Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32615 | Discourse: Category group moderators can perform actio… |
discourse |
discourse |
2026-03-31T17:40:17.212Z | 2026-04-01T18:06:54.206Z | |
| cve-2026-32607 | Discourse: Stored XSS via unescaped assignee name |
discourse |
discourse |
2026-03-31T17:40:05.155Z | 2026-04-01T13:48:54.473Z | |
| cve-2026-32273 | Discourse: XSS on category description update via API |
discourse |
discourse |
2026-03-31T17:39:48.771Z | 2026-03-31T18:52:31.983Z | |
| cve-2026-32243 | Discourse: Stored XSS in discourse-ai shared conversat… |
discourse |
discourse |
2026-03-31T17:39:38.318Z | 2026-04-03T16:18:12.209Z | |
| cve-2026-32113 | Discourse: Open redirect via `sso_destination_url` coo… |
discourse |
discourse |
2026-03-31T17:39:25.820Z | 2026-04-01T13:56:12.868Z | |
| cve-2026-32143 | Discourse: Admin-only report can be exported by moderators |
discourse |
discourse |
2026-03-31T17:39:25.635Z | 2026-04-01T18:05:32.105Z | |
| cve-2026-33073 | discourse-subscriptions plugin leaking stripe API key … |
discourse |
discourse |
2026-03-31T17:38:59.916Z | 2026-04-03T16:16:18.969Z | |
| cve-2026-5206 | code-projects Simple Gym Management System Payment sql… |
code-projects |
Simple Gym Management System |
2026-03-31T17:30:13.639Z | 2026-04-01T13:57:53.811Z | |
| cve-2026-2123 | 8.6 (v4.0) | Privilege escalation vulnerability in Operations Agent |
OpenText |
Operations Agent |
2026-03-31T17:18:43.202Z | 2026-03-31T18:00:56.901Z |
| cve-2026-5190 | 7.5 (v3.1) 7.7 (v4.0) | AWS C Event Stream Streaming Decoder Stack Buffer Overflow |
AWS |
aws-c-event-stream |
2026-03-31T17:05:59.601Z | 2026-04-01T03:55:47.631Z |
| cve-2026-32725 | SciTokens C++: Relative Path Traversal Vulnerability |
scitokens |
scitokens-cpp |
2026-03-31T17:01:46.776Z | 2026-04-03T16:14:20.163Z | |
| cve-2026-32726 | SciTokens C++: Sibling-Path Authorization Bypass |
scitokens |
scitokens-cpp |
2026-03-31T17:01:24.882Z | 2026-03-31T19:09:02.060Z | |
| cve-2026-34361 | HAPI FHIR: Unauthenticated SSRF via /loadIG Chains wit… |
hapifhir |
org.hl7.fhir.core |
2026-03-31T16:56:11.163Z | 2026-03-31T17:24:58.558Z | |
| cve-2026-34360 | HAPI FHIR: Unauthenticated Blind SSRF via /loadIG Endp… |
hapifhir |
org.hl7.fhir.core |
2026-03-31T16:56:05.034Z | 2026-04-01T13:58:24.359Z | |
| cve-2026-34359 | HAPI FHIR: Authentication Credential Leakage via Impro… |
hapifhir |
org.hl7.fhir.core |
2026-03-31T16:56:01.235Z | 2026-03-31T19:09:08.160Z | |
| cve-2026-5205 | chatwoot Webhook API trigger.rb Trigger server-side re… |
n/a |
chatwoot |
2026-03-31T16:30:11.076Z | 2026-04-03T16:35:11.084Z | |
| cve-2026-24165 | 7.8 (v3.1) | NVIDIA BioNeMo contains a vulnerability where a u… |
NVIDIA |
BioNeMo Framework |
2026-03-31T16:24:22.027Z | 2026-03-31T16:58:48.861Z |
| cve-2026-24164 | 8.8 (v3.1) | NVIDIA BioNeMo contains a vulnerability where a u… |
NVIDIA |
BioNeMo Framework |
2026-03-31T16:24:03.705Z | 2026-03-31T17:06:08.146Z |
| cve-2026-24154 | 7.6 (v3.1) | NVIDIA Jetson Linux has vulnerability in initrd, … |
NVIDIA |
Jetson Xavier Series, Jetson Orin Series and Jetson Thor |
2026-03-31T16:23:34.752Z | 2026-03-31T17:46:32.434Z |
| cve-2026-24153 | 5.2 (v3.1) | NVIDIA Jetson Linux has a vulnerability in initrd… |
NVIDIA |
Jetson Xavier Series, Jetson Orin Series and Jetson Thor |
2026-03-31T16:23:14.585Z | 2026-04-01T13:59:00.585Z |
| cve-2026-24148 | 8.3 (v3.1) | NVIDIA Jetson for JetPack contains a vulnerabilit… |
NVIDIA |
Jetson Xavier Series and Jetson Orin Series |
2026-03-31T16:22:51.128Z | 2026-04-02T03:55:59.949Z |
| cve-2026-5087 | N/A | PAGI::Middleware::Session::Store::Cookie versions thro… |
JJNAPIORK |
PAGI::Middleware::Session::Store::Cookie |
2026-03-31T16:03:08.278Z | 2026-04-01T14:43:35.295Z |
| cve-2026-34243 | wenxian: Command Injection in GitHub Actions Workflow … |
njzjz |
wenxian |
2026-03-31T15:49:27.333Z | 2026-04-02T15:21:36.168Z | |
| cve-2026-34219 | libp2p-gossipsub: Gossipsub PRUNE Backoff Heartbeat In… |
libp2p |
rust-libp2p |
2026-03-31T15:47:31.785Z | 2026-03-31T17:34:57.667Z | |
| cve-2026-5204 | Tenda CH22 Parameter webtypelibrary formWebTypeLibrary… |
Tenda |
CH22 |
2026-03-31T15:45:13.000Z | 2026-03-31T16:02:44.391Z | |
| cve-2026-5203 | CMS Made Simple UserGuide Module XML Import class.User… |
n/a |
CMS Made Simple |
2026-03-31T15:45:08.773Z | 2026-03-31T17:35:35.625Z | |
| cve-2026-34240 | jose vulnerable to untrusted JWK header key acceptance… |
appsup-dart |
jose |
2026-03-31T15:44:23.578Z | 2026-04-01T14:03:14.969Z | |
| cve-2026-34237 | MCP Java SDK has a Hardcoded Wildcard CORS (Access-Con… |
modelcontextprotocol |
java-sdk |
2026-03-31T15:40:01.070Z | 2026-03-31T18:52:38.217Z | |
| cve-2026-34235 | PJSIP: Heap OOB read in VPX unpacketizer |
pjsip |
pjproject |
2026-03-31T15:36:47.466Z | 2026-04-02T15:20:55.954Z | |
| cve-2026-34231 | Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag |
mixxorz |
slippers |
2026-03-31T15:33:17.644Z | 2026-03-31T17:21:50.192Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2020-avi-108 | Multiples vulnérabilités dans Stormshield Network Security | 2020-02-21T00:00:00.000000 | 2020-02-21T00:00:00.000000 |
| certfr-2020-avi-107 | Multiples vulnérabilités dans PHP | 2020-02-21T00:00:00.000000 | 2020-02-21T00:00:00.000000 |
| certfr-2020-avi-106 | Multiples vulnérabilités dans IBM WebSphere | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-105 | Vulnérabilité dans Cisco Unified Contact Center Express (Unified CCX) | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-104 | Vulnérabilité dans Cisco Smart Software Manager On-Prem | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-103 | Vulnérabilité dans les produits UCS Cisco | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-102 | Vulnérabilité dans Cisco Content Security Management Appliance | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-101 | Multiples vulnérabilités dans Cisco Email Security Appliance (ESA) | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-100 | Multiples vulnérabilités dans Cisco Data Center Network Manager | 2020-02-20T00:00:00.000000 | 2020-02-20T00:00:00.000000 |
| certfr-2020-avi-099 | Multiples vulnérabilités dans VMware vRealize Operations for Horizon | 2020-02-19T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-avi-098 | Multiples vulnérabilités dans IBM Db2 | 2020-02-19T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-avi-097 | Vulnérabilité dans Fortinet FortiOS | 2020-02-19T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-avi-096 | Multiples vulnérabilités dans le noyau linux d'Ubuntu | 2020-02-19T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-avi-095 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2020-02-18T00:00:00.000000 | 2020-02-18T00:00:00.000000 |
| certfr-2020-avi-094 | Vulnérabilité dans GitLab CE et EE | 2020-02-14T00:00:00.000000 | 2020-02-17T00:00:00.000000 |
| certfr-2020-avi-093 | Vulnérabilité dans Fortinet FortiManager | 2020-02-14T00:00:00.000000 | 2020-02-14T00:00:00.000000 |
| certfr-2020-avi-092 | Vulnérabilité dans Juniper Junos OS | 2020-02-14T00:00:00.000000 | 2020-02-14T00:00:00.000000 |
| certfr-2020-avi-091 | Vulnérabilité dans PostgreSQL | 2020-02-14T00:00:00.000000 | 2020-02-14T00:00:00.000000 |
| certfr-2020-avi-090 | Multiples vulnérabilités dans les produits Siemens | 2020-02-13T00:00:00.000000 | 2020-02-13T00:00:00.000000 |
| certfr-2020-avi-089 | Multiples vulnérabilités dans les produits Palo Alto | 2020-02-13T00:00:00.000000 | 2020-02-13T00:00:00.000000 |
| certfr-2020-avi-088 | Multiples vulnérabilités dans Moxa OnCell | 2020-02-13T00:00:00.000000 | 2020-02-13T00:00:00.000000 |
| certfr-2020-avi-087 | Multiples vulnérabilités dans les produits Intel | 2020-02-12T00:00:00.000000 | 2020-02-12T00:00:00.000000 |
| certfr-2020-avi-086 | Vulnérabilité dans Aruba Networks Intelligent Edge Switches | 2020-02-12T00:00:00.000000 | 2020-02-12T00:00:00.000000 |
| certfr-2020-avi-085 | Vulnérabilité dans Schneider ProSoft Configurator | 2020-02-12T00:00:00.000000 | 2020-02-12T00:00:00.000000 |
| certfr-2020-avi-084 | Multiples vulnérabilités dans Mozilla Thunderbird | 2020-02-11T00:00:00.000000 | 2020-02-11T00:00:00.000000 |
| certfr-2020-avi-083 | Multiples vulnérabilités dans Mozilla Firefox | 2020-02-11T00:00:00.000000 | 2020-02-11T00:00:00.000000 |
| certfr-2020-avi-082 | Multiples vulnérabilités dans les produits Microsoft | 2020-02-11T00:00:00.000000 | 2020-02-11T00:00:00.000000 |
| certfr-2020-avi-081 | Multiples vulnérabilités dans Microsoft Windows | 2020-02-11T00:00:00.000000 | 2020-02-11T00:00:00.000000 |
| certfr-2020-avi-080 | Multiples vulnérabilités dans Microsoft Office | 2020-02-11T00:00:00.000000 | 2020-02-11T00:00:00.000000 |
| certfr-2020-avi-079 | Multiples vulnérabilités dans Microsoft Edge | 2020-02-11T00:00:00.000000 | 2020-02-11T00:00:00.000000 |