Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34826 | Rack: Unbounded Range Count in get_byte_ranges Enables DoS |
rack |
rack |
2026-04-02T16:45:53.964Z | 2026-04-03T18:13:27.375Z | |
| cve-2026-5355 | Trendnet TEW-657BRM setup.cgi vpn_drop os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:45:17.025Z | 2026-04-02T18:59:51.603Z | |
| cve-2026-34786 | Rack: Rack::Static header_rules bypass via URL-encoded paths |
rack |
rack |
2026-04-02T16:44:59.694Z | 2026-04-03T17:38:11.143Z | |
| cve-2026-35386 | 3.6 (v3.1) | In OpenSSH before 10.3, command execution can occ… |
OpenBSD |
OpenSSH |
2026-04-02T16:44:27.806Z | 2026-04-03T03:55:45.599Z |
| cve-2026-34785 | Rack: Local file inclusion in `Rack::Static` via URL P… |
rack |
rack |
2026-04-02T16:44:17.134Z | 2026-04-02T18:59:08.828Z | |
| cve-2026-34763 | Rack: Rack::Directory info disclosure and DoS via unes… |
rack |
rack |
2026-04-02T16:43:42.189Z | 2026-04-02T17:41:12.293Z | |
| cve-2026-34831 | Rack: Content-Length mismatch in Rack::Files error responses |
rack |
rack |
2026-04-02T16:43:08.762Z | 2026-04-03T17:48:11.330Z | |
| cve-2026-26961 | Rack: Multipart Boundary Parsing Ambiguity allowing WA… |
rack |
rack |
2026-04-02T16:42:16.766Z | 2026-04-03T17:58:12.149Z | |
| cve-2026-34230 | Rack: Quadratic complexity in Rack::Utils.select_best_… |
rack |
rack |
2026-04-02T16:41:21.095Z | 2026-04-03T18:19:00.388Z | |
| cve-2026-35385 | 7.5 (v3.1) | In OpenSSH before 10.3, a file downloaded by scp … |
OpenBSD |
OpenSSH |
2026-04-02T16:30:59.615Z | 2026-04-03T03:55:44.273Z |
| cve-2026-5354 | Trendnet TEW-657BRM setup.cgi vpn_connect os command i… |
Trendnet |
TEW-657BRM |
2026-04-02T16:30:13.623Z | 2026-04-02T18:58:15.422Z | |
| cve-2026-35038 | signalk-server: Arbitrary Prototype Read via `from` Fi… |
SignalK |
signalk-server |
2026-04-02T16:20:17.750Z | 2026-04-02T18:46:36.895Z | |
| cve-2026-5353 | Trendnet TEW-657BRM setup.cgi ping_test os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:15:15.653Z | 2026-04-02T16:21:43.958Z | |
| cve-2026-34083 | signalk-server: OAuth Authorization Code Theft via Unv… |
SignalK |
signalk-server |
2026-04-02T16:14:38.893Z | 2026-04-02T17:39:18.548Z | |
| cve-2026-33951 | signalk-server: Unauthenticated Source Priorities Mani… |
SignalK |
signalk-server |
2026-04-02T16:11:58.762Z | 2026-04-02T16:21:53.516Z | |
| cve-2026-33950 | signalk-server: Privilege Escalation by Admin Role Inj… |
SignalK |
signalk-server |
2026-04-02T16:08:59.415Z | 2026-04-03T18:02:34.324Z | |
| cve-2026-5352 | Trendnet TEW-657BRM setup.cgi edit os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:00:13.243Z | 2026-04-02T17:38:37.073Z | |
| cve-2025-65114 | Apache Traffic Server: Malformed chunked message body … |
Apache Software Foundation |
Apache Traffic Server |
2026-04-02T15:55:27.280Z | 2026-04-02T18:10:10.171Z | |
| cve-2025-58136 | Apache Traffic Server: A simple legitimate POST reques… |
Apache Software Foundation |
Apache Traffic Server |
2026-04-02T15:54:47.013Z | 2026-04-02T18:13:21.125Z | |
| cve-2026-5351 | Trendnet TEW-657BRM setup.cgi add_wps_client os comman… |
Trendnet |
TEW-657BRM |
2026-04-02T15:45:12.604Z | 2026-04-03T19:58:42.244Z | |
| cve-2026-5350 | Trendnet TEW-657BRM setup.cgi update_pcdb stack-based … |
Trendnet |
TEW-657BRM |
2026-04-02T15:30:13.152Z | 2026-04-02T16:20:02.920Z | |
| cve-2026-5349 | Trendnet TEW-657BRM setup.cgi add_apcdb stack-based overflow |
Trendnet |
TEW-657BRM |
2026-04-02T15:15:12.190Z | 2026-04-02T18:51:16.407Z | |
| cve-2026-33746 | Convoy: JWT Signature Verification Bypass Allows Authe… |
ConvoyPanel |
panel |
2026-04-02T15:06:05.832Z | 2026-04-02T18:50:14.459Z | |
| cve-2026-33691 | OWASP CRS: Whitespace padding in filenames bypasses fi… |
coreruleset |
coreruleset |
2026-04-02T15:03:52.126Z | 2026-04-18T19:16:54.006Z | |
| cve-2026-33544 | Tinyauth has OAuth account confusion via shared mutabl… |
steveiliop56 |
tinyauth |
2026-04-02T15:00:38.450Z | 2026-04-03T18:23:22.599Z | |
| cve-2026-5346 | huimeicloud hm_editor image-to-base64 Endpoint mcp-ser… |
huimeicloud |
hm_editor |
2026-04-02T15:00:16.365Z | 2026-04-02T16:22:00.246Z | |
| cve-2026-33641 | Glances Vulnerable to Command Injection via Dynamic Co… |
nicolargo |
glances |
2026-04-02T14:57:51.120Z | 2026-04-02T16:22:08.154Z | |
| cve-2026-33533 | Glances Vulnerable to Cross-Origin System Information … |
nicolargo |
glances |
2026-04-02T14:56:38.762Z | 2026-04-02T18:48:01.060Z | |
| cve-2026-32871 | FastMCP OpenAPI Provider has an SSRF & Path Traversal … |
PrefectHQ |
fastmcp |
2026-04-02T14:52:39.978Z | 2026-04-02T15:59:25.302Z | |
| cve-2026-34974 | phpMyFAQ: SVG Sanitizer Bypass via HTML Entity Encodin… |
thorsten |
phpMyFAQ |
2026-04-02T14:48:22.619Z | 2026-04-02T16:22:14.990Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-032 | Vulnérabilité dans Nagios XI | 2021-01-14T00:00:00.000000 | 2021-02-22T00:00:00.000000 |
| certfr-2021-avi-031 | Multiples vulnérabilités dans Palo Alto Networks PAN-OS | 2021-01-14T00:00:00.000000 | 2021-01-15T00:00:00.000000 |
| certfr-2021-avi-030 | Multiples vulnérabilités dans les produits Cisco | 2021-01-14T00:00:00.000000 | 2021-01-14T00:00:00.000000 |
| certfr-2021-avi-029 | Multiples vulnérabilités dans les produits Microsoft | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-028 | Multiples vulnérabilités dans Microsoft .Net | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-027 | Multiples vulnérabilités dans Microsoft Windows | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-026 | Multiples vulnérabilités dans Microsoft Office | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-025 | Vulnérabilité dans Microsoft Edge | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-024 | Multiples vulnérabilités dans les produits Schneider Electric | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-023 | Multiples vulnérabilités dans Joomla! | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-022 | Multiples vulnérabilités dans Aruba AirWave Glass | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-021 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-020 | Vulnérabilité dans le noyau Linux de Red Hat | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-019 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-01-13T00:00:00.000000 | 2021-01-13T00:00:00.000000 |
| certfr-2021-avi-018 | Multiples vulnérabilités dans les produits Siemens | 2021-01-12T00:00:00.000000 | 2021-01-12T00:00:00.000000 |
| certfr-2021-avi-017 | Multiples vulnérabilités dans les produits SAP | 2021-01-12T00:00:00.000000 | 2021-01-12T00:00:00.000000 |
| certfr-2021-avi-016 | Vulnérabilité dans Mozilla Thunderbird | 2021-01-12T00:00:00.000000 | 2021-01-12T00:00:00.000000 |
| certfr-2021-avi-015 | Multiples vulnérabilités dans Google Chrome OS | 2021-01-12T00:00:00.000000 | 2021-01-12T00:00:00.000000 |
| certfr-2021-avi-014 | Multiples vulnérabilités dans Qnap QTS et QuTS hero | 2021-01-11T00:00:00.000000 | 2021-01-11T00:00:00.000000 |
| certfr-2021-avi-013 | Multiples vulnérabilités dans les produits SonicWall | 2021-01-11T00:00:00.000000 | 2021-01-11T00:00:00.000000 |
| certfr-2021-avi-012 | Vulnérabilité dans le noyau Linux d'Ubuntu | 2021-01-11T00:00:00.000000 | 2021-01-11T00:00:00.000000 |
| certfr-2021-avi-011 | Multiples vulnérabilités dans GitLab | 2021-01-08T00:00:00.000000 | 2021-01-08T00:00:00.000000 |
| certfr-2021-avi-010 | Multiples vulnérabilités dans Microsoft Edge | 2021-01-08T00:00:00.000000 | 2021-01-08T00:00:00.000000 |
| certfr-2020-avi-375 | [MàJ] Multiples vulnérabilités dans la pile TCP/IP de Treck | 2021-01-08T00:00:00.000000 | 2021-01-08T00:00:00.000000 |
| certfr-2021-avi-009 | Vulnérabilité dans PHP | 2021-01-07T00:00:00.000000 | 2021-01-07T00:00:00.000000 |
| certfr-2021-avi-008 | Multiples vulnérabilités dans Google Chrome | 2021-01-07T00:00:00.000000 | 2021-01-07T00:00:00.000000 |
| certfr-2021-avi-007 | Vulnérabilité dans Mozilla Firefox | 2021-01-07T00:00:00.000000 | 2021-01-07T00:00:00.000000 |
| certfr-2021-avi-006 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2021-01-06T00:00:00.000000 | 2021-01-06T00:00:00.000000 |
| certfr-2021-avi-005 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2021-01-06T00:00:00.000000 | 2021-01-06T00:00:00.000000 |
| certfr-2021-avi-004 | Vulnérabilité dans Bouncy Castle | 2021-01-06T00:00:00.000000 | 2021-01-06T00:00:00.000000 |