Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34985 | LORIS has incorrect access checks in media module |
aces |
Loris |
2026-04-08T18:22:09.927Z | 2026-04-10T20:41:48.430Z | |
| cve-2026-20709 | 6.6 (v3.1) 5.8 (v4.0) | Use of Default Cryptographic Key in the hardware … |
n/a |
Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts. |
2026-04-08T18:20:48.374Z | 2026-04-08T19:50:31.560Z |
| cve-2026-34837 | Zammad is miissing authorization in AI assistance cont… |
zammad |
zammad |
2026-04-08T18:20:00.977Z | 2026-04-08T19:52:03.644Z | |
| cve-2026-34782 | Zammad has improper access control in AI assistance co… |
zammad |
zammad |
2026-04-08T18:18:32.044Z | 2026-04-09T14:22:06.575Z | |
| cve-2026-34724 | Zammad has a server-side template injection leading to… |
zammad |
zammad |
2026-04-08T18:17:30.178Z | 2026-04-09T16:17:29.350Z | |
| cve-2026-34723 | Zammad has incorrect access control in getting_started… |
zammad |
zammad |
2026-04-08T18:14:08.582Z | 2026-04-10T20:40:49.909Z | |
| cve-2026-34722 | Zammad is missing authorization in ticket create endpoint |
zammad |
zammad |
2026-04-08T18:13:20.927Z | 2026-04-08T19:51:42.966Z | |
| cve-2026-34721 | Zammad has Cross-site request forgery (CSRF) in OAuth … |
zammad |
zammad |
2026-04-08T18:12:32.504Z | 2026-04-09T14:22:33.535Z | |
| cve-2026-34720 | Zammad has an origin validation error in SSO mechanism |
zammad |
zammad |
2026-04-08T18:11:23.538Z | 2026-04-09T16:17:34.878Z | |
| cve-2026-34719 | Zammad has a Server-side request forgery (SSRF) via webhooks |
zammad |
zammad |
2026-04-08T18:02:16.224Z | 2026-04-10T20:38:50.653Z | |
| cve-2026-34718 | Zammad improperly neutralizes of script-related HTML t… |
zammad |
zammad |
2026-04-08T18:01:20.870Z | 2026-04-08T19:51:19.873Z | |
| cve-2026-34248 | Zammad has an information disclosure in ticket detail … |
zammad |
zammad |
2026-04-08T18:00:09.868Z | 2026-04-09T16:17:40.442Z | |
| cve-2026-34392 | LORIS has a path traversal in static router |
aces |
Loris |
2026-04-08T17:57:35.927Z | 2026-04-09T14:23:46.526Z | |
| cve-2026-30818 | 8.5 (v4.0) | OS Command Injection Vulnerability in dnsmasq Module i… |
TP-Link Systems Inc. |
AX53 v1.0 |
2026-04-08T17:54:44.175Z | 2026-04-09T03:56:18.130Z |
| cve-2026-30817 | 6.8 (v4.0) | Arbitrary File Reading Vulnerability in dnsmasq Module… |
TP-Link Systems Inc. |
AX53 v1.0 |
2026-04-08T17:53:58.495Z | 2026-04-08T19:21:49.676Z |
| cve-2026-30816 | 6.8 (v4.0) | Arbitrary File Reading Vulnerability in OpenVPN Module… |
TP-Link Systems Inc. |
AX53 v1.0 |
2026-04-08T17:53:20.560Z | 2026-04-08T19:21:56.624Z |
| cve-2026-30815 | 8.5 (v4.0) | OS Command Injection Vulnerability in OpenVPN Module i… |
TP-Link Systems Inc. |
AX53 v1.0 |
2026-04-08T17:52:29.336Z | 2026-04-09T03:56:16.458Z |
| cve-2026-34166 | LiquidJS has a Memory Limit Bypass via Quadratic Ampli… |
harttle |
liquidjs |
2026-04-08T17:52:05.849Z | 2026-04-10T20:37:03.164Z | |
| cve-2026-30814 | 7.3 (v4.0) | Buffer Overflow Vulnerability in TP-Link AX53 |
TP-Link Systems Inc. |
AX53 v1.0 |
2026-04-08T17:52:00.929Z | 2026-04-09T03:56:15.034Z |
| cve-2026-33350 | LORIS has a SQL injection in MRI feedback popup |
aces |
Loris |
2026-04-08T17:47:32.566Z | 2026-04-08T19:24:05.846Z | |
| cve-2026-27806 | Fleet Affected by Local Privilege Escalation via Tcl C… |
fleetdm |
fleet |
2026-04-08T17:40:24.119Z | 2026-04-09T14:24:14.670Z | |
| cve-2026-39851 | Saleor has a user enumeration vulnerability due to dif… |
saleor |
saleor |
2026-04-08T17:33:37.998Z | 2026-04-08T19:22:20.422Z | |
| cve-2025-30650 | 6.7 (v3.1) 8.4 (v4.0) | Junos OS: Privileged local user can gain access to a L… |
Juniper Networks |
Junos OS |
2026-04-08T17:26:35.685Z | 2026-04-13T21:17:19.185Z |
| cve-2026-0811 | Advanced CF7 DB <= 2.0.9 - Cross-Site Request Forgery … |
vsourz1td |
Advanced Contact form 7 DB |
2026-04-08T17:25:52.629Z | 2026-04-08T19:10:25.260Z | |
| cve-2026-0814 | Advanced CF7 DB <= 2.0.9 - Missing Authorization to Au… |
vsourz1td |
Advanced Contact form 7 DB |
2026-04-08T17:25:52.159Z | 2026-04-08T18:36:26.257Z | |
| cve-2026-2942 | ProSolution WP Client <= 1.9.9 - Unauthenticated Arbit… |
prosolution |
ProSolution WP Client |
2026-04-08T17:25:51.614Z | 2026-04-08T19:22:50.228Z | |
| cve-2026-35407 | Saleor has Cross-Account Email Change via Unbound Conf… |
saleor |
saleor |
2026-04-08T17:24:39.716Z | 2026-04-10T20:36:19.733Z | |
| cve-2026-35401 | Saleor has a resource exhaustion vulnerability in Grap… |
saleor |
saleor |
2026-04-08T17:22:10.683Z | 2026-04-08T19:21:37.796Z | |
| cve-2026-33756 | Saleor Affected by Denial of Service via Unbounded Gra… |
saleor |
saleor |
2026-04-08T17:07:57.920Z | 2026-04-08T18:42:28.521Z | |
| cve-2026-32591 | 5.2 (v3.1) | Mirror-registry: quay: server-side request forgery in … |
Red Hat |
mirror registry for Red Hat OpenShift |
2026-04-08T17:06:58.222Z | 2026-04-21T23:33:34.913Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-avi-639 | Vulnérabilité dans Ruby on Rails | 2022-07-15T00:00:00.000000 | 2022-07-15T00:00:00.000000 |
| certfr-2022-avi-638 | Multiples vulnérabilités dans les produits VMware | 2022-07-15T00:00:00.000000 | 2022-07-15T00:00:00.000000 |
| certfr-2022-avi-637 | Multiples vulnérabilités dans les produits AMD | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-636 | Multiples vulnérabilités dans les produits Intel | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-635 | Multiples vulnérabilités dans les produits Microsoft | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-634 | Multiples vulnérabilités dans Microsoft Azure | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-633 | Multiples vulnérabilités dans Microsoft Windows | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-632 | Vulnérabilité dans Microsoft Office | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-631 | Vulnérabilité dans IBM App Connect Enterprise Certified Container | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-630 | Vulnérabilité dans Veeam Management Pack | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-629 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-07-13T00:00:00.000000 | 2022-07-13T00:00:00.000000 |
| certfr-2022-avi-628 | Multiples vulnérabilités dans les produits Schneider Electric | 2022-07-12T00:00:00.000000 | 2022-08-22T00:00:00.000000 |
| certfr-2022-avi-627 | Multiples vulnérabilités dans les produits Siemens | 2022-07-12T00:00:00.000000 | 2022-07-12T00:00:00.000000 |
| certfr-2022-avi-626 | Multiples vulnérabilités dans IBM i Modernization | 2022-07-12T00:00:00.000000 | 2022-07-12T00:00:00.000000 |
| certfr-2022-avi-625 | Multiples vulnérabilités dans les produits SAP | 2022-07-12T00:00:00.000000 | 2022-07-12T00:00:00.000000 |
| certfr-2022-avi-624 | Multiples vulnérabilités dans IBM MQ Operator et Queue manager | 2022-07-11T00:00:00.000000 | 2022-07-11T00:00:00.000000 |
| certfr-2022-avi-623 | Vulnérabilité dans F5 BIG-IP | 2022-07-11T00:00:00.000000 | 2022-07-11T00:00:00.000000 |
| certfr-2022-avi-622 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-07-08T00:00:00.000000 | 2022-07-08T00:00:00.000000 |
| certfr-2022-avi-621 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-07-08T00:00:00.000000 | 2022-07-08T00:00:00.000000 |
| certfr-2022-avi-620 | Multiples vulnérabilités dans PHP | 2022-07-08T00:00:00.000000 | 2022-07-08T00:00:00.000000 |
| certfr-2022-avi-619 | Multiples vulnérabilités dans IBM QRadar | 2022-07-08T00:00:00.000000 | 2022-07-08T00:00:00.000000 |
| certfr-2022-avi-618 | Multiples vulnérabilités dans les produits Cisco | 2022-07-07T00:00:00.000000 | 2022-07-07T00:00:00.000000 |
| certfr-2022-avi-617 | Multiples vulnérabilités dans Google Android | 2022-07-07T00:00:00.000000 | 2022-07-07T00:00:00.000000 |
| certfr-2022-avi-616 | Multiples vulnérabilités dans Microsoft Edge | 2022-07-07T00:00:00.000000 | 2022-07-07T00:00:00.000000 |
| certfr-2022-avi-615 | Multiples vulnérabilités dans Google ChromeOS | 2022-07-07T00:00:00.000000 | 2022-07-07T00:00:00.000000 |
| certfr-2022-avi-614 | Vulnérabilité dans Nextcloud Mail | 2022-07-07T00:00:00.000000 | 2022-07-07T00:00:00.000000 |
| certfr-2022-avi-613 | Multiples vulnérabilités dans les produits Fortinet | 2022-07-06T00:00:00.000000 | 2022-07-06T00:00:00.000000 |
| certfr-2022-avi-612 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-07-06T00:00:00.000000 | 2022-07-06T00:00:00.000000 |
| certfr-2022-avi-611 | Multiples vulnérabilités dans IBM QRadar | 2022-07-06T00:00:00.000000 | 2022-07-06T00:00:00.000000 |
| certfr-2022-avi-610 | Multiples vulnérabilités dans Xen | 2022-07-06T00:00:00.000000 | 2022-07-06T00:00:00.000000 |