momo安全漏洞库

多模块数据检索平台

登录 注册
Intelligence Digest

威胁情报

统一威胁情报视图,聚合漏洞监控、网安开源项目与官方源情报

共聚合 4946 条情报 漏洞监控 3149 / 网安开源项目 1553 / 威胁情报 244

漏洞监控

来自 GitHub Issues、仓库检索和关键词命中的 CVE / RCE / POC 动态。

3149总量

网安开源项目

优先展示中文安全团队维护的开源项目,兼顾工具落地场景和最近更新时间。

1553总量

威胁情报

来自 360、奇安信、斗象等官方站点的公开情报聚合。

244总量
Multipart request fails with 413 in Spring Boot 4.0.3(not in 3.5.11): Bug, intentional change, or incorrect test implementation?
GitHub Issues/spring-projects/spring-boot spring-projects/spring-boot#49311 发布时间 2026-02-24 入库 2026-02-24 20:53
### Description When upgrading from Spring Boot 3.5.11 to 4.0.3, a multipart request containing multiple parts starts failing with a `413 Payload Too Large` error. I investigated the issue and found that it can be reso...
本页此列暂无更多数据
本页此列暂无更多数据
cybertechajju/CVE-2026-1357-POC
GitHub Repos/search cybertechajju/CVE-2026-1357-POC 发布时间 2026-02-24 入库 2026-03-14 02:41
language: Python
haroohameed/rce
GitHub Repos/search haroohameed/rce 发布时间 2026-02-24 入库 2026-03-14 02:42
language: HTML
Spring Boot 3 -> 4 Migration Guide misses information on migrating properties under spring.jackson.parser
GitHub Issues/spring-projects/spring-boot spring-projects/spring-boot#49310 发布时间 2026-02-24 入库 2026-02-24 19:53
# Problem The [Migration Guide for Spring Boot 3 to 4](https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-4.0-Migration-Guide) misses information on how to migrate properties under `spring.jackson.parser`. ...
Missing Response Headers since 4.0.3
GitHub Issues/spring-projects/spring-boot spring-projects/spring-boot#49309 发布时间 2026-02-24 入库 2026-02-24 19:53
Hi, We updated from Spring Boot 4.0.2 to 4.0.3 and noted that suddenly response headers were missing. We used a simple demo projected created with the Spring Initializr to test this. A simple security chain adds some he...
Deprecate RootUriTemplateHandler in favor of DefaultUriBuilderFactory
GitHub Issues/spring-projects/spring-boot spring-projects/spring-boot#48350 发布时间 2026-02-24 入库 2026-02-24 18:52
`RootUriTemplateHandler` was added in Spring Boot 1.4 before `DefaultUriBuilderFactory` existed. The logic to prepend a root URL now duplicates what `DefaultUriBuilderFactory#initUriComponentsBuilder` is capable of doing...
DataSourceBuilder throws an UnsupportedDataSourcePropertyException when spring is loaded with a different classloader than dataSourceType
GitHub Issues/spring-projects/spring-boot spring-projects/spring-boot#49238 发布时间 2026-02-24 入库 2026-02-24 18:52
We have a setup where the spring boot classes are loaded by a different classloader than our application classes. The application class loader is set as bean class loader so things generally work. In this, we now added ...
ch4r0nn/CVE-2026-1056-POC
GitHub Repos/search ch4r0nn/CVE-2026-1056-POC 发布时间 2026-02-24 入库 2026-03-14 02:41
Snow Monkey Forms <= 12.0.3 - Unauthenticated Arbitrary File Deletion via Path Traversal (CVE-2026-1056) | language: Python
absholi7ly/jsPDF-Object-Injection
GitHub Repos/search 高危 absholi7ly/jsPDF-Object-Injection 发布时间 2026-02-24 入库 2026-03-14 02:41
CVE-2026-25755 A critical PDF Object Injection vulnerability in jsPDF allows attackers to inject arbitrary PDF objects through the addJS() function, enabling AcroJS sandbox bypass and automatic script execution when PDFs...
Add a mention of the "org.springframework.boot.aot" plugin to the Gradle build plugin documentation.
GitHub Issues/spring-projects/spring-boot spring-projects/spring-boot#49307 发布时间 2026-02-24 入库 2026-02-24 16:51
The Gradle plugin "org.springframework.boot.aot" is mentioned in the general documentation about AOT in Spring Boot, but I would like to see it mentioned in the Gradle plugin documentation. Currently, the AOT section of ...