Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34826 | Rack: Unbounded Range Count in get_byte_ranges Enables DoS |
rack |
rack |
2026-04-02T16:45:53.964Z | 2026-04-03T18:13:27.375Z | |
| cve-2026-5355 | Trendnet TEW-657BRM setup.cgi vpn_drop os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:45:17.025Z | 2026-04-02T18:59:51.603Z | |
| cve-2026-34786 | Rack: Rack::Static header_rules bypass via URL-encoded paths |
rack |
rack |
2026-04-02T16:44:59.694Z | 2026-04-03T17:38:11.143Z | |
| cve-2026-35386 | 3.6 (v3.1) | In OpenSSH before 10.3, command execution can occ… |
OpenBSD |
OpenSSH |
2026-04-02T16:44:27.806Z | 2026-04-03T03:55:45.599Z |
| cve-2026-34785 | Rack: Local file inclusion in `Rack::Static` via URL P… |
rack |
rack |
2026-04-02T16:44:17.134Z | 2026-04-02T18:59:08.828Z | |
| cve-2026-34763 | Rack: Rack::Directory info disclosure and DoS via unes… |
rack |
rack |
2026-04-02T16:43:42.189Z | 2026-04-02T17:41:12.293Z | |
| cve-2026-34831 | Rack: Content-Length mismatch in Rack::Files error responses |
rack |
rack |
2026-04-02T16:43:08.762Z | 2026-04-03T17:48:11.330Z | |
| cve-2026-26961 | Rack: Multipart Boundary Parsing Ambiguity allowing WA… |
rack |
rack |
2026-04-02T16:42:16.766Z | 2026-04-03T17:58:12.149Z | |
| cve-2026-34230 | Rack: Quadratic complexity in Rack::Utils.select_best_… |
rack |
rack |
2026-04-02T16:41:21.095Z | 2026-04-03T18:19:00.388Z | |
| cve-2026-35385 | 7.5 (v3.1) | In OpenSSH before 10.3, a file downloaded by scp … |
OpenBSD |
OpenSSH |
2026-04-02T16:30:59.615Z | 2026-04-03T03:55:44.273Z |
| cve-2026-5354 | Trendnet TEW-657BRM setup.cgi vpn_connect os command i… |
Trendnet |
TEW-657BRM |
2026-04-02T16:30:13.623Z | 2026-04-02T18:58:15.422Z | |
| cve-2026-35038 | signalk-server: Arbitrary Prototype Read via `from` Fi… |
SignalK |
signalk-server |
2026-04-02T16:20:17.750Z | 2026-04-02T18:46:36.895Z | |
| cve-2026-5353 | Trendnet TEW-657BRM setup.cgi ping_test os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:15:15.653Z | 2026-04-02T16:21:43.958Z | |
| cve-2026-34083 | signalk-server: OAuth Authorization Code Theft via Unv… |
SignalK |
signalk-server |
2026-04-02T16:14:38.893Z | 2026-04-02T17:39:18.548Z | |
| cve-2026-33951 | signalk-server: Unauthenticated Source Priorities Mani… |
SignalK |
signalk-server |
2026-04-02T16:11:58.762Z | 2026-04-02T16:21:53.516Z | |
| cve-2026-33950 | signalk-server: Privilege Escalation by Admin Role Inj… |
SignalK |
signalk-server |
2026-04-02T16:08:59.415Z | 2026-04-03T18:02:34.324Z | |
| cve-2026-5352 | Trendnet TEW-657BRM setup.cgi edit os command injection |
Trendnet |
TEW-657BRM |
2026-04-02T16:00:13.243Z | 2026-04-02T17:38:37.073Z | |
| cve-2025-65114 | Apache Traffic Server: Malformed chunked message body … |
Apache Software Foundation |
Apache Traffic Server |
2026-04-02T15:55:27.280Z | 2026-04-02T18:10:10.171Z | |
| cve-2025-58136 | Apache Traffic Server: A simple legitimate POST reques… |
Apache Software Foundation |
Apache Traffic Server |
2026-04-02T15:54:47.013Z | 2026-04-02T18:13:21.125Z | |
| cve-2026-5351 | Trendnet TEW-657BRM setup.cgi add_wps_client os comman… |
Trendnet |
TEW-657BRM |
2026-04-02T15:45:12.604Z | 2026-04-03T19:58:42.244Z | |
| cve-2026-5350 | Trendnet TEW-657BRM setup.cgi update_pcdb stack-based … |
Trendnet |
TEW-657BRM |
2026-04-02T15:30:13.152Z | 2026-04-02T16:20:02.920Z | |
| cve-2026-5349 | Trendnet TEW-657BRM setup.cgi add_apcdb stack-based overflow |
Trendnet |
TEW-657BRM |
2026-04-02T15:15:12.190Z | 2026-04-02T18:51:16.407Z | |
| cve-2026-33746 | Convoy: JWT Signature Verification Bypass Allows Authe… |
ConvoyPanel |
panel |
2026-04-02T15:06:05.832Z | 2026-04-02T18:50:14.459Z | |
| cve-2026-33691 | OWASP CRS: Whitespace padding in filenames bypasses fi… |
coreruleset |
coreruleset |
2026-04-02T15:03:52.126Z | 2026-04-18T19:16:54.006Z | |
| cve-2026-33544 | Tinyauth has OAuth account confusion via shared mutabl… |
steveiliop56 |
tinyauth |
2026-04-02T15:00:38.450Z | 2026-04-03T18:23:22.599Z | |
| cve-2026-5346 | huimeicloud hm_editor image-to-base64 Endpoint mcp-ser… |
huimeicloud |
hm_editor |
2026-04-02T15:00:16.365Z | 2026-04-02T16:22:00.246Z | |
| cve-2026-33641 | Glances Vulnerable to Command Injection via Dynamic Co… |
nicolargo |
glances |
2026-04-02T14:57:51.120Z | 2026-04-02T16:22:08.154Z | |
| cve-2026-33533 | Glances Vulnerable to Cross-Origin System Information … |
nicolargo |
glances |
2026-04-02T14:56:38.762Z | 2026-04-02T18:48:01.060Z | |
| cve-2026-32871 | FastMCP OpenAPI Provider has an SSRF & Path Traversal … |
PrefectHQ |
fastmcp |
2026-04-02T14:52:39.978Z | 2026-04-02T15:59:25.302Z | |
| cve-2026-34974 | phpMyFAQ: SVG Sanitizer Bypass via HTML Entity Encodin… |
thorsten |
phpMyFAQ |
2026-04-02T14:48:22.619Z | 2026-04-02T16:22:14.990Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2020-avi-789 | Multiples vulnérabilités dans Apple iCloud pour Windows | 2020-12-03T00:00:00.000000 | 2020-12-03T00:00:00.000000 |
| certfr-2020-avi-788 | Multiples vulnérabilités dans les produits Fortinet | 2020-12-02T00:00:00.000000 | 2020-12-02T00:00:00.000000 |
| certfr-2020-avi-787 | Vulnérabilité dans Mozilla Thunderbird | 2020-12-02T00:00:00.000000 | 2020-12-02T00:00:00.000000 |
| certfr-2020-avi-786 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2020-12-02T00:00:00.000000 | 2020-12-03T00:00:00.000000 |
| certfr-2020-avi-785 | Vulnérabilité dans Junos OS | 2020-12-01T00:00:00.000000 | 2020-12-02T00:00:00.000000 |
| certfr-2020-avi-784 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-12-01T00:00:00.000000 | 2020-12-01T00:00:00.000000 |
| certfr-2020-avi-783 | Multiples vulnérabilités dans Chrome OS | 2020-12-01T00:00:00.000000 | 2020-12-01T00:00:00.000000 |
| certfr-2020-avi-782 | Multiples vulnérabilités dans IBM Db2 | 2020-12-01T00:00:00.000000 | 2020-12-01T00:00:00.000000 |
| certfr-2020-avi-781 | Vulnérabilité dans les produits Foxit sur macOS | 2020-11-30T00:00:00.000000 | 2020-11-30T00:00:00.000000 |
| certfr-2020-avi-780 | Multiples vulnérabilités dans IBM QRadar Network Security | 2020-11-30T00:00:00.000000 | 2020-11-30T00:00:00.000000 |
| certfr-2020-avi-779 | Multiples vulnérabilités dans Trend Micro IWSVA | 2020-11-30T00:00:00.000000 | 2020-11-30T00:00:00.000000 |
| certfr-2020-avi-778 | Vulnérabilité dans IBM Db2 | 2020-11-27T00:00:00.000000 | 2020-11-27T00:00:00.000000 |
| certfr-2020-avi-777 | Multiples vulnérabilités dans Drupal core | 2020-11-26T00:00:00.000000 | 2020-11-27T00:00:00.000000 |
| certfr-2020-avi-776 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-11-26T00:00:00.000000 | 2020-11-26T00:00:00.000000 |
| certfr-2020-avi-775 | Multiples vulnérabilités dans Zimbra | 2020-11-25T00:00:00.000000 | 2020-11-25T00:00:00.000000 |
| certfr-2020-avi-774 | Vulnérabilité dans Xen | 2020-11-25T00:00:00.000000 | 2020-11-25T00:00:00.000000 |
| certfr-2020-avi-773 | Multiples vulnérabilités dans Joomla | 2020-11-25T00:00:00.000000 | 2020-11-25T00:00:00.000000 |
| certfr-2020-avi-772 | Multiples vulnérabilités dans Citrix Hypervisor | 2020-11-25T00:00:00.000000 | 2020-11-25T00:00:00.000000 |
| certfr-2020-avi-771 | Vulnérabilité dans les produits VMware | 2020-11-24T00:00:00.000000 | 2020-11-24T00:00:00.000000 |
| certfr-2020-avi-770 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2020-11-24T00:00:00.000000 | 2020-11-24T00:00:00.000000 |
| certfr-2020-avi-769 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-11-24T00:00:00.000000 | 2020-11-24T00:00:00.000000 |
| certfr-2020-avi-768 | Multiples vulnérabilités dans F5 BIG-IP | 2020-11-20T00:00:00.000000 | 2020-11-20T00:00:00.000000 |
| certfr-2020-avi-767 | Multiples vulnérabilités dans les produits VMware | 2020-11-20T00:00:00.000000 | 2020-11-20T00:00:00.000000 |
| certfr-2020-avi-766 | Multiples vulnérabilités dans Microsoft Edge | 2020-11-20T00:00:00.000000 | 2020-11-20T00:00:00.000000 |
| certfr-2020-avi-765 | Vulnérabilité dans IBM Db2 | 2020-11-20T00:00:00.000000 | 2020-11-20T00:00:00.000000 |
| certfr-2020-avi-764 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-11-20T00:00:00.000000 | 2020-11-20T00:00:00.000000 |
| certfr-2020-avi-763 | Vulnérabilité dans IBM Db2 | 2020-11-19T00:00:00.000000 | 2020-11-19T00:00:00.000000 |
| certfr-2020-avi-762 | Vulnérabilité dans F5 BIG-IP | 2020-11-19T00:00:00.000000 | 2020-11-19T00:00:00.000000 |
| certfr-2020-avi-761 | Multiples vulnérabilités dans VMware SD-WAN Orchestrator | 2020-11-19T00:00:00.000000 | 2020-11-19T00:00:00.000000 |
| certfr-2020-avi-760 | Vulnérabilité dans Drupal Core | 2020-11-19T00:00:00.000000 | 2020-11-19T00:00:00.000000 |