Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-67113 | N/A | OS command injection in the CWMP client (/ftl/bin… |
n/a |
n/a |
2026-03-19T00:00:00.000Z | 2026-03-24T01:20:45.931Z |
| cve-2025-67112 | N/A | Use of a hard-coded AES-256-CBC key in the config… |
n/a |
n/a |
2026-03-19T00:00:00.000Z | 2026-03-24T01:17:45.000Z |
| cve-2026-32743 | PX4 Autopilot: Stack-based Buffer Overflow via Oversiz… |
PX4 |
PX4-Autopilot |
2026-03-18T23:26:51.255Z | 2026-03-19T15:41:04.883Z | |
| cve-2026-32255 | Kan is Vulnerable to Unauthenticated SSRF via Attachme… |
kanbn |
kan |
2026-03-18T23:11:36.892Z | 2026-03-19T16:11:00.489Z | |
| cve-2026-32805 | Romeo is vulnerable to Archive Slip due to missing che… |
ctfer-io |
romeo |
2026-03-18T22:24:29.102Z | 2026-03-19T13:46:59.937Z | |
| cve-2026-32737 | Romeo's invalid NetworkPolicy enables a malicious acto… |
ctfer-io |
romeo |
2026-03-18T22:23:09.952Z | 2026-03-20T18:11:32.934Z | |
| cve-2026-32735 | Unpacking Arbitrary Mustache Template Files via `maven… |
Chrimle |
openapi-to-java-records-mustache-templates-parent |
2026-03-18T22:13:39.901Z | 2026-03-19T15:47:01.919Z | |
| cve-2025-15031 | Path Traversal Vulnerability in mlflow/mlflow |
mlflow |
mlflow/mlflow |
2026-03-18T22:06:47.300Z | 2026-03-19T13:52:40.477Z | |
| cve-2026-32736 | Hytale Modding Wiki has Insecure Direct Object Referen… |
HytaleModding |
wiki |
2026-03-18T22:06:10.884Z | 2026-03-19T16:57:46.390Z | |
| cve-2026-32731 | ApostropheCMS has Arbitrary File Write (Zip Slip / Pat… |
apostrophecms |
import-export |
2026-03-18T22:03:25.682Z | 2026-03-19T16:04:47.962Z | |
| cve-2026-32730 | ApostropheCMS MFA/TOTP Bypass via Incorrect MongoDB Qu… |
apostrophecms |
apostrophe |
2026-03-18T22:00:14.612Z | 2026-03-19T16:12:15.179Z | |
| cve-2026-33163 | Parse Server leaks protected fields via LiveQuery afte… |
parse-community |
parse-server |
2026-03-18T21:58:04.293Z | 2026-03-19T14:00:33.619Z | |
| cve-2026-33042 | Parse Server affected by empty authData bypassing cred… |
parse-community |
parse-server |
2026-03-18T21:54:05.137Z | 2026-03-20T18:11:41.428Z | |
| cve-2026-32944 | Parse Server crash via deeply nested query condition o… |
parse-community |
parse-server |
2026-03-18T21:50:08.390Z | 2026-03-19T16:56:38.160Z | |
| cve-2026-32943 | Parse Server has a password reset token single-use byp… |
parse-community |
parse-server |
2026-03-18T21:46:17.620Z | 2026-03-19T15:49:23.486Z | |
| cve-2026-4407 | 2.1 (v4.0) | Out-of-bounds array write in Xpdf 4.06 due to missing … |
Xpdf |
Xpdf |
2026-03-18T21:44:36.651Z | 2026-03-19T14:01:35.168Z |
| cve-2026-32886 | Parse Server's Cloud function dispatch crashes server … |
parse-community |
parse-server |
2026-03-18T21:42:27.210Z | 2026-03-19T16:34:34.333Z | |
| cve-2026-32878 | Parse Server vulnerable to schema poisoning via protot… |
parse-community |
parse-server |
2026-03-18T21:40:34.828Z | 2026-03-19T16:13:32.669Z | |
| cve-2026-32770 | Parse Server: LiveQuery subscription with invalid regu… |
parse-community |
parse-server |
2026-03-18T21:37:36.470Z | 2026-03-19T14:21:51.583Z | |
| cve-2026-32742 | Parse Server session creation endpoint allows overwrit… |
parse-community |
parse-server |
2026-03-18T21:33:09.421Z | 2026-03-20T18:11:49.441Z | |
| cve-2026-32728 | Parse Server has a stored XSS filter bypass via Conten… |
parse-community |
parse-server |
2026-03-18T21:31:08.506Z | 2026-03-19T15:04:19.751Z | |
| cve-2026-32723 | SandboxJS timers have an execution-quota bypass (cross… |
nyariv |
SandboxJS |
2026-03-18T21:27:35.349Z | 2026-03-19T15:51:43.598Z | |
| cve-2026-32722 | Memray-generated HTML reports vulnerable to Stored XSS… |
bloomberg |
memray |
2026-03-18T21:25:21.495Z | 2026-03-19T17:39:50.970Z | |
| cve-2026-32703 | OpenProject's repository files are served with the MIM… |
opf |
openproject |
2026-03-18T21:04:16.982Z | 2026-03-19T16:14:11.504Z | |
| cve-2026-32698 | OpenProject has a SQL Injection via Custom Field Name … |
opf |
openproject |
2026-03-18T21:01:53.366Z | 2026-03-19T14:22:17.046Z | |
| cve-2026-32700 | Devise has a confirmable "change email" race condition… |
heartcombo |
devise |
2026-03-18T20:55:55.034Z | 2026-03-20T18:11:56.909Z | |
| cve-2026-25873 | 9.3 (v4.0) 9.8 (v3.1) | OmniGen2-RL Reward Server Unsafe Deserialization RCE |
Beijing Academy of Artificial Intelligence (BAAI) |
OmniGen2-RL |
2026-03-18T20:47:40.799Z | 2026-03-19T15:43:28.187Z |
| cve-2026-32638 | StudioCMS REST getUsers Exposes Owner Account Records … |
withstudiocms |
studiocms |
2026-03-18T20:41:14.034Z | 2026-03-19T15:01:00.396Z | |
| cve-2026-32636 | ImageMagick has a heap-buffer-overflow in NewXMLTree w… |
ImageMagick |
ImageMagick |
2026-03-18T20:39:44.447Z | 2026-03-19T14:55:13.916Z | |
| cve-2026-32321 | ClipBucket v5 has time-based Blind SQL Injection in aj… |
MacWarrior |
clipbucket-v5 |
2026-03-18T20:37:51.891Z | 2026-03-19T17:47:53.606Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-764 | Vulnérabilités dans Tiki Wiki CMS Groupware | 2012-12-27T00:00:00.000000 | 2012-12-27T00:00:00.000000 |
| certa-2012-avi-763 | Vulnérabilité dans IBM Tivoli NetView | 2012-12-27T00:00:00.000000 | 2012-12-27T00:00:00.000000 |
| certa-2012-avi-762 | Multiples vulnérabilités dans les produits IBM Rational | 2012-12-26T00:00:00.000000 | 2012-12-26T00:00:00.000000 |
| certa-2012-avi-761 | Multiples vulnérabilités dans Opera | 2012-12-24T00:00:00.000000 | 2012-12-24T00:00:00.000000 |
| certa-2012-avi-760 | Vulnérabilités dans CA IdentityMinder | 2012-12-24T00:00:00.000000 | 2012-12-24T00:00:00.000000 |
| certa-2012-avi-759 | Multiples vulnérabilités dans VMware | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-758 | Multiples vulnérabilités dans IBM InfoSphere Streams | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-757 | Multiples vulnérabilités dans IBM Tivoli | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-756 | Vulnérabilité dans IBM WebSphere | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-755 | Multiples vulnérabilités dans Drupal | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-754 | Vulnérabilités dans IBM Rational Policy Tester et IBM AppScan Entreprise | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-753 | Vulnérabilité dans LemonLDAP::NG | 2012-12-21T00:00:00.000000 | 2012-12-21T00:00:00.000000 |
| certa-2012-avi-752 | Vulnérabilité dans Zend Framework | 2012-12-20T00:00:00.000000 | 2012-12-20T00:00:00.000000 |
| certa-2012-avi-751 | Vulnérabilités dans IBM Tivoli Storage Manager | 2012-12-20T00:00:00.000000 | 2012-12-20T00:00:00.000000 |
| certa-2012-avi-750 | Vulnérabilités dans IBM InfoSphere BigInsights | 2012-12-19T00:00:00.000000 | 2012-12-19T00:00:00.000000 |
| certa-2012-avi-749 | Vulnérabilité dans Axway SecureTransport | 2012-12-18T00:00:00.000000 | 2012-12-18T00:00:00.000000 |
| certa-2012-avi-748 | Vulnérabilités dans RealPlayer | 2012-12-18T00:00:00.000000 | 2012-12-18T00:00:00.000000 |
| certa-2012-avi-747 | Vulnérabilité dans Squid | 2012-12-18T00:00:00.000000 | 2012-12-18T00:00:00.000000 |
| certa-2012-avi-746 | Multiples vulnérabilités dans HP-UX | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-745 | Multiples vulnérabilités dans Huawei E585 | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-744 | Vulnérabilité dans VMware View | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-743 | Vulnérabilité dans IBM Lotus Notes | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-742 | Vulnérabilité dans IBM FB4WKSTNS | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-741 | Vulnérabilité dans IBM ClearQuest | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-740 | Vulnérabilité dans TWiki | 2012-12-17T00:00:00.000000 | 2012-12-17T00:00:00.000000 |
| certa-2012-avi-739 | Multiples vulnérabilités dans Avaya Aura System Manager | 2012-12-14T00:00:00.000000 | 2012-12-14T00:00:00.000000 |
| certa-2012-avi-738 | Vulnérabilités dans Adobe Photoshop Camera Raw | 2012-12-14T00:00:00.000000 | 2012-12-14T00:00:00.000000 |
| certa-2012-avi-737 | Multiples vulnérabilités dans Bluecoat Reporter | 2012-12-14T00:00:00.000000 | 2012-12-14T00:00:00.000000 |
| certa-2012-avi-736 | Vulnérabilités dans IBM Lotus Fondations | 2012-12-14T00:00:00.000000 | 2012-12-14T00:00:00.000000 |
| certa-2012-avi-735 | Multiples vulnérabilités dans IBM Rational Publishing Engine | 2012-12-14T00:00:00.000000 | 2012-12-14T00:00:00.000000 |