Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34226 | Happy DOM's fetch credentials include uses page-origin… |
capricorn86 |
happy-dom |
2026-03-27T21:17:24.777Z | 2026-03-31T14:25:27.402Z | |
| cve-2019-25651 | 8.7 (v4.0) 8.3 (v3.1) | Ubiquiti UniFi Devices Use of AES-CBC Allows Key Recov… |
Ubiquiti |
UniFi Network Controller |
2026-03-27T21:16:30.611Z | 2026-03-30T17:55:00.222Z |
| cve-2026-33943 | Happy DOM ECMAScriptModuleCompiler: unsanitized export… |
capricorn86 |
happy-dom |
2026-03-27T21:15:19.186Z | 2026-03-27T21:58:16.284Z | |
| cve-2026-33941 | Handlebars.js has JavaScript Injection in CLI Precompi… |
handlebars-lang |
handlebars.js |
2026-03-27T21:13:15.437Z | 2026-04-01T03:55:37.742Z | |
| cve-2026-33940 | Handlebars.js has JavaScript Injection via AST Type Co… |
handlebars-lang |
handlebars.js |
2026-03-27T21:11:10.719Z | 2026-04-01T03:55:41.422Z | |
| cve-2026-33939 | Handlebars.js has Denial of Service via Malformed Deco… |
handlebars-lang |
handlebars.js |
2026-03-27T21:08:24.664Z | 2026-03-30T18:52:24.142Z | |
| cve-2026-33938 | Handlebars.js has JavaScript Injection via AST Type Co… |
handlebars-lang |
handlebars.js |
2026-03-27T21:05:42.485Z | 2026-04-01T03:55:42.796Z | |
| cve-2026-33937 | Handlebars.js has JavaScript Injection via AST Type Co… |
handlebars-lang |
handlebars.js |
2026-03-27T21:03:46.748Z | 2026-04-01T03:55:43.931Z | |
| cve-2026-33916 | Handlebars.js has Prototype Pollution Leading to XSS t… |
handlebars-lang |
handlebars.js |
2026-03-27T21:00:48.624Z | 2026-03-30T15:41:36.977Z | |
| cve-2026-33907 | Ella Core Panics during NAS Authentication Response/Fa… |
ellanetworks |
core |
2026-03-27T20:58:06.768Z | 2026-03-30T18:53:12.138Z | |
| cve-2026-33906 | Ella Core has Privilege Escalation via Database Restor… |
ellanetworks |
core |
2026-03-27T20:56:35.079Z | 2026-03-31T18:53:56.905Z | |
| cve-2026-33904 | Ella Core has a Denial of Service via SCTP connection … |
ellanetworks |
core |
2026-03-27T20:55:18.506Z | 2026-03-31T14:06:35.855Z | |
| cve-2026-33903 | Ella Core panics when processing a crafted NGAP Locati… |
ellanetworks |
core |
2026-03-27T20:52:37.157Z | 2026-03-30T15:42:36.950Z | |
| cve-2026-33896 | Forge has a basicConstraints bypass in its certificate… |
digitalbazaar |
forge |
2026-03-27T20:50:03.418Z | 2026-03-30T18:53:50.510Z | |
| cve-2026-33895 | Forge has signature forgery in Ed25519 due to missing … |
digitalbazaar |
forge |
2026-03-27T20:47:54.492Z | 2026-03-31T19:10:01.632Z | |
| cve-2026-33894 | Forge has signature forgery in RSA-PKCS due to ASN.1 e… |
digitalbazaar |
forge |
2026-03-27T20:45:49.583Z | 2026-03-31T14:05:14.708Z | |
| cve-2026-33891 | Forge has Denial of Service via Infinite Loop in BigIn… |
digitalbazaar |
forge |
2026-03-27T20:43:37.725Z | 2026-03-30T15:38:12.388Z | |
| cve-2026-32187 | N/A | {'providerMetadata': {'orgId': 'f38d906d-7342-40ea-92c1-6c4a2c6478c8', 'shortName': 'microsoft', 'dateUpdated': '2026-04-15T20:45:55.522Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.', 'supportingMedia': [{'type': 'text/html', 'base64': False, 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]}], 'x_generator': {'engine': 'Vulnogram 1.0.1'}} | N/A | N/A | 2026-03-27T20:42:05.339Z | 2026-04-15T20:45:55.522Z |
| cve-2026-33887 | Statamic allows unauthorized content access through mi… |
statamic |
cms |
2026-03-27T20:41:23.715Z | 2026-03-30T18:54:25.297Z | |
| cve-2026-33886 | Statamic's sensitive configuration values are exposed … |
statamic |
cms |
2026-03-27T20:40:22.577Z | 2026-03-31T18:54:03.269Z | |
| cve-2026-33885 | Statamic has an Open Redirect on unauthenticated endpo… |
statamic |
cms |
2026-03-27T20:39:17.726Z | 2026-03-31T14:00:13.275Z | |
| cve-2026-33884 | Statamic's live preview token bypasses content protect… |
statamic |
cms |
2026-03-27T20:38:19.737Z | 2026-03-30T15:37:30.499Z | |
| cve-2026-33883 | Statamic has Reflected XSS via unescaped redirect para… |
statamic |
cms |
2026-03-27T20:37:21.190Z | 2026-03-30T18:56:50.916Z | |
| cve-2026-33882 | Statamic's Markdown preview endpoint exposes sensitive… |
statamic |
cms |
2026-03-27T20:36:31.666Z | 2026-03-31T18:54:08.799Z | |
| cve-2026-33881 | Windmill: Rogue Workspace Admins can inject code via u… |
windmill-labs |
windmill |
2026-03-27T20:34:32.606Z | 2026-04-01T03:55:36.629Z | |
| cve-2026-33879 | FLIP doesn't have rate limiting or brute-force protect… |
londonaicentre |
FLIP |
2026-03-27T20:31:50.559Z | 2026-03-30T15:36:42.454Z | |
| cve-2026-4976 | Totolink LR350 cstecgi.cgi setWiFiGuestCfg buffer overflow |
Totolink |
LR350 |
2026-03-27T20:29:56.502Z | 2026-03-30T14:54:04.011Z | |
| cve-2026-33875 | Authenticator Vulnerable to Authentication Flow Hijack |
gematik |
app-Authenticator |
2026-03-27T20:25:15.850Z | 2026-04-03T15:21:15.316Z | |
| cve-2026-33874 | Authenticator vulnerable to Remote Code Execution |
gematik |
app-Authenticator |
2026-03-27T20:23:53.402Z | 2026-04-21T18:53:38.805Z | |
| cve-2026-34046 | Langflow: Authenticated Users Can Read, Modify, and De… |
langflow-ai |
langflow |
2026-03-27T20:06:35.836Z | 2026-04-01T03:55:31.834Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2018-avi-454 | Multiples vulnérabilités dans Cisco Identity Services Engine | 2018-09-25T00:00:00.000000 | 2018-09-25T00:00:00.000000 |
| certfr-2018-avi-453 | Vulnérabilité dans Bind | 2018-09-24T00:00:00.000000 | 2018-09-24T00:00:00.000000 |
| certfr-2018-avi-452 | Vulnérabilité dans Asterisk | 2018-09-24T00:00:00.000000 | 2018-09-24T00:00:00.000000 |
| certfr-2018-avi-451 | Multiples vulnérabilités dans Mozilla Firefox | 2018-09-24T00:00:00.000000 | 2018-09-24T00:00:00.000000 |
| certfr-2018-avi-450 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-09-24T00:00:00.000000 | 2018-09-24T00:00:00.000000 |
| certfr-2018-avi-449 | Vulnérabilité dans Cisco Video Surveillance Manager | 2018-09-24T00:00:00.000000 | 2018-09-24T00:00:00.000000 |
| certfr-2018-avi-448 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-09-21T00:00:00.000000 | 2018-09-21T00:00:00.000000 |
| certfr-2018-avi-447 | Multiples vulnérabilités dans Adobe Acrobat et Reader | 2018-09-20T00:00:00.000000 | 2018-09-20T00:00:00.000000 |
| certfr-2018-avi-446 | Multiples vulnérabilités dans Cisco Webex Network Recording Player | 2018-09-20T00:00:00.000000 | 2018-09-20T00:00:00.000000 |
| certfr-2018-avi-445 | Multiples vulnérabilités dans Citrix ShareFile StorageZones Controller | 2018-09-20T00:00:00.000000 | 2018-09-20T00:00:00.000000 |
| certfr-2018-avi-444 | Multiples vulnérabilités dans Google Chrome OS | 2018-09-19T00:00:00.000000 | 2018-09-19T00:00:00.000000 |
| certfr-2018-avi-443 | Multiples vulnérabilités dans les produits Apple | 2018-09-18T00:00:00.000000 | 2018-09-19T00:00:00.000000 |
| certfr-2018-avi-442 | Vulnérabilité dans Google Chrome | 2018-09-18T00:00:00.000000 | 2018-09-18T00:00:00.000000 |
| certfr-2018-avi-441 | Multiples vulnérabilités dans Moodle | 2018-09-17T00:00:00.000000 | 2018-09-17T00:00:00.000000 |
| certfr-2018-avi-440 | Vulnérabilité dans Prim'X Zed! | 2018-09-17T00:00:00.000000 | 2018-09-17T00:00:00.000000 |
| certfr-2018-avi-439 | Multiples vulnérabilités dans PHP | 2018-09-14T00:00:00.000000 | 2018-09-14T00:00:00.000000 |
| certfr-2018-avi-438 | Multiples vulnérabilités dans les produits Microsoft | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-437 | Multiples vulnérabilités dans Microsoft .Net | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-436 | Multiples vulnérabilités dans Microsoft Windows | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-435 | Multiples vulnérabilités dans Microsoft Office | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-434 | Multiples vulnérabilités dans Microsoft Edge | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-433 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-432 | Multiples vulnérabilités dans les produits Intel | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-431 | Multiples vulnérabilités dans Google Chrome | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-430 | Multiples vulnérabilités dans Adobe Flash Player et Cold Fusion | 2018-09-12T00:00:00.000000 | 2018-09-12T00:00:00.000000 |
| certfr-2018-avi-429 | Multiples vulnérabilités dans SCADA les produits Siemens | 2018-09-11T00:00:00.000000 | 2018-09-11T00:00:00.000000 |
| certfr-2018-avi-428 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-09-11T00:00:00.000000 | 2018-09-11T00:00:00.000000 |
| certfr-2018-avi-427 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-09-11T00:00:00.000000 | 2018-09-11T00:00:00.000000 |
| certfr-2018-avi-426 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-09-07T00:00:00.000000 | 2018-09-07T00:00:00.000000 |
| certfr-2018-avi-425 | Multiples vulnérabilités dans VMware Content Locker et AirWatch Agent | 2018-09-06T00:00:00.000000 | 2018-09-06T00:00:00.000000 |