Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33229 | XWiki Platform affected by remote code execution with … |
xwiki |
xwiki-platform |
2026-04-08T14:53:35.977Z | 2026-04-10T20:33:15.897Z | |
| cve-2026-39410 | Hono has a non-breaking space prefix bypass in cookie … |
honojs |
hono |
2026-04-08T14:44:40.797Z | 2026-04-08T15:17:14.892Z | |
| cve-2026-39409 | Hono has incorrect IP matching in ipRestriction() for … |
honojs |
hono |
2026-04-08T14:43:36.476Z | 2026-04-08T16:13:05.175Z | |
| cve-2026-39408 | Hono has a path traversal in toSSG() allows writing fi… |
honojs |
hono |
2026-04-08T14:42:25.357Z | 2026-04-10T20:31:47.508Z | |
| cve-2026-39407 | Hono has a middleware bypass via repeated slashes in s… |
honojs |
hono |
2026-04-08T14:41:20.301Z | 2026-04-08T16:04:59.862Z | |
| cve-2026-39406 | @hono/node-server has a middleware bypass via repeated… |
honojs |
node-server |
2026-04-08T14:34:30.543Z | 2026-04-08T15:17:38.121Z | |
| cve-2026-39394 | CI4MS has an .env CRLF Injection via Unvalidated `host… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:32:31.680Z | 2026-04-08T16:13:10.966Z | |
| cve-2026-39393 | Post-Installation Re-entry via Cache-Dependent Install… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:31:44.692Z | 2026-04-10T20:29:43.521Z | |
| cve-2026-39392 | CI4MS has Stored XSS in Pages Content Due to Missing h… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:30:59.132Z | 2026-04-08T16:05:26.652Z | |
| cve-2026-39391 | CI4MS has Stored XSS via Unescaped Blacklist Note in A… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:30:18.750Z | 2026-04-08T15:18:08.667Z | |
| cve-2026-39390 | CI4MS has Stored XSS via srcdoc attribute bypass in Go… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:29:28.500Z | 2026-04-08T16:13:16.580Z | |
| cve-2026-39389 | CI4MS has a Hidden Items Authorization Bypass in Filee… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:28:29.847Z | 2026-04-10T20:28:55.783Z | |
| cve-2026-39865 | Axios HTTP/2 Session Cleanup State Corruption Vulnerability |
axios |
axios |
2026-04-08T14:25:27.865Z | 2026-04-27T17:00:06.795Z | |
| cve-2025-58713 | 6.4 (v3.1) | Rhpam: privilege escalation via excessive /etc/passwd … |
Red Hat |
Red Hat Process Automation 7 |
2026-04-08T13:55:11.428Z | 2026-04-08T14:28:41.733Z |
| cve-2025-57853 | 6.4 (v3.1) | Web-terminal: privilege escalation via excessive /etc/… |
Red Hat |
Red Hat Web Terminal |
2026-04-08T13:55:06.787Z | 2026-04-08T16:06:20.933Z |
| cve-2025-57854 | 6.4 (v3.1) | Osus-operator: privilege escalation via excessive /etc… |
Red Hat |
Red Hat OpenShift Update Service |
2026-04-08T13:55:06.739Z | 2026-04-08T14:42:32.600Z |
| cve-2025-57851 | 6.4 (v3.1) | Mce: privilege escalation via excessive /etc/passwd pe… |
Red Hat |
Multicluster Engine for Kubernetes |
2026-04-08T13:55:00.925Z | 2026-04-08T15:18:38.990Z |
| cve-2025-57847 | 6.4 (v3.1) | Ansible-automation-platform: privilege escalation via … |
Red Hat |
Red Hat Ansible Automation Platform 2 |
2026-04-08T13:55:00.729Z | 2026-04-08T16:13:23.024Z |
| cve-2026-5795 | 7.4 (v3.1) | In Eclipse Jetty, the class JASPIAuthenticator in… |
Eclipse Foundation |
Eclipse Jetty |
2026-04-08T13:32:28.935Z | 2026-04-09T03:56:11.784Z |
| cve-2026-2509 | Page Builder: Pagelayer <= 2.0.8 - Authenticated (Cont… |
softaculous |
Page Builder: Pagelayer – Drag and Drop website builder |
2026-04-08T13:26:00.333Z | 2026-04-08T17:09:13.112Z | |
| cve-2025-14816 | 9.3 (v4.0) | Information Disclosure, Tampering, and Denial-of-Servi… |
Mitsubishi Electric Corporation |
GENESIS64 |
2026-04-08T13:23:41.344Z | 2026-04-08T16:04:26.135Z |
| cve-2025-14815 | 9.3 (v4.0) | Information Disclosure, Tampering, and Denial-of-Servi… |
Mitsubishi Electric Corporation |
GENESIS64 |
2026-04-08T13:15:30.168Z | 2026-04-08T16:03:44.001Z |
| cve-2026-31411 | N/A | net: atm: fix crash due to unvalidated vcc pointer in … |
Linux |
Linux |
2026-04-08T13:06:17.800Z | 2026-04-13T06:08:40.030Z |
| cve-2026-35023 | 5.3 (v4.0) 4.3 (v3.1) | Wimi Teamwork On-Premises < 8.2.0 IDOR via preview.php |
Cloud Solutions SAS |
Wimi Teamwork |
2026-04-08T12:59:26.364Z | 2026-04-09T17:57:56.369Z |
| cve-2026-28261 | 7.8 (v3.1) | Dell Elastic Cloud Storage, version 3.8.1.7 and p… |
Dell |
Elastic Cloud Storage |
2026-04-08T12:43:54.291Z | 2026-04-09T03:55:55.676Z |
| cve-2026-24511 | 4.4 (v3.1) | Dell PowerScale OneFS, versions 9.5.0.0 through 9… |
Dell |
PowerScale OneFS |
2026-04-08T12:28:21.077Z | 2026-04-08T16:13:35.249Z |
| cve-2026-5600 | 5.5 (v4.0) | A new API endpoint introduced in pretix 2025 that… |
pretix |
pretix |
2026-04-08T12:24:51.602Z | 2026-04-08T16:03:07.473Z |
| cve-2026-27102 | 6.6 (v3.1) | Dell PowerScale OneFS, versions 9.5.0.0 through 9… |
Dell |
PowerScale OneFS |
2026-04-08T12:11:23.717Z | 2026-04-13T15:37:35.174Z |
| cve-2026-5302 | 6.3 (v3.1) | Permissive Cross-domain Policy with Untrusted Domains … |
CoolerControl |
coolercontrold |
2026-04-08T12:05:06.430Z | 2026-04-08T14:10:15.915Z |
| cve-2026-5300 | 5.9 (v3.1) | Missing Authentication for Critical Function in cooler… |
CoolerControl |
coolercontrold |
2026-04-08T12:04:56.421Z | 2026-04-08T14:11:53.589Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-avi-819 | Multiples vulnérabilités dans les produits SAP | 2022-09-14T00:00:00.000000 | 2022-09-14T00:00:00.000000 |
| certfr-2022-avi-818 | Vulnérabilité dans Citrix Hypervisor | 2022-09-14T00:00:00.000000 | 2022-09-14T00:00:00.000000 |
| certfr-2022-avi-817 | Multiples vulnérabilités dans Trend Micro Apex One | 2022-09-14T00:00:00.000000 | 2022-09-14T00:00:00.000000 |
| certfr-2022-avi-816 | Multiples vulnérabilités dans les produits IBM | 2022-09-14T00:00:00.000000 | 2022-09-14T00:00:00.000000 |
| certfr-2022-avi-815 | Multiples vulnérabilités dans les produits Schneider | 2022-09-13T00:00:00.000000 | 2022-09-13T00:00:00.000000 |
| certfr-2022-avi-814 | Multiples vulnérabilités dans les produits SIEMENS | 2022-09-13T00:00:00.000000 | 2022-09-13T00:00:00.000000 |
| certfr-2022-avi-813 | Multiples vulnérabilités dans Typo3 | 2022-09-13T00:00:00.000000 | 2022-09-13T00:00:00.000000 |
| certfr-2022-avi-812 | Multiples vulnérabilités dans les produits Apple | 2022-09-13T00:00:00.000000 | 2022-09-13T00:00:00.000000 |
| certfr-2022-avi-811 | Multiples vulnérabilités dans les produits IBM | 2022-09-13T00:00:00.000000 | 2022-09-13T00:00:00.000000 |
| certfr-2022-avi-810 | Multiples vulnérabilités dans Sophos Firewall | 2022-09-13T00:00:00.000000 | 2022-09-13T00:00:00.000000 |
| certfr-2022-avi-809 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2022-09-12T00:00:00.000000 | 2022-09-12T00:00:00.000000 |
| certfr-2022-avi-808 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-09-12T00:00:00.000000 | 2022-09-12T00:00:00.000000 |
| certfr-2022-avi-807 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-09-09T00:00:00.000000 | 2022-09-09T00:00:00.000000 |
| certfr-2022-avi-806 | Multiples vulnérabilités dans les produits Cisco | 2022-09-08T00:00:00.000000 | 2022-09-08T00:00:00.000000 |
| certfr-2022-avi-805 | Vulnérabilité dans Tenable.sc | 2022-09-08T00:00:00.000000 | 2022-09-08T00:00:00.000000 |
| certfr-2022-avi-804 | Multiples vulnérabilités dans Aruba Clearpass Policy Manager | 2022-09-08T00:00:00.000000 | 2022-09-08T00:00:00.000000 |
| certfr-2022-avi-803 | Vulnérabilité dans Wireshark | 2022-09-08T00:00:00.000000 | 2022-09-08T00:00:00.000000 |
| certfr-2022-avi-802 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-09-07T00:00:00.000000 | 2022-09-07T00:00:00.000000 |
| certfr-2022-avi-801 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-09-07T00:00:00.000000 | 2022-09-07T00:00:00.000000 |
| certfr-2022-avi-800 | Multiples vulnérabilités dans les produits Fortinet | 2022-09-07T00:00:00.000000 | 2022-09-07T00:00:00.000000 |
| certfr-2022-avi-799 | Multiples vulnérabilités dans Google Android | 2022-09-07T00:00:00.000000 | 2022-09-07T00:00:00.000000 |
| certfr-2022-avi-798 | Vulnérabilité dans WithSecure F-Secure | 2022-09-06T00:00:00.000000 | 2022-09-06T00:00:00.000000 |
| certfr-2022-avi-797 | Vulnérabilité dans les produits WithSecure | 2022-09-05T00:00:00.000000 | 2022-09-05T00:00:00.000000 |
| certfr-2022-avi-796 | Vulnérabilité dans Microsoft Edge | 2022-09-05T00:00:00.000000 | 2022-09-05T00:00:00.000000 |
| certfr-2022-avi-795 | Vulnérabilité dans Google Chrome | 2022-09-05T00:00:00.000000 | 2022-09-05T00:00:00.000000 |
| certfr-2022-avi-794 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-09-05T00:00:00.000000 | 2022-09-05T00:00:00.000000 |
| certfr-2022-avi-793 | Multiples vulnérabilités dans Microsoft Edge | 2022-09-02T00:00:00.000000 | 2022-09-02T00:00:00.000000 |
| certfr-2022-avi-792 | Multiples vulnérabilités dans les produits F5 | 2022-09-02T00:00:00.000000 | 2022-09-02T00:00:00.000000 |
| certfr-2022-avi-791 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2022-09-02T00:00:00.000000 | 2022-09-02T00:00:00.000000 |
| certfr-2022-avi-790 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-09-02T00:00:00.000000 | 2022-09-02T00:00:00.000000 |