Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-4224 | 6 (v4.0) | Stack overflow parsing XML with deeply nested DTD cont… |
Python Software Foundation |
CPython |
2026-03-16T17:52:26.639Z | 2026-04-08T12:55:03.693Z |
| cve-2026-28490 | Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Paddin… |
authlib |
authlib |
2026-03-16T17:37:57.425Z | 2026-03-16T18:17:35.003Z | |
| cve-2026-3644 | 6 (v4.0) | Incomplete control character validation in http.cookies |
Python Software Foundation |
CPython |
2026-03-16T17:37:31.344Z | 2026-04-07T22:01:41.034Z |
| cve-2026-27962 | Authlib JWS JWK Header Injection: Signature Verificati… |
authlib |
authlib |
2026-03-16T17:34:38.946Z | 2026-03-18T03:55:29.679Z | |
| cve-2026-4254 | Tenda AC8 HTTP Endpoint SysToolChangePwd doSystemCmd s… |
Tenda |
AC8 |
2026-03-16T17:32:11.090Z | 2026-03-16T18:29:35.800Z | |
| cve-2026-23862 | 7.8 (v3.1) | Dell ThinOS 10 versions prior to ThinOS 2602_10.0… |
Dell |
ThinOS 10 |
2026-03-16T17:28:44.696Z | 2026-03-17T03:55:37.692Z |
| cve-2026-23489 | Fields GLPI plugin vulnerable to RCE in dropdown generation |
pluginsGLPI |
fields |
2026-03-16T17:12:43.964Z | 2026-03-16T17:51:31.011Z | |
| cve-2026-4253 | Tenda AC8 Web UploadCfg route_set_user_policy_rule os … |
Tenda |
AC8 |
2026-03-16T17:02:11.100Z | 2026-03-16T18:01:14.327Z | |
| cve-2026-29510 | 5.1 (v4.0) 5.4 (v3.1) | Hereta ETH-IMC408M Stored XSS via Device Name |
Shenzhen Hereta Technology Co., Ltd. |
Hereta ETH-IMC408M |
2026-03-16T16:56:21.182Z | 2026-03-17T15:28:52.668Z |
| cve-2026-29513 | 5.1 (v4.0) 5.4 (v3.1) | Hereta ETH-IMC408M Stored XSS via Device Location |
Shenzhen Hereta Technology Co., Ltd. |
Hereta ETH-IMC408M |
2026-03-16T16:56:06.732Z | 2026-03-17T15:29:07.351Z |
| cve-2026-29520 | 5.1 (v4.0) 6.1 (v3.1) | Hereta ETH-IMC408M Reflected XSS via ping_ipaddr Parameter |
Shenzhen Hereta Technology Co., Ltd. |
Hereta ETH-IMC408M |
2026-03-16T16:55:52.660Z | 2026-03-17T15:29:29.391Z |
| cve-2026-29521 | 5.1 (v4.0) 4.3 (v3.1) | Hereta ETH-IMC408M CSRF via Configuration Setup |
Shenzhen Hereta Technology Co., Ltd. |
Hereta ETH-IMC408M |
2026-03-16T16:55:34.505Z | 2026-03-17T15:29:46.810Z |
| cve-2026-4252 | Tenda AC8 IPv6 check_is_ipv6 ip address for authentication |
Tenda |
AC8 |
2026-03-16T16:32:10.508Z | 2026-03-16T18:07:41.022Z | |
| cve-2026-4270 | 5.5 (v3.1) 6.8 (v4.0) | AWS API MCP File Access Restriction Bypass |
AWS |
AWS API MCP Server |
2026-03-16T16:07:53.324Z | 2026-03-16T18:17:17.927Z |
| cve-2026-4251 | CityData CityChat ai.citydata.citychat credentials.jso… |
CityData |
CityChat |
2026-03-16T16:02:08.596Z | 2026-03-16T18:17:54.591Z | |
| cve-2026-4250 | Albert Sağlık Hizmetleri ve Ticaret Albert Health Goog… |
Albert Sağlık Hizmetleri ve Ticaret |
Albert Health |
2026-03-16T15:32:08.686Z | 2026-03-16T18:12:04.287Z | |
| cve-2026-4276 | N/A | LibreChat RAG API, version 0.7.0, contains a log-injec… |
LibreChat |
RAG API |
2026-03-16T15:31:35.542Z | 2026-03-17T17:15:16.494Z |
| cve-2025-62319 | 9.8 (v3.1) | Boolean-Based SQL Injection in Multiple Unica Components |
HCL |
Unica |
2026-03-16T15:30:52.165Z | 2026-03-17T12:53:56.374Z |
| cve-2026-32587 | 5.4 (v3.1) | WordPress WP EasyPay plugin <= 4.2.11 - Broken Access … |
Saad Iqbal |
WP EasyPay |
2026-03-16T15:30:04.835Z | 2026-04-29T09:52:01.759Z |
| cve-2026-32583 | 5.3 (v3.1) | WordPress Modern Events Calendar plugin <= 7.29.0 - Br… |
Webnus Inc. |
Modern Events Calendar |
2026-03-16T15:11:29.198Z | 2026-03-16T17:53:41.571Z |
| cve-2026-4243 | La Nacion App app.lanacion.activity BuildConfig.java c… |
n/a |
La Nacion App |
2026-03-16T15:02:07.721Z | 2026-03-16T18:18:28.414Z | |
| cve-2026-24692 | 4.3 (v3.1) | Guest users can bypass read permissions via search API |
Mattermost |
Mattermost |
2026-03-16T14:56:45.323Z | 2026-03-16T18:19:26.675Z |
| cve-2026-22545 | 3.1 (v3.1) | Password Change Bypass via Auth Switch Endpoint |
Mattermost |
Mattermost |
2026-03-16T14:54:45.344Z | 2026-03-16T18:15:37.142Z |
| cve-2026-2455 | 4.3 (v3.1) | SSRF bypass via IPv4-mapped IPv6 literals |
Mattermost |
Mattermost |
2026-03-16T14:53:31.280Z | 2026-03-16T18:38:07.619Z |
| cve-2026-21386 | 4.3 (v3.1) | Private channel enumeration via /mute slash command |
Mattermost |
Mattermost |
2026-03-16T14:51:43.263Z | 2026-03-16T18:39:14.064Z |
| cve-2025-2274 | 4.8 (v4.0) | Stored Cross Site Scripting in Forcepoint Web Security |
Forcepoint |
Web Security (On-Prem) |
2026-03-16T14:46:50.015Z | 2026-03-16T18:36:51.535Z |
| cve-2025-52642 | 3.3 (v3.1) | HCL AION is affected by an internal filesystem paths d… |
HCL |
AION |
2026-03-16T14:45:23.821Z | 2026-03-16T20:07:54.201Z |
| cve-2025-52646 | 2.2 (v3.1) | HCL AION is affected by a vulnerability where certain … |
HCL |
AION |
2026-03-16T14:42:16.317Z | 2026-03-16T20:13:31.637Z |
| cve-2025-52645 | 1.9 (v3.1) | HCL AION is affected by a vulnerability where model pa… |
HCL |
AION |
2026-03-16T14:39:12.088Z | 2026-03-16T20:14:12.826Z |
| cve-2025-52649 | 1.8 (v3.1) | HCL AION is affected by a vulnerability where certain … |
HCL |
AION |
2026-03-16T14:36:32.396Z | 2026-03-17T14:03:14.368Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-avi-434 | Vulnérabilité dans libTIFF | 2012-08-14T00:00:00.000000 | 2012-08-14T00:00:00.000000 |
| certa-2012-avi-433 | Vulnérabilité dans Cisco IOS | 2012-08-14T00:00:00.000000 | 2012-08-14T00:00:00.000000 |
| certa-2012-avi-432 | Vulnérabilité dans Cisco Emergency Responder | 2012-08-14T00:00:00.000000 | 2012-08-14T00:00:00.000000 |
| certa-2012-avi-431 | Vulnérabilités dans les produits IBM WebSphere | 2012-08-14T00:00:00.000000 | 2012-08-14T00:00:00.000000 |
| certa-2012-avi-430 | Vulnérabilités dans PHP | 2012-08-14T00:00:00.000000 | 2012-08-14T00:00:00.000000 |
| certa-2012-avi-429 | Vulnérabilité dans Oracle Database Server | 2012-08-14T00:00:00.000000 | 2012-08-14T00:00:00.000000 |
| certa-2012-avi-428 | Vulnérabilité dans Xen | 2012-08-13T00:00:00.000000 | 2012-08-13T00:00:00.000000 |
| certa-2012-avi-427 | Vulnérabilités dans Google Chrome | 2012-08-10T00:00:00.000000 | 2012-08-10T00:00:00.000000 |
| certa-2012-avi-426 | Vulnérabilité dans EMC Iomega StorCenter | 2012-08-09T00:00:00.000000 | 2012-08-09T00:00:00.000000 |
| certa-2012-avi-425 | Vulnérabilité des drivers NVidia | 2012-08-08T00:00:00.000000 | 2012-08-08T00:00:00.000000 |
| certa-2012-avi-424 | Vulnérabilité dans Siemens Synco OZW | 2012-08-08T00:00:00.000000 | 2012-08-08T00:00:00.000000 |
| certa-2012-avi-423 | Vulnérabilité dans HP Network Node Manager I | 2012-08-07T00:00:00.000000 | 2012-08-07T00:00:00.000000 |
| certa-2012-avi-422 | Vulnérabilités dans LibreOffice et OpenOffice | 2012-08-06T00:00:00.000000 | 2012-10-08T00:00:00.000000 |
| certa-2012-avi-421 | Vulnérabilité dans Adobe Flash Player | 2012-08-06T00:00:00.000000 | 2012-08-06T00:00:00.000000 |
| certa-2012-avi-420 | Vulnérabilités dans Opera | 2012-08-03T00:00:00.000000 | 2012-08-03T00:00:00.000000 |
| certa-2012-avi-419 | Multiples vulnérabilités dans IBM AIX | 2012-08-03T00:00:00.000000 | 2012-08-03T00:00:00.000000 |
| certa-2012-avi-418 | Vulnérablités dans IBM Eclipse Help System | 2012-08-03T00:00:00.000000 | 2012-08-03T00:00:00.000000 |
| certa-2012-avi-417 | Vulnérabilités dans Citrix Access Gateway | 2012-08-03T00:00:00.000000 | 2012-08-03T00:00:00.000000 |
| certa-2012-avi-416 | Vulnérabilités dans Kerberos | 2012-08-02T00:00:00.000000 | 2012-08-02T00:00:00.000000 |
| certa-2012-avi-415 | Vulnérabilités dans Google Chrome | 2012-08-02T00:00:00.000000 | 2012-08-02T00:00:00.000000 |
| certa-2012-avi-414 | Vulnérabilités dans IBM Rational Directory Server | 2012-08-01T00:00:00.000000 | 2012-08-01T00:00:00.000000 |
| certa-2012-avi-413 | Vulnérabilité dans SIMATIC S7-400 CPU | 2012-08-01T00:00:00.000000 | 2012-08-01T00:00:00.000000 |
| certa-2012-avi-412 | Vulnérabilités dans Django | 2012-08-01T00:00:00.000000 | 2012-08-01T00:00:00.000000 |
| certa-2012-avi-411 | Vulnérabilité dans IBM WebSphere | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-410 | Vulnérabilité dans IBM AIX | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-409 | Vulnérabilité dans Ruby on Rails | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-408 | Vulnérabilités dans Bugzilla | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-407 | Vulnérabilités dans IBM SONAS | 2012-07-30T00:00:00.000000 | 2012-07-30T00:00:00.000000 |
| certa-2012-avi-406 | Vulnérabilités dans ISC DHCP | 2012-07-26T00:00:00.000000 | 2012-07-26T00:00:00.000000 |
| certa-2012-avi-405 | Vulnérabilités dans ISC BIND | 2012-07-26T00:00:00.000000 | 2012-07-26T00:00:00.000000 |