Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35206 | Helm Chart extraction output directory collapse via `C… |
helm |
helm |
2026-04-09T21:02:13.594Z | 2026-04-14T14:45:12.096Z | |
| cve-2026-5980 | D-Link DIR-605L POST Request formSetMACFilter buffer o… |
D-Link |
DIR-605L |
2026-04-09T21:00:23.939Z | 2026-04-10T14:05:53.814Z | |
| cve-2023-54364 | 5.1 (v4.0) 6.1 (v3.1) | Joomla HikaShop 4.7.4 Reflected XSS via Product Filter |
Hikashop |
Joomla HikaShop |
2026-04-09T20:54:53.568Z | 2026-04-10T18:10:51.242Z |
| cve-2023-54363 | 5.1 (v4.0) 6.1 (v3.1) | Joomla Solidres 2.13.3 Reflected XSS via Multiple Parameters |
Solidres |
Joomla Solidres |
2026-04-09T20:54:52.838Z | 2026-04-10T15:55:28.694Z |
| cve-2023-54362 | 5.1 (v4.0) 6.1 (v3.1) | Joomla VirtueMart Shopping-Cart 4.0.12 Reflected XSS v… |
Virtuemart |
Cart |
2026-04-09T20:54:51.782Z | 2026-04-13T15:00:12.340Z |
| cve-2023-54361 | 5.1 (v4.0) 6.1 (v3.1) | Joomla iProperty Real Estate 4.1.1 Reflected XSS via f… |
Thethinkery |
Joomla iProperty Real Estate |
2026-04-09T20:54:51.052Z | 2026-04-10T14:06:28.536Z |
| cve-2023-54360 | 5.1 (v4.0) 6.1 (v3.1) | Joomla JLex Review 6.0.1 Reflected XSS via review_id P… |
Jlexart |
Joomla JLex Review |
2026-04-09T20:54:50.323Z | 2026-04-13T20:23:08.773Z |
| cve-2023-54359 | 8.8 (v4.0) 8.2 (v3.1) | WordPress adivaha Travel Plugin 2.3 SQL Injection via pid |
Adivaha |
WordPress adivaha Travel Plugin |
2026-04-09T20:54:49.464Z | 2026-04-14T14:49:14.120Z |
| cve-2023-54358 | 5.1 (v4.0) 6.1 (v3.1) | WordPress adivaha Travel Plugin 2.3 Reflected XSS via … |
Adivaha |
WordPress adivaha Travel Plugin |
2026-04-09T20:54:48.665Z | 2026-04-10T18:10:15.754Z |
| cve-2026-5979 | D-Link DIR-605L POST Request formVirtualServ buffer overflow |
D-Link |
DIR-605L |
2026-04-09T20:45:15.856Z | 2026-04-10T18:08:05.848Z | |
| cve-2026-5978 | Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os co… |
Totolink |
A7100RU |
2026-04-09T20:30:15.179Z | 2026-04-14T16:34:03.036Z | |
| cve-2026-40093 | nimiq-blockchain is missing a wall-clock upper bound o… |
nimiq |
core-rs-albatross |
2026-04-09T20:29:46.026Z | 2026-04-13T15:38:14.634Z | |
| cve-2026-5977 | Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os co… |
Totolink |
A7100RU |
2026-04-09T20:15:14.227Z | 2026-04-14T14:48:40.525Z | |
| cve-2026-5447 | 6.3 (v4.0) | Heap buffer overflow in CertFromX509() via AuthorityKe… |
wolfSSL |
wolfSSL |
2026-04-09T20:13:34.398Z | 2026-04-10T18:07:28.848Z |
| cve-2026-4436 | 8.6 (v3.1) | GPL Odorizers GPL750 Missing Authentication for Critic… |
GPL Odorizers |
GPL750 (XL4) |
2026-04-09T20:04:26.208Z | 2026-04-14T14:04:53.417Z |
| cve-2026-5976 | Totolink A7100RU CGI cstecgi.cgi setStorageCfg os comm… |
Totolink |
A7100RU |
2026-04-09T20:00:21.322Z | 2026-04-13T20:21:31.141Z | |
| cve-2025-13926 | 9.8 (v3.1) 9.3 (v4.0) | Contemporary Controls BASC 20T Reliance on Untrusted I… |
Contemporary Controls |
BASControl20 |
2026-04-09T19:47:17.841Z | 2026-04-10T14:11:21.320Z |
| cve-2026-5187 | 2.3 (v4.0) | Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL |
wolfSSL |
wolfSSL |
2026-04-09T19:45:39.937Z | 2026-04-14T14:04:53.585Z |
| cve-2026-5975 | Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command … |
Totolink |
A7100RU |
2026-04-09T19:45:18.440Z | 2026-04-09T20:10:54.661Z | |
| cve-2026-40088 | Improper Neutralization of Special Elements used in an… |
MervinPraison |
PraisonAI |
2026-04-09T19:45:13.203Z | 2026-04-09T20:14:56.938Z | |
| cve-2026-40089 | Sonicverse has Server-Side Request Forgery via user-co… |
sonicverse-eu |
audiostreaming-stack |
2026-04-09T19:43:09.606Z | 2026-04-13T20:20:37.737Z | |
| cve-2026-35577 | Missing Host Header Validation in Apollo MCP Server fo… |
apollographql |
apollo-mcp-server |
2026-04-09T19:40:25.604Z | 2026-04-13T15:38:20.875Z | |
| cve-2026-34500 | Apache Tomcat: OCSP checks sometimes soft-fail with FF… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:36:52.857Z | 2026-04-10T14:22:31.310Z | |
| cve-2026-34487 | Apache Tomcat: Cloud membership for clustering compone… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:36:12.048Z | 2026-04-10T17:49:44.314Z | |
| cve-2026-34486 | Apache Tomcat: Fix for CVE-2026-29146 allowed bypass o… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:35:35.994Z | 2026-04-10T20:20:56.605Z | |
| cve-2026-40087 | LangChain has incomplete f-string validation in prompt… |
langchain-ai |
langchain |
2026-04-09T19:34:55.198Z | 2026-04-14T14:48:03.160Z | |
| cve-2026-34483 | Apache Tomcat: Incomplete escaping of JSON access logs |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:30:28.874Z | 2026-04-10T20:17:38.858Z | |
| cve-2026-5194 | 9.3 (v4.0) | wolfSSL ECDSA Certificate Verification |
wolfSSL |
wolfSSL |
2026-04-09T19:30:24.095Z | 2026-04-22T03:55:45.778Z |
| cve-2026-5974 | FoundationAgents MetaGPT terminal.py Bash.run os comma… |
FoundationAgents |
MetaGPT |
2026-04-09T19:30:15.216Z | 2026-04-09T20:17:26.123Z | |
| cve-2026-40077 | Beszel has an IDOR in hub API endpoints that read syst… |
henrygd |
beszel |
2026-04-09T19:27:39.364Z | 2026-04-13T20:19:45.967Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-0134 | Vulnérabilité dans OwnCloud Android App | 2023-02-16T00:00:00.000000 | 2023-02-16T00:00:00.000000 |
| certfr-2023-avi-0133 | Multiples vulnérabilités dans les produits Microsoft | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0132 | Multiples vulnérabilités dans Microsoft Azure | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0131 | Multiples vulnérabilités dans Microsoft .Net | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0130 | Multiples vulnérabilités dans Microsoft Windows | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0129 | Multiples vulnérabilités dans Microsoft Office | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0128 | Multiples vulnérabilités dans les produits IBM | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0127 | Multiples vulnérabilités dans les produits Intel | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0126 | Multiples vulnérabilités dans les produits Schneider Electric | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0125 | Multiples vulnérabilités dans les produits SAP | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0124 | Multiples vulnérabilités dans Mozilla Firefox | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0123 | Multiples vulnérabilités dans les produits Citrix | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0122 | Multiples vulnérabilités dans les produits GitLab | 2023-02-15T00:00:00.000000 | 2023-02-15T00:00:00.000000 |
| certfr-2023-avi-0121 | Multiples vulnérabilités dans les produits Siemens | 2023-02-14T00:00:00.000000 | 2023-02-14T00:00:00.000000 |
| certfr-2023-avi-0120 | Multiples vulnérabilités dans les produits IBM | 2023-02-14T00:00:00.000000 | 2023-02-14T00:00:00.000000 |
| certfr-2023-avi-0119 | Multiples vulnérabilités dans les produits Apple | 2023-02-14T00:00:00.000000 | 2023-02-14T00:00:00.000000 |
| certfr-2023-avi-0118 | Vulnérabilité dans SonicWall Email Security | 2023-02-14T00:00:00.000000 | 2023-02-14T00:00:00.000000 |
| certfr-2023-avi-0117 | Multiples vulnérabilités dans les produits Nextcloud | 2023-02-14T00:00:00.000000 | 2023-02-14T00:00:00.000000 |
| certfr-2023-avi-0116 | Multiples vulnérabilités dans les produits IBM | 2023-02-13T00:00:00.000000 | 2023-02-13T00:00:00.000000 |
| certfr-2023-avi-0115 | Vulnérabilité dans Wallix Access Manager | 2023-02-13T00:00:00.000000 | 2023-02-13T00:00:00.000000 |
| certfr-2023-avi-0114 | Vulnérabilité dans Belden HiSecOS | 2023-02-10T00:00:00.000000 | 2023-02-10T00:00:00.000000 |
| certfr-2023-avi-0113 | Multiples vulnérabilités dans Microsoft Edge | 2023-02-10T00:00:00.000000 | 2023-02-10T00:00:00.000000 |
| certfr-2023-avi-0112 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-02-10T00:00:00.000000 | 2023-02-10T00:00:00.000000 |
| certfr-2023-avi-0111 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-02-10T00:00:00.000000 | 2023-02-10T00:00:00.000000 |
| certfr-2023-avi-0110 | Multiples vulnérabilités dans les produits IBM | 2023-02-09T00:00:00.000000 | 2023-02-09T00:00:00.000000 |
| certfr-2023-avi-0109 | Vulnérabilité dans les produits WithSecure | 2023-02-09T00:00:00.000000 | 2023-02-09T00:00:00.000000 |
| certfr-2023-avi-0108 | Vulnérabilité dans Tenable Nessus | 2023-02-09T00:00:00.000000 | 2023-02-09T00:00:00.000000 |
| certfr-2023-avi-0107 | Vulnérabilité dans PostgreSQL | 2023-02-09T00:00:00.000000 | 2023-02-09T00:00:00.000000 |
| certfr-2023-avi-0106 | Multiples vulnérabilités dans les produits TrendMicro | 2023-02-09T00:00:00.000000 | 2023-02-09T00:00:00.000000 |
| certfr-2023-avi-0105 | Multiples vulnérabilités dans les produits PaloAlto | 2023-02-09T00:00:00.000000 | 2023-02-09T00:00:00.000000 |