Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33875 | Authenticator Vulnerable to Authentication Flow Hijack |
gematik |
app-Authenticator |
2026-03-27T20:25:15.850Z | 2026-04-03T15:21:15.316Z | |
| cve-2026-33874 | Authenticator vulnerable to Remote Code Execution |
gematik |
app-Authenticator |
2026-03-27T20:23:53.402Z | 2026-04-21T18:53:38.805Z | |
| cve-2026-34046 | Langflow: Authenticated Users Can Read, Modify, and De… |
langflow-ai |
langflow |
2026-03-27T20:06:35.836Z | 2026-04-01T03:55:31.834Z | |
| cve-2026-33873 | Langflow has Authenticated Code Execution in Agentic A… |
langflow-ai |
langflow |
2026-03-27T20:04:23.646Z | 2026-04-02T13:03:34.809Z | |
| cve-2026-33872 | elixir-nodejs has Cross-User Data Leakage or Informati… |
revelrylabs |
elixir-nodejs |
2026-03-27T20:01:27.136Z | 2026-03-30T18:58:23.446Z | |
| cve-2026-33871 | Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byt… |
netty |
netty |
2026-03-27T19:55:23.135Z | 2026-03-31T18:54:19.771Z | |
| cve-2026-33870 | Netty: HTTP Request Smuggling via Chunked Extension Qu… |
netty |
netty |
2026-03-27T19:54:15.586Z | 2026-03-31T13:55:47.863Z | |
| cve-2026-4975 | Tenda AC15 POST Request setcfm formSetCfm memory corruption |
Tenda |
AC15 |
2026-03-27T19:52:54.501Z | 2026-03-30T18:58:54.834Z | |
| cve-2026-4974 | Tenda AC7 POST Request SetSysTimeCfg fromSetSysTime me… |
Tenda |
AC7 |
2026-03-27T19:52:50.992Z | 2026-03-31T13:54:19.794Z | |
| cve-2026-4973 | SourceCodester Online Quiz System add-question.php cro… |
SourceCodester |
Online Quiz System |
2026-03-27T19:52:46.822Z | 2026-03-30T18:02:58.779Z | |
| cve-2026-33869 | Mastodon has a denial of service for quote authorization |
mastodon |
mastodon |
2026-03-27T19:52:21.166Z | 2026-03-27T20:29:18.521Z | |
| cve-2026-33868 | Mastodon has a GET-Based Open Redirect via '/web/%2F<d… |
mastodon |
mastodon |
2026-03-27T19:50:07.687Z | 2026-03-31T18:54:24.919Z | |
| cve-2026-33765 | Pi-hole Web Interface has a Command Injection Vulnerability |
pi-hole |
web |
2026-03-27T19:46:57.679Z | 2026-04-02T13:04:40.898Z | |
| cve-2026-33739 | FOG has Stored XSS in Multiple Management Pages |
FOGProject |
fogproject |
2026-03-27T19:45:12.642Z | 2026-03-27T20:29:44.713Z | |
| cve-2026-33654 | Zero-Click Indirect Prompt Injection and Authenticatio… |
HKUDS |
nanobot |
2026-03-27T19:43:49.193Z | 2026-03-30T18:59:48.689Z | |
| cve-2026-34205 | Home Assistant: Unauthenticated App (Add-on) Endpoints… |
home-assistant |
Home Assistant Operating System |
2026-03-27T19:41:10.707Z | 2026-04-01T03:55:28.161Z | |
| cve-2026-34475 | 5.4 (v3.1) | Varnish Cache before 8.0.1 and Varnish Enterprise… |
varnish-software |
Varnish Cache |
2026-03-27T19:40:28.397Z | 2026-03-27T20:01:11.327Z |
| cve-2026-33045 | Home Assistant has stored XSS in history-graphs |
home-assistant |
core |
2026-03-27T19:39:03.590Z | 2026-04-01T03:55:27.034Z | |
| cve-2026-33044 | Home Assistant has stored XSS in Map-card through mali… |
home-assistant |
core |
2026-03-27T19:35:45.728Z | 2026-04-02T13:08:11.661Z | |
| cve-2026-32241 | Flannel vulnerable to cross-node remote code execution… |
flannel-io |
flannel |
2026-03-27T19:31:48.276Z | 2026-03-31T18:54:30.192Z | |
| cve-2026-31951 | LibreChat's MCP Server Header Injection Enables OAuth … |
danny-avila |
LibreChat |
2026-03-27T19:29:25.892Z | 2026-03-31T13:46:25.297Z | |
| cve-2026-31950 | LibreChat's IDOR in SSE Stream Subscription Allows Rea… |
danny-avila |
LibreChat |
2026-03-27T19:25:25.007Z | 2026-03-27T19:55:24.141Z | |
| cve-2026-31945 | LibreChat Server-Side Request Forgery using DNS resolution |
danny-avila |
LibreChat |
2026-03-27T19:23:53.395Z | 2026-03-30T19:00:53.475Z | |
| cve-2026-31943 | LibreChat has SSRF protection bypass via IPv4-mapped I… |
danny-avila |
LibreChat |
2026-03-27T19:21:50.653Z | 2026-03-31T19:10:14.342Z | |
| cve-2026-34391 | Fleet Vulnerable to Windows MDM cross-device command d… |
fleetdm |
fleet |
2026-03-27T19:19:48.229Z | 2026-03-27T19:54:54.644Z | |
| cve-2026-34389 | Fleet's user account creation via invite does not enfo… |
fleetdm |
fleet |
2026-03-27T19:18:19.470Z | 2026-03-30T19:01:30.519Z | |
| cve-2026-4972 | code-projects Online Reviewer System btn_functions.php… |
code-projects |
Online Reviewer System |
2026-03-27T19:15:22.568Z | 2026-03-27T22:17:39.404Z | |
| cve-2026-4971 | SourceCodester Note Taking App cross-site request forgery |
SourceCodester |
Note Taking App |
2026-03-27T19:15:19.715Z | 2026-03-30T14:54:10.710Z | |
| cve-2026-34388 | Fleet vulnerable to Denial of Service via unhandled gR… |
fleetdm |
fleet |
2026-03-27T19:13:00.388Z | 2026-03-31T13:44:23.562Z | |
| cve-2026-34387 | Fleet vulnerable to OS command injection via crafted s… |
fleetdm |
fleet |
2026-03-27T18:31:27.871Z | 2026-03-27T19:31:54.764Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2018-avi-424 | Multiples vulnérabilités dans Mozilla Firefox | 2018-09-06T00:00:00.000000 | 2018-09-06T00:00:00.000000 |
| certfr-2018-avi-423 | Multiples vulnérabilités dans les produits Cisco | 2018-09-06T00:00:00.000000 | 2018-09-06T00:00:00.000000 |
| certfr-2018-avi-422 | Multiples vulnérabilités dans Google Chrome | 2018-09-05T00:00:00.000000 | 2018-09-05T00:00:00.000000 |
| certfr-2018-avi-421 | Multiples vulnérabilités dans Google Android | 2018-09-05T00:00:00.000000 | 2018-09-05T00:00:00.000000 |
| certfr-2018-avi-420 | Vulnérabilité dans le noyau linux de RedHat | 2018-09-05T00:00:00.000000 | 2018-09-05T00:00:00.000000 |
| certfr-2018-avi-419 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-09-05T00:00:00.000000 | 2018-09-05T00:00:00.000000 |
| certfr-2018-avi-418 | Multiples vulnérabilités dans SCADA les produits Schneider Electric | 2018-08-31T00:00:00.000000 | 2018-08-31T00:00:00.000000 |
| certfr-2018-avi-417 | Multiples vulnérabilités dans Wireshark | 2018-08-30T00:00:00.000000 | 2018-08-30T00:00:00.000000 |
| certfr-2018-avi-416 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2018-08-30T00:00:00.000000 | 2018-08-30T00:00:00.000000 |
| certfr-2018-avi-415 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-30T00:00:00.000000 | 2018-08-30T00:00:00.000000 |
| certfr-2018-avi-414 | Vulnérabilité dans Cisco Data Center Network Manager | 2018-08-29T00:00:00.000000 | 2018-08-29T00:00:00.000000 |
| certfr-2018-avi-413 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-08-29T00:00:00.000000 | 2018-08-29T00:00:00.000000 |
| certfr-2018-avi-412 | Multiples vulnérabilités dans Joomla! | 2018-08-29T00:00:00.000000 | 2018-08-29T00:00:00.000000 |
| certfr-2018-avi-411 | Vulnérabilité dans Fortinet FortiManager | 2018-08-28T00:00:00.000000 | 2018-08-28T00:00:00.000000 |
| certfr-2018-avi-410 | Multiples vulnérabilités dans OpenSSH | 2018-08-27T00:00:00.000000 | 2018-08-27T00:00:00.000000 |
| certfr-2018-avi-409 | Multiples vulnérabilités dans Fortinet FortiCloud | 2018-08-27T00:00:00.000000 | 2018-08-27T00:00:00.000000 |
| certfr-2018-avi-408 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-08-24T00:00:00.000000 | 2018-08-24T00:00:00.000000 |
| certfr-2018-avi-407 | Vulnérabilité dans Fortinet FortiOS | 2018-08-24T00:00:00.000000 | 2018-08-24T00:00:00.000000 |
| certfr-2018-avi-406 | Multiples vulnérabilités dans Chrome OS | 2018-08-23T00:00:00.000000 | 2018-08-23T00:00:00.000000 |
| certfr-2018-avi-405 | Vulnérabilité dans Apache Struts 2 | 2018-08-23T00:00:00.000000 | 2018-08-24T00:00:00.000000 |
| certfr-2018-avi-404 | Vulnérabilité dans phpMyAdmin | 2018-08-23T00:00:00.000000 | 2018-08-23T00:00:00.000000 |
| certfr-2018-avi-403 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-22T00:00:00.000000 | 2018-08-22T00:00:00.000000 |
| certfr-2018-avi-402 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-20T00:00:00.000000 | 2018-08-20T00:00:00.000000 |
| certfr-2018-avi-401 | Multiples vulnérabilités dans PHP | 2018-08-17T00:00:00.000000 | 2018-08-17T00:00:00.000000 |
| certfr-2018-avi-400 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-17T00:00:00.000000 | 2018-08-17T00:00:00.000000 |
| certfr-2018-avi-399 | Multiples vulnérabilités dans les produits Microsoft | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-398 | Vulnérabilité dans Microsoft .Net | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-397 | Multiples vulnérabilités dans Microsoft Windows | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-396 | Multiples vulnérabilités dans Microsoft Office | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-395 | Multiples vulnérabilités dans Microsoft Edge | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |