersizes allocations, via integer wraparound | - | PostgreSQL | High | 8.8 | 2026-05-14 13:00:09 | Deep Dive |