Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-48855 | 2.3 (v4.0) | SFTP READLINK Leaks Absolute Backend Filesystem Path W… |
Erlang |
OTP |
2026-06-10T14:35:49.683Z | 2026-06-11T04:45:29.864Z |
| cve-2026-46614 | Fission router exposes /fission-function/<ns>/<name> o… |
fission |
fission |
2026-06-10T17:19:21.691Z | 2026-06-11T03:55:42.785Z | |
| cve-2026-1220 | N/A | Race in V8 in Google Chrome prior to 144.0.7559.9… |
Google |
Chrome |
2026-06-10T19:39:42.115Z | 2026-06-11T03:55:41.658Z |
| cve-2026-20253 | 9.8 (v3.1) | Unauthenticated Arbitrary File Creation and Truncation… |
Splunk |
Splunk Enterprise |
2026-06-10T17:16:21.242Z | 2026-06-11T03:55:40.574Z |
| cve-2026-20251 | 8.8 (v3.1) | Remote Code Execution through Deserialization of Untru… |
Splunk |
Splunk Enterprise |
2026-06-10T17:16:00.352Z | 2026-06-11T03:55:39.372Z |
| cve-2026-41717 | 8.1 (v3.1) | Spring Data MongoDB - SpEL Expression Injection via An… |
Spring |
Spring Data MongoDB |
2026-06-09T23:48:38.290Z | 2026-06-11T03:55:38.286Z |
| cve-2026-41729 | 8.1 (v3.1) | Spring Data REST SpEL Injection via Map Key in JSON Patch |
Spring |
Spring Data REST |
2026-06-09T23:49:17.014Z | 2026-06-11T03:55:37.180Z |
| cve-2026-0273 | 6.1 (v4.0) 5.7 (v4.0) | PAN-OS: Authenticated Admin Command Injection Vulnerab… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:45.198Z | 2026-06-11T03:55:36.051Z |
| cve-2026-0272 | 6 (v4.0) 5.6 (v4.0) | PAN-OS: Privilege Escalation (PE) Vulnerability in the… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:10.714Z | 2026-06-11T03:55:34.909Z |
| cve-2026-9151 | 8.5 (v4.0) | Command Injection Vulnerability in OpenVPN on Multiple… |
TP-Link Systems Inc. |
Archer AX12 V1 |
2026-06-10T17:10:10.842Z | 2026-06-11T03:55:33.812Z |
| cve-2026-53435 | N/A | In Jenkins 2.567 and earlier, LTS 2.555.2 and ear… |
Jenkins Project |
Jenkins |
2026-06-10T13:05:57.208Z | 2026-06-11T03:55:32.661Z |
| cve-2026-46432 | LMDeploy: Arbitrary code execution via hardcoded trust… |
InternLM |
lmdeploy |
2026-06-09T23:05:38.876Z | 2026-06-11T03:55:31.478Z | |
| cve-2026-46517 | LMDeploy: Hardcoded trust_remote_code=True is an impli… |
InternLM |
lmdeploy |
2026-06-09T23:05:43.966Z | 2026-06-11T03:55:30.372Z | |
| cve-2025-10237 | 8.4 (v4.0) 6.7 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS |
2026-06-10T14:10:56.181Z | 2026-06-11T03:55:29.206Z |
| cve-2025-10238 | 8.4 (v4.0) 6.7 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS |
2026-06-10T14:11:21.336Z | 2026-06-11T03:55:27.982Z |
| cve-2026-47838 | 6.8 (v3.1) | Unauthorized User Impersonation when Using X.509 Clien… |
Spring |
Spring Security |
2026-06-09T23:50:07.988Z | 2026-06-11T03:55:26.845Z |
| cve-2025-66273 | 8.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:04:39.973Z | 2026-06-11T03:55:25.759Z |
| cve-2025-66279 | 8.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:05:38.333Z | 2026-06-11T03:55:24.593Z |
| cve-2026-22893 | 8.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:06:34.562Z | 2026-06-11T03:55:23.448Z |
| cve-2026-24719 | 8.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-06-10T03:14:52.892Z | 2026-06-11T03:55:22.349Z |
| cve-2026-49841 | FreeSWITCH: Pre-authentication heap buffer overflow in… |
signalwire |
freeswitch |
2026-06-09T16:02:24.116Z | 2026-06-11T03:55:21.275Z | |
| cve-2026-47932 | 8.8 (v3.1) | ColdFusion | Improper Limitation of a Pathname to a Re… |
Adobe |
ColdFusion |
2026-06-09T20:33:38.062Z | 2026-06-11T03:55:20.177Z |
| cve-2026-47929 | 8.4 (v3.1) | ColdFusion | Incorrect Authorization (CWE-863) |
Adobe |
ColdFusion |
2026-06-09T20:33:38.859Z | 2026-06-11T03:55:19.071Z |
| cve-2026-47928 | 9.6 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:36.440Z | 2026-06-11T03:55:17.985Z |
| cve-2026-47931 | 8.4 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:35.611Z | 2026-06-11T03:55:16.897Z |
| cve-2026-47930 | 8.1 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:34.756Z | 2026-06-11T03:55:15.464Z |
| cve-2026-35273 | Vulnerability in the PeopleSoft Enterprise People… |
Oracle Corporation |
PeopleSoft Enterprise PeopleTools |
2026-06-11T02:25:15.375Z | 2026-06-11T03:08:03.789Z | |
| cve-2026-2827 | Open User Map PRO <= 1.4.31 - Unauthenticated Stored C… |
100plugins |
Open User Map PRO |
2026-06-11T01:27:56.479Z | 2026-06-11T01:27:56.479Z | |
| cve-2022-48575 | N/A | A person with access to a Mac may be able to bypa… |
Apple |
macOS Monterey |
2026-06-10T20:09:04.767Z | 2026-06-11T00:25:13.286Z |
| cve-2022-26758 | N/A | A malicious application may cause unexpected chan… |
Apple |
macOS Monterey |
2026-06-10T20:09:03.837Z | 2026-06-11T00:23:14.636Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000069 | Android App "Anshin Filter for au" vulnerable to cleartext transmission of sensitive information | 2026-05-13T15:41+09:00 | 2026-05-13T15:41+09:00 |
| jvndb-2026-015132 | Canon Production Printers and Office Multifunction Printers vulnerable to information disclosure | 2026-05-12T14:04+09:00 | 2026-05-12T14:04+09:00 |
| jvndb-2026-000071 | GROWI vulnerable to path traversal | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000070 | libXpm vulnerable to out-of-bounds read | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000068 | Lhaz and Lhaz+ vulnerable to path traversal | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000067 | "Kura Sushi Official App" vulnerable to improper certificate validation | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000066 | Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2026-04-30T17:02+09:00 | 2026-04-30T17:02+09:00 |
| jvndb-2026-000064 | GROWI vulnerable to Regular expression Denial-of-Service (ReDoS) | 2026-04-23T16:57+09:00 | 2026-04-30T12:19+09:00 |
| jvndb-2026-006408 | Apache ActiveMQ series improper validation of MQTT packets [AMQ-9810] | 2026-04-24T17:56+09:00 | 2026-04-24T17:56+09:00 |
| jvndb-2026-012056 | Multiple vulnerabilities in silex technology SD-330AC and AMC Manager | 2026-04-21T15:27+09:00 | 2026-04-23T17:57+09:00 |
| jvndb-2026-000063 | IP Setting Software may insecurely load Dynamic Link Libraries | 2026-04-23T16:57+09:00 | 2026-04-23T16:57+09:00 |
| jvndb-2026-000062 | CMS ALAYA vulnerable to SQL injection | 2026-04-23T16:57+09:00 | 2026-04-23T16:57+09:00 |
| jvndb-2026-000059 | Multiple vulnerabilities in LogonTracer | 2026-04-23T16:57+09:00 | 2026-04-23T16:57+09:00 |
| jvndb-2026-000061 | Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries | 2026-04-22T15:45+09:00 | 2026-04-22T15:45+09:00 |
| jvndb-2026-000060 | DeepL Chrome browser extension vulnerable to cross-site scripting | 2026-04-22T15:45+09:00 | 2026-04-22T15:45+09:00 |
| jvndb-2026-000058 | Ziostation2 vulnerable to path traversal | 2026-04-22T15:45+09:00 | 2026-04-22T15:45+09:00 |
| jvndb-2026-000051 | SKYSEA Client View and SKYMEC IT Manager improper file access permission settings | 2026-04-20T14:47+09:00 | 2026-04-20T14:47+09:00 |
| jvndb-2026-011472 | OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries | 2026-04-17T14:54+09:00 | 2026-04-17T14:54+09:00 |
| jvndb-2026-000057 | Multiple vulnerabilities in CubeCart | 2026-04-17T13:32+09:00 | 2026-04-17T13:32+09:00 |
| jvndb-2026-000056 | Arcserve UDP Console vulnerable to redirect to a dummy URL | 2026-04-16T17:29+09:00 | 2026-04-16T17:29+09:00 |
| jvndb-2026-000055 | GROWI vulnerable to stored cross-site scripting | 2026-04-15T17:21+09:00 | 2026-04-15T17:21+09:00 |
| jvndb-2026-010851 | Stack-based buffer overflow vulnerability in Dynabook Bluetooth ACPI Drivers | 2026-04-14T18:13+09:00 | 2026-04-14T18:13+09:00 |
| jvndb-2026-000053 | EmoCheck loads Dynamic Link Libraries insecurely | 2026-04-10T13:38+09:00 | 2026-04-10T13:38+09:00 |
| jvndb-2026-007973 | Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) | 2026-03-23T14:54+09:00 | 2026-04-09T13:55+09:00 |
| jvndb-2026-000052 | Multiple vulnerabilities in MATCHA series | 2026-04-08T16:15+09:00 | 2026-04-08T16:15+09:00 |
| jvndb-2026-000050 | Multiple vulnerabilities in Movable Type | 2026-04-08T16:15+09:00 | 2026-04-08T16:15+09:00 |
| jvndb-2026-010301 | Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010300 | Multiple Vulnerabilities in Hitachi Ops Center Viewpoint | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010299 | Multiple Vulnerabilities in Hitachi Ops Center Common Services | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-009720 | Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) | 2026-04-02T14:58+09:00 | 2026-04-03T15:50+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ts-2022-005 | TS-2022-005 | 2022-11-21T00:00 |
| ts-2022-004 | TS-2022-004 | 2022-11-21T00:00 |
| ts-2022-003 | TS-2022-003 | 2022-06-14T00:00 |
| ts-2022-002 | TS-2022-002 | 2022-05-11T00:00 |
| ts-2022-001 | TS-2022-001 | 2022-02-07T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0720 | Multiples vulnérabilités dans les produits Adobe | 2026-06-10T00:00:00.000000 | 2026-06-10T00:00:00.000000 |
| certfr-2026-avi-0719 | Multiples vulnérabilités dans les produits Spring | 2026-06-10T00:00:00.000000 | 2026-06-10T00:00:00.000000 |
| certfr-2026-avi-0718 | Vulnérabilité dans PostgreSQL | 2026-06-10T00:00:00.000000 | 2026-06-10T00:00:00.000000 |
| certfr-2026-avi-0717 | Multiples vulnérabilités dans OpenSSL | 2026-06-10T00:00:00.000000 | 2026-06-10T00:00:00.000000 |
| certfr-2026-avi-0699 | Vulnérabilité dans Cisco Catalyst SD-WAN | 2026-06-05T00:00:00.000000 | 2026-06-10T00:00:00.000000 |
| certfr-2026-avi-0715 | Multiples vulnérabilités dans les produits SAP | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0714 | Multiples vulnérabilités dans les produits Siemens | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0713 | Vulnérabilité dans les produits Schneider Electric EcoStruxure IT Data Center Expert | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0712 | Vulnérabilité dans Veeam Backup & Replication | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0711 | Multiples vulnérabilités dans les VPN Check Point | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0710 | Multiples vulnérabilités dans Apache HTTP Server | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0709 | Vulnérabilité dans strongSwan | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0708 | Multiples vulnérabilités dans Google Chrome | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0707 | Vulnérabilité dans Moodle | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0706 | Multiples vulnérabilités dans Apereo CAS | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0705 | Multiples vulnérabilités dans les produits Spring | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0704 | Vulnérabilité dans CPython | 2026-06-09T00:00:00.000000 | 2026-06-09T00:00:00.000000 |
| certfr-2026-avi-0703 | Vulnérabilité dans Laravel | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0702 | Multiples vulnérabilités dans Spring Micrometer | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0701 | Multiples vulnérabilités dans les produits Microsoft | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0700 | Multiples vulnérabilités dans Microsoft Edge | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0698 | Multiples vulnérabilités dans les produits IBM | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0697 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0696 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0695 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0694 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0693 | Multiples vulnérabilités dans Microsoft Azure Linux | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0692 | Multiples vulnérabilités dans Google Chrome | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0691 | Multiples vulnérabilités dans CPython | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0690 | Multiples vulnérabilités dans Traefik | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways | 2024-01-11T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-002 | [MàJ] Multiples Vulnérabilités dans GitLab | 2024-01-12T00:00:00.000000 | 2024-02-22T00:00:00.000000 |
| certfr-2023-ale-013 | Vulnérabilité dans Apache Struts 2 | 2023-12-13T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-012 | [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2023-10-23T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-011 | [MàJ] Multiples vulnérabilités dans Cisco IOS XE | 2023-10-17T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-010 | Multiples vulnérabilités dans Exim | 2023-10-02T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-008 | [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2023-07-19T00:00:00.000000 | 2024-01-02T00:00:00.000000 |
| certfr-2023-ale-007 | [MàJ] Vulnérabilité dans Zimbra Collaboration Suite | 2023-07-17T00:00:00.000000 | 2024-01-02T00:00:00.000000 |
| certfr-2023-ale-006 | Vulnérabilité dans les produits Microsoft | 2023-07-12T00:00:00.000000 | 2023-12-12T00:00:00.000000 |
| certfr-2023-ale-009 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2023-07-26T00:00:00.000000 | 2023-09-15T00:00:00.000000 |
| certfr-2023-ale-005 | Synthèse sur l'exploitation d'une vulnérabilité dans MOVEit Transfer | 2023-07-05T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2023-ale-004 | Vulnérabilité dans les produits Fortinet | 2023-06-13T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2022-ale-014 | Multiples vulnérabilités dans AMI MegaRAC | 2022-12-16T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2023-ale-002 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2023-03-15T00:00:00.000000 | 2023-05-11T00:00:00.000000 |
| certfr-2023-ale-003 | [MàJ] Compromission de l'application 3CX Desktop App | 2023-03-31T00:00:00.000000 | 2023-04-12T00:00:00.000000 |
| certfr-2023-ale-015 | [MàJ] Campagne d'exploitation d'une vulnérabilité affectant VMware ESXi | 2023-02-03T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2023-ale-001 | Vulnérabilité dans Fortinet FortiOS | 2023-03-14T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-013 | [MàJ] Vulnérabilité dans Citrix ADC et Gateway | 2022-12-13T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-010 | Multiples vulnérabilités dans GLPI | 2022-10-07T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-009 | [MaJ] Vulnérabilité dans Zimbra Collaboration | 2022-10-07T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-008 | [MaJ] Multiples vulnérabilités dans Microsoft Exchange | 2022-09-30T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-007 | Multiples vulnérabilités dans Microsoft Windows | 2022-09-16T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-012 | [MàJ] Vulnérabilité dans FortiOS SSL-VPN | 2022-12-13T00:00:00.000000 | 2022-12-20T00:00:00.000000 |
| certfr-2022-ale-011 | Vulnérabilité dans les produits Fortinet | 2022-10-14T00:00:00.000000 | 2022-10-14T00:00:00.000000 |
| certfr-2022-ale-006 | [MàJ] Vulnérabilité dans Atlassian Confluence | 2022-06-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-002 | Vulnérabilité dans VMware Spring Cloud Gateway | 2022-03-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-005 | [MàJ] Vulnérabilité dans Microsoft Windows | 2022-05-31T00:00:00.000000 | 2022-09-16T00:00:00.000000 |
| certfr-2022-ale-004 | Vulnérabilité dans F5 BIG-IP | 2022-05-11T00:00:00.000000 | 2022-09-16T00:00:00.000000 |