| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-46342 | Nuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoning | nuxt | nuxt | 低危 | - | 2026-06-12 12:50:42 | Deep Dive |
| CVE-2026-12065 | Groww Stock, Mutual Fund, Gold App WebView URL improper authorization in handler for custom url scheme | Groww | Stock, Mutual Fund, Gold App | Low | 1.8 | 2026-06-12 12:30:09 | Deep Dive |
| CVE-2026-49347 | Quest Bot: Ticket creation has no per-user open-ticket limit or cooldown | duck-organization | questbot | 中危 | - | 2026-06-12 11:54:08 | Deep Dive |
| CVE-2026-48485 | Quest Bot: Stored warn reasons can still trigger bot-powered mass mentions through `/warns`. | duck-organization | questbot | 低危 | - | 2026-06-12 11:53:15 | Deep Dive |
| CVE-2026-47197 | Quest Bot: Discord moderation role hierarchy bypass in ban, kick, mute, unmute, warn, and nickname commands | duck-organization | questbot | 高危 | - | 2026-06-12 11:52:49 | Deep Dive |
| CVE-2026-47195 | Quest Bot: Per-channel permission overwrite bypass in purge and slowmode commands. | duck-organization | questbot | 高危 | - | 2026-06-12 11:52:01 | Deep Dive |
| CVE-2026-47196 | Quest Bot: Empty automod rule causes every guild message to be deleted | duck-organization | questbot | 高危 | - | 2026-06-12 11:51:36 | Deep Dive |
| CVE-2026-9266 | Moxa UC-1200A Series 加密问题漏洞 | Moxa | UC-1200A Series | 高危 | - | 2026-06-12 10:00:33 | Deep Dive |
| CVE-2026-11849 | IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials | IEI Integration Corp | iRM-TSi410X | Critical | 9.8 | 2026-06-12 09:47:59 | Deep Dive |
| CVE-2026-11848 | IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication | IEI Integration Corp | iRM-TSi410X | Medium | 5.3 | 2026-06-12 09:44:56 | Deep Dive |
| CVE-2026-48914 | Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling | - | - | Medium | 6.7 | 2026-06-12 09:42:36 | Deep Dive |
| CVE-2026-11847 | Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion | IEI Integration Corp | iVEC TANK-XM811 | Medium | 4.3 | 2026-06-12 09:37:14 | Deep Dive |
| CVE-2026-11846 | IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion | IEI Integration Corp | iVEC TANK-XM811 | High | 8.1 | 2026-06-12 09:31:53 | Deep Dive |
| CVE-2026-11845 | IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - OS Command Injection | IEI Integration Corp | iVEC TANK-XM811 | High | 7.2 | 2026-06-12 09:27:26 | Deep Dive |
| CVE-2026-11844 | IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read | IEI Integration Corp | iVEC TANK-XM811 | Medium | 4.9 | 2026-06-12 09:12:02 | Deep Dive |
| CVE-2026-50645 | Apache CXF: No restriction on attachment headers per message | Apache Software Foundation | Apache CXF | 高危 | - | 2026-06-12 09:06:55 | Deep Dive |
| CVE-2026-50634 | Apache CXF: WS JSON request filter trusts metadata from an unvalidated first signature entry | Apache Software Foundation | Apache CXF | 中危 | - | 2026-06-12 09:05:54 | Deep Dive |
| CVE-2026-50633 | Apache CXF: JNDI Injection vulnerability in DispatchMDBMessageListenerImpl | Apache Software Foundation | Apache CXF | 高危 | - | 2026-06-12 09:02:03 | Deep Dive |
| CVE-2026-50632 | Apache CXF: JNDI Injection Vulnerability in JMSConfigFactory | Apache Software Foundation | Apache CXF | 高危 | - | 2026-06-12 09:00:49 | Deep Dive |
| CVE-2026-50631 | Apache CXF: OAuth2: TOCTOU Race Condition in Refresh Token Processing | Apache Software Foundation | Apache CXF | 高危 | - | 2026-06-12 08:59:40 | Deep Dive |