CVE-2026-31014

EPSS 0.01% · P3 Updated Apr 22, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-31014

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Dovestones Softwares AD Self Update <4.0.0.5 is vulnerable to Cross Site Request Forgery (CSRF). The affected endpoint processes state-changing requests without requiring a CSRF token or equivalent protection. The endpoint accepts application/x-www-form-urlencoded requests, and an originally POST-based request can be converted to a GET request while still successfully updating user details. This allows an attacker to craft a malicious request that, when visited by an authenticated user, can modify user account information without their consent.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Infoopia Dovestones AD Self Update 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Infoopia Dovestones AD Self Update是加拿大Infoopia公司的一款企业目录信息自助更新工具。 Infoopia Dovestones AD Self Update 4.0.0.5之前版本存在安全漏洞，该漏洞源于端点缺少CSRF令牌保护，可能导致攻击者通过恶意请求修改认证用户的账户信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2026-31014

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-31014

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2026-31014

Same Patch Batch · n/a · 2026-04-21 · 12 CVEs total

CVE-2026-6744	6.3 MEDIUM	Bagisto Downloadable Link copy server-side request forgery
CVE-2026-6745	3.5 LOW	Bagisto Custom Scripts cross site scripting
CVE-2026-29644		XiangShan 安全漏洞
CVE-2026-31018		Dolibarr ERP & CRM 安全漏洞
CVE-2026-31019		Dolibarr ERP & CRM 安全漏洞
CVE-2026-31013		Infoopia Dovestones ADPhonebook 安全漏洞
CVE-2026-37748		Visitor Management System 安全漏洞
CVE-2026-38834		Tenda W30E 安全漏洞
CVE-2026-38835		Tenda W30E 安全漏洞
CVE-2026-30452		Textpattern CMS 安全漏洞
CVE-2025-70420		Genesys Latitude 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2026-31014

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-31014

I. Basic Information for CVE-2026-31014

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-31014

III. Intelligence Information for CVE-2026-31014

Same Patch Batch · n/a · 2026-04-21 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-31014

Leave a comment