Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2024-14033 | 7.5 (v3.1) 7.1 (v4.0) | Hirschmann EagleSDV Denial of Service via TLS |
Belden |
Hirschmann EagleSDV |
2026-04-02T20:40:37.469Z | 2026-04-03T22:22:40.094Z |
| cve-2025-15620 | 9.3 (v3.1) 9.2 (v4.0) | HiOS Switch Platform Denial-of-Service via Web Interface |
Belden |
Hirschmann HiOS Switch Platform |
2026-04-02T20:28:08.711Z | 2026-04-03T22:24:26.625Z |
| cve-2026-35467 | N/A | Private Key stored as extractable in browser IndexeDB |
CERT/CC |
cveClient/encrypt-storage.js |
2026-04-02T20:27:27.792Z | 2026-04-03T13:51:22.012Z |
| cve-2026-35466 | N/A | Stored XSS via unsanitized input from remote service |
CERT/CC |
cveClient/cveInterface.js |
2026-04-02T20:20:35.304Z | 2026-04-03T13:55:40.446Z |
| cve-2024-14034 | 9.8 (v3.1) 9.3 (v4.0) | Hirschmann HiEOS Authentication Bypass via HTTP Manage… |
Belden |
Hirschmann HiEOS LRS11 |
2026-04-02T20:01:23.748Z | 2026-04-03T22:27:03.051Z |
| cve-2023-7343 | 7.8 (v3.1) 7.8 (v4.0) | Belden Industrial HiVision Arbitrary Code Execution vi… |
Belden |
Hirschmann Industrial HiVision |
2026-04-02T19:56:24.883Z | 2026-04-03T22:30:23.855Z |
| cve-2026-34931 | hoppscotch: Improper loopback redirect_uri validation … |
hoppscotch |
hoppscotch |
2026-04-02T19:21:35.136Z | 2026-04-06T14:07:20.977Z | |
| cve-2026-34848 | hoppscotch: Stored XSS in team member overflow tooltip… |
hoppscotch |
hoppscotch |
2026-04-02T19:20:00.944Z | 2026-04-03T12:54:39.887Z | |
| cve-2026-34932 | hoppscotch: Stored XSS via mock server responses on ba… |
hoppscotch |
hoppscotch |
2026-04-02T19:19:15.697Z | 2026-04-06T14:07:40.655Z | |
| cve-2026-34847 | hoppscotch: Open redirect via `/enter?redirect=` |
hoppscotch |
hoppscotch |
2026-04-02T19:19:05.703Z | 2026-04-03T15:39:17.767Z | |
| cve-2026-34838 | Group-Office: Authenticated Remote Code Execution via … |
Intermesh |
groupoffice |
2026-04-02T19:15:40.591Z | 2026-04-03T12:55:48.631Z | |
| cve-2026-34834 | Bulwark Webmail: Authentication Bypass in verifyIdenti… |
bulwarkmail |
webmail |
2026-04-02T19:11:54.448Z | 2026-04-03T18:11:56.037Z | |
| cve-2026-34833 | Bulwark Webmail: Information Exposure: password return… |
bulwarkmail |
webmail |
2026-04-02T19:11:39.303Z | 2026-04-03T15:40:57.901Z | |
| cve-2026-34832 | Scoold: Cross-Account Feedback Deletion (IDOR) |
Erudika |
scoold |
2026-04-02T19:08:03.206Z | 2026-04-03T14:43:14.459Z | |
| cve-2026-34825 | NocoBase Has SQL Injection via template variable subst… |
nocobase |
nocobase |
2026-04-02T19:06:07.592Z | 2026-04-03T12:56:41.506Z | |
| cve-2026-35383 | Bentley Systems iTwin Platform exposed access token |
Bentley Systems |
iTwin Platform |
2026-04-02T19:04:09.008Z | 2026-04-14T14:04:32.831Z | |
| cve-2026-34762 | Ella Core Has Audit Log Falsification via Path/Body IM… |
ellanetworks |
core |
2026-04-02T19:03:54.247Z | 2026-04-03T15:39:50.305Z | |
| cve-2026-34761 | Ella Core Panics Upon NGAP handover failure |
ellanetworks |
core |
2026-04-02T19:03:05.307Z | 2026-04-03T15:43:40.050Z | |
| cve-2026-5420 | Shinrays Games Goods Triple App cats.goods.sort.sortin… |
Shinrays Games |
Goods Triple App |
2026-04-02T19:00:17.487Z | 2026-04-03T15:56:29.692Z | |
| cve-2026-34760 | vLLM: Downmix Implementation Differences as Attack Vec… |
vllm-project |
vllm |
2026-04-02T18:59:49.638Z | 2026-04-03T14:42:34.842Z | |
| cve-2026-35053 | OneUptime: Unauthenticated Workflow Execution via ManualAPI |
OneUptime |
oneuptime |
2026-04-02T18:55:49.130Z | 2026-04-03T15:46:38.420Z | |
| cve-2026-34840 | OneUptime SSO: Multi-Assertion Identity Injection via … |
OneUptime |
oneuptime |
2026-04-02T18:52:48.274Z | 2026-04-02T20:20:13.291Z | |
| cve-2026-34759 | OneUptime: Unauthenticated notification API endpoints … |
OneUptime |
oneuptime |
2026-04-02T18:50:55.287Z | 2026-04-03T12:58:14.882Z | |
| cve-2026-34758 | OneUptime: Missing Authentication on Notification Endpoints |
OneUptime |
oneuptime |
2026-04-02T18:49:29.826Z | 2026-04-03T15:58:23.101Z | |
| cve-2026-34752 | Haraka affected by DoS via `__proto__` email header |
haraka |
Haraka |
2026-04-02T18:42:38.367Z | 2026-04-03T15:47:34.494Z | |
| cve-2026-34745 | Unauthenticated Path Traversal Arbitrary File Write in… |
ShaneIsrael |
fireshare |
2026-04-02T18:38:17.626Z | 2026-04-02T19:15:43.377Z | |
| cve-2026-5429 | 7.8 (v3.1) 7.1 (v4.0) | Kiro IDE Webview Cross-Site Scripting via Workspace Co… |
AWS |
Kiro IDE |
2026-04-02T18:37:42.972Z | 2026-04-02T19:22:46.775Z |
| cve-2026-34743 | XZ Utils: Buffer overflow in lzma_index_append() |
tukaani-project |
xz |
2026-04-02T18:36:37.450Z | 2026-04-03T12:59:06.096Z | |
| cve-2026-34742 | Model Context Protocol Go SDK: DNS Rebinding Protectio… |
modelcontextprotocol |
go-sdk |
2026-04-02T18:32:34.781Z | 2026-04-03T15:59:37.091Z | |
| cve-2026-5418 | appsmithorg appsmith Dashboard WebClientUtils.java com… |
appsmithorg |
appsmith |
2026-04-02T18:30:14.217Z | 2026-04-03T12:59:56.016Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-152 | Multiples vulnérabilités dans Citrix Hypervisor | 2021-03-01T00:00:00.000000 | 2021-03-01T00:00:00.000000 |
| certfr-2021-avi-151 | Multiples vulnérabilités dans mongoDB et mongoDB Ops Manager | 2021-03-01T00:00:00.000000 | 2021-03-01T00:00:00.000000 |
| certfr-2021-avi-150 | Vulnérabilité dans IBM Qradar | 2021-03-01T00:00:00.000000 | 2021-03-01T00:00:00.000000 |
| certfr-2021-avi-149 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-02-26T00:00:00.000000 | 2021-02-26T00:00:00.000000 |
| certfr-2021-avi-148 | Multiples vulnérabilités dans Nagios XI | 2021-02-26T00:00:00.000000 | 2021-02-26T00:00:00.000000 |
| certfr-2021-avi-147 | Multiples vulnérabilités dans les produits Cisco | 2021-02-25T00:00:00.000000 | 2021-02-25T00:00:00.000000 |
| certfr-2021-avi-146 | Multiples vulnérabilités dans F5 BIG-IP | 2021-02-25T00:00:00.000000 | 2021-02-25T00:00:00.000000 |
| certfr-2021-avi-145 | Multiples vulnérabilités dans les produits VMWare | 2021-02-24T00:00:00.000000 | 2021-02-24T00:00:00.000000 |
| certfr-2021-avi-144 | Multiples vulnérabilités dans Mozilla Thunderbird | 2021-02-24T00:00:00.000000 | 2021-03-01T00:00:00.000000 |
| certfr-2021-avi-143 | Multiples vulnérabilités dans Mozilla Firefox | 2021-02-24T00:00:00.000000 | 2021-02-24T00:00:00.000000 |
| certfr-2021-avi-142 | Multiples vulnérabilités dans les produits Aruba | 2021-02-24T00:00:00.000000 | 2021-02-24T00:00:00.000000 |
| certfr-2021-avi-141 | Vulnérabilité dans F5 BIG-IP | 2021-02-24T00:00:00.000000 | 2021-02-24T00:00:00.000000 |
| certfr-2021-avi-140 | Vulnérabilité dans Python | 2021-02-22T00:00:00.000000 | 2021-02-22T00:00:00.000000 |
| certfr-2021-avi-139 | Multiples vulnérabilités dans F5 BIG-IP | 2021-02-22T00:00:00.000000 | 2021-02-22T00:00:00.000000 |
| certfr-2021-avi-138 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-02-22T00:00:00.000000 | 2021-02-22T00:00:00.000000 |
| certfr-2021-avi-137 | Vulnérabilité dans IBM WebSphere Cast Iron | 2021-02-22T00:00:00.000000 | 2021-02-22T00:00:00.000000 |
| certfr-2021-avi-136 | Multiples vulnérabilités dans Asterisk | 2021-02-19T00:00:00.000000 | 2021-02-19T00:00:00.000000 |
| certfr-2021-avi-135 | Vulnérabilité dans Xen | 2021-02-19T00:00:00.000000 | 2021-02-19T00:00:00.000000 |
| certfr-2021-avi-134 | Multiples vulnérabilités dans Microsoft Edge | 2021-02-18T00:00:00.000000 | 2021-02-18T00:00:00.000000 |
| certfr-2021-avi-133 | Multiples vulnérabilités dans Google Chrome OS | 2021-02-18T00:00:00.000000 | 2021-02-18T00:00:00.000000 |
| certfr-2021-avi-132 | Vulnérabilité dans BIND | 2021-02-18T00:00:00.000000 | 2021-02-18T00:00:00.000000 |
| certfr-2021-avi-131 | Vulnérabilité dans Cisco AnyConnect Secure Mobility Client | 2021-02-18T00:00:00.000000 | 2021-02-18T00:00:00.000000 |
| certfr-2021-avi-130 | Multiples vulnérabilités dans Tenable Nessus Network Monitor | 2021-02-18T00:00:00.000000 | 2021-02-18T00:00:00.000000 |
| certfr-2021-avi-129 | Vulnérabilité dans les produits Kaspersky | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-128 | Multiples vulnérabilités dans les produits Qnap | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-127 | Vulnérabilité dans les produits Moxa | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-126 | Multiples vulnérabilités dans Google Chrome | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-125 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-124 | Multiples vulnérabilités dans OpenSSL | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |
| certfr-2021-avi-123 | Vulnérabilité dans Xen | 2021-02-17T00:00:00.000000 | 2021-02-17T00:00:00.000000 |