Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33679 | Vikunja has SSRF via OpenID Connect Avatar Download th… |
go-vikunja |
vikunja |
2026-03-24T15:46:10.417Z | 2026-03-24T17:34:14.519Z | |
| cve-2026-33678 | Vikunja has IDOR in Task Attachment ReadOne Allows Cro… |
go-vikunja |
vikunja |
2026-03-24T15:44:06.336Z | 2026-03-24T17:04:42.454Z | |
| cve-2026-33677 | Webhook BasicAuth Credentials Exposed to Read-Only Pro… |
go-vikunja |
vikunja |
2026-03-24T15:36:51.576Z | 2026-03-24T17:43:43.803Z | |
| cve-2026-33676 | Vikunja has Cross-Project Information Disclosure via T… |
go-vikunja |
vikunja |
2026-03-24T15:35:37.991Z | 2026-03-24T18:55:19.706Z | |
| cve-2026-33675 | Vikunja has SSRF via Todoist/Trello Migration File Att… |
go-vikunja |
vikunja |
2026-03-24T15:33:05.868Z | 2026-03-24T18:15:30.530Z | |
| cve-2026-33668 | Vikunja Allows Disabled/Locked User Accounts to Authen… |
go-vikunja |
vikunja |
2026-03-24T15:30:27.159Z | 2026-03-26T19:52:13.977Z | |
| cve-2026-33474 | Vikunja Affected by DoS via Image Preview Generation |
go-vikunja |
vikunja |
2026-03-24T15:21:19.628Z | 2026-03-24T15:52:23.050Z | |
| cve-2025-71275 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2026-03-25T15:39:37.827Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE was rejected due to being a duplicate of CVE-2024-45519.', 'supportingMedia': [{'type': 'text/html', 'base64': False, 'value': 'This CVE was rejected due to being a duplicate of CVE-2024-45519.'}]}], 'x_generator': {'engine': 'Vulnogram 1.0.1'}} | N/A | N/A | 2026-03-24T15:21:05.396Z | 2026-03-25T15:39:37.827Z |
| cve-2026-33473 | Vikunja has TOTP Reuse During Validity Window |
go-vikunja |
vikunja |
2026-03-24T15:18:14.481Z | 2026-03-24T17:11:26.042Z | |
| cve-2026-33336 | Vikunja Desktop vulnerable to Remote Code Execution vi… |
go-vikunja |
vikunja |
2026-03-24T15:16:14.681Z | 2026-03-24T17:44:50.761Z | |
| cve-2026-33335 | Vikunja Desktop allows arbitrary local application inv… |
go-vikunja |
vikunja |
2026-03-24T15:07:41.460Z | 2026-03-25T13:41:50.096Z | |
| cve-2026-33334 | Vikunja Desktop: Any frontend XSS escalates to Remote … |
go-vikunja |
vikunja |
2026-03-24T15:02:20.418Z | 2026-03-24T18:24:31.238Z | |
| cve-2026-33316 | Vikunja’s Improper Access Control Enables Bypass of Ad… |
go-vikunja |
vikunja |
2026-03-24T14:59:17.242Z | 2026-03-26T13:08:08.138Z | |
| cve-2026-33315 | Vikunja has a 2FA Bypass via Caldav Basic Auth |
go-vikunja |
vikunja |
2026-03-24T14:53:34.375Z | 2026-03-24T15:33:55.744Z | |
| cve-2026-33313 | Vikunja has an IDOR in Task Comments Allows Reading Ar… |
go-vikunja |
vikunja |
2026-03-24T14:50:11.714Z | 2026-03-24T17:14:22.348Z | |
| cve-2026-4775 | 7.8 (v3.1) | Libtiff: libtiff: arbitrary code execution or denial o… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-24T14:42:47.529Z | 2026-05-07T21:24:46.165Z |
| cve-2026-27651 | 7.5 (v3.1) 8.7 (v4.0) | NGINX ngx_mail_auth_http_module vulnerability |
F5 |
NGINX Open Source |
2026-03-24T14:13:27.295Z | 2026-03-24T15:14:13.220Z |
| cve-2026-27654 | 8.2 (v3.1) 8.8 (v4.0) | NGINX ngx_http_dav_module vulnerability |
F5 |
NGINX Open Source |
2026-03-24T14:13:26.879Z | 2026-03-24T15:15:00.495Z |
| cve-2026-28755 | 5.4 (v3.1) 5.3 (v4.0) | NGINX ngx_stream_ssl_module vulnerability |
F5 |
NGINX Open Source |
2026-03-24T14:13:26.502Z | 2026-03-24T15:24:16.108Z |
| cve-2026-28753 | 3.7 (v3.1) 6.3 (v4.0) | NGINX ngx_mail_proxy_module vulnerability |
F5 |
NGINX Open Source |
2026-03-24T14:13:26.107Z | 2026-03-24T15:24:34.995Z |
| cve-2026-32647 | 7.8 (v3.1) 8.5 (v4.0) | NGINX ngx_http_mp4_module vulnerability |
F5 |
NGINX Open Source |
2026-03-24T14:13:25.724Z | 2026-03-25T03:55:49.464Z |
| cve-2026-27784 | 7.8 (v3.1) 8.5 (v4.0) | NGINX ngx_http_mp4_module vulnerability |
F5 |
NGINX Open Source |
2026-03-24T14:13:25.343Z | 2026-03-25T14:09:53.726Z |
| cve-2026-33418 | @dicebear/converter ensureSize() Vulnerable to SVG Dim… |
dicebear |
dicebear |
2026-03-24T13:25:57.540Z | 2026-03-24T15:11:51.489Z | |
| cve-2026-33311 | @dicebear/core and @dicebear/initials Vulnerable to SV… |
dicebear |
dicebear |
2026-03-24T13:23:43.289Z | 2026-03-26T13:06:31.409Z | |
| cve-2026-33310 | Intake has a Command Injection via shell() Expansion i… |
intake |
intake |
2026-03-24T13:17:38.572Z | 2026-03-24T15:36:17.300Z | |
| cve-2026-33497 | Langflow: /profile_pictures/{folder_name}/{file_name} … |
langflow-ai |
langflow |
2026-03-24T13:14:39.647Z | 2026-03-24T17:45:26.314Z | |
| cve-2026-33484 | Langflow has Unauthenticated IDOR on Image Downloads |
langflow-ai |
langflow |
2026-03-24T12:57:33.641Z | 2026-03-24T13:37:14.286Z | |
| cve-2026-33475 | Langflow GitHub Actions Shell Injection |
langflow-ai |
langflow |
2026-03-24T12:54:33.369Z | 2026-03-25T03:55:45.997Z | |
| cve-2026-33309 | Langflow has an Arbitrary File Write (RCE) via v2 API |
langflow-ai |
langflow |
2026-03-24T12:49:16.276Z | 2026-03-25T03:55:47.098Z | |
| cve-2026-4721 | N/A | Memory safety bugs fixed in Firefox ESR 115.34, Firefo… |
Mozilla |
Firefox |
2026-03-24T12:30:44.312Z | 2026-04-13T13:51:21.639Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2015-avi-087 | Multiples vulnérabilités dans Wireshark | 2015-03-06T00:00:00.000000 | 2015-03-06T00:00:00.000000 |
| certfr-2015-avi-086 | Multiples vulnérabilités dans Google Chrome | 2015-03-04T00:00:00.000000 | 2015-03-04T00:00:00.000000 |
| certfr-2015-avi-085 | Multiples vulnérabilités dans le noyau Linux | 2015-03-04T00:00:00.000000 | 2015-03-04T00:00:00.000000 |
| certfr-2015-avi-084 | Multiples vulnérabilités dans les produits Avaya | 2015-03-03T00:00:00.000000 | 2015-03-03T00:00:00.000000 |
| certfr-2015-avi-083 | Vulnérabilité dans le pilote Nvidia | 2015-03-02T00:00:00.000000 | 2015-03-02T00:00:00.000000 |
| certfr-2015-avi-082 | Vulnérabilité dans le noyau Linux | 2015-03-02T00:00:00.000000 | 2015-03-02T00:00:00.000000 |
| certfr-2015-avi-081 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2015-02-27T00:00:00.000000 | 2015-03-04T00:00:00.000000 |
| certfr-2015-avi-080 | Vulnérabilité dans Huawei iMana | 2015-02-27T00:00:00.000000 | 2015-02-27T00:00:00.000000 |
| certfr-2015-avi-079 | Multiples vulnérabilités dans les produits Mozilla | 2015-02-25T00:00:00.000000 | 2015-02-25T00:00:00.000000 |
| certfr-2015-avi-078 | Vulnérabilité dans Samba | 2015-02-23T00:00:00.000000 | 2015-02-23T00:00:00.000000 |
| certfr-2015-avi-077 | Vulnérabilité dans Cisco IOS | 2015-02-23T00:00:00.000000 | 2015-02-23T00:00:00.000000 |
| certfr-2015-avi-076 | Multiples vulnérabilités dans les produits Cisco | 2015-02-20T00:00:00.000000 | 2015-02-20T00:00:00.000000 |
| certfr-2015-avi-075 | Vulnérabilité dans TYPO3 | 2015-02-18T00:00:00.000000 | 2015-02-18T00:00:00.000000 |
| certfr-2015-avi-074 | Multiples vulnérabilités dans PHP | 2015-02-17T00:00:00.000000 | 2015-02-17T00:00:00.000000 |
| certfr-2015-avi-073 | Multiples vulnérabilités dans les produits Cisco | 2015-02-17T00:00:00.000000 | 2015-02-17T00:00:00.000000 |
| certfr-2015-avi-072 | Multiples vulnérabilités dans les produits IBM | 2015-02-16T00:00:00.000000 | 2015-02-16T00:00:00.000000 |
| certfr-2015-avi-071 | Vulnérabilité dans les produits F5 BIG-IP | 2015-02-13T00:00:00.000000 | 2015-02-13T00:00:00.000000 |
| certfr-2015-avi-070 | Multiples vulnérabilités dans PostgreSQL | 2015-02-12T00:00:00.000000 | 2015-02-12T00:00:00.000000 |
| certfr-2015-avi-069 | Multiples vulnérabilités dans Google Chrome | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-068 | Vulnérabilité dans Microsoft Virtual Machine Manager | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-067 | Multiples vulnérabilités dans le composant Microsoft Graphics de Microsoft Windows | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-066 | Vulnérabilité dans Microsoft Windows | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-065 | Vulnérabilité dans la stratégie de groupe (GPO) de Microsoft Windows | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-064 | Vulnérabilité dans Microsoft Office | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-063 | Multiples vulnérabilités dans Microsoft Office | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-062 | Vulnérabilité dans la stratégie de groupe (GPO) de Microsoft Windows | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-061 | Multiples vulnérabilités dans le pilote en mode noyau Microsoft Windows | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-060 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2015-02-11T00:00:00.000000 | 2015-02-11T00:00:00.000000 |
| certfr-2015-avi-059 | Vulnérabilité dans Moodle | 2015-02-09T00:00:00.000000 | 2015-02-09T00:00:00.000000 |
| certfr-2015-avi-058 | Multiples vulnérabilités dans Google Chrome | 2015-02-06T00:00:00.000000 | 2015-02-06T00:00:00.000000 |