Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-6569 | kodcloud KodExplorer fileGet Endpoint share.class.php … |
kodcloud |
KodExplorer |
2026-04-19T10:15:11.445Z | 2026-04-20T14:55:28.674Z | |
| cve-2026-6568 | kodcloud KodExplorer Public Share share.class.php init… |
kodcloud |
KodExplorer |
2026-04-19T09:45:11.131Z | 2026-04-20T15:20:09.531Z | |
| cve-2026-6564 | EMQ EMQX Enterprise Session Handling improper authorization |
EMQ |
EMQX Enterprise |
2026-04-19T09:30:15.159Z | 2026-04-20T16:09:52.702Z | |
| cve-2026-6563 | H3C Magic B1 aspForm SetAPWifiorLedInfoById buffer overflow |
H3C |
Magic B1 |
2026-04-19T08:30:14.248Z | 2026-04-20T14:18:45.761Z | |
| cve-2026-6562 | dameng100 muucmf index.html getListByPage sql injection |
dameng100 |
muucmf |
2026-04-19T08:15:11.633Z | 2026-04-20T16:06:23.786Z | |
| cve-2026-6561 | EyouCMS Index.php edit_adminlogo unrestricted upload |
n/a |
EyouCMS |
2026-04-19T07:15:11.267Z | 2026-04-20T14:55:35.698Z | |
| cve-2026-6560 | H3C Magic B0 aspForm Edit_BasicSSID buffer overflow |
H3C |
Magic B0 |
2026-04-19T06:45:14.514Z | 2026-04-20T15:20:44.443Z | |
| cve-2026-6559 | Wavlink WL-WN579A3 login.cgi sub_401F80 cross site scripting |
Wavlink |
WL-WN579A3 |
2026-04-19T05:15:15.503Z | 2026-04-20T16:07:54.597Z | |
| cve-2026-0868 | EMC Scheduling Manager <= 4.4 - Authenticated (Contrib… |
turn2honey |
EMC – Easily Embed Calendly Scheduling |
2026-04-19T03:26:14.765Z | 2026-04-20T16:53:24.024Z | |
| cve-2026-41242 | protobufjs has an arbitrary code execution issue |
protobufjs |
protobuf.js |
2026-04-18T16:18:10.652Z | 2026-04-20T16:03:57.689Z | |
| cve-2026-40948 | Apache Airflow Providers Keycloak: OAuth Login CSRF — … |
Apache Software Foundation |
Apache Airflow Providers Keycloak |
2026-04-18T13:22:41.577Z | 2026-04-20T16:17:53.543Z | |
| cve-2026-2986 | Contextual Related Posts <= 4.2.1 - Authenticated (Con… |
ajay |
Contextual Related Posts |
2026-04-18T11:16:10.980Z | 2026-04-20T14:19:06.323Z | |
| cve-2026-2505 | Categories Images <= 3.3.1 - Authenticated (Contributo… |
elzahlan |
Categories Images |
2026-04-18T09:26:52.654Z | 2026-04-20T13:46:07.918Z | |
| cve-2026-0894 | Content Blocks (Custom Post Widget) <= 3.3.9 - Authent… |
vanderwijk |
Content Blocks (Custom Post Widget) |
2026-04-18T09:26:52.078Z | 2026-04-20T13:48:40.598Z | |
| cve-2026-41254 | 4 (v3.1) | Little CMS (lcms2) through 2.18 has an integer ov… |
littlecms |
little cms color engine |
2026-04-18T06:43:13.741Z | 2026-04-20T16:09:45.530Z |
| cve-2026-32690 | Apache Airflow: 3.x - Nested Variable Secret Values By… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:22:26.081Z | 2026-04-20T16:11:33.956Z | |
| cve-2026-30898 | Apache Airflow: Bad example of BashOperator shell inje… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:20:48.647Z | 2026-04-22T03:55:38.783Z | |
| cve-2026-30912 | Apache Airflow: Exposing stack trace in case of constr… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:20:30.254Z | 2026-04-20T16:26:07.128Z | |
| cve-2026-25917 | Apache Airflow: API extra-links triggers XCom deserial… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:20:11.187Z | 2026-04-22T13:58:49.807Z | |
| cve-2026-32228 | Apache Airflow: Users with asset materialization permi… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:19:47.512Z | 2026-04-20T15:54:05.072Z | |
| cve-2026-41253 | 6.9 (v3.1) | In iTerm2 through 3.6.9, displaying a .txt file c… |
iTerm2 |
iTerm2 |
2026-04-18T05:27:08.202Z | 2026-04-20T15:52:10.357Z |
| cve-2026-6048 | Flipbox Addon for Elementor <= 2.1.1 - Authenticated (… |
dragwyb |
Flipbox Addon for Elementor |
2026-04-18T03:37:05.751Z | 2026-04-20T13:46:08.081Z | |
| cve-2026-6518 | CMP – Coming Soon & Maintenance Plugin by NiteoThemes … |
niteo |
CMP – Coming Soon & Maintenance Plugin by NiteoThemes |
2026-04-18T03:37:04.707Z | 2026-04-20T13:46:08.222Z | |
| cve-2026-4801 | Page Builder Gutenberg Blocks <= 3.1.16 - Authenticate… |
godaddy |
Page Builder Gutenberg Blocks – CoBlocks |
2026-04-18T03:37:03.859Z | 2026-04-20T14:42:38.120Z | |
| cve-2026-40494 | SAIL has heap buffer overflow in TGA RLE decoder — raw… |
HappySeaFox |
sail |
2026-04-18T01:42:48.830Z | 2026-04-20T14:55:42.859Z | |
| cve-2026-40493 | SAIL has heap buffer overflow in PSD decoder — bpp mis… |
HappySeaFox |
sail |
2026-04-18T01:41:14.664Z | 2026-04-20T16:15:22.120Z | |
| cve-2026-40492 | SAIL has heap buffer overflow in XWD decoder — bits_pe… |
HappySeaFox |
sail |
2026-04-18T01:39:48.056Z | 2026-04-20T15:24:42.029Z | |
| cve-2026-40491 | gdown Affected by Arbitrary File Write via Path Traver… |
wkentaro |
gdown |
2026-04-18T01:36:47.659Z | 2026-04-20T15:50:02.983Z | |
| cve-2026-40490 | AsyncHttpClient leaks authorization credentials to unt… |
AsyncHttpClient |
async-http-client |
2026-04-18T01:31:13.860Z | 2026-04-20T14:55:50.254Z | |
| cve-2026-1559 | Youzify <= 1.3.6 - Authenticated (Subscriber+) Stored … |
youzify |
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress |
2026-04-18T01:26:05.210Z | 2026-04-20T13:46:08.353Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-001087 | GROWI vulnerable to authorization bypass through user-controlled key | 2022-01-24T14:07+09:00 | 2022-01-24T14:07+09:00 |
| jvndb-2022-000006 | Multiple cross-site scripting vulnerabilities in php_mailform | 2022-01-20T15:42+09:00 | 2022-01-20T15:42+09:00 |
| jvndb-2022-000001 | Canon laser printers and small office multifunctional printers vulnerable to cross-site scripting | 2022-01-19T14:00+09:00 | 2022-01-19T14:00+09:00 |
| jvndb-2022-000005 | PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption | 2022-01-13T15:26+09:00 | 2022-01-13T15:26+09:00 |
| jvndb-2022-000004 | Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials | 2022-01-13T15:21+09:00 | 2022-01-13T15:21+09:00 |
| jvndb-2022-000003 | Jimoty App for Android uses a hard-coded API key for an external service | 2022-01-12T15:37+09:00 | 2022-01-12T15:37+09:00 |
| jvndb-2022-000002 | Multiple vulnerabilities in WordPress Plugin "Quiz And Survey Master" | 2022-01-12T15:33+09:00 | 2022-01-12T15:33+09:00 |
| jvndb-2021-006146 | Multiple vulnerabilities in KONICA MINOLTA MFPs and printing systems | 2021-12-28T11:51+09:00 | 2021-12-28T11:51+09:00 |
| jvndb-2021-006117 | Multiple vulnerabilities in IDEC PLCs | 2021-12-27T16:54+09:00 | 2022-01-11T16:36+09:00 |
| jvndb-2021-006026 | TP-Link TL-WR802N V4(JP) vulnerable to OS command injection | 2021-12-24T15:31+09:00 | 2021-12-24T15:31+09:00 |
| jvndb-2021-005998 | Multiple vulnerabilities in QNAP VioStar NVR | 2021-12-24T10:58+09:00 | 2021-12-24T10:58+09:00 |
| jvndb-2021-003929 | Multiple vulnerabilities in multiple Yamaha routers | 2021-12-24T10:51+09:00 | 2021-12-24T10:51+09:00 |
| jvndb-2021-000112 | Android Apps developed using Yappli fails to restrict custom URL schemes properly | 2021-12-22T15:07+09:00 | 2021-12-22T15:07+09:00 |
| jvndb-2021-000111 | Multiple vulnerabilities in GroupSession | 2021-12-20T14:53+09:00 | 2021-12-21T14:20+09:00 |
| jvndb-2021-000110 | UNIVERGE DT Series vulnerable to missing encryption of sensitive data | 2021-12-17T16:57+09:00 | 2021-12-17T16:57+09:00 |
| jvndb-2021-005174 | Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer) | 2021-12-09T13:43+09:00 | 2021-12-09T13:43+09:00 |
| jvndb-2021-004912 | Multiple vulnerabilities in multiple ELECOM routers | 2021-12-02T17:16+09:00 | 2022-03-30T16:11+09:00 |
| jvndb-2021-000109 | Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields" | 2021-12-02T15:02+09:00 | 2022-02-18T16:18+09:00 |
| jvndb-2021-000108 | Multiple vulnerabilities in multiple ELECOM LAN routers | 2021-11-30T16:23+09:00 | 2022-03-29T16:18+09:00 |
| jvndb-2021-000107 | Wi-Fi STATION SH-52A vulnerable to cross-site scripting | 2021-11-30T14:49+09:00 | 2021-11-30T14:49+09:00 |
| jvndb-2021-004716 | Trend Micro Antivirus for MAC vulnerable to improper access controls | 2021-11-29T13:52+09:00 | 2021-11-29T13:52+09:00 |
| jvndb-2021-000106 | Multiple vulnerabilities in baserCMS | 2021-11-26T14:59+09:00 | 2021-11-26T14:59+09:00 |
| jvndb-2021-000104 | WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery | 2021-11-25T14:31+09:00 | 2021-11-25T14:31+09:00 |
| jvndb-2021-000105 | PowerCMS XMLRPC API vulnerable to OS command injection | 2021-11-24T15:47+09:00 | 2024-07-26T15:22+09:00 |
| jvndb-2021-004432 | Multiple Vulnerabilities in JP1/Automatic Operation | 2021-11-22T16:10+09:00 | 2021-11-22T16:10+09:00 |
| jvndb-2021-000103 | WordPress Plugin "Push Notifications for WordPress (Lite)" vulnerable to cross-site request forgery | 2021-11-16T13:42+09:00 | 2021-11-16T13:42+09:00 |
| jvndb-2021-000102 | rwtxt vulnerable to cross-site scripting | 2021-11-16T13:38+09:00 | 2021-11-16T13:38+09:00 |
| jvndb-2021-000101 | Unlimited Sitemap Generator vulnerable to cross-site request forgery | 2021-11-12T15:07+09:00 | 2021-11-12T15:07+09:00 |
| jvndb-2021-003840 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2021-11-12T11:41+09:00 | 2021-11-12T11:41+09:00 |
| jvndb-2021-000100 | Multiple vulnerabilities in EC-CUBE 2 series | 2021-11-11T15:09+09:00 | 2021-11-11T15:09+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0782 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-09-11T00:00:00.000000 | 2025-09-11T00:00:00.000000 |
| certfr-2025-avi-0781 | Multiples vulnérabilités dans Cisco IOS XR | 2025-09-11T00:00:00.000000 | 2025-09-11T00:00:00.000000 |
| certfr-2025-avi-0780 | Multiples vulnérabilités dans les produits Microsoft | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0779 | Multiples vulnérabilités dans Microsoft Azure | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0778 | Multiples vulnérabilités dans Microsoft Windows | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0777 | Multiples vulnérabilités dans Microsoft Office | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0776 | Multiples vulnérabilités dans GitLab | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0775 | Multiples vulnérabilités dans Curl | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0774 | Vulnérabilité dans Liferay | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0773 | Multiples vulnérabilités dans les produits Fortinet | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0772 | Vulnérabilité dans les points d'accès Sophos AP6 | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0771 | Multiples vulnérabilités dans Xen | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0770 | Multiples vulnérabilités dans les produits Adobe | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0769 | Multiples vulnérabilités dans Google Chrome | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0768 | Multiples vulnérabilités dans les produits Ivanti | 2025-09-10T00:00:00.000000 | 2025-09-10T00:00:00.000000 |
| certfr-2025-avi-0767 | Vulnérabilité dans les produits Adobe | 2025-09-09T00:00:00.000000 | 2025-09-09T00:00:00.000000 |
| certfr-2025-avi-0766 | Multiples vulnérabilités dans les produits Liferay | 2025-09-09T00:00:00.000000 | 2025-09-19T00:00:00.000000 |
| certfr-2025-avi-0765 | Multiples vulnérabilités dans les produits Siemens | 2025-09-09T00:00:00.000000 | 2025-09-09T00:00:00.000000 |
| certfr-2025-avi-0764 | Multiples vulnérabilités dans les produits SAP | 2025-09-09T00:00:00.000000 | 2025-09-09T00:00:00.000000 |
| certfr-2025-avi-0763 | Vulnérabilité dans Spring Cloud Gateway | 2025-09-09T00:00:00.000000 | 2025-09-09T00:00:00.000000 |
| certfr-2025-avi-0762 | Vulnérabilité dans SPIP | 2025-09-08T00:00:00.000000 | 2025-09-08T00:00:00.000000 |
| certfr-2025-avi-0761 | Multiples vulnérabilités dans Microsoft Edge | 2025-09-08T00:00:00.000000 | 2025-09-08T00:00:00.000000 |
| certfr-2025-avi-0760 | Multiples vulnérabilités dans les produits IBM | 2025-09-05T00:00:00.000000 | 2025-09-05T00:00:00.000000 |
| certfr-2025-avi-0759 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-09-05T00:00:00.000000 | 2025-09-05T00:00:00.000000 |
| certfr-2025-avi-0758 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-09-05T00:00:00.000000 | 2025-09-05T00:00:00.000000 |
| certfr-2025-avi-0757 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-09-05T00:00:00.000000 | 2025-09-05T00:00:00.000000 |
| certfr-2025-avi-0756 | Multiples vulnérabilités dans les produits VMware | 2025-09-05T00:00:00.000000 | 2025-09-05T00:00:00.000000 |
| certfr-2025-avi-0755 | Vulnérabilité dans les produits Synology | 2025-09-05T00:00:00.000000 | 2025-09-05T00:00:00.000000 |
| certfr-2025-avi-0754 | Multiples vulnérabilités dans les produits VMware | 2025-09-04T00:00:00.000000 | 2025-09-04T00:00:00.000000 |
| certfr-2025-avi-0753 | Vulnérabilité dans Shibboleth Service Provider | 2025-09-04T00:00:00.000000 | 2025-09-04T00:00:00.000000 |