Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35533 | mise has a local settings bypass config trust checks |
jdx |
mise |
2026-04-07T21:01:16.670Z | 2026-04-08T14:31:40.953Z | |
| cve-2026-34080 | xdg-dbus-proxy has an eavesdrop filter bypass allowing… |
flatpak |
xdg-dbus-proxy |
2026-04-07T20:57:57.931Z | 2026-04-21T12:21:20.635Z | |
| cve-2026-34045 | Podman Desktop WebView Server Exposed |
podman-desktop |
podman-desktop |
2026-04-07T20:52:32.438Z | 2026-04-08T15:44:10.506Z | |
| cve-2026-33439 | Pre-Authentication Remote Code Execution via `jato.cli… |
OpenIdentityPlatform |
OpenAM |
2026-04-07T20:46:33.739Z | 2026-04-08T16:14:49.293Z | |
| cve-2026-32712 | Open Source Point of Sale has Stored XSS in Customer N… |
opensourcepos |
opensourcepos |
2026-04-07T20:37:30.661Z | 2026-04-08T14:32:34.191Z | |
| cve-2026-29181 | OpenTelemetry-Go multi-value `baggage` header extracti… |
open-telemetry |
opentelemetry-go |
2026-04-07T20:29:13.933Z | 2026-04-08T15:37:02.444Z | |
| cve-2026-27949 | Plane Exposes User Email (PII and part of credential) … |
makeplane |
plane |
2026-04-07T20:26:25.810Z | 2026-04-08T15:48:53.893Z | |
| cve-2026-39401 | Privilege Escalation via update_event Job Output in Cronicle |
jhuckaby |
Cronicle |
2026-04-07T20:24:06.418Z | 2026-04-08T16:14:54.345Z | |
| cve-2026-39400 | Stored XSS via Job HTML/Table Output in Cronicle |
jhuckaby |
Cronicle |
2026-04-07T20:22:54.581Z | 2026-04-15T14:24:26.306Z | |
| cve-2026-39397 | @delmaredigital/payload-puc is missing authorization o… |
delmaredigital |
payload-puck |
2026-04-07T20:09:19.962Z | 2026-04-07T20:33:24.005Z | |
| cve-2026-39395 | Cosign's verify-blob-attestation reports false positiv… |
sigstore |
cosign |
2026-04-07T20:06:28.798Z | 2026-04-08T15:49:16.587Z | |
| cve-2026-5741 | suvarchal docker-mcp-server HTTP index.ts pull_image o… |
suvarchal |
docker-mcp-server |
2026-04-07T20:00:21.096Z | 2026-04-07T20:34:17.286Z | |
| cve-2026-39356 | SQL Injection via escapeName() in all Drizzle ORM SQL … |
drizzle-team |
drizzle-orm |
2026-04-07T19:58:46.348Z | 2026-04-08T14:33:54.466Z | |
| cve-2025-14859 | 7 (v4.0) | Semtech LR11xx Secure Boot Bypass |
Semtech |
LR1110 |
2026-04-07T19:58:41.379Z | 2026-04-07T20:42:41.142Z |
| cve-2025-14858 | 5.1 (v4.0) | Semtech LR11xx Encrypted Firmware Disclosure |
Semtech |
LR1110 |
2026-04-07T19:57:43.422Z | 2026-04-07T20:42:41.321Z |
| cve-2025-14857 | 5.4 (v4.0) | Semtech LR11xx Memory Write Access Control Bypass |
Semtech |
LR1110 |
2026-04-07T19:56:59.042Z | 2026-04-07T20:42:41.466Z |
| cve-2026-32864 | 7.8 (v3.1) 8.5 (v4.0) | Out-of-Bounds Read in mgcore_SH_25_3!aligned_free() |
NI |
LabVIEW |
2026-04-07T19:56:42.923Z | 2026-04-08T03:55:56.834Z |
| cve-2026-39382 | dbt has a Command Injection in Reusable Workflow via U… |
dbt-labs |
dbt-core |
2026-04-07T19:56:15.251Z | 2026-04-08T16:14:59.745Z | |
| cve-2026-32863 | 7.8 (v3.1) 8.5 (v4.0) | Out-of-Bounds Read in sentry_transaction_context_set_o… |
NI |
LabVIEW |
2026-04-07T19:53:51.666Z | 2026-04-08T03:55:55.727Z |
| cve-2026-39381 | Parse Server's Endpoint `/sessions/me` bypasses `_Sess… |
parse-community |
parse-server |
2026-04-07T19:51:03.479Z | 2026-04-07T20:23:31.190Z | |
| cve-2026-32862 | 7.8 (v3.1) 8.5 (v4.0) | Out-of-Bounds Write in ResFileFactory::InitResourceMgr() |
NI |
LabVIEW |
2026-04-07T19:50:36.912Z | 2026-04-08T03:55:54.567Z |
| cve-2026-39380 | Open Source Point of Sale has Stored XSS in Stock Loca… |
opensourcepos |
opensourcepos |
2026-04-07T19:49:13.692Z | 2026-04-08T15:49:45.758Z | |
| cve-2026-39837 | 6.3 (v4.0) | Stored XSS through the dynamic table format in Cargo |
Wikimedia Foundation |
Mediawiki - Cargo Extension |
2026-04-07T19:47:18.207Z | 2026-04-07T20:42:42.016Z |
| cve-2026-32861 | 7.8 (v3.1) 8.5 (v4.0) | Out-of-Bounds Write Vulnerability in NI LabVIEW when l… |
NI |
LabVIEW |
2026-04-07T19:46:45.763Z | 2026-04-08T03:55:58.996Z |
| cve-2026-39376 | FastFeedParser has an infinite redirect loop DoS via m… |
kagisearch |
fastfeedparser |
2026-04-07T19:46:08.816Z | 2026-04-08T19:22:49.417Z | |
| cve-2026-39841 | 6.3 (v4.0) | Stored XSS through list fields on Cargo's page values … |
Wikimedia Foundation |
Mediawiki - Cargo Extension |
2026-04-07T19:43:48.096Z | 2026-04-07T20:42:42.588Z |
| cve-2026-32860 | 7.8 (v3.1) 8.5 (v4.0) | Out-of-Bounds Write Vulnerability in NI LabVIEW when l… |
NI |
LabVIEW |
2026-04-07T19:42:36.167Z | 2026-04-08T03:55:57.909Z |
| cve-2026-39374 | Plane IDOR: Cross-Project Issue Date Modification via … |
makeplane |
plane |
2026-04-07T19:37:31.834Z | 2026-04-08T14:35:28.762Z | |
| cve-2026-39840 | 5.1 (v4.0) | CSS injection in multiple Cargo display formats |
Wikimedia Foundation |
Mediawiki - Cargo Extension |
2026-04-07T19:35:36.153Z | 2026-04-07T20:42:42.943Z |
| cve-2026-39373 | JWCrypto: JWE ZIP decompression bomb |
latchset |
jwcrypto |
2026-04-07T19:35:36.071Z | 2026-04-07T20:22:57.790Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-avi-189 | Multiples vulnérabilités dans les produits GitLab | 2022-02-28T00:00:00.000000 | 2022-02-28T00:00:00.000000 |
| certfr-2022-avi-188 | Vulnérabilité dans Juniper Junos OS | 2022-02-25T00:00:00.000000 | 2022-02-25T00:00:00.000000 |
| certfr-2022-avi-187 | Multiples vulnérabilités dans le serveur HTTP d'IBM WebSphere | 2022-02-25T00:00:00.000000 | 2022-02-25T00:00:00.000000 |
| certfr-2022-avi-186 | Multiples vulnérabilités dans Qnap Proxy Server | 2022-02-25T00:00:00.000000 | 2022-02-25T00:00:00.000000 |
| certfr-2022-avi-185 | Vulnérabilité dans les produits ESET | 2022-02-25T00:00:00.000000 | 2022-02-25T00:00:00.000000 |
| certfr-2022-avi-184 | Vulnérabilité dans Juniper Junos OS | 2022-02-24T00:00:00.000000 | 2022-02-24T00:00:00.000000 |
| certfr-2022-avi-183 | Multiples vulnérabilités dans Cisco NX-OS et Nexus | 2022-02-24T00:00:00.000000 | 2022-02-24T00:00:00.000000 |
| certfr-2022-avi-182 | Vulnérabilité dans VMware Workspace ONE Boxer | 2022-02-24T00:00:00.000000 | 2022-02-24T00:00:00.000000 |
| certfr-2022-avi-181 | Vulnérabilité dans F5 BIG-IP | 2022-02-24T00:00:00.000000 | 2022-02-24T00:00:00.000000 |
| certfr-2022-avi-180 | Multiples vulnérabilités dans Siemens | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-179 | Vulnérabilité dans Synology DiskStation Manager | 2022-02-23T00:00:00.000000 | 2022-04-06T00:00:00.000000 |
| certfr-2022-avi-178 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-177 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-176 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-175 | Multiples vulnérabilités dans Trend Micro ServerProtect et Worry-Free Business Security | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-174 | Vulnérabilité dans les produits Pulse Secure | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-173 | Vulnérabilité dans Mitel MiCollab et MiVoice Business Express | 2022-02-23T00:00:00.000000 | 2022-03-14T00:00:00.000000 |
| certfr-2022-avi-172 | Vulnérabilité dans IBM Websphere | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-171 | Multiples vulnérabilités dans les commutateurs Aruba AOS-CX | 2022-02-23T00:00:00.000000 | 2022-02-23T00:00:00.000000 |
| certfr-2022-avi-170 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-02-22T00:00:00.000000 | 2022-02-22T00:00:00.000000 |
| certfr-2022-avi-169 | Multiples vulnérabilités dans les produits STMicroelectronics | 2022-02-22T00:00:00.000000 | 2022-03-16T00:00:00.000000 |
| certfr-2022-avi-168 | Multiples vulnérabilités dans les produits IBM | 2022-02-22T00:00:00.000000 | 2022-02-22T00:00:00.000000 |
| certfr-2022-avi-167 | Multiples vulnérabilités dans Adobe Commerce | 2022-02-21T00:00:00.000000 | 2022-02-21T00:00:00.000000 |
| certfr-2022-avi-166 | Vulnérabilité dans Juniper Junos OS | 2022-02-21T00:00:00.000000 | 2022-02-21T00:00:00.000000 |
| certfr-2022-avi-165 | Vulnérabilité dans Broadcom Brocade Fabric | 2022-02-18T00:00:00.000000 | 2022-02-18T00:00:00.000000 |
| certfr-2022-avi-164 | Multiples vulnérabilités dans Siemens Simcenter Femap | 2022-02-18T00:00:00.000000 | 2022-02-18T00:00:00.000000 |
| certfr-2022-avi-163 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-02-18T00:00:00.000000 | 2022-02-18T00:00:00.000000 |
| certfr-2022-avi-162 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-02-18T00:00:00.000000 | 2022-02-18T00:00:00.000000 |
| certfr-2022-avi-161 | Multiples vulnérabilités dans PHP | 2022-02-18T00:00:00.000000 | 2022-02-28T00:00:00.000000 |
| certfr-2022-avi-160 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-02-17T00:00:00.000000 | 2022-02-17T00:00:00.000000 |