Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32752 | FreeScout: Broken Access Control in ThreadPolicy — Any… |
freescout-help-desk |
freescout |
2026-03-19T21:21:54.613Z | 2026-03-20T18:10:32.968Z | |
| cve-2026-32194 | 9.8 (v3.1) | Microsoft Bing Images Remote Code Execution Vulnerability |
Microsoft |
Microsoft Bing Images |
2026-03-19T21:21:22.762Z | 2026-04-14T16:36:33.188Z |
| cve-2026-4159 | 1.2 (v4.0) | wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read |
wolfSSL |
wolfSSL |
2026-03-19T21:17:46.357Z | 2026-03-20T16:29:05.925Z |
| cve-2026-27934 | Discourse leaks private topic title and post excerpt v… |
discourse |
discourse |
2026-03-19T21:17:43.369Z | 2026-03-20T18:53:53.212Z | |
| cve-2026-32750 | SiYuan importStdMd: unvalidated localPath imports arbi… |
siyuan-note |
siyuan |
2026-03-19T21:15:32.358Z | 2026-03-25T14:55:08.789Z | |
| cve-2026-32751 | SiYuan Vulnerable to Remote Code Execution via Stored … |
siyuan-note |
siyuan |
2026-03-19T21:11:59.435Z | 2026-03-24T01:42:28.407Z | |
| cve-2026-32749 | SiYuan importSY/importZipMd: Path Traversal via multip… |
siyuan-note |
siyuan |
2026-03-19T21:07:57.841Z | 2026-03-20T20:18:05.496Z | |
| cve-2026-3229 | 1.2 (v4.0) | Integer Overflow in Certificate Chain Allocation |
wofSSL |
wolfSSL |
2026-03-19T21:07:05.871Z | 2026-03-20T16:29:47.729Z |
| cve-2026-26137 | 9.9 (v3.1) | Microsoft Exchange Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Exchange Online |
2026-03-19T21:06:26.050Z | 2026-04-14T16:36:32.258Z |
| cve-2026-26136 | 6.5 (v3.1) | Microsoft Copilot Information Disclosure Vulnerability |
Microsoft |
Microsoft Copilot |
2026-03-19T21:06:25.479Z | 2026-04-14T16:36:29.876Z |
| cve-2026-24299 | 5.3 (v3.1) | M365 Copilot Information Disclosure Vulnerability |
Microsoft |
Microsoft 365 Copilot |
2026-03-19T21:06:24.955Z | 2026-04-14T16:36:28.992Z |
| cve-2026-23659 | 8.6 (v3.1) | Azure Data Factory Information Disclosure Vulnerability |
Microsoft |
Azure Data Factory |
2026-03-19T21:06:24.369Z | 2026-04-14T16:36:27.958Z |
| cve-2026-26120 | 6.5 (v3.1) | Microsoft Bing Tampering Vulnerability |
Microsoft |
Microsoft Bing |
2026-03-19T21:06:23.690Z | 2026-04-14T16:36:26.777Z |
| cve-2026-23658 | 8.6 (v3.1) | Azure DevOps: msazure Elevation of Privilege Vulnerability |
Microsoft |
Azure DevOps: msazure |
2026-03-19T21:06:23.083Z | 2026-04-14T16:36:26.012Z |
| cve-2026-32191 | 9.8 (v3.1) | Microsoft Bing Images Remote Code Execution Vulnerability |
Microsoft |
Microsoft Bing Images |
2026-03-19T21:06:22.440Z | 2026-04-14T16:36:25.245Z |
| cve-2026-26138 | 8.6 (v3.1) | Microsoft Purview Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Purview |
2026-03-19T21:06:21.930Z | 2026-04-14T16:36:24.658Z |
| cve-2026-26139 | 8.6 (v3.1) | Microsoft Purview Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Purview |
2026-03-19T21:06:21.346Z | 2026-04-14T16:36:23.929Z |
| cve-2026-32169 | 10 (v3.1) | Azure Cloud Shell Elevation of Privilege Vulnerability |
Microsoft |
Azure Cloud Shell |
2026-03-19T21:06:20.642Z | 2026-04-14T16:36:23.189Z |
| cve-2026-32747 | SiYuan: Incomplete sensitive path blocklist in globalC… |
siyuan-note |
siyuan |
2026-03-19T21:02:16.422Z | 2026-03-20T17:08:31.863Z | |
| cve-2026-3230 | 1.2 (v4.0) | Improper key_share validation in TLS 1.3 HelloRetryRequest |
wolfSSL |
wolfSSL |
2026-03-19T20:59:54.021Z | 2026-03-20T17:09:01.453Z |
| cve-2026-27740 | Discourse has Stored XSS in AI Triage Automation |
discourse |
discourse |
2026-03-19T20:56:17.272Z | 2026-03-20T18:10:38.878Z | |
| cve-2026-32622 | SQLBot: Remote Code Execution via Terminology Poisoning |
dataease |
SQLBot |
2026-03-19T20:55:51.987Z | 2026-03-24T01:40:19.077Z | |
| cve-2026-27570 | Discourse Vulnerable to Stored XSS via Shared AI Conve… |
discourse |
discourse |
2026-03-19T20:52:17.572Z | 2026-03-24T19:43:07.713Z | |
| cve-2026-27491 | Discourse has a bypass of official warnings messages b… |
discourse |
discourse |
2026-03-19T20:47:54.668Z | 2026-03-20T20:20:00.790Z | |
| cve-2026-30924 | qui CORS Misconfiguration: Arbitrary Origins Trusted |
autobrr |
qui |
2026-03-19T20:45:43.039Z | 2026-03-20T19:46:41.711Z | |
| cve-2026-4395 | 1.3 (v4.0) | Heap-based buffer overflow in wc_ecc_import_x963_ex KC… |
wolfSSL |
wolfssl |
2026-03-19T20:41:55.642Z | 2026-03-20T17:09:33.816Z |
| cve-2026-27454 | Discourse has check revision visibility on posts endpoint |
discourse |
discourse |
2026-03-19T20:39:28.350Z | 2026-03-20T17:10:14.076Z | |
| cve-2026-4428 | 7.4 (v3.1) 9.1 (v4.0) | CRL Distribution Point Scope Check Logic Error in AWS-LC |
AWS |
AWS-LC |
2026-03-19T20:37:53.851Z | 2026-03-25T14:13:42.572Z |
| cve-2026-30836 | Step CA: Unauthenticated Certificate Issuance via SCEP… |
smallstep |
certificates |
2026-03-19T20:37:05.757Z | 2026-03-25T14:16:09.012Z | |
| cve-2026-33346 | OpenEMR has stored XSS in portal_payment.php via Unesc… |
openemr |
openemr |
2026-03-19T20:33:10.437Z | 2026-03-20T18:10:45.920Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2013-avi-148 | Multiples vulnérabilités dans Google Chrome | 2013-02-22T00:00:00.000000 | 2013-02-22T00:00:00.000000 |
| certa-2013-avi-147 | Multiples vulnérabilités dans Mozilla Thunderbird | 2013-02-22T00:00:00.000000 | 2013-02-22T00:00:00.000000 |
| certa-2013-avi-146 | Multiples vulnérabilités dans les produits VMware | 2013-02-22T00:00:00.000000 | 2013-02-22T00:00:00.000000 |
| certa-2013-avi-145 | Multiples vulnérabilités dans Oracle Solaris | 2013-02-21T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2013-avi-144 | Multiples vulnérabilités dans Mozilla Firefox | 2013-02-21T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2013-avi-143 | Multiples vulnérabilités dans Apple OS X et Mac OS X | 2013-02-20T00:00:00.000000 | 2013-02-20T00:00:00.000000 |
| certa-2013-avi-142 | Multiples vulnérabilités dans Oracle Java | 2013-02-20T00:00:00.000000 | 2013-02-20T00:00:00.000000 |
| certa-2013-avi-141 | Multiples vulnérabilités dans les produits Hitachi | 2013-02-19T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2013-avi-140 | Multiples vulnérabilités dans IBM Data Studio Help System | 2013-02-19T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2013-avi-139 | Multiples vulnérabilités dans les produits IBM | 2013-02-19T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2013-avi-138 | Multiples vulnérabilités dans IBM InfoSphere DataStage | 2013-02-18T00:00:00.000000 | 2013-02-18T00:00:00.000000 |
| certa-2013-avi-137 | Vulnérabilité dans les systèmes SCADA Siemens CP 1616 et CP 1604 | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-136 | Multiples vulnérabilités dans Google Chrome | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-135 | Multiples vulnérabilités dans Symantec Encryption Desktop | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-134 | Multiples vulnérabilités dans IBM WebSphere Message Broker | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-133 | Multiples vulnérabilités dans Ruby on Rails | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-132 | Vulnérabilité dans Xen | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-131 | Vulnérabilité dans Xen oxenstored | 2013-02-15T00:00:00.000000 | 2013-02-15T00:00:00.000000 |
| certa-2013-avi-130 | Vulnérabilité dans IBM WebSphere | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-129 | Vulnérabilité dans le système SCADA Moxa EDR-G903 | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-128 | Vulnérabilité dans Cisco Unified MeetingPlace | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-127 | Multiples vulnérabilités dans Adobe Flash Player | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-126 | Multiples vulnérabilités dans Google Chrome Adobe Flash Player | 2013-02-14T00:00:00.000000 | 2013-02-14T00:00:00.000000 |
| certa-2013-avi-125 | Multiples vulnérabilités dans Adobe Shockwave Player | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-124 | Vulnérabilité dans Microsoft OLE Automation | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-123 | Vulnérabilité dans Microsoft CSRSS | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-122 | Vulnérabilité dans Microsoft Windows TCP/IP | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-121 | Multiples vulnérabilités dans Microsoft Windows Kernel | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-120 | Multiples vulnérabilités dans Microsoft Windows Kernel-Mode Driver | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |
| certa-2013-avi-119 | Vulnérabilité dans Microsoft .NET Framework | 2013-02-13T00:00:00.000000 | 2013-02-13T00:00:00.000000 |