Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-5414 | Newgen OmniDocs WebApiRequestRedirection resource injection |
Newgen |
OmniDocs |
2026-04-02T18:00:16.065Z | 2026-04-02T18:41:43.908Z | |
| cve-2026-34717 | OpenProject: SQL Injection in Cost Reporting =n Operat… |
opf |
openproject |
2026-04-02T17:59:55.742Z | 2026-04-03T13:01:53.483Z | |
| cve-2026-34715 | ewe Has Improper Neutralization of CRLF Sequences in H… |
vshakitskiy |
ewe |
2026-04-02T17:57:00.501Z | 2026-04-03T16:00:41.121Z | |
| cve-2026-34610 | leancrypto: Integer truncation in X.509 name parser en… |
smuellerDD |
leancrypto |
2026-04-02T17:54:53.250Z | 2026-04-03T17:25:10.195Z | |
| cve-2026-34608 | nanomq: Heap-Buffer-Overflow in webhook_inproc.c via c… |
nanomq |
nanomq |
2026-04-02T17:52:51.813Z | 2026-04-02T19:10:58.813Z | |
| cve-2026-34606 | Stored XSS in Frappe LMS |
frappe |
lms |
2026-04-02T17:50:01.153Z | 2026-04-03T13:02:34.097Z | |
| cve-2026-34601 | xmldom: XML injection via unsafe CDATA serialization a… |
xmldom |
xmldom |
2026-04-02T17:47:13.209Z | 2026-04-03T16:03:21.485Z | |
| cve-2026-5413 | Newgen OmniDocs GetWebApiConfiguration information dis… |
Newgen |
OmniDocs |
2026-04-02T17:45:09.982Z | 2026-04-02T19:10:24.735Z | |
| cve-2026-34593 | Ash Framework: Ash.Type.Module.cast_input/2 atom exhau… |
ash-project |
ash |
2026-04-02T17:42:26.459Z | 2026-04-03T13:04:09.413Z | |
| cve-2026-34598 | YesWiki has Persistant Blind XSS at "/?BazaR&vue=consulter" |
YesWiki |
yeswiki |
2026-04-02T17:37:37.386Z | 2026-04-02T19:09:44.401Z | |
| cve-2026-34591 | Poetry Has Wheel Path Traversal Which Can Lead to Arbi… |
python-poetry |
poetry |
2026-04-02T17:35:07.691Z | 2026-04-03T18:12:07.813Z | |
| cve-2026-34828 | listmonk: Active sessions remain valid after password … |
knadh |
listmonk |
2026-04-02T17:32:24.756Z | 2026-04-03T17:33:57.751Z | |
| cve-2026-34584 | listmonk: Broken Access Control in CSV Import (Unautho… |
knadh |
listmonk |
2026-04-02T17:31:37.615Z | 2026-04-02T19:09:02.060Z | |
| cve-2026-5370 | krayin laravel-crm Activities Module/Notes inbox.spec.… |
krayin |
laravel-crm |
2026-04-02T17:30:14.701Z | 2026-04-03T18:12:16.825Z | |
| cve-2026-34590 | Postiz: SSRF via Webhook Creation Endpoint Missing URL… |
gitroomhq |
postiz-app |
2026-04-02T17:26:58.902Z | 2026-04-03T15:49:51.856Z | |
| cve-2026-34577 | Postiz: Unauthenticated Full-Read SSRF via /public/str… |
gitroomhq |
postiz-app |
2026-04-02T17:24:33.725Z | 2026-04-03T15:52:56.345Z | |
| cve-2026-34576 | Postiz: SSRF in upload-from-url endpoint allows fetchi… |
gitroomhq |
postiz-app |
2026-04-02T17:23:14.827Z | 2026-04-02T18:57:33.241Z | |
| cve-2026-34124 | 7.1 (v4.0) | Denial of Service via Path Expansion Overflow in HTTP … |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:20:20.429Z | 2026-04-03T13:05:50.590Z |
| cve-2026-34122 | 7.1 (v4.0) | Stack-based Buffer Overflow Leading to Denial of Servi… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:20:12.471Z | 2026-04-02T17:59:32.667Z |
| cve-2026-34121 | 8.7 (v4.0) | Authentication Bypass in DS Configuration Service via … |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:20:06.705Z | 2026-04-02T17:58:52.376Z |
| cve-2026-34120 | 7.1 (v4.0) | Heap-based Buffer Overflow Vulnerability Leading to De… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:19:58.781Z | 2026-04-02T17:58:08.441Z |
| cve-2026-34119 | 7.1 (v4.0) | Heap-based Buffer Overflow Vulnerability Leading to De… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:19:50.931Z | 2026-04-03T13:06:40.136Z |
| cve-2026-34118 | 7.1 (v4.0) | Heap-based Buffer Overflow Vulnerability Leading to De… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:19:43.453Z | 2026-04-02T17:48:43.255Z |
| cve-2026-34526 | SillyTavern: Incomplete IP validation in /api/search/v… |
SillyTavern |
SillyTavern |
2026-04-02T17:16:55.897Z | 2026-04-02T17:48:03.787Z | |
| cve-2026-34524 | SillyTavern: Path traversal in `/api/chats/export` and… |
SillyTavern |
SillyTavern |
2026-04-02T17:15:22.819Z | 2026-04-03T18:12:52.047Z | |
| cve-2026-5368 | projectworlds Car Rental Project Parameter login.php s… |
projectworlds |
Car Rental Project |
2026-04-02T17:15:13.177Z | 2026-04-02T17:44:32.432Z | |
| cve-2026-34523 | SillyTavern: Path traversal allows file existence oracle |
SillyTavern |
SillyTavern |
2026-04-02T17:14:31.694Z | 2026-04-03T15:56:24.472Z | |
| cve-2026-34522 | SillyTavern: Path traversal in `/api/chats/import` all… |
SillyTavern |
SillyTavern |
2026-04-02T17:13:44.322Z | 2026-04-02T19:00:48.579Z | |
| cve-2026-26962 | Rack: Header injection in multipart requests |
rack |
rack |
2026-04-02T17:10:17.091Z | 2026-04-03T18:13:06.632Z | |
| cve-2026-34835 | Rack: `Rack::Request` accepts invalid Host characters,… |
rack |
rack |
2026-04-02T17:09:07.047Z | 2026-04-02T17:44:03.453Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-092 | Multiples vulnérabilités dans les produits SAP | 2021-02-09T00:00:00.000000 | 2021-02-09T00:00:00.000000 |
| certfr-2021-avi-091 | Vulnérabilité dans Mozilla Firefox et Firefox ESR | 2021-02-08T00:00:00.000000 | 2021-02-08T00:00:00.000000 |
| certfr-2021-avi-090 | Multiples vulnérabilités dans les produits Aruba | 2021-02-08T00:00:00.000000 | 2021-02-08T00:00:00.000000 |
| certfr-2021-avi-089 | Vulnérabilité dans Microsoft Edge | 2021-02-08T00:00:00.000000 | 2021-02-08T00:00:00.000000 |
| certfr-2021-avi-088 | Vulnérabilité dans Google Chrome | 2021-02-05T00:00:00.000000 | 2021-02-05T00:00:00.000000 |
| certfr-2021-avi-087 | Multiples vulnérabilités dans Microsoft Edge | 2021-02-05T00:00:00.000000 | 2021-02-05T00:00:00.000000 |
| certfr-2021-avi-086 | Vulnérabilité dans Citrix Hypervisor | 2021-02-05T00:00:00.000000 | 2021-02-05T00:00:00.000000 |
| certfr-2021-avi-085 | Multiples vulnérabilités dans les produits Trend Micro | 2021-02-05T00:00:00.000000 | 2021-02-05T00:00:00.000000 |
| certfr-2021-avi-084 | Multiples vulnérabilités dans PHP | 2021-02-05T00:00:00.000000 | 2021-02-05T00:00:00.000000 |
| certfr-2021-avi-083 | Vulnérabilité dans SonicWall SMA100 | 2021-02-04T00:00:00.000000 | 2021-02-04T00:00:00.000000 |
| certfr-2021-avi-082 | Multiples vulnérabilités dans les produits Cisco | 2021-02-04T00:00:00.000000 | 2021-02-04T00:00:00.000000 |
| certfr-2021-avi-081 | Vulnérabilité dans IBM WebSphere | 2021-02-04T00:00:00.000000 | 2021-02-04T00:00:00.000000 |
| certfr-2021-avi-080 | Multiples vulnérabilités dans les produits Fortinet | 2021-02-04T00:00:00.000000 | 2021-02-04T00:00:00.000000 |
| certfr-2021-avi-079 | Vulnérabilité dans Belden Hirschmann RSP, RSPE et OS2 | 2021-02-03T00:00:00.000000 | 2021-02-03T00:00:00.000000 |
| certfr-2021-avi-078 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-02-03T00:00:00.000000 | 2021-02-03T00:00:00.000000 |
| certfr-2021-avi-077 | Multiples vulnérabilités dans le noyau Linux de Debian | 2021-02-03T00:00:00.000000 | 2021-02-03T00:00:00.000000 |
| certfr-2021-avi-076 | Multiples vulnérabilités dans Google Chrome | 2021-02-03T00:00:00.000000 | 2021-02-03T00:00:00.000000 |
| certfr-2021-avi-075 | Multiples vulnérabilités dans GitLab | 2021-02-03T00:00:00.000000 | 2021-02-03T00:00:00.000000 |
| certfr-2021-avi-074 | Vulnérabilité dans Tenable Nessus AMI | 2021-02-03T00:00:00.000000 | 2021-02-03T00:00:00.000000 |
| certfr-2021-avi-073 | Vulnérabilité dans Foxit PhantomPDF et Reader | 2021-02-02T00:00:00.000000 | 2021-02-02T00:00:00.000000 |
| certfr-2021-avi-072 | Multiples vulnérabilités dans les produits Apple | 2021-02-02T00:00:00.000000 | 2021-02-02T00:00:00.000000 |
| certfr-2021-avi-071 | Multiples vulnérabilités dans Google Android | 2021-02-02T00:00:00.000000 | 2021-02-02T00:00:00.000000 |
| certfr-2021-avi-070 | Vulnérabilité dans Libgcrypt | 2021-02-01T00:00:00.000000 | 2021-02-02T00:00:00.000000 |
| certfr-2021-avi-069 | Multiples vulnérabilités dans Wireshark | 2021-02-01T00:00:00.000000 | 2021-02-01T00:00:00.000000 |
| certfr-2021-avi-068 | Vulnérabilité dans Siemens SIMATIC | 2021-01-29T00:00:00.000000 | 2021-01-29T00:00:00.000000 |
| certfr-2021-avi-067 | Multiples vulnérabilités dans les produits Trend Micro | 2021-01-29T00:00:00.000000 | 2021-01-29T00:00:00.000000 |
| certfr-2021-avi-066 | Multiples vulnérabilités dans Google Chrome OS | 2021-01-29T00:00:00.000000 | 2021-01-29T00:00:00.000000 |
| certfr-2021-avi-065 | Multiples vulnérabilités dans les produits Stormshield | 2021-01-28T00:00:00.000000 | 2021-01-29T00:00:00.000000 |
| certfr-2021-avi-064 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-01-28T00:00:00.000000 | 2021-01-28T00:00:00.000000 |
| certfr-2021-avi-063 | Vulnérabilité dans Sudo | 2021-01-27T00:00:00.000000 | 2021-01-27T00:00:00.000000 |