Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-37340 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:14:04.538Z |
| cve-2026-37339 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:11:23.662Z |
| cve-2026-37338 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:49:41.995Z |
| cve-2026-37337 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T17:26:11.625Z |
| cve-2026-37336 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T17:28:46.565Z |
| cve-2026-37100 | N/A | An issue in the Bluetooth Low Energy (BLE) contro… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:26:33.302Z |
| cve-2026-30656 | N/A | A NULL pointer dereference vulnerability exists i… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T17:33:52.962Z |
| cve-2026-30459 | N/A | An issue in the Forgot Password feature of Daylig… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:16:57.348Z |
| cve-2026-5363 | 5.4 (v4.0) | Use of weak cryptographic key in TP-Link Archer C7 |
TP-Link Systems Inc. |
Archer C7 v5 and v5.8 |
2026-04-15T23:45:54.271Z | 2026-04-16T23:10:46.170Z |
| cve-2026-4880 | Barcode Scanner (+Mobile App) <= 1.11.0 - Unauthentica… |
ukrsolution |
Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) |
2026-04-15T23:25:49.596Z | 2026-04-16T14:20:50.654Z | |
| cve-2026-40245 | Free5GC: UDR nudr-dr influenceData/subs-to-notify leak… |
free5gc |
free5gc |
2026-04-15T23:25:11.589Z | 2026-04-16T12:04:46.694Z | |
| cve-2026-40193 | Maddy Mail Server: LDAP Filter Injection via Unsanitiz… |
foxcpp |
maddy |
2026-04-15T23:15:25.011Z | 2026-04-16T14:23:52.438Z | |
| cve-2026-40947 | 2.9 (v3.1) | Yubico libfido2 before 1.17.0, python-fido2 befor… |
Yubico |
libfido2 |
2026-04-15T23:13:38.977Z | 2026-04-16T13:18:13.069Z |
| cve-2026-40192 | Pillow is vulnerable to a FITS GZIP decompression bomb |
python-pillow |
Pillow |
2026-04-15T22:53:56.147Z | 2026-04-16T13:37:19.918Z | |
| cve-2026-40316 | OWASP BLT has RCE in Github Actions via untrusted Djan… |
OWASP-BLT |
BLT |
2026-04-15T22:49:18.636Z | 2026-04-16T14:18:12.374Z | |
| cve-2026-39350 | Istio AuthorizationPolicy Incorrect Regex Matching of … |
istio |
istio |
2026-04-15T22:42:24.216Z | 2026-04-16T12:04:54.038Z | |
| cve-2026-40179 | Prometheus: Stored XSS via metric names and label valu… |
prometheus |
prometheus |
2026-04-15T22:26:46.909Z | 2026-04-16T14:21:42.130Z | |
| cve-2026-4949 | ProfilePress <= 4.16.12 - Missing Authorization to Aut… |
properfraction |
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress |
2026-04-15T22:26:05.515Z | 2026-04-16T14:19:21.197Z | |
| cve-2026-6388 | 9.1 (v3.1) | Argocd-image-updater: argocd image updater: cross-name… |
Red Hat |
Red Hat OpenShift GitOps |
2026-04-15T21:34:07.022Z | 2026-04-16T14:26:23.879Z |
| cve-2026-1711 | 4.8 (v4.0) | Pega Platform versions 8.1.0 through 25.1.1 are affect… |
Pegasystems |
Pega Infinity |
2026-04-15T21:32:51.821Z | 2026-04-16T14:17:53.761Z |
| cve-2026-1564 | 5.1 (v4.0) | Pega Platform versions 8.1.0 through 25.1.1 are affect… |
Pegasystems |
Pega Infinity |
2026-04-15T21:31:19.982Z | 2026-04-16T14:16:54.925Z |
| cve-2026-40500 | 6.1 (v4.0) 6.8 (v3.1) | ProcessWire CMS SSRF via Add Module From URL |
processwire |
processwire |
2026-04-15T21:25:53.214Z | 2026-04-16T13:38:15.341Z |
| cve-2026-40261 | Composer has Command Injection via Malicious Perforce … |
composer |
composer |
2026-04-15T20:56:32.182Z | 2026-04-16T13:41:12.977Z | |
| cve-2026-40176 | Composer is vulnerable to Command Injection via Malici… |
composer |
composer |
2026-04-15T20:47:39.839Z | 2026-04-16T14:16:39.968Z | |
| cve-2026-22676 | 8.5 (v4.0) 7.8 (v3.1) | Barracuda RMM < 2025.2.2 Privilege Escalation via Inse… |
Barracuda Networks |
RMM |
2026-04-15T20:45:23.918Z | 2026-04-16T12:05:01.880Z |
| cve-2026-40173 | Dgraph: Unauthenticated pprof endpoint leaks admin aut… |
dgraph-io |
dgraph |
2026-04-15T20:40:47.186Z | 2026-04-16T12:05:10.186Z | |
| cve-2026-40186 | ApostropheCMS: sanitize-html allowedTags Bypass via En… |
apostrophecms |
apostrophe |
2026-04-15T20:15:12.333Z | 2026-04-16T14:15:41.275Z | |
| cve-2026-39857 | Information Disclosure via `choices`/`counts` Query Pa… |
apostrophecms |
apostrophe |
2026-04-15T19:38:57.564Z | 2026-04-16T13:40:17.710Z | |
| cve-2026-35569 | ApostropheCMS: Stored XSS in SEO Fields Leads to Authe… |
apostrophecms |
apostrophe |
2026-04-15T19:34:23.648Z | 2026-04-16T14:14:58.325Z | |
| cve-2026-33889 | ApostropheCMS: Stored XSS via CSS Custom Property Inje… |
apostrophecms |
apostrophe |
2026-04-15T19:29:50.899Z | 2026-04-16T12:05:17.734Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2019-000051 | EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting | 2019-08-07T13:58+09:00 | 2019-08-07T13:58+09:00 |
| jvndb-2019-000050 | Central Dogma vulnerable to cross-site scripting | 2019-07-31T15:29+09:00 | 2019-10-04T16:37+09:00 |
| jvndb-2019-000049 | WordPress Plugin "Category Specific RSS feed Subscription" vulnerable to cross-site request forgery | 2019-07-18T13:56+09:00 | 2019-10-08T16:28+09:00 |
| jvndb-2019-000048 | WordPress Plugin "WordPress Ultra Simple Paypal Shopping Cart" vulnerable to cross-site request forgery | 2019-07-16T16:16+09:00 | 2019-10-08T16:38+09:00 |
| jvndb-2019-000047 | Multiple vulnerabilities in Cybozu Garoon | 2019-07-16T16:08+09:00 | 2019-10-08T17:19+09:00 |
| jvndb-2019-000046 | Intel Dual Band Wireless-AC 8260 vulnerable to denial-of-service (DoS) | 2019-07-10T14:07+09:00 | 2019-07-10T14:07+09:00 |
| jvndb-2019-000045 | Multiple vulnerabilities in Access analysis CGI An-Analyzer | 2019-07-05T15:28+09:00 | 2019-07-05T15:28+09:00 |
| jvndb-2019-000044 | The management console of iDoors Reader vulnerable to authentication bypass | 2019-07-01T14:31+09:00 | 2019-10-04T15:45+09:00 |
| jvndb-2018-000122 | Multiple vulnerabilities in Panasonic BN-SDWBP3 | 2019-06-28T18:28+09:00 | 2019-08-27T17:46+09:00 |
| jvndb-2019-000043 | Multiple vulnerabilities in Hikari Denwa router/Home GateWay | 2019-06-27T15:36+09:00 | 2019-10-08T17:22+09:00 |
| jvndb-2019-000042 | WordPress Plugin "Custom CSS Pro" vulnerable to cross-site request forgery | 2019-06-24T14:27+09:00 | 2019-10-01T10:22+09:00 |
| jvndb-2019-000041 | WordPress Plugin "HTML5 Maps" vulnerable to cross-site request forgery | 2019-06-24T14:22+09:00 | 2019-10-01T10:24+09:00 |
| jvndb-2019-000040 | Multiple vulnerabilities in VAIO Update | 2019-06-21T14:22+09:00 | 2019-10-01T11:12+09:00 |
| jvndb-2019-000038 | WordPress Plugin "Personalized WooCommerce Cart Page" vulnerable to cross-site request forgery | 2019-06-19T14:13+09:00 | 2019-10-04T16:13+09:00 |
| jvndb-2019-000039 | WordPress Plugin "Related YouTube Videos" vulnerable to cross-site request forgery | 2019-06-17T14:55+09:00 | 2019-10-04T16:02+09:00 |
| jvndb-2019-000037 | A map plugin for Mincraft server "Dynmap" fails to restrict access permissions | 2019-06-13T13:57+09:00 | 2019-10-01T10:18+09:00 |
| jvndb-2019-000036 | WordPress Plugin "Contest Gallery" vulnerable to cross-site request forgery | 2019-06-12T14:21+09:00 | 2019-10-04T16:19+09:00 |
| jvndb-2019-000035 | Multiple vulnerabilities in WordPress Plugin "Online Lesson Booking" | 2019-06-10T15:33+09:00 | 2019-10-02T17:50+09:00 |
| jvndb-2019-000034 | Multiple vulnerabilities in WordPress Plugin "Attendance Manager" | 2019-06-10T15:31+09:00 | 2019-10-01T10:56+09:00 |
| jvndb-2019-000033 | Multiple vulnerabilities in GROWI | 2019-06-07T15:18+09:00 | 2019-10-01T10:46+09:00 |
| jvndb-2019-000032 | Joruri CMS 2017 vulnerable to cross-site scripting | 2019-06-07T15:09+09:00 | 2019-10-02T17:53+09:00 |
| jvndb-2019-000031 | Multiple vulnerabilities in Joruri Mail | 2019-06-07T15:03+09:00 | 2019-10-01T10:50+09:00 |
| jvndb-2019-004441 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2019-06-03T13:55+09:00 | 2019-06-03T13:55+09:00 |
| jvndb-2019-000030 | Multiple vulnerabilities in WordPress Plugin "Zoho SalesIQ" | 2019-05-31T13:51+09:00 | 2019-10-01T10:54+09:00 |
| jvndb-2019-000029 | Android App "Tootdon for Mastodon" fails to verify SSL server certificates | 2019-05-24T15:13+09:00 | 2019-10-04T15:50+09:00 |
| jvndb-2019-000028 | WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery | 2019-05-23T14:10+09:00 | 2019-10-01T11:11+09:00 |
| jvndb-2019-000027 | Apache Camel vulnerable to XML external entity injection (XXE) | 2019-05-22T14:37+09:00 | 2019-09-30T18:14+09:00 |
| jvndb-2019-003539 | DoS Vulnerability in Hitachi IT Operations Director, JP1/IT Desktop Management - Manager and JP1/IT Desktop Management 2 - Manager | 2019-05-20T15:38+09:00 | 2019-05-20T15:38+09:00 |
| jvndb-2019-003194 | Multiple Vulnerabilities in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor | 2019-05-13T15:25+09:00 | 2019-05-13T15:25+09:00 |
| jvndb-2019-000026 | Electronic reception and examination of application for radio licenses Offline may insecurely load Dynamic Link Libraries | 2019-05-10T14:55+09:00 | 2019-10-01T10:08+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0452 | Multiples vulnérabilités dans les produits IBM | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0451 | Vulnérabilité dans Microsoft Edge | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0450 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0449 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0448 | Multiples vulnérabilités dans Tenable Nessus Network Monitor | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0447 | Multiples vulnérabilités dans Grafana | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0446 | Multiples vulnérabilités dans Asterisk | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0445 | Multiples vulnérabilités dans Mozilla Thunderbird | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0444 | Vulnérabilité dans OpenSSL | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0443 | Vulnérabilité dans VMware Avi Load Balancer | 2025-05-23T00:00:00.000000 | 2025-05-23T00:00:00.000000 |
| certfr-2025-avi-0442 | Vulnérabilité dans Mozilla Firefox pour iOS | 2025-05-22T00:00:00.000000 | 2025-05-22T00:00:00.000000 |
| certfr-2025-avi-0441 | Vulnérabilité dans Mattermost Server | 2025-05-22T00:00:00.000000 | 2025-08-19T00:00:00.000000 |
| certfr-2025-avi-0440 | Vulnérabilité dans Grafana | 2025-05-22T00:00:00.000000 | 2025-05-22T00:00:00.000000 |
| certfr-2025-avi-0439 | Multiples vulnérabilités dans Google Chrome | 2025-05-22T00:00:00.000000 | 2025-05-22T00:00:00.000000 |
| certfr-2025-avi-0438 | Multiples vulnérabilités dans les produits Cisco | 2025-05-22T00:00:00.000000 | 2025-05-22T00:00:00.000000 |
| certfr-2025-avi-0437 | Multiples vulnérabilités dans GitLab | 2025-05-22T00:00:00.000000 | 2025-05-22T00:00:00.000000 |
| certfr-2025-avi-0436 | Vulnérabilité dans ISC BIND | 2025-05-22T00:00:00.000000 | 2025-05-22T00:00:00.000000 |
| certfr-2025-avi-0435 | Multiples vulnérabilités dans les produits Atlassian | 2025-05-21T00:00:00.000000 | 2025-05-21T00:00:00.000000 |
| certfr-2025-avi-0434 | Multiples vulnérabilités dans Node.js | 2025-05-21T00:00:00.000000 | 2025-05-21T00:00:00.000000 |
| certfr-2025-avi-0433 | Multiples vulnérabilités dans Adobe ColdFusion | 2025-05-21T00:00:00.000000 | 2025-05-21T00:00:00.000000 |
| certfr-2025-avi-0432 | Vulnérabilité dans Schneider Electric EcoStruxure Power Build Rapsody | 2025-05-21T00:00:00.000000 | 2025-05-21T00:00:00.000000 |
| certfr-2025-avi-0431 | Vulnérabilité dans Mitel OpenScapeXpressions | 2025-05-21T00:00:00.000000 | 2025-05-21T00:00:00.000000 |
| certfr-2025-avi-0430 | Multiples vulnérabilités dans les produits VMware | 2025-05-21T00:00:00.000000 | 2025-05-21T00:00:00.000000 |
| certfr-2025-avi-0429 | Multiples vulnérabilités dans Typo3 | 2025-05-20T00:00:00.000000 | 2025-05-20T00:00:00.000000 |
| certfr-2025-avi-0428 | Multiples vulnérabilités dans VMware Cloud Foundation | 2025-05-20T00:00:00.000000 | 2025-05-20T00:00:00.000000 |
| certfr-2025-avi-0427 | Vulnérabilité dans Spring Security | 2025-05-20T00:00:00.000000 | 2025-05-20T00:00:00.000000 |
| certfr-2025-avi-0426 | Vulnérabilité dans Juniper Networks Junos OS | 2025-05-19T00:00:00.000000 | 2025-05-19T00:00:00.000000 |
| certfr-2025-avi-0425 | Vulnérabilité dans les produits Synology | 2025-05-19T00:00:00.000000 | 2025-05-19T00:00:00.000000 |
| certfr-2025-avi-0424 | Multiples vulnérabilités dans les produits Mozilla | 2025-05-19T00:00:00.000000 | 2025-05-19T00:00:00.000000 |
| certfr-2025-avi-0423 | Multiples vulnérabilités dans les produits Netgate | 2025-05-19T00:00:00.000000 | 2025-05-19T00:00:00.000000 |