Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32308 | OneUptime: Stored XSS via Mermaid Diagram Rendering (s… |
OneUptime |
oneuptime |
2026-03-12T21:29:00.510Z | 2026-03-14T03:43:13.858Z | |
| cve-2026-32306 | OneUptime ClickHouse SQL Injection via Aggregate Query… |
OneUptime |
oneuptime |
2026-03-12T21:27:51.463Z | 2026-03-14T03:42:22.271Z | |
| cve-2026-32304 | Locutus: RCE via unsanitized input in create_function() |
locutusjs |
locutus |
2026-03-12T21:24:51.730Z | 2026-03-13T13:12:13.553Z | |
| cve-2026-32302 | OpenClaw: Untrusted web origins can obtain authenticat… |
openclaw |
openclaw |
2026-03-12T21:22:29.099Z | 2026-03-13T13:11:06.707Z | |
| cve-2026-32301 | Centrifugo: SSRF via unverified JWT claims interpolate… |
centrifugal |
centrifugo |
2026-03-12T21:19:03.862Z | 2026-03-13T13:09:57.376Z | |
| cve-2026-25076 | 8.5 (v4.0) 7.3 (v3.1) | Anchore Enterprise GraphQL Reports API SQL injection |
Anchore |
Anchore Enterprise |
2026-03-12T21:07:46.502Z | 2026-03-13T13:08:47.633Z |
| cve-2026-2229 | 7.5 (v3.1) | undici is vulnerable to Unhandled Exception in undici … |
undici |
undici |
2026-03-12T20:27:05.600Z | 2026-03-13T13:06:46.814Z |
| cve-2026-1528 | 7.5 (v3.1) | undici is vulnerable to Malicious WebSocket 64-bit len… |
undici |
undici |
2026-03-12T20:21:57.775Z | 2026-03-13T13:04:57.048Z |
| cve-2026-1527 | 4.6 (v3.1) | undici is vulnerable to CRLF Injection via upgrade option |
undici |
undici |
2026-03-12T20:17:18.984Z | 2026-03-13T18:06:03.794Z |
| cve-2026-2581 | 5.9 (v3.1) | undici is vulnerable to Unbounded Memory Consumption i… |
undici |
undici |
2026-03-12T20:13:19.571Z | 2026-03-13T18:04:58.799Z |
| cve-2026-1526 | 7.5 (v3.1) | undici is vulnerable to Unbounded Memory Consumption i… |
undici |
undici |
2026-03-12T20:08:05.950Z | 2026-03-13T18:04:20.683Z |
| cve-2026-3611 | 10 (v4.0) 10 (v3.1) | Honeywell IQ4x BMS Controller Missing authentication f… |
Honeywell |
IQ4E |
2026-03-12T20:06:05.753Z | 2026-03-30T15:26:08.604Z |
| cve-2026-1525 | 6.5 (v3.1) | undici is vulnerable to Inconsistent Interpretation of… |
undici |
undici |
2026-03-12T19:56:55.092Z | 2026-03-12T20:46:13.379Z |
| cve-2026-32274 | Black: Arbitrary file writes from unsanitized user inp… |
psf |
black |
2026-03-12T19:47:07.464Z | 2026-03-13T16:10:51.448Z | |
| cve-2026-32269 | Parse Server OAuth2 adapter app ID validation sends wr… |
parse-community |
parse-server |
2026-03-12T19:43:23.632Z | 2026-03-13T16:11:21.212Z | |
| cve-2026-32260 | Command Injection via incomplete shell metacharacter b… |
denoland |
deno |
2026-03-12T19:41:17.965Z | 2026-03-13T16:13:40.538Z | |
| cve-2026-32259 | ImageMagick has a possible stack buffer overflow in si… |
ImageMagick |
ImageMagick |
2026-03-12T19:38:12.192Z | 2026-03-13T16:14:03.956Z | |
| cve-2026-32240 | Cap'n Proto: Integer overflow in KJ-HTTP chunk size |
capnproto |
capnproto |
2026-03-12T19:35:57.374Z | 2026-03-13T16:14:32.323Z | |
| cve-2026-32239 | Cap'n Proto has an integer overflow in KJ-HTTP |
capnproto |
capnproto |
2026-03-12T19:33:25.052Z | 2026-03-13T16:15:03.051Z | |
| cve-2026-32251 | Tolgee has an XXE Injection in Translation Import |
tolgee |
tolgee-platform |
2026-03-12T19:21:05.130Z | 2026-03-13T16:15:44.484Z | |
| cve-2026-32249 | NFA regex engine NULL pointer dereference affects Vim … |
vim |
vim |
2026-03-12T19:17:23.954Z | 2026-03-13T16:16:31.836Z | |
| cve-2026-32248 | Parse Server: Account takeover via operator injection … |
parse-community |
parse-server |
2026-03-12T19:14:47.698Z | 2026-03-13T16:17:09.519Z | |
| cve-2026-32247 | Graphiti vulnerable to Cypher Injection via unsanitize… |
getzep |
graphiti |
2026-03-12T19:11:29.857Z | 2026-03-13T16:17:58.625Z | |
| cve-2026-2376 | 4.9 (v3.1) | Mirror-registry: quay: quay: server-side request forge… |
Red Hat |
mirror registry for Red Hat OpenShift |
2026-03-12T19:11:16.569Z | 2026-03-12T20:46:18.921Z |
| cve-2026-32246 | Tinyauth vulnerable to TOTP/2FA bypass via OIDC author… |
steveiliop56 |
tinyauth |
2026-03-12T18:59:20.875Z | 2026-03-12T20:46:24.238Z | |
| cve-2026-32245 | Tinyauth's OIDC authorization codes are not bound to c… |
steveiliop56 |
tinyauth |
2026-03-12T18:57:51.330Z | 2026-03-12T20:46:29.581Z | |
| cve-2026-32242 | Parse Server OAuth2 adapter shares mutable state acros… |
parse-community |
parse-server |
2026-03-12T18:49:01.228Z | 2026-03-12T20:20:14.597Z | |
| cve-2026-32237 | @backstage/plugin-scaffolder-backend: Possible exposur… |
@backstage |
plugin-scaffolder-backend |
2026-03-12T18:38:57.156Z | 2026-03-12T20:46:35.503Z | |
| cve-2026-32236 | @backstage/plugin-auth-backend: SSRF in experimental C… |
@backstage |
plugin-auth-backend |
2026-03-12T18:37:11.330Z | 2026-04-15T20:46:50.517Z | |
| cve-2026-32235 | @backstage/plugin-auth-backend: OAuth redirect URI all… |
@backstage |
plugin-auth-backend |
2026-03-12T18:35:06.325Z | 2026-03-12T20:46:46.618Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2011-avi-629 | Vulnérabilités dans Novell ZENworks | 2011-11-14T00:00:00.000000 | 2011-11-14T00:00:00.000000 |
| certa-2011-avi-628 | Multiples vulnérabilités dans l'hyperviseur <SPAN class="textit">Xen</SPAN> | 2011-11-14T00:00:00.000000 | 2011-11-14T00:00:00.000000 |
| certa-2011-avi-627 | Vulnérabilité dans <SPAN class= "textit">DB2 Query Monitor Tool</SPAN> | 2011-11-14T00:00:00.000000 | 2011-11-14T00:00:00.000000 |
| certa-2011-avi-626 | Multiples vulnérabilités dans les produits Mozilla | 2011-11-09T00:00:00.000000 | 2011-11-09T00:00:00.000000 |
| certa-2011-avi-625 | Multiples vulnérabilités dans Adobe Shockwave Player | 2011-11-09T00:00:00.000000 | 2011-11-09T00:00:00.000000 |
| certa-2011-avi-624 | Vulnérabilité dans Microsoft Active Directory | 2011-11-09T00:00:00.000000 | 2011-11-09T00:00:00.000000 |
| certa-2011-avi-623 | Vulnérabilité dans Windows Mail et l'espace de collaboration Windows | 2011-11-09T00:00:00.000000 | 2011-11-09T00:00:00.000000 |
| certa-2011-avi-622 | Vulnérabilité dans Microsoft Windows | 2011-11-09T00:00:00.000000 | 2011-11-09T00:00:00.000000 |
| certa-2011-avi-621 | Vulnérabilité dans la pile TCP/IP de Windows | 2011-11-09T00:00:00.000000 | 2011-11-09T00:00:00.000000 |
| certa-2011-avi-620 | Vulnérabilité dans RSA Key Manager Appliance | 2011-11-08T00:00:00.000000 | 2011-11-08T00:00:00.000000 |
| certa-2011-avi-619 | Vulnérabilité dans Juniper | 2011-11-08T00:00:00.000000 | 2011-11-08T00:00:00.000000 |
| certa-2011-avi-618 | Vulnérabilités dans HP OpenView Network Node Manager | 2011-11-08T00:00:00.000000 | 2011-11-08T00:00:00.000000 |
| certa-2011-avi-617 | Vulnérabilité EMC Documentum eRoom | 2011-11-07T00:00:00.000000 | 2011-11-07T00:00:00.000000 |
| certa-2011-avi-616 | Vulnérabilités dans IBM AIX Bind | 2011-11-03T00:00:00.000000 | 2011-11-03T00:00:00.000000 |
| certa-2011-avi-615 | Vulnérabilité dans Squid | 2011-11-03T00:00:00.000000 | 2011-11-03T00:00:00.000000 |
| certa-2011-avi-614 | Vulnérabilité dans Novell Messenger | 2011-11-03T00:00:00.000000 | 2011-11-03T00:00:00.000000 |
| certa-2011-avi-613 | Vulnérabilité dans les produits Cisco Small Business SRP500 Series | 2011-11-03T00:00:00.000000 | 2011-11-03T00:00:00.000000 |
| certa-2011-avi-612 | Multiples vulnérabilités dans Wireshark | 2011-11-02T00:00:00.000000 | 2011-11-02T00:00:00.000000 |
| certa-2011-avi-611 | Multiples vulnérabilités dans HP OpenView | 2011-11-02T00:00:00.000000 | 2011-11-02T00:00:00.000000 |
| certa-2011-avi-610 | Vulnérabilité dans IBM Lotus Sametime | 2011-10-31T00:00:00.000000 | 2011-10-31T00:00:00.000000 |
| certa-2011-avi-609 | Multiples vulnérabilités dans les produits VMWare | 2011-10-31T00:00:00.000000 | 2011-10-31T00:00:00.000000 |
| certa-2011-avi-608 | Vulnérabilité dans les produits D-Link | 2011-10-31T00:00:00.000000 | 2011-10-31T00:00:00.000000 |
| certa-2011-avi-607 | Vulnérabilités dans Fujitsu Interstage HTTP Server | 2011-10-31T00:00:00.000000 | 2011-10-31T00:00:00.000000 |
| certa-2011-avi-606 | Vulnérabilités dans Cisco Webex Player | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |
| certa-2011-avi-605 | Vulnérabilités dans des produits CheckPoint | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |
| certa-2011-avi-604 | Vulnérabilité dans Novell ZENworks | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |
| certa-2011-avi-603 | Vulnérabilités dans Cisco Security Agent | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |
| certa-2011-avi-602 | Vulnérabilité dans des caméras Cisco | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |
| certa-2011-avi-601 | Vulnérabilité dans Cisco CUCM, UCCX et Unified IP-IVR | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |
| certa-2011-avi-600 | Vulnérabilité dans Zope | 2011-10-28T00:00:00.000000 | 2011-10-28T00:00:00.000000 |