Browse all 3 CVE security advisories affecting alibaba. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Alibaba operates as a major e-commerce and cloud services provider, facilitating global online transactions and cloud infrastructure. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from web application misconfigurations and authentication flaws. The organization has faced security incidents, including data breaches affecting millions of user records and vulnerabilities in its cloud services that could lead to unauthorized access. Despite these challenges, Alibaba maintains robust security measures to protect its extensive digital ecosystem, though its complex infrastructure continues to present potential attack surfaces for malicious actors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-70974 | Fastjson 安全漏洞 — FastjsonCWE-829 | 10.0 | Critical | 2026-01-09 |
This page lists every published CVE security advisory associated with alibaba. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.