Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-22666 | 8.6 (v4.0) 7.2 (v3.1) | Dolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_ev… |
Dolibarr |
Dolibarr ERP/CRM |
2026-04-07T12:41:31.280Z | 2026-04-07T13:43:14.034Z |
| cve-2026-28808 | 8.3 (v4.0) | ScriptAlias CGI targets bypass directory auth in inets… |
Erlang |
OTP |
2026-04-07T12:28:16.056Z | 2026-04-07T14:38:09.190Z |
| cve-2026-32144 | 7.6 (v4.0) | OCSP designated-responder authorization bypass via mis… |
Erlang |
OTP |
2026-04-07T12:28:00.767Z | 2026-04-07T14:38:03.763Z |
| cve-2026-23818 | 8.8 (v3.1) | Open Redirect Vulnerability in HPE Aruba Networking Pr… |
Hewlett Packard Enterprise (HPE) |
Private 5G Core |
2026-04-07T12:18:11.753Z | 2026-04-07T13:17:32.192Z |
| cve-2025-39666 | omd: Local privilege escalation when executing omd com… |
Checkmk GmbH |
Checkmk |
2026-04-07T12:09:07.609Z | 2026-04-07T13:18:19.609Z | |
| cve-2026-3466 | Cross-site scripting in dashlet title |
Checkmk GmbH |
Checkmk |
2026-04-07T12:08:50.132Z | 2026-04-22T12:26:27.839Z | |
| cve-2026-31842 | 8.7 (v4.0) 7.5 (v3.1) 7.8 (v2.0) | Tinyproxy HTTP request parsing desynchronization via c… |
Tinyproxy Project |
Tinyproxy |
2026-04-07T11:17:33.621Z | 2026-04-07T16:30:44.774Z |
| cve-2026-4420 | 5.1 (v4.0) | Stored XSS via Page Creating functionality in Bludit |
Bludit |
Bludit |
2026-04-07T10:46:19.052Z | 2026-04-07T16:28:47.502Z |
| cve-2026-34903 | 5.4 (v3.1) | WordPress Ocean Extra plugin <= 2.5.3 - Broken Access … |
OceanWP |
Ocean Extra |
2026-04-07T08:57:51.189Z | 2026-04-07T12:59:24.495Z |
| cve-2026-34899 | 5.3 (v3.1) | WordPress LTL Freight Quotes – Worldwide Express Editi… |
Eniture technology |
LTL Freight Quotes – Worldwide Express Edition |
2026-04-07T08:31:37.373Z | 2026-04-07T13:11:05.535Z |
| cve-2026-34904 | 7.5 (v3.1) | WordPress Simple Social Media Share Buttons plugin <= … |
Analytify |
Simple Social Media Share Buttons |
2026-04-07T08:22:26.209Z | 2026-04-07T13:35:08.146Z |
| cve-2026-34896 | 7.5 (v3.1) | WordPress Under Construction, Coming Soon & Maintenanc… |
Analytify |
Under Construction, Coming Soon & Maintenance Mode |
2026-04-07T08:20:42.775Z | 2026-04-07T13:37:48.429Z |
| cve-2026-33227 | Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache… |
Apache Software Foundation |
Apache ActiveMQ Client |
2026-04-07T07:50:58.897Z | 2026-04-08T15:44:39.427Z | |
| cve-2026-28810 | 6.3 (v4.0) | Predictable DNS Transaction IDs Enable Cache Poisoning… |
Erlang |
OTP |
2026-04-07T07:50:11.072Z | 2026-04-08T04:08:49.797Z |
| cve-2026-34197 | Apache ActiveMQ Broker, Apache ActiveMQ All, Apache Ac… |
Apache Software Foundation |
Apache ActiveMQ Broker |
2026-04-07T07:50:10.958Z | 2026-04-17T03:55:12.349Z | |
| cve-2026-3177 | Charitable – Donation Plugin for WordPress – Fundraisi… |
smub |
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More |
2026-04-07T07:40:13.519Z | 2026-04-08T17:18:40.687Z | |
| cve-2026-5465 | Amelia <= 2.1.3 - Insecure Direct Object Reference to … |
ameliabooking |
Booking for Appointments and Events Calendar – Amelia |
2026-04-07T06:43:41.045Z | 2026-04-08T17:12:58.210Z | |
| cve-2026-1114 | Improper Access Control via Weak JWT Token in parisneo… |
parisneo |
parisneo/lollms |
2026-04-07T06:19:05.270Z | 2026-04-07T13:20:46.279Z | |
| cve-2026-4079 | N/A | SQL Chart Builder < 2.3.8 - Unauthenticated SQL Injection |
Unknown |
SQL Chart Builder |
2026-04-07T06:00:11.585Z | 2026-04-07T16:26:56.057Z |
| cve-2026-1900 | N/A | Link Whisper Free < 0.9.1 - Unauthenticated Settings a… |
Unknown |
Link Whisper Free |
2026-04-07T06:00:11.155Z | 2026-04-07T16:26:15.981Z |
| cve-2025-15611 | N/A | Popup Box AYS Pro < 5.5.0 - Admin+ Stored Cross-Site S… |
Unknown |
Popup Box |
2026-04-07T06:00:09.736Z | 2026-04-07T16:25:37.703Z |
| cve-2025-65116 | 5.5 (v3.1) | Buffer Overflow Vulnerability in JP1/IT Desktop Manage… |
Hitachi |
JP1/IT Desktop Management 2 - Manager |
2026-04-07T05:43:25.553Z | 2026-04-07T13:25:56.036Z |
| cve-2026-1839 | Arbitrary Code Execution via Unsafe torch.load() in Tr… |
huggingface |
huggingface/transformers |
2026-04-07T05:22:00.959Z | 2026-04-07T13:27:41.789Z | |
| cve-2025-65115 | 8.8 (v3.1) | Remote Code Execution Vulnerability in JP1/IT Desktop … |
Hitachi |
JP1/IT Desktop Management 2 - Manager |
2026-04-07T05:19:50.413Z | 2026-04-07T13:26:20.981Z |
| cve-2026-0740 | Ninja Forms - File Upload <= 3.3.26 - Unauthenticated … |
SaturdayDrive |
Ninja Forms - File Uploads |
2026-04-07T04:25:58.604Z | 2026-04-08T16:34:50.670Z | |
| cve-2026-20446 | N/A | In sec boot, there is a possible out of bounds wr… |
MediaTek, Inc. |
MediaTek chipset |
2026-04-07T03:25:39.747Z | 2026-04-07T13:02:15.541Z |
| cve-2026-20433 | N/A | In Modem, there is a possible out of bounds write… |
MediaTek, Inc. |
MediaTek chipset |
2026-04-07T03:25:32.066Z | 2026-04-08T03:55:26.543Z |
| cve-2026-20432 | N/A | In Modem, there is a possible out of bounds write… |
MediaTek, Inc. |
MediaTek chipset |
2026-04-07T03:25:30.263Z | 2026-04-08T03:55:25.369Z |
| cve-2026-20431 | N/A | In Modem, there is a possible system crash due to… |
MediaTek, Inc. |
MediaTek chipset |
2026-04-07T03:25:28.491Z | 2026-04-07T12:59:17.543Z |
| cve-2026-5719 | itsourcecode Construction Management System borrowedto… |
itsourcecode |
Construction Management System |
2026-04-07T02:00:19.631Z | 2026-04-07T13:27:03.584Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-970 | Multiples vulnérabilités dans les produits VMware | 2021-12-20T00:00:00.000000 | 2021-12-20T00:00:00.000000 |
| certfr-2021-avi-969 | Multiples vulnérabilités dans le noyau Linux de Debian | 2021-12-20T00:00:00.000000 | 2021-12-20T00:00:00.000000 |
| certfr-2021-avi-968 | Vulnérabilité dans RedHat OpenShift Container Platform | 2021-12-17T00:00:00.000000 | 2021-12-17T00:00:00.000000 |
| certfr-2021-avi-967 | Vulnérabilité dans F5 BIG-IP | 2021-12-17T00:00:00.000000 | 2021-12-17T00:00:00.000000 |
| certfr-2021-avi-966 | Multiples vulnérabilités dans F-Secure SAFE Browser | 2021-12-17T00:00:00.000000 | 2021-12-17T00:00:00.000000 |
| certfr-2021-avi-965 | Vulnérabilité dans VMware Workspace ONE UEM console | 2021-12-17T00:00:00.000000 | 2021-12-17T00:00:00.000000 |
| certfr-2021-avi-964 | Vulnérabilité dans F5 NGINX Swagger UI | 2021-12-16T00:00:00.000000 | 2021-12-16T00:00:00.000000 |
| certfr-2021-avi-963 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-12-16T00:00:00.000000 | 2021-12-16T00:00:00.000000 |
| certfr-2021-avi-962 | Vulnérabilité dans MongoDB | 2021-12-16T00:00:00.000000 | 2021-12-16T00:00:00.000000 |
| certfr-2021-avi-961 | Multiples vulnérabilités dans les produits Microsoft | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-960 | Multiples vulnérabilités dans Microsoft .Net | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-959 | Multiples vulnérabilités dans Microsoft Windows | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-958 | Multiples vulnérabilités dans Microsoft Office | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-957 | Multiples vulnérabilités dans Microsoft Edge | 2021-12-15T00:00:00.000000 | 2021-12-20T00:00:00.000000 |
| certfr-2021-avi-956 | Multiples vulnérabilités dans Apple Safari | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-955 | Vulnérabilité dans OpenSSL | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-954 | Vulnérabilité dans Moxa NPort | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-953 | Multiples vulnérabilités dans les produits Schneider | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-952 | Multiples vulnérabilités dans les produits IBM | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-951 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-950 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-949 | Multiples vulnérabilités dans les produits Siemens | 2021-12-15T00:00:00.000000 | 2021-12-15T00:00:00.000000 |
| certfr-2021-avi-948 | Multiples vulnérabilités dans les produits SAP | 2021-12-14T00:00:00.000000 | 2021-12-14T00:00:00.000000 |
| certfr-2021-avi-946 | Multiples vulnérabilités dans Google Chrome | 2021-12-14T00:00:00.000000 | 2021-12-14T00:00:00.000000 |
| certfr-2021-avi-945 | Multiples vulnérabilités dans les produits Apple | 2021-12-14T00:00:00.000000 | 2021-12-14T00:00:00.000000 |
| certfr-2021-avi-944 | Multiples vulnérabilités dans Microsoft Edge | 2021-12-13T00:00:00.000000 | 2021-12-13T00:00:00.000000 |
| certfr-2021-avi-943 | Multiples vulnérabilités dans les produits IBM | 2021-12-13T00:00:00.000000 | 2021-12-13T00:00:00.000000 |
| certfr-2021-avi-942 | Multiples vulnérabilités dans les produits GitLab | 2021-12-13T00:00:00.000000 | 2021-12-13T00:00:00.000000 |
| certfr-2021-avi-941 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-12-13T00:00:00.000000 | 2021-12-13T00:00:00.000000 |
| certfr-2021-avi-940 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-12-10T00:00:00.000000 | 2021-12-10T00:00:00.000000 |