Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-39890 | PraisonAI Affected by Remote Code Execution via YAML D… |
MervinPraison |
PraisonAI |
2026-04-08T20:45:30.928Z | 2026-04-09T16:16:51.923Z | |
| cve-2026-39889 | PraisonAI has Unauthenticated SSE Event Stream Exposes… |
MervinPraison |
PraisonAI |
2026-04-08T20:44:24.276Z | 2026-04-10T20:54:03.584Z | |
| cve-2026-39888 | PraisonAIAgents has a sandbox escape via exception fra… |
MervinPraison |
praisonaiagents |
2026-04-08T20:41:56.680Z | 2026-04-09T20:21:16.297Z | |
| cve-2026-39885 | FrontMCP Affected by SSRF via $ref Dereferencing in Un… |
agentfront |
frontmcp |
2026-04-08T20:34:20.538Z | 2026-04-09T16:16:59.067Z | |
| cve-2026-5805 | code-projects Easy Blog Site contact_us.php sql injection |
code-projects |
Easy Blog Site |
2026-04-08T20:30:18.416Z | 2026-04-09T16:17:06.443Z | |
| cve-2026-39883 | OpenTelemetry-Go has an incomplete fix for CVE-2026-24… |
open-telemetry |
opentelemetry-go |
2026-04-08T20:26:41.731Z | 2026-04-10T20:52:54.819Z | |
| cve-2026-5436 | MW WP Form <= 5.1.1 - Unauthenticated Arbitrary File M… |
inc2734 |
MW WP Form |
2026-04-08T20:25:10.473Z | 2026-04-10T20:50:10.628Z | |
| cve-2026-5451 | Extensions for Leaflet Map <= 4.14 - Authenticated (Co… |
hupe13 |
Extensions for Leaflet Map |
2026-04-08T20:25:09.844Z | 2026-04-09T17:53:32.804Z | |
| cve-2026-39882 | OpenTelemetry-Go OTLP HTTP exporters read unbounded HT… |
open-telemetry |
opentelemetry-go |
2026-04-08T20:24:19.246Z | 2026-04-09T20:22:03.109Z | |
| cve-2026-39881 | Vim Ex command injection in Vims NetBeans integration |
vim |
vim |
2026-04-08T20:18:19.774Z | 2026-04-09T13:50:24.001Z | |
| cve-2026-39429 | kcp's cache server is accessible without authenticatio… |
kcp-dev |
kcp |
2026-04-08T20:16:04.015Z | 2026-04-10T20:49:31.041Z | |
| cve-2026-5803 | bigsk1 openai-realtime-ui API Proxy Endpoint server.js… |
bigsk1 |
openai-realtime-ui |
2026-04-08T20:15:20.839Z | 2026-04-09T13:51:23.252Z | |
| cve-2026-39844 | NiceGUI has a Path Traversal in NiceGUI Upload Filenam… |
zauberzeug |
nicegui |
2026-04-08T20:13:31.935Z | 2026-04-09T16:17:11.748Z | |
| cve-2026-39416 | Stored XSS in modal item preview for long item content… |
ail-project |
ail-framework |
2026-04-08T20:11:03.757Z | 2026-04-09T20:22:54.635Z | |
| cve-2026-39415 | Frappe Learning Management System has Client-Side Mani… |
frappe |
lms |
2026-04-08T20:07:45.729Z | 2026-04-09T13:52:12.103Z | |
| cve-2026-39414 | MinIO affected a DoS via Unbounded Memory Allocation i… |
minio |
minio |
2026-04-08T20:05:11.377Z | 2026-04-09T16:17:17.322Z | |
| cve-2026-39880 | Remnawave Backend has a race condition in HWID device … |
remnawave |
backend |
2026-04-08T20:01:21.673Z | 2026-04-10T20:48:07.233Z | |
| cve-2026-5802 | idachev mcp-javadc HTTP os command injection |
idachev |
mcp-javadc |
2026-04-08T20:00:24.876Z | 2026-04-10T20:47:03.503Z | |
| cve-2026-39864 | Kamailio Auth: Processing Vulnerability For Additional… |
kamailio |
kamailio |
2026-04-08T19:58:08.565Z | 2026-04-08T20:19:53.226Z | |
| cve-2026-39863 | Kamailio Core: TCP Data Processing Vulnerability |
kamailio |
kamailio |
2026-04-08T19:55:56.632Z | 2026-04-09T13:52:38.030Z | |
| cve-2026-39862 | Tophat has a Command Injection Vulnerability When Acce… |
Shopify |
tophat |
2026-04-08T19:50:05.156Z | 2026-04-09T16:17:23.139Z | |
| cve-2026-39859 | LiquidJS has a renderFile() / parseFile() bypass confi… |
harttle |
liquidjs |
2026-04-08T19:45:21.747Z | 2026-04-10T20:45:55.071Z | |
| cve-2026-39413 | LightRAG has a JWT Algorithm Confusion Vulnerability i… |
HKUDS |
LightRAG |
2026-04-08T19:41:23.909Z | 2026-04-22T15:28:31.845Z | |
| cve-2026-39412 | LiquidJS has an ownPropertyOnly bypass via sort_natura… |
harttle |
liquidjs |
2026-04-08T19:39:17.780Z | 2026-04-09T13:53:27.859Z | |
| cve-2026-39411 | LobeHub has an unauthenticated authentication bypass o… |
lobehub |
lobehub |
2026-04-08T19:37:43.814Z | 2026-04-08T20:15:22.363Z | |
| cve-2026-39362 | InvenTree has SSRF via Remote Image Download — No IP/H… |
inventree |
InvenTree |
2026-04-08T19:32:46.744Z | 2026-04-10T20:44:13.278Z | |
| cve-2026-35525 | LiquidJS has a root restriction bypass for partial and… |
harttle |
liquidjs |
2026-04-08T19:30:24.802Z | 2026-04-08T19:53:00.573Z | |
| cve-2026-35479 | InvenTree Plugin Installation - Insufficient Permissions |
inventree |
InvenTree |
2026-04-08T19:27:57.320Z | 2026-04-09T14:16:36.423Z | |
| cve-2026-35476 | InvenTree Affected by Privilege Escalation via API |
inventree |
InvenTree |
2026-04-08T19:26:12.692Z | 2026-04-08T19:53:28.982Z | |
| cve-2026-35478 | InvenTree has Arbitrary API Token Creation |
inventree |
InvenTree |
2026-04-08T19:24:05.044Z | 2026-04-08T20:12:15.181Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-avi-910 | Multiples vulnérabilités dans les produits Microsoft | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-909 | Multiples vulnérabilités dans Microsoft Azure | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-908 | Vulnérabilité dans Microsoft .Net | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-907 | Multiples vulnérabilités dans Microsoft Windows | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-906 | Multiples vulnérabilités dans Microsoft Office | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-905 | Multiples vulnérabilités dans Citrix Hypervisor | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-904 | Multiples vulnérabilités dans les produits SAP | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-903 | Multiples vulnérabilités dans Google Chrome | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-902 | Multiples vulnérabilités dans Zimbra Collaboration | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-901 | Multiples vulnérabilités dans Xen | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-900 | Vulnérabilité dans LibreOffice | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-899 | Vulnérabilité dans VMware vRealize Operations | 2022-10-12T00:00:00.000000 | 2022-10-13T00:00:00.000000 |
| certfr-2022-avi-898 | Multiples vulnérabilités dans Aruba EdgeConnect Enterprise Orchestrator | 2022-10-12T00:00:00.000000 | 2022-10-12T00:00:00.000000 |
| certfr-2022-avi-897 | Multiples vulnérabilités dans les produits Siemens | 2022-10-11T00:00:00.000000 | 2022-10-11T00:00:00.000000 |
| certfr-2022-avi-896 | Multiples vulnérabilités dans les produits Schneider Electric | 2022-10-11T00:00:00.000000 | 2022-11-04T00:00:00.000000 |
| certfr-2022-avi-895 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-10-11T00:00:00.000000 | 2022-10-11T00:00:00.000000 |
| certfr-2022-avi-894 | Multiples vulnérabilités dans les produits Fortinet | 2022-10-11T00:00:00.000000 | 2022-10-11T00:00:00.000000 |
| certfr-2022-avi-893 | Vulnérabilité dans Apple iOS | 2022-10-11T00:00:00.000000 | 2022-10-11T00:00:00.000000 |
| certfr-2022-avi-892 | Multiples vulnérabilités dans les produits VMWare | 2022-10-10T00:00:00.000000 | 2022-10-10T00:00:00.000000 |
| certfr-2022-avi-891 | Multiples vulnérabilités dans IBM QRadar | 2022-10-10T00:00:00.000000 | 2022-10-10T00:00:00.000000 |
| certfr-2022-avi-890 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-10-07T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-avi-889 | Multiples vulnérabilités dans IBM Security QRadar Analyst Workflow | 2022-10-07T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-avi-888 | Vulnérabilité dans les produits F5 | 2022-10-07T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-avi-887 | Multiples vulnérabilités dans Microsoft Edge | 2022-10-07T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-avi-886 | Multiples vulnérabilités dans les produits IBM | 2022-10-06T00:00:00.000000 | 2022-10-06T00:00:00.000000 |
| certfr-2022-avi-885 | Multiples vulnérabilités dans les produits Cisco | 2022-10-06T00:00:00.000000 | 2022-10-06T00:00:00.000000 |
| certfr-2022-avi-884 | Multiples vulnérabilités dans Trend Micro Apex One | 2022-10-06T00:00:00.000000 | 2022-10-06T00:00:00.000000 |
| certfr-2022-avi-883 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-10-05T00:00:00.000000 | 2022-10-05T00:00:00.000000 |
| certfr-2022-avi-882 | Multiples vulnérabilités dans OpenSSH | 2022-10-05T00:00:00.000000 | 2022-10-05T00:00:00.000000 |
| certfr-2022-avi-881 | Multiples vulnérabilités dans Google Android | 2022-10-04T00:00:00.000000 | 2022-10-04T00:00:00.000000 |