Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32121 | OpenEMR: Stored DOM XSS via `.html()` in Portal Signer Modal |
openemr |
openemr |
2026-03-11T20:47:31.777Z | 2026-03-12T14:07:53.525Z | |
| cve-2026-32118 | OpenEMR has Stored XSS in Graphical Pain Map legend vi… |
openemr |
openemr |
2026-03-11T20:46:19.118Z | 2026-03-12T14:06:49.980Z | |
| cve-2026-32112 | ha-mcp has XSS via Unescaped HTML in OAuth Consent Form |
homeassistant-ai |
ha-mcp |
2026-03-11T20:42:30.381Z | 2026-03-12T14:05:47.508Z | |
| cve-2026-32111 | ha-mcp OAuth 2.1 DCR mode enables network reconnaissan… |
homeassistant-ai |
ha-mcp |
2026-03-11T20:41:37.529Z | 2026-03-12T14:03:53.910Z | |
| cve-2026-32110 | SiYuan has a Full-Read SSRF via /api/network/forwardProxy |
siyuan-note |
siyuan |
2026-03-11T20:38:08.708Z | 2026-03-12T14:01:27.532Z | |
| cve-2026-3956 | xierongwkhd weimai-wetapp Admin_AdminUserController.ja… |
xierongwkhd |
weimai-wetapp |
2026-03-11T20:32:11.450Z | 2026-03-12T13:59:53.903Z | |
| cve-2026-3955 | elecV2P jsfile Endpoint wbjs.js runJSFile code injection |
n/a |
elecV2P |
2026-03-11T20:32:08.853Z | 2026-03-12T13:57:25.008Z | |
| cve-2026-2640 | 6.8 (v4.0) 5.5 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
PC Manager |
2026-03-11T20:23:12.942Z | 2026-03-12T16:18:19.313Z |
| cve-2026-1717 | 6.8 (v4.0) 5.5 (v3.1) | An input validation vulnerability was reported in… |
Lenovo |
Vantage |
2026-03-11T20:22:50.139Z | 2026-03-12T16:18:25.059Z |
| cve-2026-1716 | 6.9 (v4.0) 7.1 (v3.1) | An input validation vulnerability was reported in… |
Lenovo |
Vantage |
2026-03-11T20:22:37.168Z | 2026-03-12T16:18:30.536Z |
| cve-2026-1715 | 6.9 (v4.0) 7.1 (v3.1) | An input validation vulnerability was reported in… |
Lenovo |
Vantage |
2026-03-11T20:22:24.144Z | 2026-03-12T16:18:37.213Z |
| cve-2026-1653 | 6.8 (v4.0) 5.5 (v3.1) | A potential divide by zero vulnerability was repo… |
Lenovo |
Smart Connect |
2026-03-11T20:21:40.157Z | 2026-03-12T16:18:44.904Z |
| cve-2026-1652 | 6.9 (v4.0) 6.1 (v3.1) | A potential buffer overflow vulnerability was rep… |
Lenovo |
Smart Connect |
2026-03-11T20:21:32.839Z | 2026-03-12T16:18:51.456Z |
| cve-2026-0940 | 8.4 (v4.0) 6.7 (v3.1) | A potential improper initialization vulnerability… |
Lenovo |
ThinkPad T14 Gen 5 BIOS |
2026-03-11T20:21:17.160Z | 2026-03-13T03:55:41.336Z |
| cve-2026-2368 | 7.5 (v4.0) 7.1 (v3.1) | An improper certificate validation vulnerability … |
Lenovo |
FileZ |
2026-03-11T20:21:05.818Z | 2026-03-12T16:19:05.164Z |
| cve-2026-1068 | 6 (v4.0) 5.3 (v3.1) | An improper certificate validation vulnerability … |
Lenovo |
FileZ |
2026-03-11T20:20:53.662Z | 2026-03-12T16:19:12.229Z |
| cve-2026-0520 | 2.4 (v4.0) 2.8 (v3.1) | A potential vulnerability was reported in the Len… |
Lenovo |
FileZ |
2026-03-11T20:20:21.510Z | 2026-03-12T16:19:19.144Z |
| cve-2026-32109 | Copyparty has unexpected JavaScript execution via craf… |
9001 |
copyparty |
2026-03-11T20:16:34.480Z | 2026-03-12T19:45:30.412Z | |
| cve-2026-32108 | Copyparty ftp/sftp: Sharing a single file did not full… |
9001 |
copyparty |
2026-03-11T20:14:18.998Z | 2026-03-12T19:47:10.628Z | |
| cve-2026-32104 | StudioCMS: IDOR in User Notification Preferences Allow… |
withstudiocms |
studiocms |
2026-03-11T20:09:44.879Z | 2026-03-12T19:48:05.180Z | |
| cve-2026-32106 | StudioCMS: REST API Missing Rank Check Allows Admin to… |
withstudiocms |
studiocms |
2026-03-11T20:09:12.095Z | 2026-03-12T19:48:33.042Z | |
| cve-2026-32103 | StudioCMS: IDOR — Admin-to-Owner Account Takeover via … |
withstudiocms |
studiocms |
2026-03-11T20:06:58.276Z | 2026-03-12T19:48:56.254Z | |
| cve-2026-32102 | OliveTin Unauthorized Action Output Disclosure via Eve… |
OliveTin |
OliveTin |
2026-03-11T20:05:16.164Z | 2026-03-12T19:47:37.664Z | |
| cve-2026-32101 | StudioCMS S3 Storage Manager Authorization Bypass via … |
@studiocms |
s3-storage |
2026-03-11T20:03:05.319Z | 2026-03-12T19:51:19.210Z | |
| cve-2026-3954 | OpenBMB XAgent workspace.py workspace path traversal |
OpenBMB |
XAgent |
2026-03-11T20:02:08.067Z | 2026-03-12T19:51:41.759Z | |
| cve-2026-32234 | Parse Server has a SQL injection via query field name … |
parse-community |
parse-server |
2026-03-11T19:58:54.601Z | 2026-03-12T19:52:17.029Z | |
| cve-2026-32098 | Parse Server has a protected fields bypass via LiveQue… |
parse-community |
parse-server |
2026-03-11T19:57:26.929Z | 2026-03-12T19:52:52.859Z | |
| cve-2026-32097 | PingPong has improper access control in thread file en… |
comppolicylab |
pingpong |
2026-03-11T19:55:51.707Z | 2026-03-12T19:50:51.551Z | |
| cve-2026-32096 | Plunk has SSRF via unvalidated AWS SNS SubscriptionCon… |
useplunk |
plunk |
2026-03-11T19:53:39.734Z | 2026-03-12T20:00:12.401Z | |
| cve-2026-32095 | Plunk has Stored Cross-Site Scripting (XSS) via SVG Fi… |
useplunk |
plunk |
2026-03-11T19:52:15.524Z | 2026-03-12T19:53:49.703Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2011-avi-389 | Vulnérabilité dans Microsoft Visio | 2011-07-13T00:00:00.000000 | 2011-07-13T00:00:00.000000 |
| certa-2011-avi-388 | Vulnérabilités dans les pilotes en mode noyau du système Microsoft Windows | 2011-07-13T00:00:00.000000 | 2011-07-13T00:00:00.000000 |
| certa-2011-avi-387 | Vulnérabilité dans la pile Bluetooth des systèmes Windows | 2011-07-13T00:00:00.000000 | 2011-07-13T00:00:00.000000 |
| certa-2011-avi-386 | Vulnérabilité dans Trend Micro Control Manager | 2011-07-12T00:00:00.000000 | 2011-07-12T00:00:00.000000 |
| certa-2011-avi-385 | Vulnérabilité dans Symantec Web Gateway | 2011-07-12T00:00:00.000000 | 2011-07-12T00:00:00.000000 |
| certa-2011-avi-384 | Vulnérabilité dans Hitachi HiRDB | 2011-07-11T00:00:00.000000 | 2011-07-11T00:00:00.000000 |
| certa-2011-avi-383 | Vulnérabilité dans Qemu | 2011-07-07T00:00:00.000000 | 2011-07-07T00:00:00.000000 |
| certa-2011-avi-382 | Vulnérabilité dans Cisco Content Services Gateway | 2011-07-07T00:00:00.000000 | 2011-07-07T00:00:00.000000 |
| certa-2011-avi-381 | Multiples vulnérabilités dans Bind | 2011-07-06T00:00:00.000000 | 2012-01-31T00:00:00.000000 |
| certa-2011-avi-380 | Multiples vulnérabilités dans phpMyAdmin | 2011-07-05T00:00:00.000000 | 2011-07-05T00:00:00.000000 |
| certa-2011-avi-379 | Vulnérabilité dans WordPress | 2011-07-01T00:00:00.000000 | 2011-07-01T00:00:00.000000 |
| certa-2011-avi-378 | Vulnérabilité dans Drupal | 2011-07-01T00:00:00.000000 | 2011-07-01T00:00:00.000000 |
| certa-2011-avi-377 | Vulnérabilité dans Zope et Plone | 2011-07-01T00:00:00.000000 | 2011-07-01T00:00:00.000000 |
| certa-2011-avi-376 | Vulnérabilités dans Opera | 2011-07-01T00:00:00.000000 | 2011-07-01T00:00:00.000000 |
| certa-2011-avi-375 | Vulnérabilité dans Novell File Reporter | 2011-06-29T00:00:00.000000 | 2011-06-29T00:00:00.000000 |
| certa-2011-avi-374 | Multiples vulnérabilités dans Google Chrome | 2011-06-29T00:00:00.000000 | 2011-06-29T00:00:00.000000 |
| certa-2011-avi-373 | Vulnérabilité dans libcurl | 2011-06-29T00:00:00.000000 | 2011-06-29T00:00:00.000000 |
| certa-2011-avi-372 | Vulnérabilité dans des boitiers VPN Arkoon | 2011-06-29T00:00:00.000000 | 2011-06-29T00:00:00.000000 |
| certa-2011-avi-371 | Vulnérabilités dans Asterisk | 2011-06-29T00:00:00.000000 | 2011-06-29T00:00:00.000000 |
| certa-2011-avi-370 | Vulnérabilité dans Joomla! | 2011-06-29T00:00:00.000000 | 2011-06-29T00:00:00.000000 |
| certa-2011-avi-369 | Multiples vulnérabilités dans Mac OS X | 2011-06-24T00:00:00.000000 | 2011-06-24T00:00:00.000000 |
| certa-2011-avi-368 | Vulnérabilités dans LibreOffice | 2011-06-23T00:00:00.000000 | 2011-06-23T00:00:00.000000 |
| certa-2011-avi-367 | Vulnérabilité dans Citrix EdgeSight | 2011-06-23T00:00:00.000000 | 2011-06-23T00:00:00.000000 |
| certa-2011-avi-366 | Vulnérabilité dans DokuWiki | 2011-06-22T00:00:00.000000 | 2011-06-22T00:00:00.000000 |
| certa-2011-avi-365 | Multiples vulnérabilités dans les produits Mozilla | 2011-06-22T00:00:00.000000 | 2011-06-22T00:00:00.000000 |
| certa-2011-avi-364 | Vulnérabilité dans des produits Blue Coat | 2011-06-20T00:00:00.000000 | 2011-06-20T00:00:00.000000 |
| certa-2011-avi-363 | Vulnérabilité dans Avaya IP Office Manager | 2011-06-17T00:00:00.000000 | 2011-06-17T00:00:00.000000 |
| certa-2011-avi-362 | Vulnérabilité dans Trend Micro Control Manager | 2011-06-17T00:00:00.000000 | 2011-06-17T00:00:00.000000 |
| certa-2011-avi-361 | Vulnérabilité dans Google Chrome | 2011-06-16T00:00:00.000000 | 2011-06-16T00:00:00.000000 |
| certa-2011-avi-360 | Vulnérabilité dans le Vector Markup Language de Microsoft | 2011-06-15T00:00:00.000000 | 2011-06-15T00:00:00.000000 |