Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34950 | fast-jwt has an incomplete fix for CVE-2023-48223: JWT… |
nearform |
fast-jwt |
2026-04-06T15:54:03.765Z | 2026-04-06T18:43:16.088Z | |
| cve-2026-34940 | KubeAI has an OS Command Injection via Model URL in Ol… |
kubeai-project |
kubeai |
2026-04-06T15:49:06.918Z | 2026-04-16T13:45:47.027Z | |
| cve-2026-34764 | Electron has a use-after-free in offscreen shared text… |
electron |
electron |
2026-04-06T15:46:40.189Z | 2026-04-07T16:00:32.633Z | |
| cve-2026-34756 | vLLM Affected by Unauthenticated OOM Denial of Service… |
vllm-project |
vllm |
2026-04-06T15:40:03.448Z | 2026-04-07T14:17:12.597Z | |
| cve-2026-34755 | vLLM Affected by Denial of Service via Unbounded Frame… |
vllm-project |
vllm |
2026-04-06T15:38:53.201Z | 2026-04-06T18:36:31.152Z | |
| cve-2026-34753 | vLLM affected by Server-Side Request Forgery (SSRF) in… |
vllm-project |
vllm |
2026-04-06T15:36:52.942Z | 2026-04-07T14:15:32.390Z | |
| cve-2026-21382 | 7.8 (v3.1) | Buffer Copy Without Checking Size of Input in Power Ma… |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:56.950Z | 2026-04-07T03:55:57.569Z |
| cve-2026-21381 | 7.6 (v3.1) | Buffer Over-read in WLAN Firmware |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:55.889Z | 2026-04-06T16:22:14.443Z |
| cve-2026-21380 | 7.8 (v3.1) | Use After Free in DSP Service |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:54.786Z | 2026-04-07T03:55:56.434Z |
| cve-2026-21378 | 7.8 (v3.1) | Buffer Over-read in Camera |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:53.704Z | 2026-04-07T03:55:55.218Z |
| cve-2026-21376 | 7.8 (v3.1) | Buffer Over-read in Camera |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:52.662Z | 2026-04-07T03:55:54.062Z |
| cve-2026-21375 | 7.8 (v3.1) | Buffer Over-read in Camera |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:51.531Z | 2026-04-07T03:55:52.971Z |
| cve-2026-21374 | 7.8 (v3.1) | Buffer Over-read in Camera |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:50.515Z | 2026-04-07T03:55:51.831Z |
| cve-2026-21373 | 7.8 (v3.1) | Buffer Over-read in Camera |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:49.475Z | 2026-04-07T03:55:50.599Z |
| cve-2026-21372 | 7.8 (v3.1) | Heap-Based Buffer Overflow in Power Management IC |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:48.447Z | 2026-04-07T03:55:49.327Z |
| cve-2026-21371 | 7.8 (v3.1) | Buffer Over-read in WinBlast Driver |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:47.240Z | 2026-04-07T03:55:48.143Z |
| cve-2026-21367 | 7.6 (v3.1) | Buffer Over-read in WLAN Firmware |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:46.114Z | 2026-04-06T16:22:15.658Z |
| cve-2025-47400 | 7.1 (v3.1) | Buffer Over-read in Computer Vision |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:44.933Z | 2026-04-07T03:55:46.892Z |
| cve-2025-47392 | 8.8 (v3.1) | Integer Overflow or Wraparound in GPS |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:43.837Z | 2026-04-07T03:55:44.389Z |
| cve-2025-47391 | 7.8 (v3.1) | Stack-based Buffer Overflow in Camera Driver |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:42.784Z | 2026-04-07T03:56:06.071Z |
| cve-2025-47390 | 7.8 (v3.1) | Buffer Over-read in Camera |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:41.722Z | 2026-04-07T03:55:58.985Z |
| cve-2025-47389 | 7.8 (v3.1) | Buffer Copy Without Checking Size of Input in Automoti… |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:40.431Z | 2026-04-07T03:55:45.795Z |
| cve-2025-47374 | 6.5 (v3.1) | Use After Free in Camera Driver |
Qualcomm, Inc. |
Snapdragon |
2026-04-06T15:33:39.322Z | 2026-04-06T16:32:18.294Z |
| cve-2024-14032 | 8.5 (v4.0) 7.8 (v3.1) | Twitch Studio LauncherHelper XPC Missing Authorization… |
Twitch |
Twitch Studio |
2026-04-06T15:33:04.200Z | 2026-04-06T16:52:06.496Z |
| cve-2026-34589 | OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write |
AcademySoftwareFoundation |
openexr |
2026-04-06T15:33:03.276Z | 2026-04-07T13:05:41.117Z | |
| cve-2026-34588 | OpenEXR has a signed 32-bit Overflow in PIZ Decoder Le… |
AcademySoftwareFoundation |
openexr |
2026-04-06T15:31:57.602Z | 2026-04-07T13:05:55.762Z | |
| cve-2026-34444 | Lupa has a Sandbox escape and RCE due to incomplete at… |
scoder |
lupa |
2026-04-06T15:30:30.525Z | 2026-04-06T18:37:15.583Z | |
| cve-2026-5666 | code-projects Online FIR System SQL Database Backup Fi… |
code-projects |
Online FIR System |
2026-04-06T15:30:13.502Z | 2026-04-07T16:00:58.394Z | |
| cve-2026-34402 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': '** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39330. Reason: This candidate is a duplicate of CVE-2026-39330. Notes: All CVE users should reference CVE-2026-39330 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.another CVE.'}], 'replacedBy': ['CVE-2026-39330'], 'providerMetadata': {'orgId': 'a0819718-46f1-4df5-94e2-005712e83aaa', 'shortName': 'GitHub_M', 'dateUpdated': '2026-04-09T16:52:13.843Z'}} | N/A | N/A | 2026-04-06T15:27:09.103Z | 2026-04-09T16:52:13.843Z |
| cve-2026-33405 | Pi-hole has a Stored HTML Injection in queries.js |
pi-hole |
web |
2026-04-06T15:23:32.750Z | 2026-04-06T18:37:49.276Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-784 | Multiples vulnérabilités dans les produits Microsoft | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-783 | Vulnérabilité dans Microsoft .Net | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-782 | Multiples vulnérabilités dans Microsoft Windows | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-781 | Multiples vulnérabilités dans Microsoft Office | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-780 | Multiples vulnérabilités dans Microsoft Edge | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-779 | Vulnérabilité dans les produits Adobe | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-778 | Multiples vulnérabilités dans Intel HAXM | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-777 | Multiples vulnérabilités dans Aruba ClearPass Policy Manager | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-776 | Multiples vulnérabilités dans les produits VMware | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-775 | Multiples vulnérabilités dans les produits Foxit | 2021-10-13T00:00:00.000000 | 2021-10-13T00:00:00.000000 |
| certfr-2021-avi-774 | Multiples vulnérabilités dans les produits Siemens | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-773 | Vulnérabilité dans les produits SonicWall | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-772 | Multiples vulnérabilités dans les produits Schneider | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-771 | Multiples vulnérabilités dans les produits NetApp | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-770 | Multiples vulnérabilités dans les produits SAP | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-769 | Vulnérabilité dans Apple iOS et iPadOS | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-768 | Multiples vulnérabilités dans Microsoft Edge | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-767 | Multiples vulnérabilités dans OpenOffice | 2021-10-12T00:00:00.000000 | 2021-10-12T00:00:00.000000 |
| certfr-2021-avi-766 | Vulnérabilité dans IBM App Connect Enterprise | 2021-10-11T00:00:00.000000 | 2021-10-11T00:00:00.000000 |
| certfr-2021-avi-765 | Multiples vulnérabilités dans les produits Adobe | 2021-10-11T00:00:00.000000 | 2021-10-11T00:00:00.000000 |
| certfr-2021-avi-764 | Vulnérabilité dans Apache HTTP Server | 2021-10-08T00:00:00.000000 | 2021-10-08T00:00:00.000000 |
| certfr-2021-avi-763 | Multiples vulnérabilités dans Google Chrome | 2021-10-08T00:00:00.000000 | 2021-10-08T00:00:00.000000 |
| certfr-2021-avi-762 | Multiples vulnérabilités dans OpenOffice | 2021-10-08T00:00:00.000000 | 2021-10-08T00:00:00.000000 |
| certfr-2021-avi-761 | Multiples vulnérabilités dans les produits Cisco | 2021-10-07T00:00:00.000000 | 2021-10-07T00:00:00.000000 |
| certfr-2021-avi-760 | Vulnérabilité dans Stormshield Network Security | 2021-10-07T00:00:00.000000 | 2021-10-07T00:00:00.000000 |
| certfr-2021-avi-759 | Multiples vulnérabilités dans Apache HTTP Server | 2021-10-06T00:00:00.000000 | 2021-10-11T00:00:00.000000 |
| certfr-2021-avi-758 | Multiples vulnérabilités dans les produits Fortinet | 2021-10-06T00:00:00.000000 | 2021-10-06T00:00:00.000000 |
| certfr-2021-avi-757 | Multiples vulnérabilités dans Typo3 | 2021-10-06T00:00:00.000000 | 2021-10-06T00:00:00.000000 |
| certfr-2021-avi-756 | Multiples vulnérabilités dans Aruba Instant Access Points | 2021-10-06T00:00:00.000000 | 2021-10-06T00:00:00.000000 |
| certfr-2021-avi-755 | Multiples vulnérabilités dans F5 BIG-IP | 2021-10-06T00:00:00.000000 | 2021-10-06T00:00:00.000000 |