Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34377 | Zebra has a Consensus Failure due to Improper Verifica… |
ZcashFoundation |
zebra |
2026-03-31T14:05:59.959Z | 2026-03-31T17:18:12.932Z | |
| cve-2026-34202 | Zebra node crash — V5 transaction hash panic (P2P reachable) |
ZcashFoundation |
zebra |
2026-03-31T14:02:56.454Z | 2026-03-31T17:17:30.860Z | |
| cve-2026-34200 | Nhost CLI MCP Server: Missing Inbound Authentication o… |
nhost |
nhost |
2026-03-31T13:57:42.003Z | 2026-03-31T14:30:36.656Z | |
| cve-2026-20915 | Stored cross-site scripting in Pending Changes sidebar |
Checkmk GmbH |
Checkmk |
2026-03-31T13:51:02.358Z | 2026-03-31T17:15:54.753Z | |
| cve-2026-34172 | Giskard Agents have Server-side template injection via… |
Giskard-AI |
giskard-oss |
2026-03-31T13:50:17.240Z | 2026-03-31T19:09:13.342Z | |
| cve-2026-33762 | go-git: Missing validation decoding Index v4 files lea… |
go-git |
go-git |
2026-03-31T13:47:42.378Z | 2026-03-31T18:53:08.221Z | |
| cve-2026-34165 | go-git: Maliciously crafted idx file can cause asymmet… |
go-git |
go-git |
2026-03-31T13:46:37.688Z | 2026-04-02T15:10:17.724Z | |
| cve-2026-33276 | XSS in Unified Search via Unescaped Host/Service Names |
Checkmk GmbH |
Checkmk |
2026-03-31T13:44:17.857Z | 2026-03-31T15:45:36.069Z | |
| cve-2026-34162 | FastGPT: Unauthenticated SSRF via httpTools Endpoint L… |
labring |
FastGPT |
2026-03-31T13:43:20.981Z | 2026-03-31T14:33:31.305Z | |
| cve-2026-34163 | Server-Side Request Forgery via MCP Tools Endpoint in … |
labring |
FastGPT |
2026-03-31T13:43:11.068Z | 2026-03-31T15:37:59.791Z | |
| cve-2026-34156 | NocoBase Affected by Sandbox Escape to RCE via console… |
nocobase |
nocobase |
2026-03-31T13:33:11.325Z | 2026-04-02T15:08:38.165Z | |
| cve-2026-34155 | RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB |
rauc |
rauc |
2026-03-31T13:28:14.863Z | 2026-03-31T15:45:04.506Z | |
| cve-2026-3308 | N/A | CVE-2026-3308 |
Artifex Software Inc. *PyMuPDF* |
MuPDF |
2026-03-31T13:13:12.088Z | 2026-04-21T09:32:51.075Z |
| cve-2026-27854 | 4.8 (v3.1) | Use after free when parsing EDNS options in Lua |
PowerDNS |
DNSdist |
2026-03-31T12:06:46.648Z | 2026-04-02T13:46:22.087Z |
| cve-2026-27853 | 5.9 (v3.1) | Out-of-bounds write when rewriting large DNS packets |
PowerDNS |
DNSdist |
2026-03-31T12:04:23.419Z | 2026-03-31T13:17:25.025Z |
| cve-2026-24030 | 5.3 (v3.1) | Unbounded memory allocation for DoQ and DoH3 |
PowerDNS |
DNSdist |
2026-03-31T12:01:00.883Z | 2026-03-31T13:14:57.345Z |
| cve-2026-24029 | 6.5 (v3.1) | DNS over HTTPS ACL bypass |
PowerDNS |
DNSdist |
2026-03-31T11:59:12.903Z | 2026-03-31T13:15:37.448Z |
| cve-2026-24028 | 5.3 (v3.1) | Out-of-bounds read when parsing DNS packets via Lua |
PowerDNS |
DNSdist |
2026-03-31T11:57:26.914Z | 2026-03-31T13:18:41.769Z |
| cve-2026-0397 | 3.1 (v3.1) | Information disclosure via CORS misconfiguration |
PowerDNS |
DNSdist |
2026-03-31T11:53:13.444Z | 2026-03-31T13:20:22.473Z |
| cve-2026-0396 | 3.1 (v3.1) | HTML injection in the web dashboard |
PowerDNS |
DNSdist |
2026-03-31T11:50:51.442Z | 2026-03-31T13:21:08.549Z |
| cve-2025-14213 | 8.3 (v4.0) | Cato's Socket WebUI is vulnerable to OS Command Injection |
Cato Networks |
Socket |
2026-03-31T11:35:48.868Z | 2026-03-31T13:21:59.364Z |
| cve-2024-14031 | N/A | Sereal::Encoder versions from 4.000 through 4.009_002 … |
YVES |
Sereal::Encoder |
2026-03-31T11:31:28.100Z | 2026-04-01T16:30:00.649Z |
| cve-2024-14030 | N/A | Sereal::Decoder versions from 4.000 through 4.009_002 … |
YVES |
Sereal::Decoder |
2026-03-31T11:31:08.541Z | 2026-04-01T16:29:33.903Z |
| cve-2026-4267 | Query Monitor <= 3.20.3 - Reflected Cross-Site Scripti… |
johnbillion |
Query Monitor |
2026-03-31T11:29:49.029Z | 2026-04-08T16:34:51.846Z | |
| cve-2026-3191 | Minify HTML <= 2.1.12 - Cross-Site Request Forgery to … |
teckel |
Minify HTML |
2026-03-31T11:18:56.726Z | 2026-04-08T17:35:04.350Z | |
| cve-2026-3139 | User Profile Builder – Beautiful User Registration For… |
cozmoslabs |
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor |
2026-03-31T11:18:56.130Z | 2026-04-08T17:01:27.016Z | |
| cve-2026-34509 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2026-04-01T13:50:47.687Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.', 'supportingMedia': [{'type': 'text/html', 'base64': False, 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]}], 'x_generator': {'engine': 'Vulnogram 1.0.1'}} | N/A | N/A | 2026-03-31T11:17:22.786Z | 2026-04-01T13:50:47.687Z |
| cve-2026-34508 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2026-04-01T13:50:32.608Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.', 'supportingMedia': [{'type': 'text/html', 'base64': False, 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]}], 'x_generator': {'engine': 'Vulnogram 1.0.1'}} | N/A | N/A | 2026-03-31T11:17:22.065Z | 2026-04-01T13:50:32.608Z |
| cve-2026-34506 | 2.3 (v4.0) 4.3 (v3.1) | OpenClaw < 2026.3.8 - Sender Allowlist Bypass in Micro… |
OpenClaw |
OpenClaw |
2026-03-31T11:17:21.379Z | 2026-03-31T18:03:44.336Z |
| cve-2026-34505 | 6.9 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.12 - Webhook Rate Limiting Bypass vi… |
OpenClaw |
OpenClaw |
2026-03-31T11:17:20.769Z | 2026-03-31T17:58:11.708Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2020-avi-048 | Multiples vulnérabilités dans Samba | 2020-01-21T00:00:00.000000 | 2020-01-21T00:00:00.000000 |
| certfr-2020-avi-047 | Vulnérabilité dans Moodle | 2020-01-20T00:00:00.000000 | 2020-01-20T00:00:00.000000 |
| certfr-2020-avi-046 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2020-01-20T00:00:00.000000 | 2020-01-20T00:00:00.000000 |
| certfr-2020-avi-045 | Multiples vulnérabilités dans Oracle Weblogic | 2020-01-17T00:00:00.000000 | 2020-01-17T00:00:00.000000 |
| certfr-2020-avi-044 | Vulnérabilité dans Cisco Application Policy Infrastructure Controller | 2020-01-17T00:00:00.000000 | 2020-01-17T00:00:00.000000 |
| certfr-2020-avi-043 | Multiples vulnérabilités dans Google Chrome | 2020-01-17T00:00:00.000000 | 2020-01-17T00:00:00.000000 |
| certfr-2020-avi-042 | Multiples vulnérabilités dans FoxIT Reader et PhantomPDF | 2020-01-16T00:00:00.000000 | 2020-01-16T00:00:00.000000 |
| certfr-2020-avi-041 | Multiples vulnérabilités dans Wireshark | 2020-01-16T00:00:00.000000 | 2020-01-16T00:00:00.000000 |
| certfr-2020-avi-040 | Vulnérabilité dans Fortinet FortiSIEM | 2020-01-16T00:00:00.000000 | 2020-01-16T00:00:00.000000 |
| certfr-2020-avi-039 | Multiples vulnérabilités dans les produits Symantec | 2020-01-16T00:00:00.000000 | 2020-01-16T00:00:00.000000 |
| certfr-2020-avi-038 | Multiples vulnérabilités dans Oracle Virtualization | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-037 | Multiples vulnérabilités dans Oracle Systems | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-036 | Multiples vulnérabilités dans Oracle MySQL | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-035 | Multiples vulnérabilités dans Oracle Java SE | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-034 | Multiples vulnérabilités dans Oracle Database Server | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-033 | Multiples vulnérabilités dans les produits Intel | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-032 | Vulnérabilité dans VMware Tools | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-031 | Vulnérabilité dans Xen | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-030 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-029 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2020-01-15T00:00:00.000000 | 2020-01-15T00:00:00.000000 |
| certfr-2020-avi-028 | Multiples vulnérabilités dans les produits Microsoft | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-027 | Multiples vulnérabilités dans Microsoft .Net | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-026 | Multiples vulnérabilités dans Microsoft Windows | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-025 | Multiples vulnérabilités dans Microsoft Office | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-024 | Vulnérabilité dans Microsoft IE | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-023 | Multiples vulnérabilités dans les produits Siemens | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-022 | Vulnérabilité dans Schneider Electric MSX Configurator | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-021 | Vulnérabilité dans GitLab | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-020 | Vulnérabilité dans Fortinet FortiSIEM | 2020-01-14T00:00:00.000000 | 2020-01-14T00:00:00.000000 |
| certfr-2020-avi-019 | Multiples vulnérabilités dans Mozilla Thunderbird | 2020-01-13T00:00:00.000000 | 2020-01-13T00:00:00.000000 |