Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-2049 | 7.8 (v3.0) | GIMP HDR File Parsing Heap-based Buffer Overflow Remot… |
GIMP |
GIMP |
2026-06-10T21:22:47.059Z | 2026-06-10T21:22:47.059Z |
| cve-2026-46523 | ImageMagick: Use-After-Free in MSL decoder. |
ImageMagick |
ImageMagick |
2026-06-10T21:22:02.658Z | 2026-06-10T21:43:42.309Z | |
| cve-2026-46625 | JavaScript Cookie: Per-instance prototype hijack in as… |
js-cookie |
js-cookie |
2026-06-10T21:18:05.372Z | 2026-06-10T21:18:05.372Z | |
| cve-2026-45783 | libp2p: Unvalidated PUT_VALUE records allow unbounded … |
libp2p |
js-libp2p |
2026-06-10T21:09:40.499Z | 2026-06-10T21:09:40.499Z | |
| cve-2026-46679 | libp2p: Memory DoS via subscription flood of unique topics |
libp2p |
js-libp2p |
2026-06-10T21:08:52.464Z | 2026-06-10T21:08:52.464Z | |
| cve-2026-11604 | 5.6 (v4.0) | An incorrect buffer size calculation in the epoch… |
OpenVPN |
ovpn-dco-win |
2026-06-10T21:04:37.141Z | 2026-06-10T21:04:37.141Z |
| cve-2026-0274 | 8.1 (v4.0) | Cortex XSOAR: Improper Validation of Credentials in Co… |
Palo Alto Networks |
Cortex XSIAM CommvaultSecurityIQ Marketplace |
2026-06-10T21:02:26.497Z | 2026-06-10T21:02:26.497Z |
| cve-2026-0273 | 6.1 (v4.0) 5.7 (v4.0) | PAN-OS: Authenticated Admin Command Injection Vulnerab… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:45.198Z | 2026-06-11T03:55:36.051Z |
| cve-2026-0272 | 6 (v4.0) 5.6 (v4.0) | PAN-OS: Privilege Escalation (PE) Vulnerability in the… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T21:01:10.714Z | 2026-06-11T03:55:34.909Z |
| cve-2026-0271 | 5.9 (v4.0) | Prisma Access Agent: Local Privilege Escalation by Aut… |
Palo Alto Networks |
Prisma Access Agent |
2026-06-10T20:59:51.879Z | 2026-06-10T20:59:51.879Z |
| cve-2026-0270 | 4.8 (v4.0) | Cortex XSOAR: Path Traversal Vulnerability |
Palo Alto Networks |
Cortex XSOAR |
2026-06-10T20:59:00.350Z | 2026-06-10T20:59:00.350Z |
| cve-2026-0269 | 4.6 (v4.0) | PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T20:54:29.102Z | 2026-06-10T20:54:29.102Z |
| cve-2026-0268 | 4.4 (v4.0) | Prisma Access Agent: Local Authenticated VPN Enforceme… |
Palo Alto Networks |
Prisma Access Agent |
2026-06-10T20:40:11.198Z | 2026-06-10T20:40:11.198Z |
| cve-2026-53742 | 5.1 (v4.0) 5.4 (v3.1) | Simple Link Directory through 9.0.4 Stored XSS via Emb… |
quantumcloud |
Simple Link Directory |
2026-06-10T20:39:46.549Z | 2026-06-10T20:39:46.549Z |
| cve-2026-53741 | 5.1 (v4.0) 5.4 (v3.1) | Simple Link Directory through 9.0.4 Stored XSS via sld… |
quantumcloud |
Simple Link Directory |
2026-06-10T20:39:45.823Z | 2026-06-10T20:39:45.823Z |
| cve-2026-53740 | 5.1 (v4.0) 5.4 (v3.1) | Yoast Duplicate Post through 4.6 Stored Cross-Site Scr… |
Yoast |
Yoast Duplicate Post |
2026-06-10T20:39:44.745Z | 2026-06-10T20:39:44.745Z |
| cve-2026-53739 | 5.1 (v4.0) 4.3 (v3.1) | Yoast Duplicate Post through 4.6 Cross-Site Request Fo… |
Yoast |
Yoast Duplicate Post |
2026-06-10T20:39:44.001Z | 2026-06-10T20:39:44.001Z |
| cve-2026-53738 | 7.2 (v4.0) 8.1 (v3.1) | Copy & Delete Posts through 1.5.4 Privilege Escalation… |
Inisev |
Copy & Delete Posts |
2026-06-10T20:39:43.269Z | 2026-06-10T20:39:43.269Z |
| cve-2026-53737 | 5.3 (v4.0) 6.1 (v3.1) | Juicer through 1.12.18 Stored Cross-Site Scripting via… |
saas.group |
Juicer |
2026-06-10T20:39:42.625Z | 2026-06-10T20:39:42.625Z |
| cve-2026-53736 | 5.1 (v4.0) 4.3 (v3.1) | Easy Twitter Feeds before 1.2.13 Cross-Site Request Fo… |
bplugins |
Easy Twitter Feeds |
2026-06-10T20:39:41.827Z | 2026-06-10T20:39:41.827Z |
| cve-2026-42542 | TDengine has an integer underflow in uvConnMayGetUserI… |
taosdata |
TDengine |
2026-06-10T20:32:38.985Z | 2026-06-10T20:32:38.985Z | |
| cve-2026-0267 | 4.4 (v4.0) | GlobalProtect App: Information Exposure Vulnerability … |
Palo Alto Networks |
GlobalProtect App |
2026-06-10T20:31:37.320Z | 2026-06-10T20:31:37.320Z |
| cve-2026-0266 | 1.1 (v4.0) 0.4 (v4.0) | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerabilit… |
Palo Alto Networks |
Cloud NGFW |
2026-06-10T20:30:04.127Z | 2026-06-10T20:30:04.127Z |
| cve-2026-46689 | Kanidm: Unauthenticated process abort via SCIM filter … |
kanidm |
kanidm |
2026-06-10T20:28:44.009Z | 2026-06-10T20:28:44.009Z | |
| cve-2026-50131 | Fedify has an incomplete SSRF mitigation after GHSA-p9… |
fedify-dev |
fedify |
2026-06-10T20:27:43.370Z | 2026-06-10T20:27:43.370Z | |
| cve-2026-48110 | Russh: SSH message fields were decoded through allocat… |
Eugeny |
russh |
2026-06-10T20:26:29.994Z | 2026-06-10T20:26:29.994Z | |
| cve-2026-48108 | Russh: SSH identification parsing accepted non-canonic… |
Eugeny |
russh |
2026-06-10T20:24:56.666Z | 2026-06-10T20:24:56.666Z | |
| cve-2026-48107 | Russh: Unchecked keyboard-interactive prompt count in … |
Eugeny |
russh |
2026-06-10T20:23:45.325Z | 2026-06-10T20:23:45.325Z | |
| cve-2026-10143 | 7.5 (v3.1) 8.7 (v4.0) | kafka-python prior to 2.3.2 DoS via SCRAM Iteration Co… |
Dana Powers |
kafka-python |
2026-06-10T20:22:39.262Z | 2026-06-10T20:22:39.262Z |
| cve-2026-42462 | Fedify has an LD-Signature Bypass via JSON-LD Named-Gr… |
fedify-dev |
fedify |
2026-06-10T20:22:35.383Z | 2026-06-10T20:22:35.383Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-009147 | Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2026-03-27T18:18+09:00 | 2026-03-27T18:18+09:00 |
| jvndb-2026-009148 | Open Redirect Vulnerability in Hitachi Ops Center Administrator | 2026-03-27T18:17+09:00 | 2026-03-27T18:17+09:00 |
| jvndb-2026-000047 | Multiple vulnerabilities in baserCMS | 2026-03-27T18:00+09:00 | 2026-03-27T18:00+09:00 |
| jvndb-2026-000045 | WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting | 2026-03-27T17:34+09:00 | 2026-03-27T17:34+09:00 |
| jvndb-2026-000046 | Multiple vulnerabilities in BUFFALO Wi-Fi routers | 2026-03-27T17:18+09:00 | 2026-03-27T17:18+09:00 |
| jvndb-2026-000044 | Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000042 | Digital Photo Frame GH-WDF10A vulnerable to improper access restriction | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000043 | SHARP routers missing authentication for some web APIs | 2026-03-25T18:41+09:00 | 2026-03-25T18:41+09:00 |
| jvndb-2026-000040 | Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries | 2026-03-25T18:13+09:00 | 2026-03-25T18:13+09:00 |
| jvndb-2026-000041 | SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths | 2026-03-25T17:58+09:00 | 2026-03-25T17:58+09:00 |
| jvndb-2026-007973 | Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) | 2026-03-23T14:54+09:00 | 2026-04-09T13:55+09:00 |
| jvndb-2026-007524 | Vulnerability in Hitachi Command Suite | 2026-03-17T16:42+09:00 | 2026-03-17T16:42+09:00 |
| jvndb-2026-000038 | Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries | 2026-03-17T14:57+09:00 | 2026-03-17T14:57+09:00 |
| jvndb-2026-000039 | Missing authorization in the OpenAI thread/message API endpoints of GROWI | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-000037 | OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-006887 | Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 | 2026-03-12T17:22+09:00 | 2026-03-12T17:22+09:00 |
| jvndb-2026-000036 | Improper file access permission settings in multiple Digital Arts products | 2026-03-09T14:57+09:00 | 2026-03-09T16:23+09:00 |
| jvndb-2026-000035 | Installer for Qsee Client may insecurely load Dynamic Link Libraries | 2026-03-09T14:57+09:00 | 2026-03-09T14:57+09:00 |
| jvndb-2026-006102 | Security issues in ESC/POS | 2026-03-06T10:31+09:00 | 2026-03-06T10:31+09:00 |
| jvndb-2026-000034 | django-allauth vulnerable to open redirect | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000033 | EC-CUBE vulnerable to multi-factor authentication bypass | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000032 | Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) | 2026-03-04T12:20+09:00 | 2026-03-04T12:20+09:00 |
| jvndb-2026-005746 | Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) | 2026-03-04T10:40+09:00 | 2026-03-04T10:40+09:00 |
| jvndb-2026-005744 | Canon IJ Scan Utility registers Windows services with unquoted file paths | 2026-03-04T10:40+09:00 | 2026-03-04T10:40+09:00 |
| jvndb-2026-005259 | Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) | 2026-03-02T11:46+09:00 | 2026-03-02T11:46+09:00 |
| jvndb-2026-000031 | Improper file access permission settings in the installers for multiple Soliton Systems products | 2026-02-27T15:41+09:00 | 2026-02-27T15:41+09:00 |
| jvndb-2026-000030 | IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization | 2026-02-27T15:41+09:00 | 2026-03-03T10:06+09:00 |
| jvndb-2026-000029 | Multiple vulnerabilities in the installer of FinalCode Client | 2026-02-26T14:24+09:00 | 2026-02-26T14:24+09:00 |
| jvndb-2026-004811 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-004810 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0689 | Vulnérabilité dans les produits Cisco | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0688 | Multiples vulnérabilités dans FreeRadius | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0687 | Multiples vulnérabilités dans Synology Chat Server pour DSM | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0686 | Multiples vulnérabilités dans les produits NetApp | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0685 | Multiples vulnérabilités dans Microsoft Azure Linux | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0684 | Multiples vulnérabilités dans Mozilla Firefox | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0683 | Vulnérabilité dans HPE Aruba Networking AOS-CX | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0682 | Vulnérabilité dans les produits Laravel | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0681 | Multiples vulnérabilités dans les produits Microsoft | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0680 | Multiples vulnérabilités dans Microsoft Edge | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0679 | Multiples vulnérabilités dans Google Android | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0678 | Vulnérabilité dans Apache Kafka | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0677 | Vulnérabilité dans les produits Ivanti | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0676 | Multiples vulnérabilités dans Mozilla Firefox | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0675 | Multiples vulnérabilités dans GLPI | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0674 | Multiples vulnérabilités dans les produits Microsoft | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0673 | Vulnérabilité dans Microsoft Azure | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0672 | Multiples vulnérabilités dans les produits Mitel | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0671 | Multiples vulnérabilités dans les produits NetApp | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0670 | Vulnérabilité dans Laravel | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0669 | Vulnérabilité dans Keycloak | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0668 | Vulnérabilité dans Kaspersky Anti Targeted Attack Platform | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| certfr-2026-avi-0667 | Multiples vulnérabilités dans les produits IBM | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0666 | Multiples vulnérabilités dans le noyau Linux de Debian | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0665 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0664 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0663 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0662 | Multiples vulnérabilités dans Oracle Database Server | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0661 | Multiples vulnérabilités dans Elastic Kibana | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| certfr-2026-avi-0660 | Multiples vulnérabilités dans les produits Mattermost | 2026-05-29T00:00:00.000000 | 2026-05-29T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-ale-002 | Vulnérabilité dans VMware Spring Cloud Gateway | 2022-03-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-001 | [MaJ] Vulnérabilité dans Microsoft Windows | 2022-01-12T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-022 | [MaJ] Vulnérabilité dans Apache Log4j | 2021-12-10T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-021 | Vulnérabilité dans Microsoft Exchange | 2021-11-10T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-020 | [Maj] Multiples vulnérabilités dans Microsoft Azure Open Management Infrastructure | 2021-09-17T00:00:00.000000 | 2022-01-05T00:00:00.000000 |
| certfr-2021-ale-019 | [MaJ] Vulnérabilité dans Microsoft Windows | 2021-09-08T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-018 | Vulnérabilité dans Atlassian Confluence Server et Data Center | 2021-09-06T00:00:00.000000 | 2022-01-05T00:00:00.000000 |
| certfr-2021-ale-017 | Multiples vulnérabilités dans Microsoft Exchange | 2021-08-27T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-016 | Vulnérabilité dans SonicWall | 2021-07-15T00:00:00.000000 | 2021-08-19T00:00:00.000000 |
| certfr-2021-ale-015 | Multiples vulnérabilités dans SolarWinds Serv-U | 2021-07-13T00:00:00.000000 | 2021-10-19T00:00:00.000000 |
| certfr-2021-ale-014 | [MaJ] Multiples vulnérabilités dans Microsoft Windows | 2021-07-02T00:00:00.000000 | 2022-01-05T00:00:00.000000 |
| certfr-2021-ale-013 | [MaJ] Vulnérabilité dans Microsoft Windows | 2021-06-30T00:00:00.000000 | 2021-07-02T00:00:00.000000 |
| certfr-2021-ale-012 | Multiples vulnérabilités dans Microsoft Windows | 2021-06-09T00:00:00.000000 | 2021-10-19T00:00:00.000000 |
| certfr-2021-ale-011 | Vulnérabilité dans VMware vCenter Server | 2021-06-07T00:00:00.000000 | 2021-10-19T00:00:00.000000 |
| certfr-2021-ale-010 | Vulnérabilité dans Adobe Acrobat et Acrobat Reader | 2021-05-12T00:00:00.000000 | 2021-06-29T00:00:00.000000 |
| certfr-2021-ale-009 | [MàJ] Vulnérabilité dans Microsoft Windows | 2021-05-12T00:00:00.000000 | 2021-06-10T00:00:00.000000 |
| certfr-2021-ale-008 | Multiples vulnérabilités dans Exim | 2021-05-05T00:00:00.000000 | 2021-06-10T00:00:00.000000 |
| certfr-2021-ale-007 | [MàJ] Vulnérabilité dans Pulse Connect Secure | 2021-04-20T00:00:00.000000 | 2021-06-21T00:00:00.000000 |
| certfr-2021-ale-006 | [MàJ] Vulnérabilité dans F5 BIG-IP | 2021-03-22T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-ale-005 | Multiples vulnérabilités dans Microsoft DNS server | 2021-03-12T00:00:00.000000 | 2021-05-12T00:00:00.000000 |
| certfr-2021-ale-004 | [MàJ] Multiples vulnérabilités dans Microsoft Exchange Server | 2021-03-03T00:00:00.000000 | 2021-07-16T00:00:00.000000 |
| certfr-2021-ale-003 | [MàJ] Vulnérabilité dans VMware vCenter Server | 2021-02-25T00:00:00.000000 | 2021-05-12T00:00:00.000000 |
| certfr-2021-ale-002 | [MàJ] Vulnérabilité dans Google Chrome et Microsoft Edge | 2021-02-05T00:00:00.000000 | 2021-03-11T00:00:00.000000 |
| certfr-2021-ale-001 | |MàJ] Vulnérabilité dans SonicWall SMA100 | 2021-02-02T00:00:00.000000 | 2021-05-12T00:00:00.000000 |
| certfr-2020-ale-026 | [MaJ] Présence de code malveillant dans SolarWinds Orion | 2020-12-14T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2020-ale-025 | Vulnérabilité dans Fortinet FortiOS SSL-VPN | 2020-11-27T00:00:00.000000 | 2021-02-08T00:00:00.000000 |
| certfr-2020-ale-024 | [MaJ] Vulnérabilité dans les produits VMware | 2020-11-24T00:00:00.000000 | 2020-12-17T00:00:00.000000 |
| certfr-2020-ale-023 | Multiples vulnérabilités dans Google Chrome | 2020-11-12T00:00:00.000000 | 2020-12-04T00:00:00.000000 |
| certfr-2020-ale-022 | [MàJ] Vulnérabilité dans Oracle Weblogic | 2020-10-30T00:00:00.000000 | 2020-12-17T00:00:00.000000 |
| certfr-2020-ale-021 | Vulnérabilité dans Samba | 2020-09-18T00:00:00.000000 | 2021-03-11T00:00:00.000000 |