Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-39320 | Signal K Server has an Unauthenticated Regular Express… |
SignalK |
signalk-server |
2026-04-21T00:07:10.371Z | 2026-04-21T19:36:54.787Z | |
| cve-2026-41527 | KDE Kleopatra before 26.08.0 on Windows allows lo… |
KDE |
Kleopatra |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:24.571Z | |
| cve-2026-40706 | 8.4 (v3.1) | In NTFS-3G 2022.10.3 before 2026.2.25, a heap buf… |
Tuxera |
NTFS-3G |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:30.245Z |
| cve-2026-38835 | N/A | Tenda W30E V2.0 V16.01.0.21 was found to contain … |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:41.189Z |
| cve-2026-38834 | N/A | Tenda W30E V2.0 V16.01.0.21 was found to contain … |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T19:23:17.157Z |
| cve-2026-37748 | N/A | Visitor Management System 1.0 by sanjay1313 is vu… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T18:25:24.762Z |
| cve-2026-31019 | N/A | In the Website module of Dolibarr ERP & CRM 22.0.… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T18:23:33.693Z |
| cve-2026-31018 | N/A | In Dolibarr ERP & CRM <= 22.0.4, PHP code detecti… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T15:31:23.441Z |
| cve-2026-31014 | N/A | Dovestones Softwares AD Self Update <4.0.0.5 is v… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T18:21:08.828Z |
| cve-2026-31013 | N/A | Dovestones Softwares ADPhonebook <4.0.1.1 has a r… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T18:19:12.306Z |
| cve-2026-30452 | N/A | Textpattern CMS 4.9.0 contains a Broken Access Co… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:46.859Z |
| cve-2026-29644 | N/A | XiangShan (open-source high-performance RISC-V pr… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T17:59:06.506Z |
| cve-2025-70420 | N/A | A SQL injection vulnerability exists in Genesys L… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:35.730Z |
| cve-2026-35570 | OpenClaude has Sandbox Bypass via Early-Exit Logic Fla… |
Gitlawb |
openclaude |
2026-04-20T23:24:08.324Z | 2026-04-21T19:49:30.148Z | |
| cve-2026-35588 | Glances has CQL Injection in its Cassandra Export Modu… |
nicolargo |
glances |
2026-04-20T23:20:34.998Z | 2026-04-21T13:35:04.526Z | |
| cve-2026-35587 | Glances IP Plugin has SSRF via public_api that leads t… |
nicolargo |
glances |
2026-04-20T23:19:02.908Z | 2026-04-22T14:01:47.583Z | |
| cve-2026-34839 | Glances Vulnerable to Cross-Origin Information Disclos… |
nicolargo |
glances |
2026-04-20T23:09:02.551Z | 2026-04-21T19:37:42.399Z | |
| cve-2026-41331 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.31 - Resource Consumption via Unauth… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:17.653Z | 2026-04-21T20:27:46.881Z |
| cve-2026-41330 | 2 (v4.0) 4.4 (v3.1) | OpenClaw < 2026.3.31 - Environment Variable Override v… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:16.941Z | 2026-04-21T13:39:27.598Z |
| cve-2026-41329 | 9 (v4.0) 9.9 (v3.1) | OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Co… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:16.222Z | 2026-04-21T19:38:16.140Z |
| cve-2026-41303 | 8.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.28 - Authorization Bypass in Discord… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:15.511Z | 2026-04-21T13:35:55.924Z |
| cve-2026-41302 | 4.8 (v4.0) 7.6 (v3.1) | OpenClaw < 2026.3.31 - Server-Side Request Forgery via… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:14.782Z | 2026-04-21T19:49:35.930Z |
| cve-2026-41301 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairi… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:14.023Z | 2026-04-21T13:33:53.554Z |
| cve-2026-41300 | 6.9 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.31 - Attacker-Discovered Endpoint Pr… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:13.304Z | 2026-04-21T13:03:24.309Z |
| cve-2026-41299 | 7.1 (v4.0) 7.1 (v3.1) | OpenClaw < 2026.3.28 - Client Identity Spoofing in cha… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:12.586Z | 2026-04-21T13:38:25.512Z |
| cve-2026-41298 | 5.3 (v4.0) 5.4 (v3.1) | OpenClaw < 2026.4.2 - Authorization Bypass in Session … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:11.787Z | 2026-04-21T17:34:23.419Z |
| cve-2026-41297 | 4.8 (v4.0) 7.6 (v3.1) | OpenClaw < 2026.3.31 - Server-Side Request Forgery via… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:10.955Z | 2026-04-21T13:41:34.057Z |
| cve-2026-41296 | 8.8 (v4.0) 8.2 (v3.1) | OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:10.194Z | 2026-04-21T19:49:41.570Z |
| cve-2026-41295 | 8.5 (v4.0) 7.8 (v3.1) | OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shad… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:09.503Z | 2026-04-21T13:35:47.883Z |
| cve-2026-41294 | 8.5 (v4.0) 8.6 (v3.1) | OpenClaw < 2026.3.28 - Environment Variable Injection … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:08.795Z | 2026-04-21T13:04:36.188Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-000082 | EC-CUBE 2 series vulnerable to cross-site scripting | 2023-08-17T15:12+09:00 | 2024-03-25T18:07+09:00 |
| jvndb-2023-002797 | Multiple vulnerabilities in ELECOM and LOGITEC network devices | 2023-08-15T11:54+09:00 | 2025-02-13T15:21+09:00 |
| jvndb-2023-002796 | Multiple server-side request forgery vulnerabilities in Trend Micro Apex Central (July 2023) | 2023-08-10T16:04+09:00 | 2024-03-13T17:58+09:00 |
| jvndb-2023-000081 | "Rikunabi NEXT" App for Android fails to restrict custom URL schemes properly | 2023-08-09T12:45+09:00 | 2024-03-28T18:01+09:00 |
| jvndb-2023-000080 | "FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly | 2023-08-07T17:39+09:00 | 2024-03-28T17:54+09:00 |
| jvndb-2023-000079 | Multiple vulnerabilities in Special Interest Group Network for Analysis and Liaison's API | 2023-08-07T15:15+09:00 | 2024-03-28T18:08+09:00 |
| jvndb-2023-000077 | Fujitsu Software Infrastructure Manager (ISM) stores sensitive information in cleartext | 2023-08-04T17:31+09:00 | 2024-04-03T17:19+09:00 |
| jvndb-2023-002787 | OMRON CJ series and CS/CJ Series EtherNet/IT unit vulnerable to Denial-of-Service (DoS) | 2023-08-03T13:45+09:00 | 2023-08-03T13:45+09:00 |
| jvndb-2023-002786 | Multiple vulnerabilities in OMRON CX-Programmer | 2023-08-03T13:42+09:00 | 2024-04-05T17:39+09:00 |
| jvndb-2023-000076 | SEIKO EPSON printer Web Config vulnerable to denial-of-service (DoS) | 2023-08-02T14:55+09:00 | 2024-04-19T17:27+09:00 |
| jvndb-2023-002725 | Multiple vulnerabilities in Command Center RX (CCRX) of Kyocera Document Solutions MFPs and printers | 2023-07-28T18:24+09:00 | 2024-05-07T18:15+09:00 |
| jvndb-2023-002722 | Fujitsu network devices Si-R series and SR-M series vulnerable to authentication bypass | 2023-07-27T18:12+09:00 | 2024-04-19T18:07+09:00 |
| jvndb-2023-000074 | Fujitsu Real-time Video Transmission Gear "IP series" uses a hard-coded credentials | 2023-07-26T18:00+09:00 | 2024-04-12T18:04+09:00 |
| jvndb-2023-000075 | Improper restriction of XML external entity references (XXE) in Applicant Programme | 2023-07-24T15:44+09:00 | 2024-04-22T14:20+09:00 |
| jvndb-2023-000073 | GBrowse vulnerable to unrestricted upload of files with dangerous types | 2023-07-21T15:02+09:00 | 2024-04-12T17:31+09:00 |
| jvndb-2023-000070 | Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA" | 2023-07-20T16:05+09:00 | 2024-04-17T17:20+09:00 |
| jvndb-2023-002512 | EL Injection Vulnerability in Hitachi Replication Manager | 2023-07-19T14:48+09:00 | 2024-04-26T12:24+09:00 |
| jvndb-2023-002511 | File and Directory Permissions Vulnerability in Hitachi Command Suite | 2023-07-19T14:48+09:00 | 2024-04-26T12:29+09:00 |
| jvndb-2023-002510 | Multiple Vulnerabilities in Hitachi Device Manager | 2023-07-19T14:48+09:00 | 2023-07-19T14:48+09:00 |
| jvndb-2023-000072 | Improper restriction of XML external entity references (XXE) in XBRL data create application | 2023-07-18T15:22+09:00 | 2024-03-19T18:11+09:00 |
| jvndb-2023-002413 | Multiple vulnerabilities in ELECOM and LOGITEC wireless LAN routers | 2023-07-12T16:15+09:00 | 2024-04-22T16:18+09:00 |
| jvndb-2023-000071 | Multiple vulnerabilities in multiple ELECOM wireless LAN routers and wireless LAN repeaters | 2023-07-11T15:37+09:00 | 2024-03-29T15:28+09:00 |
| jvndb-2023-000069 | Multiple vulnerabilities in SoftEther VPN and PacketiX VPN | 2023-07-03T15:07+09:00 | 2024-05-22T17:47+09:00 |
| jvndb-2023-000068 | "NewsPicks" App uses a hard-coded API key for an external service | 2023-06-30T15:06+09:00 | 2024-04-30T18:09+09:00 |
| jvndb-2023-002270 | Null pointer dereference vulnerability in multiple printers and MFPs which implement BROTHER debut web server | 2023-06-30T11:49+09:00 | 2024-04-22T16:07+09:00 |
| jvndb-2023-000067 | WordPress Plugin "Snow Monkey Forms" vulnerable to directory traversal | 2023-06-27T17:05+09:00 | 2024-04-26T17:56+09:00 |
| jvndb-2023-000065 | Multiple vulnerabilities in WAVLINK WL-WN531AX2 | 2023-06-27T16:50+09:00 | 2023-06-27T16:50+09:00 |
| jvndb-2023-000066 | Multiple vulnerabilities in Aterm series | 2023-06-27T15:12+09:00 | 2024-05-22T18:16+09:00 |
| jvndb-2023-000060 | Multiple vulnerabilities in Pleasanter | 2023-06-22T15:49+09:00 | 2024-05-07T14:10+09:00 |
| jvndb-2023-000064 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS) | 2023-06-20T14:48+09:00 | 2024-04-26T18:03+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-1038 | Vulnérabilité dans les produits PrimX | 2025-11-25T00:00:00.000000 | 2025-11-25T00:00:00.000000 |
| certfr-2025-avi-1037 | Multiples vulnérabilités dans Progress MOVEit Transfer | 2025-11-25T00:00:00.000000 | 2025-11-25T00:00:00.000000 |
| certfr-2025-avi-1036 | Multiples vulnérabilités dans les produits VMware | 2025-11-24T00:00:00.000000 | 2025-11-24T00:00:00.000000 |
| certfr-2025-avi-1035 | Multiples vulnérabilités dans les produits Synology | 2025-11-24T00:00:00.000000 | 2025-11-24T00:00:00.000000 |
| certfr-2025-avi-1034 | Multiples vulnérabilités dans les produits IBM | 2025-11-21T00:00:00.000000 | 2025-11-21T00:00:00.000000 |
| certfr-2025-avi-1033 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-11-21T00:00:00.000000 | 2025-11-21T00:00:00.000000 |
| certfr-2025-avi-1032 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-21T00:00:00.000000 | 2025-11-21T00:00:00.000000 |
| certfr-2025-avi-1031 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-11-21T00:00:00.000000 | 2025-11-21T00:00:00.000000 |
| certfr-2025-avi-1030 | Vulnérabilité dans Microsoft Visual Studio Code | 2025-11-21T00:00:00.000000 | 2025-11-21T00:00:00.000000 |
| certfr-2025-avi-1029 | Vulnérabilité dans les produits Kaspersky | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1028 | Vulnérabilité dans GnuTLS | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1027 | Multiples vulnérabilités dans les produits SonicWall | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1026 | Multiples vulnérabilités dans Wireshark | 2025-11-20T00:00:00.000000 | 2025-11-20T00:00:00.000000 |
| certfr-2025-avi-1025 | Multiples vulnérabilités dans les produits Atlassian | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1024 | Multiples vulnérabilités dans les produits VMware | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1023 | Multiples vulnérabilités dans les produits Fortinet | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1022 | Multiples vulnérabilités dans Microsoft Edge | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1021 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1020 | Multiples vulnérabilités dans les produits SolarWinds | 2025-11-19T00:00:00.000000 | 2025-11-19T00:00:00.000000 |
| certfr-2025-avi-1019 | Multiples vulnérabilités dans Mattermost Server | 2025-11-18T00:00:00.000000 | 2025-11-18T00:00:00.000000 |
| certfr-2025-avi-1018 | Multiples vulnérabilités dans Google Chrome | 2025-11-18T00:00:00.000000 | 2025-11-18T00:00:00.000000 |
| certfr-2025-avi-1017 | Multiples vulnérabilités dans Mattermost Server | 2025-11-17T00:00:00.000000 | 2025-11-17T00:00:00.000000 |
| certfr-2025-avi-1016 | Multiples vulnérabilités dans Mozilla Thunderbird | 2025-11-17T00:00:00.000000 | 2025-11-17T00:00:00.000000 |
| certfr-2025-avi-1015 | Multiples vulnérabilités dans les produits NetApp | 2025-11-17T00:00:00.000000 | 2025-11-17T00:00:00.000000 |
| certfr-2025-avi-1014 | Vulnérabilité dans Fortinet FortiWeb | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1013 | Multiples vulnérabilités dans les produits IBM | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1012 | Vulnérabilité dans Microsoft Edge | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1011 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1010 | Multiples vulnérabilités dans le noyau Linux de Debian | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1009 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |