Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-5370 | krayin laravel-crm Activities Module/Notes inbox.spec.… |
krayin |
laravel-crm |
2026-04-02T17:30:14.701Z | 2026-04-03T18:12:16.825Z | |
| cve-2026-34590 | Postiz: SSRF via Webhook Creation Endpoint Missing URL… |
gitroomhq |
postiz-app |
2026-04-02T17:26:58.902Z | 2026-04-03T15:49:51.856Z | |
| cve-2026-34577 | Postiz: Unauthenticated Full-Read SSRF via /public/str… |
gitroomhq |
postiz-app |
2026-04-02T17:24:33.725Z | 2026-04-03T15:52:56.345Z | |
| cve-2026-34576 | Postiz: SSRF in upload-from-url endpoint allows fetchi… |
gitroomhq |
postiz-app |
2026-04-02T17:23:14.827Z | 2026-04-02T18:57:33.241Z | |
| cve-2026-34124 | 7.1 (v4.0) | Denial of Service via Path Expansion Overflow in HTTP … |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:20:20.429Z | 2026-04-03T13:05:50.590Z |
| cve-2026-34122 | 7.1 (v4.0) | Stack-based Buffer Overflow Leading to Denial of Servi… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:20:12.471Z | 2026-04-02T17:59:32.667Z |
| cve-2026-34121 | 8.7 (v4.0) | Authentication Bypass in DS Configuration Service via … |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:20:06.705Z | 2026-04-02T17:58:52.376Z |
| cve-2026-34120 | 7.1 (v4.0) | Heap-based Buffer Overflow Vulnerability Leading to De… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:19:58.781Z | 2026-04-02T17:58:08.441Z |
| cve-2026-34119 | 7.1 (v4.0) | Heap-based Buffer Overflow Vulnerability Leading to De… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:19:50.931Z | 2026-04-03T13:06:40.136Z |
| cve-2026-34118 | 7.1 (v4.0) | Heap-based Buffer Overflow Vulnerability Leading to De… |
TP-Link Systems Inc. |
Tapo C520WS v2.6 |
2026-04-02T17:19:43.453Z | 2026-04-02T17:48:43.255Z |
| cve-2026-34526 | SillyTavern: Incomplete IP validation in /api/search/v… |
SillyTavern |
SillyTavern |
2026-04-02T17:16:55.897Z | 2026-04-02T17:48:03.787Z | |
| cve-2026-34524 | SillyTavern: Path traversal in `/api/chats/export` and… |
SillyTavern |
SillyTavern |
2026-04-02T17:15:22.819Z | 2026-04-03T18:12:52.047Z | |
| cve-2026-5368 | projectworlds Car Rental Project Parameter login.php s… |
projectworlds |
Car Rental Project |
2026-04-02T17:15:13.177Z | 2026-04-02T17:44:32.432Z | |
| cve-2026-34523 | SillyTavern: Path traversal allows file existence oracle |
SillyTavern |
SillyTavern |
2026-04-02T17:14:31.694Z | 2026-04-03T15:56:24.472Z | |
| cve-2026-34522 | SillyTavern: Path traversal in `/api/chats/import` all… |
SillyTavern |
SillyTavern |
2026-04-02T17:13:44.322Z | 2026-04-02T19:00:48.579Z | |
| cve-2026-26962 | Rack: Header injection in multipart requests |
rack |
rack |
2026-04-02T17:10:17.091Z | 2026-04-03T18:13:06.632Z | |
| cve-2026-34835 | Rack: `Rack::Request` accepts invalid Host characters,… |
rack |
rack |
2026-04-02T17:09:07.047Z | 2026-04-02T17:44:03.453Z | |
| cve-2026-35414 | 4.2 (v3.1) | OpenSSH before 10.3 mishandles the authorized_key… |
OpenBSD |
OpenSSH |
2026-04-02T17:08:15.628Z | 2026-04-02T18:17:04.391Z |
| cve-2026-34827 | Rack: Algorithmic-Complexity DoS in Rack::Multipart::Parser |
rack |
rack |
2026-04-02T17:07:48.279Z | 2026-04-03T18:13:16.834Z | |
| cve-2026-32762 | Rack: Forwarded Header semicolon injection enables Hos… |
rack |
rack |
2026-04-02T17:06:50.819Z | 2026-04-02T17:42:42.305Z | |
| cve-2026-33271 | 6.7 (v3.0) | Local privilege escalation due to insecure folder… |
Acronis |
Acronis True Image |
2026-04-02T17:06:24.089Z | 2026-04-03T03:55:49.028Z |
| cve-2026-27774 | 6.7 (v3.0) | Local privilege escalation due to DLL hijacking v… |
Acronis |
Acronis True Image |
2026-04-02T17:05:19.178Z | 2026-04-03T03:55:47.929Z |
| cve-2026-28728 | 6.7 (v3.0) | Local privilege escalation due to DLL hijacking v… |
Acronis |
Acronis True Image |
2026-04-02T17:04:45.425Z | 2026-04-03T03:55:46.690Z |
| cve-2026-5360 | Free5GC aper type confusion |
n/a |
Free5GC |
2026-04-02T17:00:19.072Z | 2026-04-03T19:59:25.061Z | |
| cve-2026-35388 | 2.5 (v3.1) | OpenSSH before 10.3 omits connection multiplexing… |
OpenBSD |
OpenSSH |
2026-04-02T16:57:31.073Z | 2026-04-02T18:16:41.820Z |
| cve-2026-35387 | 3.1 (v3.1) | OpenSSH before 10.3 can use unintended ECDSA algo… |
OpenBSD |
OpenSSH |
2026-04-02T16:52:53.623Z | 2026-04-03T13:07:56.358Z |
| cve-2026-34830 | Rack: Rack::Sendfile regex injection via HTTP_X_ACCEL_… |
rack |
rack |
2026-04-02T16:47:40.490Z | 2026-04-02T18:59:46.589Z | |
| cve-2026-34829 | Rack: Denial of Service via Unbounded Multipart File U… |
rack |
rack |
2026-04-02T16:46:47.357Z | 2026-04-02T17:41:33.990Z | |
| cve-2026-34826 | Rack: Unbounded Range Count in get_byte_ranges Enables DoS |
rack |
rack |
2026-04-02T16:45:53.964Z | 2026-04-03T18:13:27.375Z | |
| cve-2026-5355 | Trendnet TEW-657BRM setup.cgi vpn_drop os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:45:17.025Z | 2026-04-02T18:59:51.603Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2021-avi-003 | Multiples vulnérabilités dans les produits Fortinet | 2021-01-06T00:00:00.000000 | 2021-01-06T00:00:00.000000 |
| certfr-2021-avi-002 | Vulnérabilité dans Mitel MiCollab | 2021-01-05T00:00:00.000000 | 2021-01-05T00:00:00.000000 |
| certfr-2021-avi-001 | Multiples vulnérabilités dans Google Android | 2021-01-05T00:00:00.000000 | 2021-01-05T00:00:00.000000 |
| certfr-2020-avi-846 | Multiples vulnérabilités dans les produits QNAP | 2020-12-31T00:00:00.000000 | 2020-12-31T00:00:00.000000 |
| certfr-2020-avi-845 | Vulnérabilité dans SolarWinds Orion API | 2020-12-28T00:00:00.000000 | 2020-12-28T00:00:00.000000 |
| certfr-2020-avi-844 | Multiples vulnérabilités dans les produits Qnap | 2020-12-23T00:00:00.000000 | 2020-12-23T00:00:00.000000 |
| certfr-2020-avi-843 | Multiples vulnérabilités dans les produits Treck | 2020-12-23T00:00:00.000000 | 2020-12-23T00:00:00.000000 |
| certfr-2020-avi-842 | Multiples vulnérabilités dans Asterisk | 2020-12-23T00:00:00.000000 | 2020-12-23T00:00:00.000000 |
| certfr-2020-avi-841 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2020-12-23T00:00:00.000000 | 2020-12-23T00:00:00.000000 |
| certfr-2020-avi-840 | Multiples vulnérabilités dans Tenable Tenable.sc | 2020-12-22T00:00:00.000000 | 2020-12-22T00:00:00.000000 |
| certfr-2020-avi-839 | Multiples vulnérabilités dans Trend Micro InterScan Web Security Virtual Appliance | 2020-12-22T00:00:00.000000 | 2020-12-22T00:00:00.000000 |
| certfr-2020-avi-838 | Multiples vulnérabilités dans Aruba ArubaOS | 2020-12-21T00:00:00.000000 | 2020-12-21T00:00:00.000000 |
| certfr-2020-avi-837 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-12-21T00:00:00.000000 | 2020-12-21T00:00:00.000000 |
| certfr-2020-avi-836 | Multiples vulnérabilités dans les produits Schneider Electric | 2020-12-21T00:00:00.000000 | 2020-12-21T00:00:00.000000 |
| certfr-2020-avi-835 | Vulnérabilité dans F5 BIG-IP | 2020-12-21T00:00:00.000000 | 2020-12-21T00:00:00.000000 |
| certfr-2020-avi-834 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2020-12-21T00:00:00.000000 | 2020-12-21T00:00:00.000000 |
| certfr-2020-avi-833 | Multiples vulnérabilités dans Wireshark | 2020-12-21T00:00:00.000000 | 2020-12-21T00:00:00.000000 |
| certfr-2020-avi-832 | Multiples vulnérabilités dans F5 BIG-IP | 2020-12-18T00:00:00.000000 | 2020-12-18T00:00:00.000000 |
| certfr-2020-avi-831 | Vulnérabilité dans les produits VMware | 2020-12-18T00:00:00.000000 | 2020-12-18T00:00:00.000000 |
| certfr-2020-avi-830 | Vulnérabilité dans le noyau Linux de SUSE | 2020-12-18T00:00:00.000000 | 2020-12-18T00:00:00.000000 |
| certfr-2020-avi-829 | Multiples vulnérabilités dans F5 BIG-IP | 2020-12-17T00:00:00.000000 | 2020-12-17T00:00:00.000000 |
| certfr-2020-avi-828 | Vulnérabilité dans Zimbra | 2020-12-17T00:00:00.000000 | 2020-12-17T00:00:00.000000 |
| certfr-2020-avi-827 | Multiples vulnérabilités dans Mozilla Thunderbird | 2020-12-16T00:00:00.000000 | 2020-12-16T00:00:00.000000 |
| certfr-2020-avi-826 | Multiples vulnérabilités dans Mozilla Firefox | 2020-12-16T00:00:00.000000 | 2020-12-16T00:00:00.000000 |
| certfr-2020-avi-825 | Vulnérabilité dans Citrix Hypervisor | 2020-12-16T00:00:00.000000 | 2020-12-16T00:00:00.000000 |
| certfr-2020-avi-824 | Multiples vulnérabilités dans Xen | 2020-12-16T00:00:00.000000 | 2020-12-16T00:00:00.000000 |
| certfr-2020-avi-823 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2020-12-16T00:00:00.000000 | 2020-12-16T00:00:00.000000 |
| certfr-2020-avi-822 | Multiples vulnérabilités dans les produits Kaspersky | 2020-12-15T00:00:00.000000 | 2020-12-15T00:00:00.000000 |
| certfr-2020-avi-821 | Multiples vulnérabilités dans les produits Apple | 2020-12-15T00:00:00.000000 | 2020-12-15T00:00:00.000000 |
| certfr-2020-avi-820 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-12-14T00:00:00.000000 | 2020-12-14T00:00:00.000000 |