access:pre-auth 类型相关 21031 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-4001 | WordPress plugin Woocommerce Custom Product Addons Pro 安全漏洞 — Woocommerce Custom Product Addons ProCWE-95 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-4306 | WordPress plugin WP Job Portal SQL注入漏洞 — WP Job Portal – AI-Powered Recruitment System for Company or Job Board websiteCWE-89 | 7.5 | High | 2026-03-23 |
| CVE-2025-60949 | CSPro Users CSWeb 安全漏洞 — CSWebCWE-200 | 9.1 | Critical | 2026-03-23 |
| CVE-2026-33719 | WWBN AVideo 访问控制错误漏洞 — AVideoCWE-306 | 8.6 | High | 2026-03-23 |
| CVE-2026-33716 | WWBN AVideo 授权问题漏洞 — AVideoCWE-287 | 9.4 | Critical | 2026-03-23 |
| CVE-2026-33688 | WWBN AVideo 安全漏洞 — AVideoCWE-204 | 5.3 | Medium | 2026-03-23 |
| CVE-2026-33685 | WWBN AVideo 安全漏洞 — AVideoCWE-862 | 5.3 | Medium | 2026-03-23 |
| CVE-2026-25075 | strongSwan 代码问题漏洞 — strongSwanCWE-191 | 7.5 | High | 2026-03-23 |
| CVE-2026-33649 | WWBN AVideo 跨站请求伪造漏洞 — AVideoCWE-352 | 8.1 | High | 2026-03-23 |
| CVE-2026-33513 | WWBN AVideo 安全漏洞 — AVideoCWE-22 | 8.6 | High | 2026-03-23 |
| CVE-2025-15517 | TP-LINK Archer 安全漏洞 — Archer NX600 v3.0CWE-306 | 9.8 | - | 2026-03-23 |
| CVE-2026-33507 | WWBN AVideo 跨站请求伪造漏洞 — AVideoCWE-352 | 8.8 | High | 2026-03-23 |
| CVE-2026-33502 | WWBN AVideo 代码问题漏洞 — AVideoCWE-918 | 9.3 | Critical | 2026-03-23 |
| CVE-2026-33501 | WWBN AVideo 安全漏洞 — AVideoCWE-862 | 5.3 | Medium | 2026-03-23 |
| CVE-2026-33485 | WWBN AVideo SQL注入漏洞 — AVideoCWE-89 | 7.5 | High | 2026-03-23 |
| CVE-2026-33483 | WWBN AVideo 安全漏洞 — AVideoCWE-770 | 7.5 | High | 2026-03-23 |
| CVE-2026-33480 | WWBN AVideo 代码问题漏洞 — AVideoCWE-918 | 8.6 | High | 2026-03-23 |
| CVE-2026-33479 | WWBN AVideo 代码注入漏洞 — AVideoCWE-94 | 8.8 | High | 2026-03-23 |
| CVE-2026-33478 | WWBN AVideo 安全漏洞 — AVideoCWE-78 | 10.0 | Critical | 2026-03-23 |
| CVE-2026-33352 | WWBN AVideo SQL注入漏洞 — AVideoCWE-89 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-31846 | Nexxt Solutions Nebula 300+ 安全漏洞 — Nebula 300+ / Tenda F3 V2.0 FirmwareCWE-306 | 6.5 | Medium | 2026-03-23 |
| CVE-2026-32969 | MB Connect Line mbCONNECT24 SQL注入漏洞 — MB connect line mbCONNECT24CWE-89 | 7.5 | High | 2026-03-23 |
| CVE-2026-32968 | MB Connect Line mbCONNECT24 操作系统命令注入漏洞 — MB connect line mbCONNECT24CWE-78 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-4585 | Tiandy Easy7 Integrated Management Platform 操作系统命令注入漏洞 — Easy7 Integrated Management PlatformCWE-78 | 9.8 | Critical | 2026-03-23 |
| CVE-2026-3587 | WAGO Lean Managed Switch 安全漏洞 — Lean Managed Switch 852-1812CWE-912 | 10.0 | Critical | 2026-03-23 |
| CVE-2025-13997 | WordPress plugin King Addons for Elementor 信息泄露漏洞 — King Addons for Elementor – 80+ Elementor Widgets, 4 000+ Elementor Templates, WooCommerce, Mega Menu, Popup BuilderCWE-200 | 5.3 | Medium | 2026-03-23 |
| CVE-2026-1969 | WordPress plugin trx_addons 安全漏洞 — trx_addons | 9.1 | - | 2026-03-23 |
| CVE-2025-10679 | WordPress plugin ReviewX 代码注入漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-94 | 7.3 | High | 2026-03-23 |
| CVE-2025-10734 | WordPress plugin ReviewX 安全漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-922 | 5.3 | Medium | 2026-03-23 |
| CVE-2025-10731 | WordPress plugin ReviewX 授权问题漏洞 — ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & SchemaCWE-285 | 5.3 | Medium | 2026-03-23 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21031 条 CVE 漏洞。