Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-40160 | PraisonAIAgents has SSRF via unvalidated URL in `web_c… |
MervinPraison |
PraisonAIAgents |
2026-04-10T16:59:09.542Z | 2026-04-13T15:36:41.165Z | |
| cve-2026-40159 | PraisonAI Exposes Sensitive Environment Variable via U… |
MervinPraison |
PraisonAI |
2026-04-10T16:57:11.623Z | 2026-04-15T14:48:42.389Z | |
| cve-2026-40158 | PraisonAI has Improper Control of Generation of Code (… |
MervinPraison |
PraisonAI |
2026-04-10T16:49:24.753Z | 2026-04-10T18:31:12.440Z | |
| cve-2026-40157 | PraisonAI affected by arbitrary file write via path tr… |
MervinPraison |
PraisonAI |
2026-04-10T16:47:16.109Z | 2026-04-14T14:13:29.632Z | |
| cve-2026-40156 | PraisonAI Affected by Implicit Execution of Arbitrary … |
MervinPraison |
PraisonAI |
2026-04-10T16:46:15.807Z | 2026-04-13T15:36:51.249Z | |
| cve-2026-40100 | FastGPT has Unauthenticated SSRF in /api/core/app/mcpT… |
labring |
FastGPT |
2026-04-10T16:39:25.856Z | 2026-04-15T14:47:23.092Z | |
| cve-2026-40097 | Step CA affected by an index out of bounds panic in TP… |
smallstep |
certificates |
2026-04-10T16:34:53.330Z | 2026-04-10T18:30:15.176Z | |
| cve-2026-40074 | SvelteKit's invalidated redirect in handle hook causes… |
sveltejs |
kit |
2026-04-10T16:26:07.068Z | 2026-04-14T14:17:29.422Z | |
| cve-2026-40073 | SvelteKit has a BODY_SIZE_LIMIT bypass in @sveltejs/ad… |
sveltejs |
kit |
2026-04-10T16:24:39.987Z | 2026-04-13T15:36:57.412Z | |
| cve-2026-40086 | Rembg has a Path Traversal via Custom Model Loading |
danielgatis |
rembg |
2026-04-10T16:16:28.850Z | 2026-04-10T18:29:27.832Z | |
| cve-2026-40103 | Vikunja's Scoped API tokens with projects.background p… |
go-vikunja |
vikunja |
2026-04-10T16:12:27.603Z | 2026-04-15T14:45:18.303Z | |
| cve-2026-35602 | Vikunja has a File Size Limit Bypass via Vikunja Import |
go-vikunja |
vikunja |
2026-04-10T16:10:39.630Z | 2026-04-14T14:19:30.140Z | |
| cve-2026-35601 | Vikunja has an iCalendar Property Injection via CRLF i… |
go-vikunja |
vikunja |
2026-04-10T16:08:50.519Z | 2026-04-13T15:37:03.974Z | |
| cve-2026-35600 | Vikunja has HTML Injection via Task Titles in Overdue … |
go-vikunja |
vikunja |
2026-04-10T16:07:07.846Z | 2026-04-14T15:01:18.724Z | |
| cve-2026-35599 | Vikunja has an Algorithmic Complexity DoS in Repeating… |
go-vikunja |
vikunja |
2026-04-10T16:05:57.581Z | 2026-04-10T18:28:29.310Z | |
| cve-2026-35598 | Vikunja has Missing Authorization on CalDAV Task Read |
go-vikunja |
vikunja |
2026-04-10T16:04:32.083Z | 2026-04-14T14:20:44.249Z | |
| cve-2026-35670 | 6 (v4.0) 5.9 (v3.1) | OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Use… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:28.524Z | 2026-04-14T14:59:51.073Z |
| cve-2026-35669 | 8.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.25 - Privilege Escalation via Gatewa… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:27.834Z | 2026-04-14T14:27:24.570Z |
| cve-2026-35668 | 7.1 (v4.0) 7.7 (v3.1) | OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via U… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:27.149Z | 2026-04-10T18:27:23.337Z |
| cve-2026-35667 | 6.9 (v4.0) 6.1 (v3.1) | OpenClaw < 2026.3.24 - Improper Process Termination vi… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:26.457Z | 2026-04-10T20:17:55.994Z |
| cve-2026-35666 | 7.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.22 - Allowlist Bypass via Unregister… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:25.748Z | 2026-04-13T17:39:14.162Z |
| cve-2026-35665 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.24 - Denial of Service via Feishu We… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:25.047Z | 2026-04-10T16:58:15.053Z |
| cve-2026-35664 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Ca… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:24.375Z | 2026-04-14T14:57:59.515Z |
| cve-2026-35663 | 8.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.25 - Privilege Escalation via Backen… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:23.672Z | 2026-04-14T14:28:08.608Z |
| cve-2026-35662 | 5.3 (v4.0) 4.3 (v3.1) | OpenClaw < 2026.3.22 - Missing controlScope Enforcemen… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:22.937Z | 2026-04-10T18:24:24.250Z |
| cve-2026-35661 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Butto… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:22.250Z | 2026-04-10T20:18:04.127Z |
| cve-2026-35660 | 7.2 (v4.0) 8.1 (v3.1) | OpenClaw < 2026.3.23 - Insufficient Access Control in … |
OpenClaw |
OpenClaw |
2026-04-10T16:03:21.568Z | 2026-04-13T17:41:32.978Z |
| cve-2026-35659 | 5.1 (v4.0) 4.6 (v3.1) | OpenClaw < 2026.3.22 - Unresolved Service Metadata Rou… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:20.749Z | 2026-04-10T16:58:50.963Z |
| cve-2026-35658 | 6 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Im… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:20.067Z | 2026-04-14T14:56:40.942Z |
| cve-2026-35597 | Vikunja Affected by TOTP Brute-Force Due to Non-Functi… |
go-vikunja |
vikunja |
2026-04-10T16:03:19.636Z | 2026-04-13T15:37:11.358Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0496 | Multiples vulnérabilités dans Tenable Nessus | 2023-06-29T00:00:00.000000 | 2023-06-29T00:00:00.000000 |
| certfr-2023-avi-0495 | Multiples vulnérabilités dans Google Chrome | 2023-06-27T00:00:00.000000 | 2023-06-27T00:00:00.000000 |
| certfr-2023-avi-0494 | Multiples vulnérabilités dans Stormshield Endpoint Security | 2023-06-27T00:00:00.000000 | 2023-06-27T00:00:00.000000 |
| certfr-2023-avi-0493 | Vulnérabilité dans les produits Tenable | 2023-06-27T00:00:00.000000 | 2023-06-27T00:00:00.000000 |
| certfr-2023-avi-0492 | Vulnérabilité dans les produits Ivanti | 2023-06-27T00:00:00.000000 | 2023-06-27T00:00:00.000000 |
| certfr-2023-avi-0491 | Multiples vulnérabilités dans Liferay | 2023-06-26T00:00:00.000000 | 2023-06-26T00:00:00.000000 |
| certfr-2023-avi-0490 | Multiples vulnérabilités dans NetApp ONTAP | 2023-06-26T00:00:00.000000 | 2023-06-26T00:00:00.000000 |
| certfr-2023-avi-0489 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-06-23T00:00:00.000000 | 2023-06-23T00:00:00.000000 |
| certfr-2023-avi-0488 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-06-23T00:00:00.000000 | 2023-06-23T00:00:00.000000 |
| certfr-2023-avi-0487 | Multiples vulnérabilités dans les produits Fortinet | 2023-06-23T00:00:00.000000 | 2023-06-23T00:00:00.000000 |
| certfr-2023-avi-0486 | Vulnérabilité dans StormShield Endpoint Security | 2023-06-23T00:00:00.000000 | 2023-06-23T00:00:00.000000 |
| certfr-2023-avi-0485 | Multiples vulnérabilités dans les produits Nextcloud | 2023-06-23T00:00:00.000000 | 2023-06-23T00:00:00.000000 |
| certfr-2023-avi-0484 | Multiples vulnérabilités dans les produits IBM | 2023-06-23T00:00:00.000000 | 2023-06-23T00:00:00.000000 |
| certfr-2023-avi-0483 | Multiples vulnérabilités dans les produits VMware | 2023-06-22T00:00:00.000000 | 2023-06-22T00:00:00.000000 |
| certfr-2023-avi-0482 | Multiples vulnérabilités dans les produits Nextcloud | 2023-06-22T00:00:00.000000 | 2023-06-22T00:00:00.000000 |
| certfr-2023-avi-0481 | Vulnérabilité dans Juniper Junos OS et Junos OS Evolved | 2023-06-22T00:00:00.000000 | 2023-06-22T00:00:00.000000 |
| certfr-2023-avi-0480 | Multiples vulnérabilités dans les produits Apple | 2023-06-22T00:00:00.000000 | 2023-06-22T00:00:00.000000 |
| certfr-2023-avi-0479 | Multiples vulnérabilités dans BIND | 2023-06-22T00:00:00.000000 | 2023-06-22T00:00:00.000000 |
| certfr-2023-avi-0478 | Vulnérabilité dans Apache Tomcat | 2023-06-21T00:00:00.000000 | 2023-06-21T00:00:00.000000 |
| certfr-2023-avi-0477 | Vulnérabilité dans LibreOffice | 2023-06-19T00:00:00.000000 | 2023-06-19T00:00:00.000000 |
| certfr-2023-avi-0476 | Multiples vulnérabilités dans Moodle | 2023-06-19T00:00:00.000000 | 2023-06-19T00:00:00.000000 |
| certfr-2023-avi-0475 | Multiples vulnérabilités dans Synology DiskStation Manager | 2023-06-19T00:00:00.000000 | 2023-06-19T00:00:00.000000 |
| certfr-2023-avi-0474 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-06-16T00:00:00.000000 | 2023-06-16T00:00:00.000000 |
| certfr-2023-avi-0473 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-06-16T00:00:00.000000 | 2023-06-16T00:00:00.000000 |
| certfr-2023-avi-0472 | Multiples vulnérabilités dans les produits IBM | 2023-06-16T00:00:00.000000 | 2023-06-16T00:00:00.000000 |
| certfr-2023-avi-0471 | Vulnérabilité dans Stormshield Network Security | 2023-06-16T00:00:00.000000 | 2023-06-16T00:00:00.000000 |
| certfr-2023-avi-0470 | Vulnérabilité dans Fortinet FortiOS et FortiProxy | 2023-06-16T00:00:00.000000 | 2023-06-21T00:00:00.000000 |
| certfr-2023-avi-0469 | Multiples vulnérabilités dans les produits Microsoft | 2023-06-16T00:00:00.000000 | 2023-06-16T00:00:00.000000 |
| certfr-2023-avi-0468 | Multiples vulnérabilités dans Microsoft Edge | 2023-06-16T00:00:00.000000 | 2023-06-16T00:00:00.000000 |
| certfr-2023-avi-0467 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2023-06-15T00:00:00.000000 | 2023-06-15T00:00:00.000000 |