Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-4902 | Tenda AC5 POST Request addressNat fromAddressNat memor… |
Tenda |
AC5 |
2026-03-26T22:30:14.537Z | 2026-03-27T13:54:48.568Z | |
| cve-2026-4900 | code-projects Online Food Ordering System localhost.sq… |
code-projects |
Online Food Ordering System |
2026-03-26T21:56:46.312Z | 2026-03-30T11:46:20.001Z | |
| cve-2026-4899 | code-projects Online Food Ordering System food.php cro… |
code-projects |
Online Food Ordering System |
2026-03-26T21:56:43.372Z | 2026-03-27T11:29:13.257Z | |
| cve-2026-33686 | Sharp is Vulnerable to Path Traversal via Unsanitized … |
code16 |
sharp |
2026-03-26T21:54:25.294Z | 2026-03-27T13:59:50.752Z | |
| cve-2025-12805 | 8.1 (v3.1) | Llama-stack-k8s-operator: llama stack service exposed … |
Red Hat |
Red Hat OpenShift AI 2.25 |
2026-03-26T21:48:16.762Z | 2026-03-31T03:55:34.790Z |
| cve-2026-33687 | Sharp has Unrestricted File Upload via Client-Controll… |
code16 |
sharp |
2026-03-26T21:47:55.573Z | 2026-03-27T20:28:53.385Z | |
| cve-2026-33682 | Streamlit on Windows has Unauthenticated SSRF Vulnerab… |
streamlit |
streamlit |
2026-03-26T21:45:05.616Z | 2026-03-27T20:00:36.574Z | |
| cve-2026-33674 | PrestaShop: Improper Use of Validation Framework |
PrestaShop |
PrestaShop |
2026-03-26T21:42:33.590Z | 2026-03-30T11:44:22.497Z | |
| cve-2026-33673 | PrestaShop has multiple stored XSS vulnerabilities via… |
PrestaShop |
PrestaShop |
2026-03-26T21:41:13.249Z | 2026-03-27T20:27:40.683Z | |
| cve-2026-28377 | S3 SSE-C Encryption Key Exposed in Plaintext via Confi… |
Grafana |
Tempo |
2026-03-26T21:39:46.928Z | 2026-04-24T08:00:48.241Z | |
| cve-2026-33672 | Picomatch: Method Injection in POSIX Character Classes… |
micromatch |
picomatch |
2026-03-26T21:39:16.362Z | 2026-03-27T13:58:41.846Z | |
| cve-2026-33671 | Picomatch has a ReDoS vulnerability via extglob quantifiers |
micromatch |
picomatch |
2026-03-26T21:20:48.191Z | 2026-03-27T20:00:45.351Z | |
| cve-2026-0748 | 5.3 (v4.0) | Access bypass in Drupal 7 i18n_node translation UI |
Drupal |
Internationalization (i18n) - i18n_node submodule |
2026-03-26T21:17:37.769Z | 2026-03-27T13:55:09.117Z |
| cve-2026-4346 | 5.1 (v4.0) | Cleartext Storage of Administrative and Wi-Fi Credenti… |
TP-Link Systems Inc. |
TL-WR850N v3 |
2026-03-26T21:16:44.860Z | 2026-03-27T19:39:20.845Z |
| cve-2026-33670 | SiYuan has directory traversal within its publishing service |
siyuan-note |
siyuan |
2026-03-26T21:15:56.609Z | 2026-03-30T11:43:18.022Z | |
| cve-2026-33669 | SiYuan has Arbitrary Document Reading within the Publi… |
siyuan-note |
siyuan |
2026-03-26T21:14:43.408Z | 2026-03-27T20:26:40.149Z | |
| cve-2026-1556 | 6.9 (v4.0) | Information disclosure via file URI overwrite in File … |
Drupal |
Drupal File (Field) Paths |
2026-03-26T21:14:20.549Z | 2026-03-27T19:39:20.961Z |
| cve-2026-33664 | Kestra Vulnerable to Stored Cross-Site Scripting via F… |
kestra-io |
kestra |
2026-03-26T21:13:12.467Z | 2026-03-27T13:55:17.704Z | |
| cve-2026-3650 | 8.7 (v4.0) 7.5 (v3.1) | Grassroots DICOM Missing release of memory after effec… |
Grassroots |
Grassroots DICOM (GDCM) |
2026-03-26T21:10:30.864Z | 2026-03-27T19:39:21.092Z |
| cve-2026-4898 | code-projects Online Food Ordering System contact.php … |
code-projects |
Online Food Ordering System |
2026-03-26T21:08:06.838Z | 2026-03-27T20:26:03.353Z | |
| cve-2026-33661 | WeChat Pay callback signature verification bypassed wh… |
yansongda |
pay |
2026-03-26T21:05:22.607Z | 2026-03-27T20:00:56.285Z | |
| cve-2026-33658 | Rails Active Storage has a possible DoS vulnerability … |
rails |
activestorage |
2026-03-26T21:03:25.319Z | 2026-03-30T11:42:24.885Z | |
| cve-2026-33653 | Uploady Vulnerable to Stored Cross-Site Scripting (XSS) |
farisc0de |
Uploady |
2026-03-26T21:00:27.373Z | 2026-03-27T20:16:06.700Z | |
| cve-2026-33645 | Fireshare has Path Traversal Arbitrary File Write in `… |
ShaneIsrael |
fireshare |
2026-03-26T20:58:21.521Z | 2026-03-27T20:01:09.752Z | |
| cve-2026-33640 | Outline has a rate limit bypass that allows brute forc… |
outline |
outline |
2026-03-26T20:56:37.818Z | 2026-04-01T03:55:21.240Z | |
| cve-2026-33638 | Ech0 authenticated user-list exposed data via public `… |
lin-snow |
Ech0 |
2026-03-26T20:52:40.464Z | 2026-03-27T20:19:07.459Z | |
| cve-2026-33742 | Invoice Ninja has Stored XSS via Markdown HTML Injecti… |
invoiceninja |
invoiceninja |
2026-03-26T20:50:21.984Z | 2026-03-27T13:55:25.963Z | |
| cve-2026-33628 | Invoice Ninja Denylist Bypass may Lead to Stored XSS v… |
invoiceninja |
invoiceninja |
2026-03-26T20:48:45.739Z | 2026-03-27T13:55:36.614Z | |
| cve-2026-33623 | PinchTab: OS Command Injection via Profile Name in Win… |
pinchtab |
pinchtab |
2026-03-26T20:47:05.652Z | 2026-03-27T20:01:25.733Z | |
| cve-2026-33622 | A PinchTab Security Policy Bypass in /wait Allows Arbi… |
pinchtab |
pinchtab |
2026-03-26T20:44:48.220Z | 2026-03-27T20:20:00.663Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2018-avi-154 | Multiples vulnérabilités dans SCADA Schneider Electric Modicon | 2018-03-28T00:00:00.000000 | 2018-03-28T00:00:00.000000 |
| certfr-2018-avi-153 | Vulnérabilité dans Apache Struts 2 | 2018-03-28T00:00:00.000000 | 2018-03-28T00:00:00.000000 |
| certfr-2018-avi-152 | Multiples vulnérabilités dans SCADA les produits Siemens | 2018-03-27T00:00:00.000000 | 2018-03-27T00:00:00.000000 |
| certfr-2018-avi-151 | Vulnérabilité dans Mozilla Firefox | 2018-03-27T00:00:00.000000 | 2018-03-27T00:00:00.000000 |
| certfr-2018-avi-150 | Multiples vulnérabilités dans Moodle | 2018-03-26T00:00:00.000000 | 2018-03-26T00:00:00.000000 |
| certfr-2018-avi-149 | Multiples vulnérabilités dans Mozilla Thunderbird | 2018-03-26T00:00:00.000000 | 2018-03-26T00:00:00.000000 |
| certfr-2018-avi-148 | Multiples vulnérabilités dans Google Chrome OS | 2018-03-26T00:00:00.000000 | 2018-03-26T00:00:00.000000 |
| certfr-2018-avi-147 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-03-26T00:00:00.000000 | 2018-03-26T00:00:00.000000 |
| certfr-2018-avi-146 | Multiples vulnérabilités dans SCADA Schneider Electric Modicon | 2018-03-23T00:00:00.000000 | 2018-03-23T00:00:00.000000 |
| certfr-2018-avi-145 | Multiples vulnérabilités dans Citrix XenServer | 2018-03-22T00:00:00.000000 | 2018-03-22T00:00:00.000000 |
| certfr-2018-avi-144 | Multiples vulnérabilités dans Aruba ClearPass | 2018-03-22T00:00:00.000000 | 2018-03-22T00:00:00.000000 |
| certfr-2018-avi-143 | Vulnérabilité dans MikroTik RouterOS | 2018-03-22T00:00:00.000000 | 2018-03-22T00:00:00.000000 |
| certfr-2018-avi-142 | Multiples vulnérabilités dans GitLab | 2018-03-22T00:00:00.000000 | 2018-03-22T00:00:00.000000 |
| certfr-2018-avi-141 | Vulnérabilité dans Google Chrome | 2018-03-21T00:00:00.000000 | 2018-03-21T00:00:00.000000 |
| certfr-2018-avi-140 | Multiples vulnérabilités dans SCADA les produits Siemens | 2018-03-21T00:00:00.000000 | 2018-03-21T00:00:00.000000 |
| certfr-2018-avi-139 | Vulnérabilité dans Tenable Nessus | 2018-03-21T00:00:00.000000 | 2018-03-21T00:00:00.000000 |
| certfr-2018-avi-138 | Multiples vulnérabilités dans Intel SGX | 2018-03-21T00:00:00.000000 | 2018-03-21T00:00:00.000000 |
| certfr-2018-avi-137 | Multiples vulnérabilités dans Mozilla Firefox | 2018-03-19T00:00:00.000000 | 2018-03-19T00:00:00.000000 |
| certfr-2018-avi-136 | Multiples vulnérabilités dans SCADA Schneider Electric MGE SNMP/Web Card 66074 | 2018-03-19T00:00:00.000000 | 2018-03-19T00:00:00.000000 |
| certfr-2018-avi-135 | Vulnérabilité dans VMware Workstation et Fusion | 2018-03-16T00:00:00.000000 | 2018-03-16T00:00:00.000000 |
| certfr-2018-avi-134 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-03-15T00:00:00.000000 | 2018-03-15T00:00:00.000000 |
| certfr-2018-avi-133 | Multiples vulnérabilités dans les produits Microsoft | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-132 | Multiples vulnérabilités dans Microsoft .Net | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-131 | Multiples vulnérabilités dans Microsoft Windows | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-130 | Multiples vulnérabilités dans Microsoft Office | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-129 | Multiples vulnérabilités dans Microsoft Edge | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-128 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-127 | Multiples vulnérabilités dans Adobe Flash Player | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-126 | Multiples vulnérabilités dans Google Chrome | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |
| certfr-2018-avi-125 | Vulnérabilité dans Joomla! | 2018-03-14T00:00:00.000000 | 2018-03-14T00:00:00.000000 |