Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-5747 | 7.5 (v3.1) 8.7 (v4.0) | Out-of-bounds Write in Firecracker virtio-pci Transport |
AWS |
Firecracker |
2026-04-07T23:17:23.944Z | 2026-04-20T17:24:32.674Z |
| cve-2025-20628 | 6.9 (v4.0) | Insufficient granularity of access control for Remote … |
Ping Identity |
PingIDM |
2026-04-07T22:33:05.356Z | 2026-04-08T15:16:29.865Z |
| cve-2026-39936 | 6.9 (v4.0) | Stored XSS in Score due to usage of non-reserved data … |
The Wikimedia Foundation |
Mediawiki - Score Extension |
2026-04-07T22:11:03.681Z | 2026-04-08T22:08:23.300Z |
| cve-2026-39935 | 6.9 (v4.0) | XSS-via-i18n in localised wiki names |
The Wikimedia Foundation |
Mediawiki - CampaignEvents Extension |
2026-04-07T22:04:02.098Z | 2026-04-08T22:06:48.795Z |
| cve-2026-31790 | Incorrect Failure Handling in RSA KEM RSASVE Encapsulation |
OpenSSL |
OpenSSL |
2026-04-07T22:00:56.698Z | 2026-04-08T14:32:37.439Z | |
| cve-2026-31789 | Heap Buffer Overflow in Hexadecimal Conversion |
OpenSSL |
OpenSSL |
2026-04-07T22:00:54.983Z | 2026-04-13T13:04:17.163Z | |
| cve-2026-28390 | Possible NULL Dereference When Processing CMS KeyTrans… |
OpenSSL |
OpenSSL |
2026-04-07T22:00:54.172Z | 2026-04-15T07:28:22.729Z | |
| cve-2026-28389 | Possible NULL Dereference When Processing CMS KeyAgree… |
OpenSSL |
OpenSSL |
2026-04-07T22:00:53.364Z | 2026-04-15T07:28:13.700Z | |
| cve-2026-28388 | NULL Pointer Dereference When Processing a Delta CRL |
OpenSSL |
OpenSSL |
2026-04-07T22:00:52.382Z | 2026-04-10T20:18:43.095Z | |
| cve-2026-28387 | Potential Use-after-free in DANE Client Code |
OpenSSL |
OpenSSL |
2026-04-07T22:00:51.496Z | 2026-04-13T13:04:17.027Z | |
| cve-2026-28386 | Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-5… |
OpenSSL |
OpenSSL |
2026-04-07T22:00:50.164Z | 2026-04-10T20:16:08.389Z | |
| cve-2026-39934 | 6.9 (v4.0) | Growth Experiments ReassignMenteesJob runs as an infin… |
The Wikimedia Foundation |
Mediawiki - GrowthExperiments Extension |
2026-04-07T22:00:46.100Z | 2026-04-08T22:04:41.006Z |
| cve-2026-39933 | 6.9 (v4.0) | Multiple XSS vulnerabilities in GlobalWatchlist |
The Wikimedia Foundation |
Mediawiki - GlobalWatchlist Extension |
2026-04-07T21:51:55.476Z | 2026-04-08T22:00:59.635Z |
| cve-2026-39937 | 8.8 (v4.0) | Global vanishing does not completely remove user email |
The Wikimedia Foundation |
Mediawiki - CentralAuth Extension |
2026-04-07T21:44:46.515Z | 2026-04-08T21:58:19.900Z |
| cve-2026-39847 | Emmett has a path traversal in internal assets handler |
emmett-framework |
emmett |
2026-04-07T21:37:54.760Z | 2026-04-08T15:35:40.853Z | |
| cve-2026-39846 | SiYuan affected by Remote Code Execution in the Electr… |
siyuan-note |
siyuan |
2026-04-07T21:34:28.517Z | 2026-04-08T15:23:37.827Z | |
| cve-2026-35406 | Aardvark-dns has incorrect error handling for malforme… |
containers |
aardvark-dns |
2026-04-07T21:32:23.512Z | 2026-04-08T16:14:33.190Z | |
| cve-2026-34079 | Flatpak affected by arbitrary file deletion on the hos… |
flatpak |
flatpak |
2026-04-07T21:29:44.601Z | 2026-04-10T20:13:47.945Z | |
| cve-2026-34078 | Flatpak has a complete sandbox escape leading to host … |
flatpak |
flatpak |
2026-04-07T21:27:45.643Z | 2026-04-11T00:21:12.650Z | |
| cve-2026-4065 | Smart Slider 3 <= 3.5.1.33 - Missing Authorization to … |
nextendweb |
Smart Slider 3 |
2026-04-07T21:26:20.357Z | 2026-04-08T16:53:07.718Z | |
| cve-2026-34781 | Electron crashes in clipboard.readImage() on malformed… |
electron |
electron |
2026-04-07T21:20:12.517Z | 2026-04-08T16:14:38.564Z | |
| cve-2026-34765 | Electron named window.open targets not scoped to the o… |
electron |
electron |
2026-04-07T21:18:35.375Z | 2026-04-13T15:37:12.686Z | |
| cve-2026-34582 | Botan has a TLS 1.3 certificate authentication bypass |
randombit |
botan |
2026-04-07T21:13:49.281Z | 2026-04-08T15:41:21.671Z | |
| cve-2026-34580 | Botan has a certificate authentication bypass due to t… |
randombit |
botan |
2026-04-07T21:12:09.604Z | 2026-04-09T03:56:10.769Z | |
| cve-2026-34371 | LibreChat Affected by Arbitrary File Write via `execut… |
danny-avila |
LibreChat |
2026-04-07T21:08:13.175Z | 2026-04-08T16:14:43.926Z | |
| cve-2026-35568 | MCP Java-SDK has a DNS Rebinding Vulnerability |
modelcontextprotocol |
java-sdk |
2026-04-07T21:06:10.438Z | 2026-04-08T15:43:22.962Z | |
| cve-2026-35533 | mise has a local settings bypass config trust checks |
jdx |
mise |
2026-04-07T21:01:16.670Z | 2026-04-08T14:31:40.953Z | |
| cve-2026-34080 | xdg-dbus-proxy has an eavesdrop filter bypass allowing… |
flatpak |
xdg-dbus-proxy |
2026-04-07T20:57:57.931Z | 2026-04-21T12:21:20.635Z | |
| cve-2026-34045 | Podman Desktop WebView Server Exposed |
podman-desktop |
podman-desktop |
2026-04-07T20:52:32.438Z | 2026-04-08T15:44:10.506Z | |
| cve-2026-33439 | Pre-Authentication Remote Code Execution via `jato.cli… |
OpenIdentityPlatform |
OpenAM |
2026-04-07T20:46:33.739Z | 2026-04-08T16:14:49.293Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-avi-219 | Multiples vulnérabilités dans Mozilla Firefox | 2022-03-09T00:00:00.000000 | 2022-03-09T00:00:00.000000 |
| certfr-2022-avi-218 | Multiples vulnérabilités dans les produits Nextcloud | 2022-03-09T00:00:00.000000 | 2022-03-09T00:00:00.000000 |
| certfr-2022-avi-217 | Multiples vulnérabilités dans les produits Citrix | 2022-03-09T00:00:00.000000 | 2022-03-09T00:00:00.000000 |
| certfr-2022-avi-216 | Multiples vulnérabilités dans les produits Siemens | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-215 | Multiples vulnérabilités dans les produits Schneider | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-214 | Vulnérabilité dans SolarWinds Web Help Desk | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-213 | Multiples vulnérabilités dans Google Android | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-212 | Multiples vulnérabilités dans le noyau Linux de Debian | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-211 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-207 | Vulnérabilité dans Synology DiskStation Manager | 2022-03-08T00:00:00.000000 | 2022-03-08T00:00:00.000000 |
| certfr-2022-avi-210 | Multiples vulnérabilités dans les produits Mozilla | 2022-03-07T00:00:00.000000 | 2022-03-07T00:00:00.000000 |
| certfr-2022-avi-209 | Multiples vulnérabilités dans Google Chrome OS | 2022-03-07T00:00:00.000000 | 2022-03-07T00:00:00.000000 |
| certfr-2022-avi-208 | Multiples vulnérabilités dans Asterisk | 2022-03-07T00:00:00.000000 | 2022-03-07T00:00:00.000000 |
| certfr-2022-avi-206 | Multiples vulnérabilités dans Microsoft Edge | 2022-03-04T00:00:00.000000 | 2022-03-04T00:00:00.000000 |
| certfr-2022-avi-205 | Multiples vulnérabilités dans les produits IBM | 2022-03-04T00:00:00.000000 | 2022-03-04T00:00:00.000000 |
| certfr-2022-avi-204 | Multiples vulnérabilités dans F-Secure SAFE Browser | 2022-03-04T00:00:00.000000 | 2022-03-04T00:00:00.000000 |
| certfr-2022-avi-203 | Vulnérabilité dans Sophos SSL VPN client | 2022-03-04T00:00:00.000000 | 2022-03-04T00:00:00.000000 |
| certfr-2022-avi-202 | Multiples vulnérabilités dans SolarWinds Serv-U | 2022-03-03T00:00:00.000000 | 2022-03-03T00:00:00.000000 |
| certfr-2022-avi-201 | Multiples vulnérabilités dans IBM WebSphere | 2022-03-03T00:00:00.000000 | 2022-03-03T00:00:00.000000 |
| certfr-2022-avi-200 | Multiples vulnérabilités dans les produits Cisco | 2022-03-03T00:00:00.000000 | 2022-03-03T00:00:00.000000 |
| certfr-2022-avi-199 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-03-03T00:00:00.000000 | 2022-03-03T00:00:00.000000 |
| certfr-2022-avi-198 | Multiples vulnérabilités dans Google Chrome | 2022-03-02T00:00:00.000000 | 2022-03-02T00:00:00.000000 |
| certfr-2022-avi-197 | Multiples vulnérabilités dans les produits Fortinet | 2022-03-02T00:00:00.000000 | 2022-03-02T00:00:00.000000 |
| certfr-2022-avi-196 | Vulnérabilité dans VMware Tools | 2022-03-02T00:00:00.000000 | 2022-03-02T00:00:00.000000 |
| certfr-2022-avi-195 | Multiples vulnérabilités dans VMware Spring | 2022-03-02T00:00:00.000000 | 2022-03-07T00:00:00.000000 |
| certfr-2022-avi-194 | Vulnérabilité dans F-Secure | 2022-03-01T00:00:00.000000 | 2022-03-01T00:00:00.000000 |
| certfr-2022-avi-193 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-03-01T00:00:00.000000 | 2022-03-01T00:00:00.000000 |
| certfr-2022-avi-192 | Multiples vulnérabilités dans IBM QRadar SIEM | 2022-03-01T00:00:00.000000 | 2022-03-01T00:00:00.000000 |
| certfr-2022-avi-191 | Multiples vulnérabilités dans ElasticSearch et Kibana | 2022-03-01T00:00:00.000000 | 2022-03-01T00:00:00.000000 |
| certfr-2022-avi-190 | Vulnérabilité dans NetApp SnapCenter | 2022-02-28T00:00:00.000000 | 2022-02-28T00:00:00.000000 |