access:pre-auth 类型相关 20447 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-33483 | WWBN AVideo 安全漏洞 — AVideoCWE-770 | 7.5 | High | 2026-03-23 |
| CVE-2026-33480 | WWBN AVideo 代码问题漏洞 — AVideoCWE-918 | 8.6 | High | 2026-03-23 |
| CVE-2026-33479 | WWBN AVideo 代码注入漏洞 — AVideoCWE-94 | 8.8 | High | 2026-03-23 |
| CVE-2026-33478 | WWBN AVideo 安全漏洞 — AVideoCWE-78 | 10.0 | Critical | 2026-03-23 |
| CVE-2026-33352 | WWBN AVideo SQL注入漏洞 — AVideoCWE-89 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-31846 | Nexxt Solutions Nebula 300+ 安全漏洞 — Nebula 300+ / Tenda F3 V2.0 FirmwareCWE-306 | 6.5 | Medium | 2026-03-23 |
| CVE-2026-32969 | MB Connect Line mbCONNECT24 SQL注入漏洞 — MB connect line mbCONNECT24CWE-89 | 7.5 | High | 2026-03-23 |
| CVE-2026-32968 | MB Connect Line mbCONNECT24 操作系统命令注入漏洞 — MB connect line mbCONNECT24CWE-78 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-4585 | Tiandy Easy7 Integrated Management Platform 操作系统命令注入漏洞 — Easy7 Integrated Management PlatformCWE-78 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-3587 | WAGO Lean Managed Switch 安全漏洞 — Lean Managed Switch 852-1812CWE-912 | 10.0 | Critical | 2026-03-23 |
| CVE-2025-13997 | WordPress plugin King Addons for Elementor 信息泄露漏洞 — King Addons for Elementor – 80+ Elementor Widgets, 4 000+ Elementor Templates, WooCommerce, Mega Menu, Popup BuilderCWE-200 | 5.3 | Medium | 2026-03-23 |
| CVE-2026-1969 | WordPress plugin trx_addons 安全漏洞 — trx_addons | 9.1 | - | 2026-03-23 |
| CVE-2025-10679 | WordPress plugin ReviewX 代码注入漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-94 | 7.3 | High | 2026-03-23 |
| CVE-2025-10734 | WordPress plugin ReviewX 安全漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-922 | 5.3 | Medium | 2026-03-23 |
| CVE-2025-10731 | WordPress plugin ReviewX 授权问题漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-285 | 5.3 | Medium | 2026-03-23 |
| CVE-2025-10736 | WordPress plugin ReviewX 授权问题漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-285 | 6.5 | Medium | 2026-03-23 |
| CVE-2026-2580 | WordPress plugin WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters SQL注入漏洞 — WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & FiltersCWE-89 | 7.5 | High | 2026-03-22 |
| CVE-2026-33292 | WWBN AVideo 路径遍历漏洞 — AVideoCWE-22 | 7.5 | High | 2026-03-22 |
| CVE-2026-4544 | Wavlink WL-WN578W2 代码注入漏洞 — WL-WN578W2CWE-79 | 2.4 | Low | 2026-03-22 |
| CVE-2026-4543 | Wavlink WL-WN578W2 命令注入漏洞 — WL-WN578W2CWE-77 | 6.3 | Medium | 2026-03-22 |
| CVE-2026-3629 | WordPress plugin Import and export users and customers 安全漏洞 — Import and export users and customersCWE-269 | 8.1 | High | 2026-03-21 |
| CVE-2019-25581 | i-doit CMDB SQL注入漏洞 — doit CMDBCWE-89 | 8.2 | High | 2026-03-21 |
| CVE-2019-25580 | ownDMS 代码问题漏洞 — ownDMSCWE-434 | 8.2 | High | 2026-03-21 |
| CVE-2019-25579 | phpTransformer 路径遍历漏洞 — phpTransformerCWE-22 | 7.5 | High | 2026-03-21 |
| CVE-2019-25576 | Kepler Wallpaper Script SQL注入漏洞 — Kepler Wallpaper ScriptCWE-89 | 8.2 | High | 2026-03-21 |
| CVE-2019-25575 | Sourceforge SimplePress CMS SQL注入漏洞 — SimplePress CMSCWE-89 | 8.2 | High | 2026-03-21 |
| CVE-2019-25570 | RealTerm Serial Terminal 安全漏洞 — RealTerm: Serial TerminalCWE-1260 | 5.5 | Medium | 2026-03-21 |
| CVE-2026-4373 | WordPress plugin JetFormBuilder 安全漏洞 — JetFormBuilder — Dynamic Blocks Form BuilderCWE-36 | 7.5 | High | 2026-03-21 |
| CVE-2026-3478 | WordPress plugin Content Syndication Toolkit 代码问题漏洞 — Content Syndication ToolkitCWE-918 | 7.2 | High | 2026-03-21 |
| CVE-2026-2723 | WordPress plugin Post Snippits 跨站请求伪造漏洞 — Post SnippitsCWE-352 | 6.1 | Medium | 2026-03-21 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20447 条 CVE 漏洞。