Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33290 | WPGraphQL Repo's updateComment allows low-privileged a… |
wp-graphql |
wp-graphql |
2026-03-23T23:58:57.345Z | 2026-03-24T18:38:29.166Z | |
| cve-2026-33211 | Tekton Pipelines git resolver has path traversal that … |
tektoncd |
pipeline |
2026-03-23T23:55:54.089Z | 2026-03-24T15:41:02.198Z | |
| cve-2026-33286 | Graphiti Affected by Arbitrary Method Execution via Un… |
graphiti-api |
graphiti |
2026-03-23T23:52:30.381Z | 2026-03-24T13:35:27.686Z | |
| cve-2026-33283 | Ella Core panics on malformed ULNASTransport Message w… |
ellanetworks |
core |
2026-03-23T23:49:42.539Z | 2026-03-24T15:12:39.668Z | |
| cve-2026-33282 | Ella Core panics on malformed NGAP Location Report |
ellanetworks |
core |
2026-03-23T23:47:26.483Z | 2026-03-25T19:25:14.461Z | |
| cve-2026-33281 | Ella Core panics on invalid PDU Session IDs in NGAP messages |
ellanetworks |
core |
2026-03-23T23:46:12.797Z | 2026-03-24T13:32:41.782Z | |
| cve-2026-33252 | MCP Go SDK Allows Cross-Site Tool Execution for HTTP S… |
modelcontextprotocol |
go-sdk |
2026-03-23T23:44:16.106Z | 2026-03-24T18:39:50.841Z | |
| cve-2026-33241 | Salvo Affected by Denial of Service via Unbounded Memo… |
salvo-rs |
salvo |
2026-03-23T23:41:50.533Z | 2026-03-25T19:22:48.083Z | |
| cve-2026-33242 | Salvo has a Path Traversal in salvo-proxy::encode_url_… |
salvo-rs |
salvo |
2026-03-23T23:40:39.886Z | 2026-03-24T15:12:45.439Z | |
| cve-2026-4615 | SourceCodester Online Catering Reservation search.php … |
SourceCodester |
Online Catering Reservation |
2026-03-23T23:38:24.693Z | 2026-03-24T13:33:20.433Z | |
| cve-2026-4614 | itsourcecode sanitize or validate this input Parameter… |
itsourcecode |
sanitize or validate this input |
2026-03-23T23:38:21.338Z | 2026-03-24T18:40:54.782Z | |
| cve-2026-33250 | Crash when receiving specially-crafted packets |
longturn |
freeciv21 |
2026-03-23T23:38:02.070Z | 2026-03-24T13:36:23.980Z | |
| cve-2026-33202 | Rails Active Storage has possible glob injection in it… |
rails |
activestorage |
2026-03-23T23:34:52.715Z | 2026-03-24T15:44:19.018Z | |
| cve-2026-33195 | Rails Active Storage has possible Path Traversal in Di… |
rails |
activestorage |
2026-03-23T23:31:41.785Z | 2026-03-25T03:56:06.239Z | |
| cve-2026-33176 | Rails Active Support has a possible DoS vulnerability … |
rails |
activesupport |
2026-03-23T23:29:27.933Z | 2026-03-24T18:42:48.858Z | |
| cve-2026-4021 | Contest Gallery <= 28.1.5 - Unauthenticated Privilege … |
contest-gallery |
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe |
2026-03-23T23:25:50.405Z | 2026-04-08T17:32:30.381Z | |
| cve-2026-4056 | User Registration & Membership <= 5.1.4 - Missing Auth… |
wpeverest |
User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder |
2026-03-23T23:25:49.917Z | 2026-04-08T17:02:32.146Z | |
| cve-2026-3533 | JupiterX Core <= 4.14.1 - Authenticated (Subscriber+) … |
artbees |
Jupiter X Core |
2026-03-23T23:25:49.341Z | 2026-04-08T17:00:24.847Z | |
| cve-2026-4001 | Woocommerce Custom Product Addons Pro <= 5.4.1 - Unaut… |
acowebs |
Woocommerce Custom Product Addons Pro |
2026-03-23T23:25:48.659Z | 2026-04-08T17:00:23.860Z | |
| cve-2026-33174 | Rails Active Storage has a possible DoS vulnerability … |
rails |
activestorage |
2026-03-23T23:24:55.594Z | 2026-03-24T13:40:32.031Z | |
| cve-2026-33173 | Rails Active Storage has possible content type bypass … |
rails |
activestorage |
2026-03-23T23:21:29.843Z | 2026-03-24T15:12:50.569Z | |
| cve-2026-33170 | Rails Active Support has a possible XSS vulnerability … |
rails |
activesupport |
2026-03-23T23:09:48.923Z | 2026-03-25T19:20:28.280Z | |
| cve-2026-33169 | Rails Active Support has a possible ReDoS vulnerabilit… |
rails |
activesupport |
2026-03-23T23:07:07.630Z | 2026-03-24T15:46:43.465Z | |
| cve-2026-4613 | SourceCodester E-Commerce Site products.php sql injection |
SourceCodester |
E-Commerce Site |
2026-03-23T23:04:00.923Z | 2026-03-24T15:12:55.726Z | |
| cve-2026-33168 | Rails has a possible XSS vulnerability in its Action V… |
rails |
actionview |
2026-03-23T23:01:22.019Z | 2026-03-24T13:36:44.829Z | |
| cve-2026-33167 | Rails has a possible XSS vulnerability in its Action P… |
rails |
actionpack |
2026-03-23T22:58:53.577Z | 2026-03-24T18:44:13.020Z | |
| cve-2026-33046 | Indico discloses local files resulting in Remote Code … |
indico |
indico |
2026-03-23T22:45:29.067Z | 2026-03-24T13:42:19.688Z | |
| cve-2026-3225 | LearnPress <= 4.3.2.8 - Missing Authorization to Authe… |
thimpress |
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses |
2026-03-23T22:25:40.557Z | 2026-04-08T17:34:42.320Z | |
| cve-2026-4306 | WP Job Portal <= 2.4.8 - Unauthenticated SQL Injection… |
wpjobportal |
WP Job Portal – AI-Powered Recruitment System for Company or Job Board website |
2026-03-23T22:25:40.158Z | 2026-04-08T17:31:26.081Z | |
| cve-2026-2412 | Quiz and Survey Master (QSM) <= 10.3.5 - Authenticated… |
expresstech |
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker |
2026-03-23T22:25:39.767Z | 2026-04-08T17:16:36.412Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2014-avi-451 | Vulnérabilité dans Nginx | 2014-10-29T00:00:00.000000 | 2014-10-29T00:00:00.000000 |
| certfr-2014-avi-450 | Multiples vulnérabilités dans Oracle Linux | 2014-10-29T00:00:00.000000 | 2014-10-29T00:00:00.000000 |
| certfr-2014-avi-449 | Multiples vulnérabilités dans IBM Tivoli Management Framework | 2014-10-29T00:00:00.000000 | 2014-10-29T00:00:00.000000 |
| certfr-2014-avi-448 | Multiples vulnérabilités dans MariaDB | 2014-10-28T00:00:00.000000 | 2014-10-28T00:00:00.000000 |
| certfr-2014-avi-447 | Vulnérabilité dans EMC Avamar Data Store et Virtual Edition | 2014-10-28T00:00:00.000000 | 2014-10-28T00:00:00.000000 |
| certfr-2014-avi-446 | Vulnérabilité dans EMC NetWorker Module | 2014-10-28T00:00:00.000000 | 2014-10-28T00:00:00.000000 |
| certfr-2014-avi-445 | Vulnérabilité dans le noyau Linux de Red Hat | 2014-10-28T00:00:00.000000 | 2014-10-28T00:00:00.000000 |
| certfr-2014-avi-444 | Multiples vulnérabilités dans les produits Huawei | 2014-10-27T00:00:00.000000 | 2014-10-27T00:00:00.000000 |
| certfr-2014-avi-443 | Multiples vulnérabilités dans TYPO3 | 2014-10-27T00:00:00.000000 | 2014-10-27T00:00:00.000000 |
| certfr-2014-avi-442 | Multiples vulnérabilités dans DokuWiki | 2014-10-27T00:00:00.000000 | 2014-10-27T00:00:00.000000 |
| certfr-2014-avi-441 | Multiples vulnérabilités dans Apple QuickTime | 2014-10-23T00:00:00.000000 | 2014-10-23T00:00:00.000000 |
| certfr-2014-avi-440 | Vulnérabilité dans VMWare VSphere Data Protection | 2014-10-23T00:00:00.000000 | 2014-10-23T00:00:00.000000 |
| certfr-2014-avi-439 | Multiples vulnérabilités dans Apple iOS | 2014-10-23T00:00:00.000000 | 2014-10-23T00:00:00.000000 |
| certfr-2014-avi-438 | Multiples vulnérabilités dans Pidgin | 2014-10-23T00:00:00.000000 | 2014-10-23T00:00:00.000000 |
| certfr-2014-avi-437 | Vulnérabilité dans Huawei Mobile Partner | 2014-10-22T00:00:00.000000 | 2014-10-22T00:00:00.000000 |
| certfr-2014-avi-436 | Multiples vulnérabilités dans les produits Apple | 2014-10-17T00:00:00.000000 | 2014-10-20T00:00:00.000000 |
| certfr-2014-avi-435 | Multiples vulnérabilités dans OpenSSL | 2014-10-16T00:00:00.000000 | 2014-10-16T00:00:00.000000 |
| certfr-2014-avi-434 | Vulnérabilité dans Drupal | 2014-10-16T00:00:00.000000 | 2014-10-16T00:00:00.000000 |
| certfr-2014-avi-433 | Multiples vulnérabilités dans les produits Cisco | 2014-10-16T00:00:00.000000 | 2014-10-16T00:00:00.000000 |
| certfr-2014-avi-432 | Multiples vulnérabilités dans les produits Mozilla | 2014-10-15T00:00:00.000000 | 2014-10-16T00:00:00.000000 |
| certfr-2014-avi-431 | Multiples vulnérabilités dans Adobe Flash Player | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-430 | Multiples vulnérabilités dans Adobe ColdFusion | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-429 | Multiples vulnérabilités dans Oracle Java SE | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-428 | Multiples vulnérabilités dans Oracle Database Server | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-427 | Multiples vulnérabilités dans Oracle MySQL | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-426 | Multiples vulnérabilités dans les solutions de virtualisation d'Oracle | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-425 | Multiples vulnérabilités dans la suite de produits Sun de Oracle | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-424 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-423 | Multiples vulnérabilités dans Microsoft .NET Framework | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-avi-422 | Multiples vulnérabilités dans le noyau de Microsoft Windows | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |