Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35657 | 7.1 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.25 - Authorization Bypass in HTTP Se… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:19.372Z | 2026-04-14T14:28:51.873Z |
| cve-2026-35656 | 6.3 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:18.659Z | 2026-04-10T18:23:28.866Z |
| cve-2026-35655 | 6.9 (v4.0) 5.7 (v3.1) | OpenClaw < 2026.3.22 - Identity Spoofing via rawInput … |
OpenClaw |
OpenClaw |
2026-04-10T16:03:17.978Z | 2026-04-10T20:18:12.455Z |
| cve-2026-35654 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.25 - Authorization Bypass in Microso… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:17.081Z | 2026-04-13T17:44:33.146Z |
| cve-2026-35653 | 7.2 (v4.0) 8.1 (v3.1) | OpenClaw < 2026.3.24 - Incorrect Authorization in POST… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:16.391Z | 2026-04-10T16:59:30.616Z |
| cve-2026-35652 | 6.9 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.22 - Unauthorized Action Execution v… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:15.676Z | 2026-04-14T14:55:03.900Z |
| cve-2026-35651 | 5.3 (v4.0) 4.3 (v3.1) | OpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence … |
OpenClaw |
OpenClaw |
2026-04-10T16:03:14.791Z | 2026-04-14T14:29:29.531Z |
| cve-2026-35650 | 7.7 (v4.0) 7.5 (v3.1) | OpenClaw < 2026.3.22 - Environment Variable Override B… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:13.984Z | 2026-04-10T18:22:40.750Z |
| cve-2026-35649 | 6.3 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.22 - Settings Reconciliation Bypass … |
OpenClaw |
OpenClaw |
2026-04-10T16:03:13.290Z | 2026-04-13T15:37:18.430Z |
| cve-2026-35648 | 2.3 (v4.0) 3.7 (v3.1) | OpenClaw < 2026.3.22 - Policy Bypass via Unvalidated Q… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:12.588Z | 2026-04-13T17:55:23.719Z |
| cve-2026-35647 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.25 - Direct Message Policy Bypass vi… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:11.903Z | 2026-04-10T17:21:38.896Z |
| cve-2026-35643 | 8.6 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.22 - Arbitrary Code Execution via Un… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:11.209Z | 2026-04-14T14:54:05.741Z |
| cve-2026-35641 | 8.4 (v4.0) 7.8 (v3.1) | OpenClaw < 2026.3.24 - Arbitrary Code Execution via .n… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:10.490Z | 2026-04-14T14:30:49.773Z |
| cve-2026-35621 | 7.1 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.24 - Privilege Escalation via chat.s… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:09.856Z | 2026-04-10T18:21:15.828Z |
| cve-2026-35620 | 5.3 (v4.0) 5.4 (v3.1) | OpenClaw < 2026.3.24 - Missing Authorization in /send … |
OpenClaw |
OpenClaw |
2026-04-10T16:03:09.127Z | 2026-04-13T15:37:24.593Z |
| cve-2026-35619 | 5.3 (v4.0) 4.3 (v3.1) | OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:08.449Z | 2026-04-13T18:06:28.539Z |
| cve-2026-35596 | Vikunja has Broken Access Control on Label Read via SQ… |
go-vikunja |
vikunja |
2026-04-10T15:59:43.255Z | 2026-04-14T14:51:51.537Z | |
| cve-2026-35595 | Vikunja Affected by Privilege Escalation via Project R… |
go-vikunja |
vikunja |
2026-04-10T15:58:32.658Z | 2026-04-10T18:16:18.230Z | |
| cve-2026-35594 | Vikunja Link Share JWT tokens remain valid for 72 hour… |
go-vikunja |
vikunja |
2026-04-10T15:55:04.929Z | 2026-04-14T14:32:15.339Z | |
| cve-2026-40228 | 2.9 (v3.1) | In systemd 259, systemd-journald can send ANSI es… |
systemd |
systemd |
2026-04-10T15:48:44.215Z | 2026-04-10T17:27:22.882Z |
| cve-2026-40023 | 6.3 (v4.0) | Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx… |
Apache Software Foundation |
Apache Log4cxx |
2026-04-10T15:45:52.895Z | 2026-04-10T17:29:20.009Z |
| cve-2026-34727 | Vikunja ahs a TOTP Two-Factor Authentication Bypass vi… |
go-vikunja |
vikunja |
2026-04-10T15:45:30.662Z | 2026-04-13T15:37:32.071Z | |
| cve-2026-40021 | 6.3 (v4.0) | Apache Log4net: Silent log event loss in XmlLayout and… |
Apache Software Foundation |
Apache Log4net |
2026-04-10T15:44:17.451Z | 2026-04-10T17:35:01.228Z |
| cve-2026-34481 | 6.3 (v4.0) | Apache Log4j JSON Template Layout: Improper serializat… |
Apache Software Foundation |
Apache Log4j JSON Template Layout |
2026-04-10T15:43:00.100Z | 2026-04-10T17:41:38.229Z |
| cve-2026-34480 | 6.9 (v4.0) | Apache Log4j Core: Silent log event loss in XmlLayout … |
Apache Software Foundation |
Apache Log4j Core |
2026-04-10T15:42:03.843Z | 2026-04-10T17:45:07.434Z |
| cve-2026-34479 | 6.9 (v4.0) | Apache Log4j 1 to Log4j 2 bridge: Silent log event los… |
Apache Software Foundation |
Apache Log4j 1 to Log4j 2 bridge |
2026-04-10T15:41:07.888Z | 2026-04-10T17:47:34.402Z |
| cve-2026-34478 | 6.9 (v4.0) | Apache Log4j Core: Log injection in Rfc5424Layout due … |
Apache Software Foundation |
Apache Log4j Core |
2026-04-10T15:40:17.713Z | 2026-04-10T17:50:12.484Z |
| cve-2026-34477 | 6.3 (v4.0) | Apache Log4j Core: verifyHostName attribute silently i… |
Apache Software Foundation |
Apache Log4j Core |
2026-04-10T15:36:19.740Z | 2026-04-10T17:38:57.154Z |
| cve-2026-29043 | HDF5 H5T__ref_mem_setnull Heap Buffer Overflow |
HDFGroup |
hdf5 |
2026-04-10T15:35:51.682Z | 2026-04-14T14:50:46.566Z | |
| cve-2026-40227 | 6.2 (v3.1) | In systemd 260 before 261, a local unprivileged u… |
systemd |
systemd |
2026-04-10T15:19:51.433Z | 2026-04-14T14:49:32.971Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0466 | Vulnérabilité dans les produits ESET | 2023-06-15T00:00:00.000000 | 2023-06-15T00:00:00.000000 |
| certfr-2023-avi-0465 | Multiples vulnérabilités dans les produits Microsoft | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0464 | Multiples vulnérabilités dans Microsoft Azure | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0463 | Multiples vulnérabilités dans Microsoft .Net | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0462 | Multiples vulnérabilités dans Microsoft Windows | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0461 | Multiples vulnérabilités dans Microsoft Office | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0460 | Vulnérabilité dans Microsoft Edge | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0459 | Multiples vulnérabilités dans Google Chrome | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0458 | Multiples vulnérabilités dans les produits Citrix | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0457 | Vulnérabilité dans VMware Tools | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0456 | Multiples vulnérabilités dans Apache Struts 2 | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0455 | Multiples vulnérabilités dans Adobe Commerce et Magento | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0454 | Multiples vulnérabilités dans les produits SAP | 2023-06-14T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0453 | Multiples vulnérabilités dans les produits Siemens | 2023-06-13T00:00:00.000000 | 2023-06-14T00:00:00.000000 |
| certfr-2023-avi-0452 | Multiples vulnérabilités dans les produits Schneider Electric | 2023-06-13T00:00:00.000000 | 2023-06-13T00:00:00.000000 |
| certfr-2023-avi-0451 | Multiples vulnérabilités dans les produits Fortinet | 2023-06-13T00:00:00.000000 | 2023-06-13T00:00:00.000000 |
| certfr-2023-avi-0450 | Multiples vulnérabilités dans Mozilla Thunderbird | 2023-06-12T00:00:00.000000 | 2023-06-12T00:00:00.000000 |
| certfr-2023-avi-0449 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-06-09T00:00:00.000000 | 2023-06-09T00:00:00.000000 |
| certfr-2023-avi-0448 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-06-09T00:00:00.000000 | 2023-06-09T00:00:00.000000 |
| certfr-2023-avi-0447 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-06-09T00:00:00.000000 | 2023-06-09T00:00:00.000000 |
| certfr-2023-avi-0446 | Multiples vulnérabilités dans les produits IBM | 2023-06-09T00:00:00.000000 | 2023-06-09T00:00:00.000000 |
| certfr-2023-avi-0445 | Multiples vulnérabilités dans le noyau Linux de DebianLTS | 2023-06-09T00:00:00.000000 | 2023-06-09T00:00:00.000000 |
| certfr-2023-avi-0444 | Multiples vulnérabilités dans les produits IBM | 2023-06-08T00:00:00.000000 | 2023-06-08T00:00:00.000000 |
| certfr-2023-avi-0443 | Multiples vulnérabilités dans les produits Cisco | 2023-06-08T00:00:00.000000 | 2023-06-08T00:00:00.000000 |
| certfr-2023-avi-0442 | Vulnérabilité dans SPIP | 2023-06-08T00:00:00.000000 | 2023-06-08T00:00:00.000000 |
| certfr-2023-avi-0441 | Multiples vulnérabilités dans VMware Aria Operations for Networks | 2023-06-08T00:00:00.000000 | 2023-06-08T00:00:00.000000 |
| certfr-2023-avi-0440 | Vulnérabilité dans Microsoft Edge | 2023-06-07T00:00:00.000000 | 2023-06-07T00:00:00.000000 |
| certfr-2023-avi-0439 | Multiples vulnérabilités dans Trend Micro Apex One | 2023-06-07T00:00:00.000000 | 2023-06-07T00:00:00.000000 |
| certfr-2023-avi-0438 | Multiples vulnérabilités dans Mozilla Firefox et Firefox ESR | 2023-06-07T00:00:00.000000 | 2023-06-07T00:00:00.000000 |
| certfr-2023-avi-0437 | Multiples vulnérabilités dans Postfix | 2023-06-07T00:00:00.000000 | 2023-06-07T00:00:00.000000 |