Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35022 | 9.3 (v4.0) 9.8 (v3.1) | Anthropic Claude Code & Agent SDK OS Command Injection… |
Anthropic |
Claude Code |
2026-04-06T18:59:29.656Z | 2026-04-13T20:07:04.982Z |
| cve-2026-35021 | 8.4 (v4.0) 7.8 (v3.1) | Anthropic Claude Code & Agent SDK OS Command Injection… |
Anthropic |
Claude Code |
2026-04-06T18:59:06.979Z | 2026-04-13T20:07:21.591Z |
| cve-2026-35170 | openFPGALoader has a heap buffer overflow in BitParser… |
trabucayre |
openFPGALoader |
2026-04-06T18:59:04.770Z | 2026-04-07T15:10:56.071Z | |
| cve-2026-35020 | 8.6 (v4.0) 8.4 (v3.1) | Anthropic Claude Code & Agent SDK OS Command Injection… |
Anthropic |
Claude Code |
2026-04-06T18:58:40.513Z | 2026-04-13T20:08:43.356Z |
| cve-2026-5678 | Totolink A7100RU cstecgi.cgi setScheduleCfg os command… |
Totolink |
A7100RU |
2026-04-06T18:45:11.415Z | 2026-04-07T14:05:26.633Z | |
| cve-2026-5677 | Totolink A7100RU cstecgi.cgi CsteSystem os command injection |
Totolink |
A7100RU |
2026-04-06T18:30:13.417Z | 2026-04-07T14:40:44.338Z | |
| cve-2026-0049 | N/A | In onHeaderDecoded of LocalImageResolver.java, th… |
Google |
Android |
2026-04-06T18:20:38.337Z | 2026-04-13T16:57:00.317Z |
| cve-2025-48651 | N/A | In importWrappedKey of KMKeymasterApplet.java, th… |
Google |
Android |
2026-04-06T18:20:31.044Z | 2026-04-13T20:16:29.740Z |
| cve-2026-5676 | Totolink A8000R cstecgi.cgi setLanguageCfg missing aut… |
Totolink |
A8000R |
2026-04-06T18:15:12.227Z | 2026-04-07T13:39:06.999Z | |
| cve-2026-33817 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'CVE confirmed to be a false positive'}], 'providerMetadata': {'orgId': '1bb62c36-49e3-4200-9d77-64a1400537cc', 'shortName': 'Go', 'dateUpdated': '2026-04-08T17:08:34.464Z'}} | N/A | N/A | 2026-04-06T18:13:23.996Z | 2026-04-08T17:08:34.464Z |
| cve-2026-5675 | itsourcecode Construction Management System Parameter … |
itsourcecode |
Construction Management System |
2026-04-06T18:00:16.247Z | 2026-04-06T18:47:16.439Z | |
| cve-2026-35177 | Path traversal issue with zip.vim in Vim |
vim |
vim |
2026-04-06T17:54:42.779Z | 2026-04-07T14:05:50.387Z | |
| cve-2026-35175 | Ajenti has an authorization bypass during custom packa… |
ajenti |
ajenti |
2026-04-06T17:51:54.898Z | 2026-04-07T15:59:22.076Z | |
| cve-2026-35174 | Chyrp Lite has a Path Traversal to Remote Code Execution |
xenocrat |
chyrp-lite |
2026-04-06T17:50:04.544Z | 2026-04-07T14:38:40.034Z | |
| cve-2026-35173 | Chyrp Lite has an IDOR via Mass Assignment in Post Model |
xenocrat |
chyrp-lite |
2026-04-06T17:48:52.681Z | 2026-04-06T18:47:56.696Z | |
| cve-2026-35171 | Arbitrary Code Execution via Malicious Logging Configu… |
kedro-org |
kedro |
2026-04-06T17:45:45.664Z | 2026-04-07T15:10:37.613Z | |
| cve-2026-5672 | code-projects Simple IT Discussion Forum Parameter edi… |
code-projects |
Simple IT Discussion Forum |
2026-04-06T17:45:10.127Z | 2026-04-07T15:59:27.677Z | |
| cve-2026-35167 | Kedro has a path traversal in versioned dataset loadin… |
kedro-org |
kedro |
2026-04-06T17:43:21.922Z | 2026-04-07T14:36:34.218Z | |
| cve-2026-35470 | OpenSTAManager has a SQL Injection via righe Parameter… |
devcode-it |
openstamanager |
2026-04-06T17:40:32.973Z | 2026-04-07T14:06:27.500Z | |
| cve-2026-35166 | Hugo does not properly escape some Markdown links |
gohugoio |
hugo |
2026-04-06T17:37:05.643Z | 2026-04-06T18:02:37.432Z | |
| cve-2026-35164 | Brave CMS Sffected by Unrestricted File Upload via CKE… |
Ajax30 |
BraveCMS-2.0 |
2026-04-06T17:33:33.715Z | 2026-04-07T14:07:00.606Z | |
| cve-2026-35052 | D-Tale affected by Remote Code Execution through redis… |
man-group |
dtale |
2026-04-06T17:32:28.227Z | 2026-04-07T15:59:35.529Z | |
| cve-2026-35050 | text-generation-webui affected by Remote Code Executio… |
oobabooga |
text-generation-webui |
2026-04-06T17:30:20.513Z | 2026-04-07T14:30:04.932Z | |
| cve-2026-35209 | defu: Prototype pollution via `__proto__` key in defau… |
unjs |
defu |
2026-04-06T17:26:52.975Z | 2026-04-06T18:49:29.040Z | |
| cve-2026-35047 | Brave CMS has Unrestricted File Upload in BraveCMS via… |
Ajax30 |
BraveCMS-2.0 |
2026-04-06T17:25:39.602Z | 2026-04-07T14:07:45.223Z | |
| cve-2026-35046 | Tandoor has a Stored CSS Injection via <style> Tag in … |
TandoorRecipes |
recipes |
2026-04-06T17:20:00.579Z | 2026-04-07T15:59:42.719Z | |
| cve-2026-35045 | Tandoor Recipes Affected by Private Recipe Exposure an… |
TandoorRecipes |
recipes |
2026-04-06T17:17:57.647Z | 2026-04-07T14:29:07.687Z | |
| cve-2026-5671 | Cyber-III Student-Management-System Class Schedule Del… |
Cyber-III |
Student-Management-System |
2026-04-06T17:15:11.400Z | 2026-04-07T14:08:29.827Z | |
| cve-2026-35044 | BentoML has a Server-Side Template Injection via unsan… |
bentoml |
BentoML |
2026-04-06T17:13:43.133Z | 2026-04-06T18:49:59.815Z | |
| cve-2026-35043 | BentoML: command injection in cloud deployment setup s… |
bentoml |
BentoML |
2026-04-06T17:10:24.466Z | 2026-04-07T14:09:07.570Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-844 | Multiples vulnérabilités dans Nagios XI | 2021-11-03T00:00:00.000000 | 2021-11-03T00:00:00.000000 |
| certfr-2021-avi-843 | Multiples vulnérabilités dans Mozilla Firefox | 2021-11-03T00:00:00.000000 | 2021-11-03T00:00:00.000000 |
| certfr-2021-avi-842 | Vulnérabilité dans les produits NetApp | 2021-11-03T00:00:00.000000 | 2021-11-03T00:00:00.000000 |
| certfr-2021-avi-841 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-11-03T00:00:00.000000 | 2021-11-03T00:00:00.000000 |
| certfr-2021-avi-840 | Multiples vulnérabilités dans Microsoft Edge | 2021-11-02T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-839 | Multiples vulnérabilités dans les produits Kaspersky | 2021-11-02T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-838 | Vulnérabilité dans les produits Synology | 2021-11-02T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-837 | Multiples vulnérabilités dans Google Android | 2021-11-02T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-836 | Vulnérabilité dans Tenable Nessus Agent | 2021-11-02T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-835 | Multiples vulnérabilités dans Google Chrome OS | 2021-11-02T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-834 | Multiples vulnérabilités dans les produits NetApp | 2021-10-29T00:00:00.000000 | 2021-10-29T00:00:00.000000 |
| certfr-2021-avi-833 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-10-29T00:00:00.000000 | 2021-10-29T00:00:00.000000 |
| certfr-2021-avi-832 | Vulnérabilité dans PHP | 2021-10-29T00:00:00.000000 | 2021-10-29T00:00:00.000000 |
| certfr-2021-avi-831 | Multiples vulnérabilités dans Google Chrome | 2021-10-29T00:00:00.000000 | 2021-10-29T00:00:00.000000 |
| certfr-2021-avi-830 | Multiples vulnérabilités dans GitLab | 2021-10-29T00:00:00.000000 | 2021-11-02T00:00:00.000000 |
| certfr-2021-avi-829 | Multiples vulnérabilités dans les produits Cisco | 2021-10-28T00:00:00.000000 | 2021-10-28T00:00:00.000000 |
| certfr-2021-avi-828 | Vulnérabilité dans ISC BIND | 2021-10-28T00:00:00.000000 | 2021-10-28T00:00:00.000000 |
| certfr-2021-avi-827 | Multiples vulnérabilités dans Apple Safari | 2021-10-28T00:00:00.000000 | 2021-10-28T00:00:00.000000 |
| certfr-2021-avi-826 | Multiples vulnérabilités dans Alfresco | 2021-10-28T00:00:00.000000 | 2021-10-28T00:00:00.000000 |
| certfr-2021-avi-825 | Multiples vulnérabilités dans les produits Apple | 2021-10-27T00:00:00.000000 | 2021-10-27T00:00:00.000000 |
| certfr-2021-avi-824 | Multiples vulnérabilités dans VMware Spring | 2021-10-27T00:00:00.000000 | 2021-10-27T00:00:00.000000 |
| certfr-2021-avi-823 | Vulnérabilité dans les produits Belden | 2021-10-26T00:00:00.000000 | 2021-10-26T00:00:00.000000 |
| certfr-2021-avi-822 | Vulnérabilité dans les produits ESET | 2021-10-26T00:00:00.000000 | 2021-10-26T00:00:00.000000 |
| certfr-2021-avi-821 | Multiples vulnérabilités dans les produits Nextcloud | 2021-10-26T00:00:00.000000 | 2021-10-26T00:00:00.000000 |
| certfr-2021-avi-820 | Multiples vulnérabilités dans Juniper Junos OS et Junos OS Evolved | 2021-10-26T00:00:00.000000 | 2021-10-26T00:00:00.000000 |
| certfr-2021-avi-819 | Multiples vulnérabilités dans les produits Nextcloud | 2021-10-25T00:00:00.000000 | 2021-10-25T00:00:00.000000 |
| certfr-2021-avi-818 | Vulnérabilité dans Pulse Connect Secure | 2021-10-22T00:00:00.000000 | 2021-10-22T00:00:00.000000 |
| certfr-2021-avi-817 | Multiples vulnérabilités dans Microsoft Edge | 2021-10-22T00:00:00.000000 | 2021-10-22T00:00:00.000000 |
| certfr-2021-avi-816 | Vulnérabilité dans les produits QNAP | 2021-10-22T00:00:00.000000 | 2021-10-22T00:00:00.000000 |
| certfr-2021-avi-815 | Vulnérabilité dans PHP | 2021-10-22T00:00:00.000000 | 2021-10-25T00:00:00.000000 |