Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-40350 | Movary User Management (/settings/users) has Authoriza… |
leepeuker |
movary |
2026-04-18T00:07:33.324Z | 2026-04-20T16:15:39.915Z | |
| cve-2026-40489 | editorconfig-core-c has incomplete fix for CVE-2023-0341 |
editorconfig |
editorconfig-core-c |
2026-04-18T01:24:57.278Z | 2026-04-20T16:15:31.570Z | |
| cve-2026-40493 | SAIL has heap buffer overflow in PSD decoder — bpp mis… |
HappySeaFox |
sail |
2026-04-18T01:41:14.664Z | 2026-04-20T16:15:22.120Z | |
| cve-2026-6588 | serge-chat serge Model API Endpoint model.py delete_mo… |
serge-chat |
serge |
2026-04-20T00:15:12.174Z | 2026-04-20T16:15:13.000Z | |
| cve-2026-6652 | Pagekit CMS StringStorage Template PhpEngine.php evalu… |
Pagekit |
CMS |
2026-04-20T15:00:22.525Z | 2026-04-20T16:14:56.950Z | |
| cve-2026-40336 | libgphoto2 has memory leak in ptp_unpack_Sony_DPD() se… |
gphoto |
libgphoto2 |
2026-04-17T23:27:42.868Z | 2026-04-20T16:14:53.071Z | |
| cve-2026-40341 | libgphoto2 has an OOB Read in ptp_unpack_EOS_FocusInfoEx |
gphoto |
libgphoto2 |
2026-04-17T23:48:36.644Z | 2026-04-20T16:14:19.107Z | |
| cve-2026-6583 | TransformerOptimus SuperAGI API Key Management Endpoin… |
TransformerOptimus |
SuperAGI |
2026-04-19T23:00:20.450Z | 2026-04-20T16:14:10.062Z | |
| cve-2026-40337 | Sentry kernel has incomplete ownership check for IRQ l… |
camelot-os |
sentry-kernel |
2026-04-17T23:51:09.866Z | 2026-04-20T16:13:48.908Z | |
| cve-2026-40896 | OpenProject has Cross-Project Meeting Agenda Item Inje… |
opf |
openproject |
2026-04-20T15:12:52.279Z | 2026-04-20T16:13:10.714Z | |
| cve-2026-6066 | 7.1 (v3.1) | Unencrypted Client‑Server Communication in ConnectWise… |
ConnectWise |
Automate |
2026-04-20T15:26:31.843Z | 2026-04-20T16:13:06.767Z |
| cve-2026-6578 | liangliangyy DjangoBlog Setting settings.py hard-coded… |
liangliangyy |
DjangoBlog |
2026-04-19T21:15:14.960Z | 2026-04-20T16:12:54.941Z | |
| cve-2026-25058 | Vexa's unauthenticated internal transcript endpoint ex… |
Vexa-ai |
vexa |
2026-04-20T16:03:06.639Z | 2026-04-20T16:12:27.988Z | |
| cve-2026-6572 | Collabora KodExplorer fileUpload Endpoint share.class.… |
Collabora |
KodExplorer |
2026-04-19T12:15:14.167Z | 2026-04-20T16:11:35.361Z | |
| cve-2026-32690 | Apache Airflow: 3.x - Nested Variable Secret Values By… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:22:26.081Z | 2026-04-20T16:11:33.956Z | |
| cve-2026-40348 | Movary has Authenticated SSRF via Jellyfin Server URL … |
leepeuker |
movary |
2026-04-18T00:01:09.725Z | 2026-04-20T16:11:32.779Z | |
| cve-2026-6564 | EMQ EMQX Enterprise Session Handling improper authorization |
EMQ |
EMQX Enterprise |
2026-04-19T09:30:15.159Z | 2026-04-20T16:09:52.702Z | |
| cve-2026-41254 | 4 (v3.1) | Little CMS (lcms2) through 2.18 has an integer ov… |
littlecms |
little cms color engine |
2026-04-18T06:43:13.741Z | 2026-04-20T16:09:45.530Z |
| cve-2026-6601 | Lagom WHMCS Template Datatables resource consumption |
Lagom |
WHMCS Template |
2026-04-20T03:30:14.978Z | 2026-04-20T16:09:24.835Z | |
| cve-2026-40474 | wger has Broken Access Control in the Global Gym Confi… |
wger-project |
wger |
2026-04-17T21:39:03.677Z | 2026-04-20T16:08:12.427Z | |
| cve-2026-6559 | Wavlink WL-WN579A3 login.cgi sub_401F80 cross site scripting |
Wavlink |
WL-WN579A3 |
2026-04-19T05:15:15.503Z | 2026-04-20T16:07:54.597Z | |
| cve-2026-6606 | modelscope agentscope _agent_base.py _process_audio_bl… |
modelscope |
agentscope |
2026-04-20T04:45:11.806Z | 2026-04-20T16:07:08.458Z | |
| cve-2026-6562 | dameng100 muucmf index.html getListByPage sql injection |
dameng100 |
muucmf |
2026-04-19T08:15:11.633Z | 2026-04-20T16:06:23.786Z | |
| cve-2026-41242 | protobufjs has an arbitrary code execution issue |
protobufjs |
protobuf.js |
2026-04-18T16:18:10.652Z | 2026-04-20T16:03:57.689Z | |
| cve-2026-6610 | liangliangyy DjangoBlog Setting settings.py hard-coded… |
liangliangyy |
DjangoBlog |
2026-04-20T05:45:18.671Z | 2026-04-20T16:03:06.598Z | |
| cve-2026-6611 | liangliangyy DjangoBlog File Upload Endpoint settings.… |
liangliangyy |
DjangoBlog |
2026-04-20T06:00:18.066Z | 2026-04-20T16:00:23.582Z | |
| cve-2026-40299 | next-intl has an open redirect vulnerability |
amannn |
next-intl |
2026-04-17T20:49:05.642Z | 2026-04-20T15:58:51.149Z | |
| cve-2026-6615 | TransformerOptimus SuperAGI Multipart Upload resources… |
TransformerOptimus |
SuperAGI |
2026-04-20T07:00:16.486Z | 2026-04-20T15:56:36.960Z | |
| cve-2026-6616 | TransformerOptimus SuperAGI WebScraperTool webpage_ext… |
TransformerOptimus |
SuperAGI |
2026-04-20T07:15:12.269Z | 2026-04-20T15:54:33.904Z | |
| cve-2026-32228 | Apache Airflow: Users with asset materialization permi… |
Apache Software Foundation |
Apache Airflow |
2026-04-18T06:19:47.512Z | 2026-04-20T15:54:05.072Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-000024 | Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads | 2020-04-07T14:49+09:00 | 2020-04-07T14:49+09:00 |
| jvndb-2020-000021 | Multiple Yamaha network devices vulnerable to denial-of-service (DoS) | 2020-03-31T17:44+09:00 | 2020-04-01T18:38+09:00 |
| jvndb-2019-000014 | The installer of Microsoft Teams may insecurely load Dynamic Link Libraries | 2019-04-02T14:18+09:00 | 2020-04-01T16:55+09:00 |
| jvndb-2020-002958 | Denial-of-service (DoS) vulnerability in Mitsubishi Electric MELSOFT transmission port | 2020-03-31T13:37+09:00 | 2020-04-01T14:45+09:00 |
| jvndb-2020-000907 | WL-Enq (WEB Enquete) vulnerable to OS command injection | 2020-03-25T09:50+09:00 | 2020-03-25T09:50+09:00 |
| jvndb-2020-000908 | Keijiban Tsumiki vulnerable to OS command injection | 2020-03-24T18:14+09:00 | 2020-03-24T18:14+09:00 |
| jvndb-2020-000900 | mailform vulnerable to cross-site scripting | 2020-03-24T18:05+09:00 | 2020-03-24T18:05+09:00 |
| jvndb-2020-000901 | mailform vulnerable to PHP code execution | 2020-03-24T17:59+09:00 | 2020-03-24T17:59+09:00 |
| jvndb-2020-000902 | Multiple vulnerabilities in Shihonkanri Plus GOOUT | 2020-03-24T17:53+09:00 | 2020-03-24T17:53+09:00 |
| jvndb-2020-000903 | Shihonkanri Plus GOOUT vulnerable to OS command injection | 2020-03-24T17:47+09:00 | 2020-03-24T17:47+09:00 |
| jvndb-2020-000904 | CuteNews vulnerable to cross-site scripting | 2020-03-24T17:42+09:00 | 2020-03-24T17:42+09:00 |
| jvndb-2020-000905 | Cute News vulnerable to PHP code execution | 2020-03-24T17:40+09:00 | 2020-03-24T17:40+09:00 |
| jvndb-2020-002278 | Cross-site Scripting Vulnerability in JP1/Performance Management - Manager [Web Console] | 2020-03-11T14:16+09:00 | 2020-03-11T14:16+09:00 |
| jvndb-2020-002219 | Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2020-03-09T11:23+09:00 | 2020-03-09T11:23+09:00 |
| jvndb-2020-002220 | Improper LDAPS Certificate Validation in Hitachi Ops Center Common Services | 2020-03-09T11:21+09:00 | 2020-03-09T11:21+09:00 |
| jvndb-2020-000013 | Multiple Trend Micro products vulnerable to denial-of-service (DoS) | 2020-02-14T13:39+09:00 | 2020-03-06T13:56+09:00 |
| jvndb-2020-000020 | Multiple vulnerabilities in OpenBlocks IoT VX2 | 2020-03-03T17:50+09:00 | 2020-03-03T17:50+09:00 |
| jvndb-2020-000019 | GRANDIT vulnerable to session management | 2020-03-02T14:39+09:00 | 2020-03-02T14:39+09:00 |
| jvndb-2019-000058 | Multiple buffer overflow vulnerabilities in multiple Ricoh printers and Multifunction Printers (MFPs) | 2019-09-13T14:29+09:00 | 2020-02-25T17:27+09:00 |
| jvndb-2019-014138 | Improper Authentication Vulnerability in RICOH printers | 2020-02-25T15:47+09:00 | 2020-02-25T15:47+09:00 |
| jvndb-2019-014137 | Improper Access Control Vulnerability in RICOH printers | 2020-02-25T15:44+09:00 | 2020-02-25T15:44+09:00 |
| jvndb-2019-014437 | Privilege escalation vulnerability in multiple RICOH printer drivers | 2020-02-25T15:29+09:00 | 2020-02-25T15:29+09:00 |
| jvndb-2019-014031 | Cross-site Request Forgery Vulnerability in RICOH printers | 2020-02-25T14:06+09:00 | 2020-02-25T14:06+09:00 |
| jvndb-2019-014136 | Information Disclosure Vulnerability in RICOH printers | 2020-02-25T14:02+09:00 | 2020-02-25T14:02+09:00 |
| jvndb-2020-000016 | Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS | 2020-02-19T14:39+09:00 | 2020-02-19T14:39+09:00 |
| jvndb-2020-000015 | Multiple vulnerabilities in Aterm WG2600HS | 2020-02-19T14:34+09:00 | 2020-02-19T14:34+09:00 |
| jvndb-2020-000012 | WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery | 2020-02-18T13:42+09:00 | 2020-02-18T13:42+09:00 |
| jvndb-2020-001591 | Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 | 2020-02-18T12:10+09:00 | 2020-02-18T12:10+09:00 |
| jvndb-2020-001545 | Security information for Hitachi Disk Array Systems | 2020-02-14T15:34+09:00 | 2020-02-14T15:34+09:00 |
| jvndb-2020-000014 | ilbo App vulnerable to authentication bypass | 2020-02-14T13:43+09:00 | 2020-02-14T13:43+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0519 | Multiples vulnérabilités dans Moodle | 2025-06-18T00:00:00.000000 | 2025-06-18T00:00:00.000000 |
| certfr-2025-avi-0518 | Multiples vulnérabilités dans Google Chrome | 2025-06-18T00:00:00.000000 | 2025-06-18T00:00:00.000000 |
| certfr-2025-avi-0517 | Multiples vulnérabilités dans les produits Veeam | 2025-06-18T00:00:00.000000 | 2025-06-18T00:00:00.000000 |
| certfr-2025-avi-0516 | Multiples vulnérabilités dans Apache Tomcat | 2025-06-17T00:00:00.000000 | 2025-06-17T00:00:00.000000 |
| certfr-2025-avi-0515 | Vulnérabilité dans Grafana | 2025-06-16T00:00:00.000000 | 2025-06-16T00:00:00.000000 |
| certfr-2025-avi-0514 | Vulnérabilité dans PostgreSQL JDBC | 2025-06-16T00:00:00.000000 | 2025-06-16T00:00:00.000000 |
| certfr-2025-avi-0513 | Multiples vulnérabilités dans Microsoft Edge | 2025-06-16T00:00:00.000000 | 2025-06-16T00:00:00.000000 |
| certfr-2025-avi-0512 | Multiples vulnérabilités dans les produits IBM | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0511 | Multiples vulnérabilités dans les produits Google | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0510 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0509 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0508 | Multiples vulnérabilités dans les produits Splunk | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0507 | Multiples vulnérabilités dans Tenable Nessus Agent | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0506 | Vulnérabilité dans Spring Framework | 2025-06-13T00:00:00.000000 | 2025-06-13T00:00:00.000000 |
| certfr-2025-avi-0505 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-06-12T00:00:00.000000 | 2025-06-12T00:00:00.000000 |
| certfr-2025-avi-0504 | Vulnérabilité dans les produits Moxa | 2025-06-12T00:00:00.000000 | 2025-06-12T00:00:00.000000 |
| certfr-2025-avi-0503 | Multiples vulnérabilités dans les produits Mitel | 2025-06-12T00:00:00.000000 | 2025-06-12T00:00:00.000000 |
| certfr-2025-avi-0502 | Multiples vulnérabilités dans GitLab | 2025-06-12T00:00:00.000000 | 2025-06-12T00:00:00.000000 |
| certfr-2025-avi-0396 | Multiples vulnérabilités dans les produits SAP | 2025-05-13T00:00:00.000000 | 2025-06-12T00:00:00.000000 |
| certfr-2025-avi-0392 | Multiples vulnérabilités dans Mattermost Server | 2025-05-13T00:00:00.000000 | 2025-06-12T00:00:00.000000 |
| certfr-2025-avi-0501 | Multiples vulnérabilités dans les produits Microsoft | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0500 | Vulnérabilité dans Microsoft .Net | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0499 | Multiples vulnérabilités dans Microsoft Windows | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0498 | Multiples vulnérabilités dans Microsoft Office | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0497 | Vulnérabilité dans les processeurs Intel | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0496 | Multiples vulnérabilités dans les produits Fortinet | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0495 | Multiples vulnérabilités dans les produits Adobe | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0494 | Vulnérabilité dans Elastic Kibana | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0493 | Multiples vulnérabilités dans les produits Centreon | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |
| certfr-2025-avi-0492 | Multiples vulnérabilités dans les produits Siemens | 2025-06-11T00:00:00.000000 | 2025-06-11T00:00:00.000000 |