Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13826 | 8.2 (v4.0) | Incorrect input validation on the Zervit portable HTTP… |
Zervit |
portable HTTP/Web server |
2026-04-21T08:19:57.983Z | 2026-04-21T13:23:30.712Z |
| cve-2026-6711 | Website LLMs.txt <= 8.2.6 - Reflected Cross-Site Scripting |
ryhowa |
Website LLMs.txt |
2026-04-21T06:43:59.951Z | 2026-04-21T13:51:33.148Z | |
| cve-2026-6712 | Website LLMs.txt <= 8.2.6 - Authenticated (Admin+) Sto… |
ryhowa |
Website LLMs.txt |
2026-04-21T06:43:59.539Z | 2026-04-21T13:47:53.867Z | |
| cve-2026-6703 | Responsive Blocks <= 2.2.1 - Missing Authorization to … |
cyberchimps |
Responsive Blocks – Page Builder for Blocks & Patterns |
2026-04-21T06:43:58.955Z | 2026-04-21T16:36:19.694Z | |
| cve-2026-31368 | 7.8 (v3.1) | Privilege Bypass in AiAssistant |
Honor |
AIAssistant |
2026-04-21T06:40:08.446Z | 2026-04-21T13:23:57.396Z |
| cve-2026-31370 | 6.3 (v3.1) | Information Leak Vulnerability in Honor E |
Honor |
Honor E |
2026-04-21T06:30:53.883Z | 2026-04-21T13:25:53.570Z |
| cve-2026-31369 | 3.2 (v3.1) | Privilege Bypass in PcManager |
Honor |
PcManager |
2026-04-21T06:26:52.403Z | 2026-04-21T13:18:27.938Z |
| cve-2026-5965 | 9.3 (v4.0) 9.8 (v3.1) | NewSoft|NewSoftOA - OS Command Injection |
NewSoft |
NewSoftOA |
2026-04-21T03:32:55.138Z | 2026-04-21T13:20:58.795Z |
| cve-2026-6674 | Plugin: CMS für Motorrad Werkstätten <= 1.0.0 - Authen… |
tholstkabelbwde |
Plugin: CMS für Motorrad Werkstätten |
2026-04-21T02:25:40.676Z | 2026-04-21T12:58:21.763Z | |
| cve-2026-6675 | Responsive Blocks <= 2.2.0 - Unauthenticated Open Emai… |
cyberchimps |
Responsive Blocks – Page Builder for Blocks & Patterns |
2026-04-21T02:25:39.847Z | 2026-04-21T13:22:00.182Z | |
| cve-2026-40497 | FreeScout Vulnerable to CSS Injection via Stored Style… |
freescout-help-desk |
freescout |
2026-04-21T01:45:55.492Z | 2026-04-21T13:25:21.103Z | |
| cve-2026-6058 | 4.5 (v3.1) | ** UNSUPPORTED WHEN ASSIGNED ** An improper encod… |
Zyxel |
WRE6505 v2 firmware |
2026-04-21T01:42:07.433Z | 2026-04-21T13:26:29.283Z |
| cve-2026-40496 | FreeScout has Predictable Attachment Token that Allows… |
freescout-help-desk |
freescout |
2026-04-21T01:38:50.117Z | 2026-04-21T13:50:39.454Z | |
| cve-2026-39973 | Apktool: Path Traversal to Arbitrary File Write |
iBotPeaches |
Apktool |
2026-04-21T01:35:22.396Z | 2026-04-21T13:33:14.677Z | |
| cve-2026-40250 | OpenEXR has integer overflow in DWA decoder outBufferE… |
AcademySoftwareFoundation |
openexr |
2026-04-21T01:33:00.212Z | 2026-04-21T19:49:07.457Z | |
| cve-2026-40244 | OpenEXR has integer overflow in DWA setupChannelData p… |
AcademySoftwareFoundation |
openexr |
2026-04-21T01:30:55.061Z | 2026-04-21T19:31:39.166Z | |
| cve-2026-39886 | OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl() |
AcademySoftwareFoundation |
openexr |
2026-04-21T01:27:01.371Z | 2026-04-21T13:49:21.573Z | |
| cve-2026-39866 | Lawnchair vulnerable to Command Injection via unquoted… |
LawnchairLauncher |
lawnchair |
2026-04-21T01:19:47.510Z | 2026-04-21T19:49:12.997Z | |
| cve-2026-39861 | Claude Code: Sandbox Escape via Symlink Following Allo… |
anthropics |
claude-code |
2026-04-21T00:56:39.062Z | 2026-04-21T13:44:49.618Z | |
| cve-2026-39386 | Neko has Self-service Privilege Escalation for Authent… |
m1k1o |
neko |
2026-04-21T00:50:34.656Z | 2026-04-22T03:56:19.795Z | |
| cve-2026-40264 | OpenBao's Token Store Allows Cross-Namespace Renewal, … |
openbao |
openbao |
2026-04-21T00:47:38.156Z | 2026-04-21T19:30:51.975Z | |
| cve-2026-39396 | OpenBao has Decompression Bomb via Unbounded Copy in O… |
openbao |
openbao |
2026-04-21T00:44:53.943Z | 2026-04-21T19:49:18.821Z | |
| cve-2026-39388 | OpenBao's Certificate Authentication Allows Token Rene… |
openbao |
openbao |
2026-04-21T00:43:22.920Z | 2026-04-21T19:36:07.865Z | |
| cve-2026-39946 | OpenBao allows SQL Injection in PostgreSQL database se… |
openbao |
openbao |
2026-04-21T00:19:39.578Z | 2026-04-21T13:34:21.088Z | |
| cve-2026-39378 | nbconvert has an Arbitrary File Read via Path Traversa… |
jupyter |
nbconvert |
2026-04-21T00:17:00.684Z | 2026-04-21T13:43:29.081Z | |
| cve-2026-39377 | nbconvert has an Arbitrary File Write via Path Travers… |
jupyter |
nbconvert |
2026-04-21T00:14:59.937Z | 2026-04-21T19:49:24.475Z | |
| cve-2026-39320 | Signal K Server has an Unauthenticated Regular Express… |
SignalK |
signalk-server |
2026-04-21T00:07:10.371Z | 2026-04-21T19:36:54.787Z | |
| cve-2026-41527 | KDE Kleopatra before 26.08.0 on Windows allows lo… |
KDE |
Kleopatra |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:24.571Z | |
| cve-2026-40706 | 8.4 (v3.1) | In NTFS-3G 2022.10.3 before 2026.2.25, a heap buf… |
Tuxera |
NTFS-3G |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:30.245Z |
| cve-2026-38835 | N/A | Tenda W30E V2.0 V16.01.0.21 was found to contain … |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-22T15:35:41.189Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-000063 | Multiple vulnerabilities in Panasonic AiSEG2 | 2023-06-16T14:05+09:00 | 2023-06-16T14:05+09:00 |
| jvndb-2023-002111 | Printer Driver Packager NX creates driver installation packages without modification detection | 2023-06-15T16:06+09:00 | 2024-05-23T15:45+09:00 |
| jvndb-2023-002100 | Security updates for multiple Trend Micro products for enterprises (June 2023) | 2023-06-14T14:47+09:00 | 2024-05-23T15:23+09:00 |
| jvndb-2023-000061 | Chatwork Desktop Application (Mac) vulnerable to code injection | 2023-06-13T13:38+09:00 | 2024-05-24T16:02+09:00 |
| jvndb-2023-000062 | "WPS Office" vulnerable to OS command injection | 2023-06-12T12:57+09:00 | 2024-04-18T17:49+09:00 |
| jvndb-2023-000059 | Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT | 2023-06-09T15:18+09:00 | 2024-05-27T16:38+09:00 |
| jvndb-2023-000048 | ASUS Router RT-AX3000 vulnerable to using sensitive cookies without 'Secure' attribute | 2023-06-09T15:18+09:00 | 2024-04-18T17:44+09:00 |
| jvndb-2023-002072 | Multiple vulnerabilities in Fuji Electric products | 2023-06-09T12:23+09:00 | 2024-05-23T15:33+09:00 |
| jvndb-2023-002055 | Multiple vulnerabilities in KbDevice digital video recorders | 2023-06-07T11:52+09:00 | 2024-05-24T15:57+09:00 |
| jvndb-2023-002022 | Multiple vulnerabilities in FUJI ELECTRIC FRENIC RHC Loader | 2023-06-05T15:55+09:00 | 2024-04-18T17:40+09:00 |
| jvndb-2023-000057 | "Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification | 2023-06-01T14:51+09:00 | 2024-05-23T17:19+09:00 |
| jvndb-2023-002002 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2023-06-01T13:48+09:00 | 2024-03-19T18:13+09:00 |
| jvndb-2023-000058 | Pleasanter vulnerable to cross-site scripting | 2023-05-31T15:34+09:00 | 2024-03-19T18:17+09:00 |
| jvndb-2023-000052 | DataSpider Servista uses a hard-coded cryptographic key | 2023-05-31T15:34+09:00 | 2024-03-19T17:44+09:00 |
| jvndb-2023-000056 | Starlette vulnerable to directory traversal | 2023-05-30T13:34+09:00 | 2024-03-19T18:08+09:00 |
| jvndb-2023-000055 | ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal | 2023-05-26T13:58+09:00 | 2024-03-21T17:15+09:00 |
| jvndb-2023-000054 | Wacom Tablet Driver installer for macOS vulnerable to improper link resolution before file access | 2023-05-25T13:40+09:00 | 2023-05-25T13:40+09:00 |
| jvndb-2023-001926 | Cross-site Scripting Vulnerability in Hitachi Ops Center Analyzer | 2023-05-24T11:40+09:00 | 2024-05-24T17:01+09:00 |
| jvndb-2023-000053 | Tornado vulnerable to open redirect | 2023-05-22T13:30+09:00 | 2024-03-21T17:05+09:00 |
| jvndb-2023-001894 | Android App "Brother iPrint&Scan" vulnerable to improper access control | 2023-05-19T15:40+09:00 | 2023-05-19T15:40+09:00 |
| jvndb-2023-000051 | Multiple vulnerabilities in T&D and ESPEC MIC data logger products | 2023-05-19T15:21+09:00 | 2024-05-23T17:03+09:00 |
| jvndb-2023-000026 | Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay | 2023-05-18T14:13+09:00 | 2024-05-23T17:18+09:00 |
| jvndb-2023-001852 | OS command injection vulnerability in Inaba Denki Sangyo Wi-Fi AP UNIT | 2023-05-17T15:09+09:00 | 2023-05-17T15:09+09:00 |
| jvndb-2023-000050 | Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms" | 2023-05-15T14:29+09:00 | 2024-05-29T16:27+09:00 |
| jvndb-2023-000049 | Multiple vulnerabilities in Cybozu Garoon | 2023-05-15T14:29+09:00 | 2024-05-24T15:26+09:00 |
| jvndb-2023-000047 | Beekeeper Studio vulnerable to code injection | 2023-05-12T16:42+09:00 | 2024-05-24T16:17+09:00 |
| jvndb-2023-000043 | Multiple vulnerabilities in MicroEngine Mailform | 2023-05-10T13:57+09:00 | 2024-05-24T17:07+09:00 |
| jvndb-2023-001774 | Multiple vulnerabilities in SolarView Compact | 2023-05-09T16:09+09:00 | 2024-06-27T13:30+09:00 |
| jvndb-2023-000045 | WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2023-05-09T15:14+09:00 | 2024-05-24T17:05+09:00 |
| jvndb-2023-000042 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2023-05-09T14:42+09:00 | 2024-06-13T16:14+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-1008 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1007 | Multiples vulnérabilités dans PostgreSQL | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1006 | Vulnérabilité dans Cisco Catalyst Center | 2025-11-14T00:00:00.000000 | 2025-11-14T00:00:00.000000 |
| certfr-2025-avi-1005 | Multiples vulnérabilités dans les produits Siemens | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1004 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1003 | Multiples vulnérabilités dans Drupal | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1002 | Multiples vulnérabilités dans GitLab | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1001 | Multiples vulnérabilités dans Elastic Kibana | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-1000 | Multiples vulnérabilités dans les produits Splunk | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-0999 | Vulnérabilité dans les produits Symfony | 2025-11-13T00:00:00.000000 | 2025-11-13T00:00:00.000000 |
| certfr-2025-avi-0998 | Multiples vulnérabilités dans les produits Microsoft | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0997 | Multiples vulnérabilités dans Microsoft Azure | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0996 | Multiples vulnérabilités dans Microsoft Windows | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0995 | Multiples vulnérabilités dans Microsoft Office | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0994 | Multiples vulnérabilités dans Microsoft Edge | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0993 | Multiples vulnérabilités dans les produits Intel | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0992 | Multiples vulnérabilités dans Apache OpenOffice | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0991 | Multiples vulnérabilités dans les produits Mozilla | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0990 | Vulnérabilité dans Google Chrome | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0989 | Vulnérabilité dans Nagios XI | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0988 | Vulnérabilité dans Ivanti Endpoint Manager (EPM) | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0987 | Vulnérabilité dans les produits Citrix | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0986 | Vulnérabilité dans Schneider Electric EcoStruxure | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0985 | Multiples vulnérabilités dans les produits Axis | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0984 | Vulnérabilité dans Bitdefender Endpoint Security Tools pour Mac | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0983 | Vulnérabilité dans Synology BeeStation | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0982 | Multiples vulnérabilités dans les produits SAP | 2025-11-12T00:00:00.000000 | 2025-11-12T00:00:00.000000 |
| certfr-2025-avi-0981 | Multiples vulnérabilités dans les produits Qnap | 2025-11-10T00:00:00.000000 | 2025-11-10T00:00:00.000000 |
| certfr-2025-avi-0980 | Multiples vulnérabilités dans les produits IBM | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |
| certfr-2025-avi-0979 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-11-07T00:00:00.000000 | 2025-11-07T00:00:00.000000 |