Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-6623 | BichitroGan ISP Billing Software Profile users-view cr… |
BichitroGan |
ISP Billing Software |
2026-04-20T09:00:20.118Z | 2026-04-20T15:29:21.949Z | |
| cve-2025-13480 | 5.1 (v4.0) | Incorrect authorization in Fudo Enterprise |
Fudo Security |
Fudo Enterprise |
2026-04-20T09:00:16.259Z | 2026-04-20T13:28:18.280Z |
| cve-2026-6622 | BichitroGan ISP Billing Software Customer edit cross s… |
BichitroGan |
ISP Billing Software |
2026-04-20T08:45:20.512Z | 2026-04-20T11:10:22.776Z | |
| cve-2026-6621 | 1024bit extend-deep index.js prototype pollution |
1024bit |
extend-deep |
2026-04-20T08:30:14.457Z | 2026-04-20T15:33:04.684Z | |
| cve-2026-6620 | SonicCloudOrg sonic-server File Upload Endpoint FileTo… |
SonicCloudOrg |
sonic-server |
2026-04-20T08:15:18.329Z | 2026-04-20T15:35:54.833Z | |
| cve-2026-39454 | 7.8 (v3.0) 8.5 (v4.0) | SKYSEA Client View and SKYMEC IT Manager provided… |
Sky Co.,LTD. |
SKYSEA Client View |
2026-04-20T08:04:56.595Z | 2026-04-20T13:28:56.536Z |
| cve-2026-6619 | langgenius dify ImagePreview image-preview.tsx openInN… |
langgenius |
dify |
2026-04-20T08:00:17.267Z | 2026-04-20T13:29:29.634Z | |
| cve-2026-6618 | langgenius dify ApiBasedToolSchemaParser parser.py par… |
langgenius |
dify |
2026-04-20T07:45:16.985Z | 2026-04-20T16:21:30.799Z | |
| cve-2026-5967 | 8.7 (v4.0) 8.8 (v3.1) | TeamT5|ThreatSonar Anti-Ransomware - Privilege Escalation |
TeamT5 |
ThreatSonar Anti-Ransomware |
2026-04-20T07:44:19.754Z | 2026-04-20T13:29:59.132Z |
| cve-2026-5966 | 7.2 (v4.0) 8.1 (v3.1) | TeamT5|ThreatSonar Anti-Ransomware - Arbitrary File Deletion |
TeamT5 |
ThreatSonar Anti-Ransomware |
2026-04-20T07:40:33.323Z | 2026-04-20T13:30:25.604Z |
| cve-2026-5964 | 9.3 (v4.0) 9.8 (v3.1) | Digiwin|EasyFlow .NET - SQL Injection |
Digiwin |
EasyFlow .NET |
2026-04-20T07:36:58.476Z | 2026-04-20T13:38:08.600Z |
| cve-2026-5963 | 9.3 (v4.0) 9.8 (v3.1) | Digiwin|EasyFlow .NET - SQL Injection |
Digiwin |
EasyFlow .NET |
2026-04-20T07:32:20.443Z | 2026-04-20T13:42:03.062Z |
| cve-2026-6617 | langgenius dify ApiToolManageService api_tools_manage_… |
langgenius |
dify |
2026-04-20T07:30:12.357Z | 2026-04-20T11:12:15.089Z | |
| cve-2026-6616 | TransformerOptimus SuperAGI WebScraperTool webpage_ext… |
TransformerOptimus |
SuperAGI |
2026-04-20T07:15:12.269Z | 2026-04-20T15:54:33.904Z | |
| cve-2026-41282 | 4 (v3.1) | ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL… |
ProjectDiscovery |
Nuclei |
2026-04-20T07:10:30.246Z | 2026-04-21T00:59:19.998Z |
| cve-2026-6615 | TransformerOptimus SuperAGI Multipart Upload resources… |
TransformerOptimus |
SuperAGI |
2026-04-20T07:00:16.486Z | 2026-04-20T15:56:36.960Z | |
| cve-2026-6644 | 9.4 (v4.0) | A command injection vulnerability was found in the PPT… |
ASUSTOR Inc. |
ADM |
2026-04-20T06:54:42.989Z | 2026-04-20T13:50:31.828Z |
| cve-2026-6614 | TransformerOptimus SuperAGI project.py get_projects_or… |
TransformerOptimus |
SuperAGI |
2026-04-20T06:45:11.801Z | 2026-04-20T13:51:06.467Z | |
| cve-2026-6643 | 8.6 (v4.0) | A stack-based buffer overflow vulnerability in the VPN… |
ASUSTOR Inc. |
ADM |
2026-04-20T06:34:27.511Z | 2026-04-20T13:46:07.764Z |
| cve-2026-6613 | TransformerOptimus SuperAGI agent.py get_schedule_data… |
TransformerOptimus |
SuperAGI |
2026-04-20T06:30:14.889Z | 2026-04-20T14:57:19.410Z | |
| cve-2026-6612 | TransformerOptimus SuperAGI Agent Execution Endpoint a… |
TransformerOptimus |
SuperAGI |
2026-04-20T06:15:10.393Z | 2026-04-20T11:24:09.255Z | |
| cve-2026-6611 | liangliangyy DjangoBlog File Upload Endpoint settings.… |
liangliangyy |
DjangoBlog |
2026-04-20T06:00:18.066Z | 2026-04-20T16:00:23.582Z | |
| cve-2024-7083 | N/A | Email Encoder < 2.3.4 - Admin+ Stored XSS |
Unknown |
Email Encoder |
2026-04-20T06:00:07.030Z | 2026-04-20T13:16:26.285Z |
| cve-2026-6610 | liangliangyy DjangoBlog Setting settings.py hard-coded… |
liangliangyy |
DjangoBlog |
2026-04-20T05:45:18.671Z | 2026-04-20T16:03:06.598Z | |
| cve-2026-6609 | liangliangyy DjangoBlog views.py form_valid improper a… |
liangliangyy |
DjangoBlog |
2026-04-20T05:30:16.620Z | 2026-04-20T13:51:42.600Z | |
| cve-2026-6608 | lm-sys fastchat Arena Side-by-Side View add_text contr… |
lm-sys |
fastchat |
2026-04-20T05:15:12.337Z | 2026-04-20T14:57:55.071Z | |
| cve-2026-6607 | lm-sys fastchat Worker API Endpoint api_generate resou… |
lm-sys |
fastchat |
2026-04-20T05:00:23.135Z | 2026-04-20T11:37:05.103Z | |
| cve-2026-6606 | modelscope agentscope _agent_base.py _process_audio_bl… |
modelscope |
agentscope |
2026-04-20T04:45:11.806Z | 2026-04-20T16:07:08.458Z | |
| cve-2026-6605 | modelscope agentscope Internal Service _common.py _get… |
modelscope |
agentscope |
2026-04-20T04:30:13.482Z | 2026-04-20T14:58:30.070Z | |
| cve-2026-6604 | modelscope agentscope Cloud Metadata Endpoint _openai_… |
modelscope |
agentscope |
2026-04-20T04:15:11.588Z | 2026-04-20T13:53:04.341Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-000067 | Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries | 2022-08-29T15:57+09:00 | 2024-06-13T13:53+09:00 |
| jvndb-2022-000064 | Movable Type XMLRPC API vulnerable to command injection | 2022-08-24T15:58+09:00 | 2024-06-13T18:11+09:00 |
| jvndb-2022-000065 | Multiple vulnerabilities in Exment | 2022-08-24T14:23+09:00 | 2024-06-14T11:09+09:00 |
| jvndb-2022-002339 | Multiple vulnerabilities in PukiWiki | 2022-08-24T14:17+09:00 | 2024-06-14T11:55+09:00 |
| jvndb-2022-002338 | PLANEX MZK-DP150N contains hidden administrative functionality | 2022-08-23T15:02+09:00 | 2024-06-14T14:06+09:00 |
| jvndb-2022-000063 | PukiWiki vulnerable to cross-site scripting | 2022-08-23T14:40+09:00 | 2024-06-14T12:00+09:00 |
| jvndb-2022-002337 | UNIMO Technology digital video recorders vulnerable to missing authentication for critical functions | 2022-08-23T14:31+09:00 | 2024-06-14T10:24+09:00 |
| jvndb-2022-002295 | Multiple vulnerabilities in Trend Micro Security | 2022-08-19T11:42+09:00 | 2022-08-19T11:42+09:00 |
| jvndb-2022-002265 | Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation | 2022-08-18T15:45+09:00 | 2024-06-14T17:11+09:00 |
| jvndb-2022-000062 | Kaitai Struct: compiler vulnerable to denial-of-service (DoS) | 2022-08-04T15:14+09:00 | 2022-08-04T15:14+09:00 |
| jvndb-2022-002112 | CONTEC SolarView Compact vulnerable to insufficient verification in uploading files | 2022-08-03T17:40+09:00 | 2024-06-14T15:21+09:00 |
| jvndb-2022-002143 | Information Disclosure Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator | 2022-08-01T17:10+09:00 | 2022-08-01T17:10+09:00 |
| jvndb-2022-000056 | Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001 | 2022-07-29T13:43+09:00 | 2024-06-14T16:27+09:00 |
| jvndb-2022-000061 | "JustSystems JUST Online Update for J-License" starts a program with an unquoted file path | 2022-07-28T13:40+09:00 | 2022-07-28T13:40+09:00 |
| jvndb-2022-000060 | "Hulu" App for iOS vulnerable to improper server certificate verification | 2022-07-28T09:51+09:00 | 2024-06-14T12:25+09:00 |
| jvndb-2022-000059 | "Hulu" App for Android uses a hard-coded API key for an external service | 2022-07-28T09:14+09:00 | 2024-06-14T14:42+09:00 |
| jvndb-2022-000057 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2022-07-25T14:30+09:00 | 2024-06-18T11:21+09:00 |
| jvndb-2022-000058 | Multiple vulnerabilities in untangle | 2022-07-25T14:18+09:00 | 2024-06-17T11:03+09:00 |
| jvndb-2022-000055 | Booked vulnerable to open redirect | 2022-07-22T13:40+09:00 | 2024-06-14T17:43+09:00 |
| jvndb-2022-000054 | Multiple vulnerabilities in Cybozu Office | 2022-07-20T17:28+09:00 | 2024-06-14T14:02+09:00 |
| jvndb-2022-002017 | U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow | 2022-07-14T15:59+09:00 | 2024-06-14T17:53+09:00 |
| jvndb-2022-000053 | Django Extract and Trunc functions vulnerable to SQL injection | 2022-07-12T13:47+09:00 | 2024-06-18T11:57+09:00 |
| jvndb-2022-000052 | Passage Drive vulnerable to insufficient data verification | 2022-07-08T13:42+09:00 | 2024-06-14T17:48+09:00 |
| jvndb-2022-000051 | Multiple vulnerabilities in Cybozu Garoon | 2022-07-04T14:17+09:00 | 2024-06-17T16:49+09:00 |
| jvndb-2022-000050 | LiteCart vulnerable to cross-site scripting | 2022-07-04T14:12+09:00 | 2024-06-17T10:39+09:00 |
| jvndb-2022-000049 | HOME SPOT CUBE2 vulnerable to OS command injection | 2022-06-29T13:42+09:00 | 2024-06-17T10:45+09:00 |
| jvndb-2022-000048 | L2Blocker Sensor setup screen vulnerable to authentication bypass | 2022-06-24T14:21+09:00 | 2024-06-18T10:45+09:00 |
| jvndb-2022-000047 | web2py vulnerable to open redirect | 2022-06-23T14:21+09:00 | 2024-06-18T10:48+09:00 |
| jvndb-2022-000046 | Gitlab vulnerable to server-side request forgery | 2022-06-17T12:26+09:00 | 2024-06-20T15:39+09:00 |
| jvndb-2022-001953 | Growi vulnerable to weak password requirements | 2022-06-15T17:47+09:00 | 2022-06-15T17:47+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0872 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0871 | Multiples vulnérabilités dans les produits Fortinet | 2025-10-15T00:00:00.000000 | 2025-10-15T00:00:00.000000 |
| certfr-2025-avi-0870 | Vulnérabilité dans Microsoft Azure | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0869 | Multiples vulnérabilités dans les produits Veeam | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0868 | Vulnérabilité dans Siemens SIMATIC | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0867 | Multiples vulnérabilités dans les produits SAP | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0866 | Vulnérabilité dans Elastic Cloud Enterprise | 2025-10-14T00:00:00.000000 | 2025-10-14T00:00:00.000000 |
| certfr-2025-avi-0865 | Vulnérabilité dans Oracle E-Business Suite | 2025-10-13T00:00:00.000000 | 2025-10-13T00:00:00.000000 |
| certfr-2025-avi-0864 | Multiples vulnérabilités dans VMware Tanzu | 2025-10-13T00:00:00.000000 | 2025-10-13T00:00:00.000000 |
| certfr-2025-avi-0863 | Vulnérabilité dans Belden HiOS Switch Platform | 2025-10-13T00:00:00.000000 | 2025-10-13T00:00:00.000000 |
| certfr-2025-avi-0862 | Multiples vulnérabilités dans Microsoft Edge | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0861 | Multiples vulnérabilités dans les produits IBM | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0860 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0859 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0858 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-10-10T00:00:00.000000 | 2025-10-10T00:00:00.000000 |
| certfr-2025-avi-0857 | Vulnérabilité dans Wireshark | 2025-10-09T00:00:00.000000 | 2025-10-09T00:00:00.000000 |
| certfr-2025-avi-0856 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-10-09T00:00:00.000000 | 2025-10-09T00:00:00.000000 |
| certfr-2025-avi-0855 | Multiples vulnérabilités dans les produits Juniper Networks | 2025-10-09T00:00:00.000000 | 2025-10-09T00:00:00.000000 |
| certfr-2025-avi-0854 | Vulnérabilité dans les produits Moxa | 2025-10-09T00:00:00.000000 | 2025-10-09T00:00:00.000000 |
| certfr-2025-avi-0853 | Multiples vulnérabilités dans GitLab | 2025-10-09T00:00:00.000000 | 2025-10-09T00:00:00.000000 |
| certfr-2025-avi-0852 | Vulnérabilité dans Tenable Security Center | 2025-10-09T00:00:00.000000 | 2025-10-09T00:00:00.000000 |
| certfr-2025-avi-0851 | Vulnérabilité dans Python | 2025-10-08T00:00:00.000000 | 2025-10-08T00:00:00.000000 |
| certfr-2025-avi-0850 | Multiples vulnérabilités dans Google Chrome | 2025-10-08T00:00:00.000000 | 2025-10-08T00:00:00.000000 |
| certfr-2025-avi-0849 | Multiples vulnérabilités dans les produits Elastic | 2025-10-07T00:00:00.000000 | 2025-10-07T00:00:00.000000 |
| certfr-2025-avi-0848 | Vulnérabilité dans OpenSSH | 2025-10-06T00:00:00.000000 | 2025-10-07T00:00:00.000000 |
| certfr-2025-avi-0847 | Vulnérabilité dans les produits Liferay | 2025-10-06T00:00:00.000000 | 2025-10-08T00:00:00.000000 |
| certfr-2025-avi-0846 | Multiples vulnérabilités dans les produits Qnap | 2025-10-06T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-avi-0845 | Multiples vulnérabilités dans Zabbix | 2025-10-06T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-avi-0844 | Multiples vulnérabilités dans IBM Sterling Connect | 2025-10-03T00:00:00.000000 | 2025-10-03T00:00:00.000000 |
| certfr-2025-avi-0843 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-10-03T00:00:00.000000 | 2025-10-03T00:00:00.000000 |