Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32859 | 5.1 (v4.0) 5.4 (v3.1) | ByteDance DeerFlow Stored XSS via Inline Artifact Rendering |
Bytedance Inc. |
DeerFlow |
2026-03-27T13:41:22.077Z | 2026-03-27T19:36:48.293Z |
| cve-2026-4982 | 7.3 (v4.0) | Unauthorized access to chat contents |
pretix |
Venueless |
2026-03-27T12:32:41.164Z | 2026-03-27T19:39:20.014Z |
| cve-2026-25099 | 8.7 (v4.0) | Remote Code Execution via Unrestricted File Upload in Bludit |
Bludit |
Bludit |
2026-03-27T11:55:23.168Z | 2026-03-27T12:42:38.401Z |
| cve-2026-25100 | 4.8 (v4.0) | Stored XSS via SVG File Upload in Bludit |
Bludit |
Bludit |
2026-03-27T11:55:17.543Z | 2026-03-27T12:43:37.644Z |
| cve-2026-25101 | 4.8 (v4.0) | Session Fixation in Bludit |
Bludit |
Bludit |
2026-03-27T11:55:08.924Z | 2026-03-27T12:44:09.658Z |
| cve-2026-4620 | 7.1 (v4.0) | OS Command Injection vulnerability in NEC Platfor… |
NEC Platforms, Ltd. |
Aterm WX1500HP |
2026-03-27T11:53:41.863Z | 2026-04-10T04:13:14.137Z |
| cve-2026-4622 | 7.1 (v4.0) | OS Command Injection vulnerability in NEC Platfor… |
NEC Platforms, Ltd. |
Aterm WG2600HS |
2026-03-27T11:53:12.245Z | 2026-04-10T04:14:44.673Z |
| cve-2026-4621 | 6.3 (v4.0) | Hidden Functionality vulnerability in NEC Platfor… |
NEC Platforms, Ltd. |
Aterm W1200EX(-MS) |
2026-03-27T11:52:48.222Z | 2026-04-10T04:13:59.147Z |
| cve-2026-4619 | 6 (v4.0) | Path Traversal vulnerability in NEC Platforms, Lt… |
NEC Platforms, Ltd. |
Aterm WX3600HP |
2026-03-27T11:46:54.450Z | 2026-04-10T04:12:05.787Z |
| cve-2026-4309 | 6.3 (v4.0) | Missing Authorization vulnerability in NEC Platfo… |
NEC Platforms, Ltd. |
Aterm W1200EX(-MS) |
2026-03-27T11:46:26.310Z | 2026-04-10T04:10:43.726Z |
| cve-2023-7339 | 6.5 (v3.1) | Data collection for dowloading leads into buffer overflow |
Softing |
pnGate |
2026-03-27T10:53:07.778Z | 2026-03-27T12:21:25.031Z |
| cve-2026-3457 | 7 (v4.0) | Stored XSS vulnerability in Sentinel ACC |
Thales |
Sentinel LDK Runtime |
2026-03-27T09:05:48.226Z | 2026-03-27T13:45:21.259Z |
| cve-2026-27860 | 3.7 (v3.1) | If auth_username_chars is empty, it is possible t… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:22.695Z | 2026-03-27T12:33:57.043Z |
| cve-2026-27859 | 5.3 (v3.1) | A mail message containing excessive amount of RFC… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:22.058Z | 2026-03-27T12:35:14.776Z |
| cve-2026-27858 | 7.5 (v3.1) | Attacker can send a specifically crafted message … |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:21.424Z | 2026-03-27T12:37:09.762Z |
| cve-2026-27857 | 4.3 (v3.1) | Sending "NOOP (((...)))" command with 4000 parent… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:20.761Z | 2026-03-27T12:39:48.150Z |
| cve-2026-27856 | 7.4 (v3.1) | Doveadm credentials are verified using direct com… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:19.537Z | 2026-03-27T13:45:12.231Z |
| cve-2026-27855 | 6.8 (v3.1) | Dovecot OTP authentication is vulnerable to repla… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:18.821Z | 2026-03-27T19:39:50.286Z |
| cve-2026-24031 | 7.7 (v3.1) | Dovecot SQL based authentication can be bypassed … |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:18.100Z | 2026-03-27T19:40:35.437Z |
| cve-2026-0394 | 5.3 (v3.1) | When dovecot has been configured to use per-domai… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:17.375Z | 2026-03-27T19:41:17.447Z |
| cve-2025-59032 | 7.5 (v3.1) | ManageSieve AUTHENTICATE command crashes when usi… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:16.612Z | 2026-03-27T19:42:05.292Z |
| cve-2025-59031 | 4.3 (v3.1) | Dovecot has provided a script to use for attachme… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:15.956Z | 2026-03-27T19:42:40.634Z |
| cve-2025-59028 | 5.3 (v3.1) | When sending invalid base64 SASL data, login proc… |
Open-Xchange GmbH |
OX Dovecot Pro |
2026-03-27T08:10:15.246Z | 2026-03-27T19:43:08.685Z |
| cve-2024-14028 | 6.5 (v3.1) | Multiple implicit reads in parallel can result in a cr… |
Softing |
smartLink HW-DP |
2026-03-27T05:53:40.991Z | 2026-03-27T13:45:30.144Z |
| cve-2026-22744 | 7.5 (v3.1) | In RedisFilterExpressionConverter of spring-ai-re… |
Spring |
Spring AI |
2026-03-27T05:38:59.633Z | 2026-03-27T19:39:20.156Z |
| cve-2026-22743 | 7.5 (v3.1) | Server-Side Request Forgery via Filter Expression Keys… |
Spring |
Spring AI |
2026-03-27T05:33:20.872Z | 2026-03-27T19:38:58.544Z |
| cve-2026-4948 | 5.5 (v3.1) | Firewalld: firewalld: local unprivileged user can modi… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-27T05:30:23.632Z | 2026-03-27T11:21:20.810Z |
| cve-2026-22742 | 8.6 (v3.1) | Server-Side Request Forgery in BedrockProxyChatModel v… |
Spring |
Spring AI |
2026-03-27T05:27:41.165Z | 2026-03-27T19:39:20.332Z |
| cve-2026-33366 | 5.3 (v3.0) 6.9 (v4.0) | Missing authentication for critical function vuln… |
BUFFALO INC. |
BUFFALO Wi-Fi router products |
2026-03-27T05:25:58.656Z | 2026-03-27T19:37:52.746Z |
| cve-2026-33280 | 7.2 (v3.0) 8.6 (v4.0) | Hidden functionality issue exists in BUFFALO Wi-F… |
BUFFALO INC. |
BUFFALO Wi-Fi router products |
2026-03-27T05:25:41.078Z | 2026-03-27T19:54:05.856Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2018-avi-274 | Multiples vulnérabilités dans Google Chrome OS | 2018-06-08T00:00:00.000000 | 2018-06-08T00:00:00.000000 |
| certfr-2018-avi-273 | Multiples vulnérabilités dans Adobe Flash Player | 2018-06-07T00:00:00.000000 | 2018-06-07T00:00:00.000000 |
| certfr-2018-avi-272 | Multiples vulnérabilités dans Google Chrome | 2018-06-07T00:00:00.000000 | 2018-06-07T00:00:00.000000 |
| certfr-2018-avi-271 | Vulnérabilité dans Mozilla Firefox | 2018-06-07T00:00:00.000000 | 2018-06-07T00:00:00.000000 |
| certfr-2018-avi-270 | Multiples vulnérabilités dans les produits Cisco | 2018-06-07T00:00:00.000000 | 2018-06-07T00:00:00.000000 |
| certfr-2018-avi-269 | Vulnérabilité dans les produits F-Secure | 2018-06-06T00:00:00.000000 | 2018-06-06T00:00:00.000000 |
| certfr-2018-avi-268 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-06-06T00:00:00.000000 | 2018-06-06T00:00:00.000000 |
| certfr-2018-avi-267 | Multiples vulnérabilités dans Google Android | 2018-06-05T00:00:00.000000 | 2018-06-05T00:00:00.000000 |
| certfr-2018-avi-266 | Multiples vulnérabilités dans les produits Apple | 2018-06-04T00:00:00.000000 | 2018-06-04T00:00:00.000000 |
| certfr-2018-avi-265 | Multiples vulnérabilités dans SCADA Schneider Electric U.motion | 2018-06-01T00:00:00.000000 | 2018-06-01T00:00:00.000000 |
| certfr-2018-avi-264 | Multiples vulnérabilités dans Google Chrome OS | 2018-06-01T00:00:00.000000 | 2018-06-01T00:00:00.000000 |
| certfr-2018-avi-263 | Multiples vulnérabilités dans Git | 2018-05-30T00:00:00.000000 | 2018-05-30T00:00:00.000000 |
| certfr-2018-avi-262 | Vulnérabilité dans VMware Horizon Client | 2018-05-30T00:00:00.000000 | 2018-05-30T00:00:00.000000 |
| certfr-2018-avi-261 | Multiples vulnérabilités dans Google Chrome | 2018-05-30T00:00:00.000000 | 2018-05-30T00:00:00.000000 |
| certfr-2018-avi-260 | Vulnérabilité dans Fortinet FortAuthenticator | 2018-05-30T00:00:00.000000 | 2018-05-30T00:00:00.000000 |
| certfr-2018-avi-259 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2018-05-30T00:00:00.000000 | 2018-05-30T00:00:00.000000 |
| certfr-2018-avi-258 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2018-05-25T00:00:00.000000 | 2018-05-25T00:00:00.000000 |
| certfr-2018-avi-257 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-05-25T00:00:00.000000 | 2018-05-25T00:00:00.000000 |
| certfr-2018-avi-256 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-05-25T00:00:00.000000 | 2018-05-25T00:00:00.000000 |
| certfr-2018-avi-255 | Multiples vulnérabilités dans VMware Workstation et Fusion | 2018-05-25T00:00:00.000000 | 2018-05-25T00:00:00.000000 |
| certfr-2018-avi-254 | Multiples vulnérabilités dans SCADA les produits Schneider Electric | 2018-05-25T00:00:00.000000 | 2018-05-28T00:00:00.000000 |
| certfr-2018-avi-253 | Multiples vulnérabilités dans Moodle | 2018-05-25T00:00:00.000000 | 2018-05-25T00:00:00.000000 |
| certfr-2018-avi-252 | Vulnérabilité dans Microsoft PowerPoint | 2018-05-24T00:00:00.000000 | 2018-05-24T00:00:00.000000 |
| certfr-2018-avi-251 | Multiples vulnérabilités dans Wireshark | 2018-05-23T00:00:00.000000 | 2018-05-23T00:00:00.000000 |
| certfr-2018-avi-250 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-05-23T00:00:00.000000 | 2018-05-23T00:00:00.000000 |
| certfr-2018-avi-249 | Multiples vulnérabilités dans Joomla! | 2018-05-23T00:00:00.000000 | 2018-05-23T00:00:00.000000 |
| certfr-2018-avi-248 | Vulnérabilité dans le noyau Linux de RedHat | 2018-05-22T00:00:00.000000 | 2018-05-22T00:00:00.000000 |
| certfr-2018-avi-247 | Multiples vulnérabilités dans Citrix XenMobile | 2018-05-22T00:00:00.000000 | 2018-05-22T00:00:00.000000 |
| certfr-2018-avi-246 | Multiples vulnérabilités dans Fortinet FortiOS | 2018-05-22T00:00:00.000000 | 2018-05-22T00:00:00.000000 |
| certfr-2018-avi-245 | Multiples vulnérabilités dans Mozilla Thunderbird | 2018-05-22T00:00:00.000000 | 2018-05-22T00:00:00.000000 |