Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-5026 | 7 (v4.0) | Langflow - Stored XSS via Malicious SVG Upload |
langflow-ai |
langflow |
2026-03-27T14:50:36.603Z | 2026-03-27T15:35:23.336Z |
| cve-2026-5025 | 6.5 (v3.1) | Langflow - Application Logs Exposed to All Authenticat… |
langflow-ai |
langflow |
2026-03-27T14:43:00.533Z | 2026-03-27T15:38:54.925Z |
| cve-2026-5010 | 5.1 (v4.0) | Reflected Cross-Site Scripting (XSS) in Sanoma’s Clickedu |
Sanoma |
Clickedu |
2026-03-27T14:35:06.783Z | 2026-03-27T15:08:30.583Z |
| cve-2026-5022 | 6.3 (v4.0) | Langflow - Missing Authorization on download_image Endpoint |
langflow-ai |
langflow |
2026-03-27T14:34:14.046Z | 2026-03-27T15:10:20.925Z |
| cve-2026-33766 | AVideo has SSRF Protection Bypass via HTTP Redirect in… |
WWBN |
AVideo |
2026-03-27T14:31:06.272Z | 2026-03-27T14:45:06.774Z | |
| cve-2026-33764 | AVideo: IDOR in AI Plugin Allows Stealing Other Users'… |
WWBN |
AVideo |
2026-03-27T14:29:53.559Z | 2026-03-27T19:58:05.730Z | |
| cve-2026-27879 | Query resampling can cause unbounded memory allocations |
Grafana |
Grafana |
2026-03-27T14:28:56.133Z | 2026-04-24T08:00:49.101Z | |
| cve-2026-28375 | Grafana Testdata datasource can issue unbounded memory… |
Grafana |
Grafana |
2026-03-27T14:26:19.270Z | 2026-04-24T08:00:45.094Z | |
| cve-2026-33763 | AVideo has an Unauthenticated Video Password Brute-For… |
WWBN |
AVideo |
2026-03-27T14:25:12.794Z | 2026-03-30T12:06:27.809Z | |
| cve-2026-27876 | RCE on Grafana via sqlExpressions |
Grafana |
Grafana |
2026-03-27T14:24:36.771Z | 2026-04-24T08:00:45.815Z | |
| cve-2026-33761 | AVideo: Unauthenticated Access to Scheduler Plugin End… |
WWBN |
AVideo |
2026-03-27T14:24:08.051Z | 2026-03-27T17:22:49.884Z | |
| cve-2026-33759 | AVideo: Unauthenticated IDOR in playlistsVideos.json.p… |
WWBN |
AVideo |
2026-03-27T14:18:48.810Z | 2026-03-27T14:45:56.632Z | |
| cve-2026-1496 | 9.3 (v4.0) | Coverity CLI Authentication Bypass |
Black Duck |
Coverity |
2026-03-27T14:14:01.871Z | 2026-03-27T14:36:04.188Z |
| cve-2026-4984 | 8.2 (v3.1) | Botpress - Credential Disclosure via Twilio Webhook Handler |
botpress |
botpress |
2026-03-27T14:13:51.003Z | 2026-03-27T14:39:39.593Z |
| cve-2026-4954 | mingSoft MCMS Web Content List Endpoint ContentAction.… |
mingSoft |
MCMS |
2026-03-27T14:13:38.633Z | 2026-03-27T22:16:13.177Z | |
| cve-2026-4953 | mingSoft MCMS Editor Endpoint BaseAction.java catchIma… |
mingSoft |
MCMS |
2026-03-27T14:13:36.216Z | 2026-03-30T12:05:18.706Z | |
| cve-2026-33758 | OpenBao has Reflected XSS in its OIDC authentication e… |
openbao |
openbao |
2026-03-27T14:12:33.941Z | 2026-03-27T19:58:18.047Z | |
| cve-2026-27880 | OpenFeature evaluation API reads input data with no bounds |
Grafana |
Grafana |
2026-03-27T14:12:20.075Z | 2026-04-24T08:00:50.308Z | |
| cve-2026-33757 | OpenBao lacks user confirmation for OIDC direct callba… |
openbao |
openbao |
2026-03-27T14:10:58.639Z | 2026-04-01T03:55:23.497Z | |
| cve-2024-11604 | 7.3 (v4.0) | Insertion of Sensitive Information into Log File |
OpenText |
IDM Driver and Extensions |
2026-03-27T14:08:59.958Z | 2026-03-27T14:49:21.826Z |
| cve-2026-33755 | Authenticated SQL Injection in Contact/query addressBo… |
Intermesh |
groupoffice |
2026-03-27T14:08:38.685Z | 2026-03-27T17:23:30.752Z | |
| cve-2026-33750 | brace-expansion: Zero-step sequence causes process han… |
juliangruber |
brace-expansion |
2026-03-27T14:04:52.297Z | 2026-03-27T14:48:06.779Z | |
| cve-2026-27877 | Public dashboards discloses all direct mode datasources |
Grafana |
Grafana |
2026-03-27T14:02:11.889Z | 2026-04-24T08:00:49.946Z | |
| cve-2026-33748 | BuildKit Git URL subdir component can cause access to … |
moby |
buildkit |
2026-03-27T14:00:21.200Z | 2026-03-27T19:58:28.764Z | |
| cve-2026-33284 | GlobalLeaks has insufficient URL validation in user su… |
globaleaks |
globaleaks-whistleblowing-software |
2026-03-27T13:58:54.085Z | 2026-03-27T19:33:52.223Z | |
| cve-2026-33206 | calibre has a path traversal vulnerability |
kovidgoyal |
calibre |
2026-03-27T13:53:22.833Z | 2026-03-27T14:48:44.155Z | |
| cve-2026-33205 | calibre has Server-Side Request Forgery in ebook viewe… |
kovidgoyal |
calibre |
2026-03-27T13:52:06.860Z | 2026-03-27T19:58:43.747Z | |
| cve-2026-33433 | Traefik Vulnerable to BasicAuth/DigestAuth Identity Sp… |
traefik |
traefik |
2026-03-27T13:49:08.455Z | 2026-03-30T12:00:41.940Z | |
| cve-2026-32695 | Traefik has Knative Ingress Rule Injection that Allows… |
traefik |
traefik |
2026-03-27T13:47:03.645Z | 2026-03-30T11:59:26.721Z | |
| cve-2025-13478 | 8.4 (v4.0) | Cache Misconfiguration Leading to Cross-User Data Exposure |
OpenText |
Identity Manager |
2026-03-27T13:43:34.258Z | 2026-03-27T13:53:41.403Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2018-avi-304 | Multiples vulnérabilités dans Google Chrome | 2018-06-26T00:00:00.000000 | 2018-06-26T00:00:00.000000 |
| certfr-2018-avi-303 | Multiples vulnérabilités dans les produits Fortinet | 2018-06-25T00:00:00.000000 | 2018-06-25T00:00:00.000000 |
| certfr-2018-avi-302 | Multiples vulnérabilités dans PHP | 2018-06-22T00:00:00.000000 | 2018-06-25T00:00:00.000000 |
| certfr-2018-avi-301 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-06-22T00:00:00.000000 | 2018-06-22T00:00:00.000000 |
| certfr-2018-avi-300 | Multiples vulnérabilités dans phpMyAdmin | 2018-06-22T00:00:00.000000 | 2018-06-22T00:00:00.000000 |
| certfr-2018-avi-299 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-06-21T00:00:00.000000 | 2018-06-21T00:00:00.000000 |
| certfr-2018-avi-298 | Multiples vulnérabilités dans les produits Cisco | 2018-06-21T00:00:00.000000 | 2018-06-21T00:00:00.000000 |
| certfr-2018-avi-297 | Vulnérabilité dans Ruby On Rails | 2018-06-20T00:00:00.000000 | 2018-06-20T00:00:00.000000 |
| certfr-2018-avi-296 | Vulnérabilité dans le noyau Linux de RedHat | 2018-06-20T00:00:00.000000 | 2018-06-20T00:00:00.000000 |
| certfr-2018-avi-295 | Vulnérabilité dans Citrix XenServer | 2018-06-18T00:00:00.000000 | 2018-06-18T00:00:00.000000 |
| certfr-2018-avi-294 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-06-15T00:00:00.000000 | 2018-06-15T00:00:00.000000 |
| certfr-2018-avi-293 | Multiples vulnérabilités dans Tenable Nessus Agent | 2018-06-15T00:00:00.000000 | 2018-06-15T00:00:00.000000 |
| certfr-2018-avi-292 | Vulnérabilité dans le noyau Linux de RedHat | 2018-06-15T00:00:00.000000 | 2018-06-15T00:00:00.000000 |
| certfr-2018-avi-291 | Multiples vulnérabilités dans les produits SAP | 2018-06-14T00:00:00.000000 | 2018-06-14T00:00:00.000000 |
| certfr-2018-avi-290 | Vulnérabilité dans Xen | 2018-06-14T00:00:00.000000 | 2018-06-14T00:00:00.000000 |
| certfr-2018-avi-289 | Multiples vulnérabilités dans Apple Xcode | 2018-06-14T00:00:00.000000 | 2018-06-14T00:00:00.000000 |
| certfr-2018-avi-288 | Multiples vulnérabilités dans Tenable Nessus | 2018-06-14T00:00:00.000000 | 2018-06-14T00:00:00.000000 |
| certfr-2018-avi-287 | Multiples vulnérabilités dans Microsoft ChakraCore | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-286 | Multiples vulnérabilités dans Microsoft Windows | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-285 | Multiples vulnérabilités dans Microsoft Office | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-284 | Multiples vulnérabilités dans Microsoft Edge | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-283 | Multiples vulnérabilités dans Microsoft IE | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-282 | Multiples vulnérabilités dans Google Chrome et Chrome OS | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-281 | Vulnérabilité dans Bind | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-280 | Vulnérabilité dans le noyau Linux de Red Hat | 2018-06-13T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-279 | Multiples vulnérabilités dans SCADA les produits Siemens | 2018-06-12T00:00:00.000000 | 2018-06-12T00:00:00.000000 |
| certfr-2018-avi-278 | Vulnérabilité dans VMware AirWatch Agent | 2018-06-12T00:00:00.000000 | 2018-06-12T00:00:00.000000 |
| certfr-2018-avi-277 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-06-12T00:00:00.000000 | 2018-06-13T00:00:00.000000 |
| certfr-2018-avi-276 | Multiples vulnérabilités dans Asterisk | 2018-06-12T00:00:00.000000 | 2018-06-12T00:00:00.000000 |
| certfr-2018-avi-275 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-06-12T00:00:00.000000 | 2018-06-12T00:00:00.000000 |