Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-39420 | MaxKB: Sandbox escape via LD_PRELOAD bypass |
1Panel-dev |
MaxKB |
2026-04-14T00:13:01.189Z | 2026-04-16T13:26:40.212Z | |
| cve-2026-34264 | 6.5 (v3.1) | Information Disclosure vulnerability in SAP Human Capi… |
SAP_SE |
SAP Human Capital Management for SAP S/4HANA |
2026-04-14T00:09:12.272Z | 2026-04-14T13:14:17.154Z |
| cve-2026-34262 | 5 (v3.1) | Information Disclosure Vulnerability in SAP HANA Cockp… |
SAP_SE |
SAP HANA Cockpit and HANA Database Explorer |
2026-04-14T00:09:03.364Z | 2026-04-29T19:32:17.156Z |
| cve-2026-34261 | 6.5 (v3.1) | Missing Authorization check in SAP Business Analytics … |
SAP_SE |
SAP Business Analytics and SAP Content Management |
2026-04-14T00:08:51.232Z | 2026-04-14T13:14:17.473Z |
| cve-2026-39418 | MaxKB: SSRF via sandbox network hook bypass |
1Panel-dev |
MaxKB |
2026-04-14T00:08:50.182Z | 2026-04-14T15:54:30.206Z | |
| cve-2026-34257 | 6.1 (v3.1) | Open Redirect vulnerability in SAP NetWeaver Applicati… |
SAP_SE |
SAP NetWeaver Application Server ABAP |
2026-04-14T00:08:39.814Z | 2026-04-14T13:14:17.620Z |
| cve-2026-34256 | 7.1 (v3.1) | Missing Authorization check in SAP ERP and SAP S/4 HAN… |
SAP_SE |
SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise) |
2026-04-14T00:08:26.993Z | 2026-04-14T13:14:17.750Z |
| cve-2026-27683 | 4.1 (v3.1) | Reflected cross site scripting vulnerability in SAP Bu… |
SAP_SE |
SAP BusinessObjects Business Intelligence Platform |
2026-04-14T00:08:15.599Z | 2026-04-14T13:14:17.886Z |
| cve-2026-27681 | 9.9 (v3.1) | SQL Injection vulnerability in SAP Business Planning a… |
SAP_SE |
SAP Business Planning and Consolidation and SAP Business Warehouse |
2026-04-14T00:08:05.791Z | 2026-04-14T13:14:18.028Z |
| cve-2026-27679 | 6.5 (v3.1) | Missing Authorization check in SAP S/4HANA Frontend OD… |
SAP_SE |
SAP S/4HANA Frontend OData Service (Manage Reference Structures) |
2026-04-14T00:07:44.698Z | 2026-04-14T13:14:18.168Z |
| cve-2026-27678 | 6.5 (v3.1) | Missing Authorization check in SAP S/4HANA Backend ODa… |
SAP_SE |
SAP S/4HANA Backend OData Service (Manage Reference Structures) |
2026-04-14T00:07:33.397Z | 2026-04-14T13:14:18.299Z |
| cve-2026-27677 | 6.5 (v3.1) | Missing Authorization check in SAP S/4HANA OData Servi… |
SAP_SE |
SAP S/4HANA OData Service (Manage Reference Equipment) |
2026-04-14T00:07:22.753Z | 2026-04-14T13:14:18.498Z |
| cve-2026-27676 | 4.3 (v3.1) | Missing Authorization check in SAP S/4HANA OData Servi… |
SAP_SE |
SAP S/4HANA OData Service (Manage Technical Object Structures) |
2026-04-14T00:07:12.657Z | 2026-04-14T13:14:18.632Z |
| cve-2026-27675 | 2 (v3.1) | Code Injection vulnerability in SAP Landscape Transformation |
SAP_SE |
SAP Landscape Transformation |
2026-04-14T00:07:01.278Z | 2026-04-14T13:14:18.764Z |
| cve-2026-27674 | 6.1 (v3.1) | Code Injection vulnerability in SAP NetWeaver Applicat… |
SAP_SE |
SAP NetWeaver Application Server Java (Web Dynpro Java) |
2026-04-14T00:06:50.301Z | 2026-04-15T03:58:11.103Z |
| cve-2026-27673 | 4.9 (v3.1) | Missing Authorization Check in SAP S/4HANA (Private Cl… |
SAP_SE |
SAP S/4HANA (Private Cloud and On-Premise) |
2026-04-14T00:06:38.160Z | 2026-04-14T13:14:19.040Z |
| cve-2026-27672 | 4.3 (v3.1) | Missing Authorization check in Material Master Application |
SAP_SE |
Material Master Application |
2026-04-14T00:06:27.780Z | 2026-04-14T13:14:19.176Z |
| cve-2026-24318 | 4.2 (v3.1) | Insecure Session Management vulnerability in SAP Busin… |
SAP_SE |
SAP BusinessObjects Business Intelligence Platform |
2026-04-14T00:06:18.337Z | 2026-04-14T13:14:19.302Z |
| cve-2026-0512 | 6.1 (v3.1) | Cross-Site Scripting (XSS) vulnerability in SAP Suppli… |
SAP_SE |
SAP Supplier Relationship Management (SICF Handler in SRM Catalog) |
2026-04-14T00:06:08.757Z | 2026-04-14T13:14:19.450Z |
| cve-2026-39417 | MaxKB: RCE via MCP stdio command injection in workflow… |
1Panel-dev |
MaxKB |
2026-04-14T00:03:16.020Z | 2026-04-14T13:34:07.454Z | |
| cve-2026-38533 | N/A | An improper authorization vulnerability in the /a… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-16T12:06:16.556Z |
| cve-2026-38532 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:27:56.674Z | |
| cve-2026-38530 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:28:56.838Z | |
| cve-2026-38529 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:31:13.560Z | |
| cve-2026-38528 | Krayin CRM v2.2.x was discovered to contain a SQL… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:34:54.115Z | |
| cve-2026-38527 | A Server-Side Request Forgery (SSRF) in the /sett… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:36:59.813Z | |
| cve-2026-38526 | An authenticated arbitrary file upload vulnerabil… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:50:54.198Z | |
| cve-2026-37602 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:24:23.662Z |
| cve-2026-37601 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:25:09.200Z |
| cve-2026-37600 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:25:24.236Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2010-avi-512 | Vulnérabilité dans Ruby on Rails | 2010-10-22T00:00:00.000000 | 2010-10-22T00:00:00.000000 |
| certa-2010-avi-511 | Vulnérabilité dans le noyau Linux | 2010-10-21T00:00:00.000000 | 2010-10-21T00:00:00.000000 |
| certa-2010-avi-510 | Vulnérabilités dans Apache | 2010-10-21T00:00:00.000000 | 2010-11-29T00:00:00.000000 |
| certa-2010-avi-509 | Multiples vulnérabilités dans Google Chrome | 2010-10-21T00:00:00.000000 | 2010-10-27T00:00:00.000000 |
| certa-2010-avi-508 | Multiples vulnérabilités dans les produits Mozilla | 2010-10-20T00:00:00.000000 | 2011-01-18T00:00:00.000000 |
| certa-2010-avi-507 | Multiples vulnérabilités dans RealPlayer | 2010-10-19T00:00:00.000000 | 2010-10-19T00:00:00.000000 |
| certa-2010-avi-506 | Vulnérabilité de BlackBerry Enterprise Server | 2010-10-19T00:00:00.000000 | 2010-10-19T00:00:00.000000 |
| certa-2010-avi-505 | Multiples vulnérabilités dans Sympa | 2010-10-19T00:00:00.000000 | 2010-10-19T00:00:00.000000 |
| certa-2010-avi-504 | Vulnérabilité dans HP Systems Insight Manager | 2010-10-18T00:00:00.000000 | 2010-10-18T00:00:00.000000 |
| certa-2010-avi-503 | Vulnérabilités dans SAP Crystal Reports | 2010-10-18T00:00:00.000000 | 2010-10-18T00:00:00.000000 |
| certa-2010-avi-502 | Vulnérabilité dans SAP BusinessObjects | 2010-10-18T00:00:00.000000 | 2010-10-18T00:00:00.000000 |
| certa-2010-avi-501 | Multiples vulnérabilités dans Joomla! | 2010-10-18T00:00:00.000000 | 2010-10-18T00:00:00.000000 |
| certa-2010-avi-500 | Multiples vulnérabilités dans Oracle Java | 2010-10-14T00:00:00.000000 | 2010-10-14T00:00:00.000000 |
| certa-2010-avi-499 | Multiples vulnérabilités dans les produits Oracle | 2010-10-14T00:00:00.000000 | 2010-10-29T00:00:00.000000 |
| certa-2010-avi-498 | Multiples vulnérabilités dans Opera | 2010-10-13T00:00:00.000000 | 2010-10-27T00:00:00.000000 |
| certa-2010-avi-497 | Vulnérabilité dans Wireshark | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-496 | Vulnérabilité dans le partage de cluster de disques sous Windows Server | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-495 | Vulnérabilité dans Microsoft Windows Secure Channel | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-494 | Vulnérabilité dans Windows | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-493 | Vulnérabilité dans l'interpréteur Windows et WordPad | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-492 | Vulnérabilité dans Windows Media Player | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-491 | Vulnérabilité dans Windows Explorer Common Control Library | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-490 | Vulnérabilités dans Microsoft Office Excel | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-489 | Vulnérabilités dans Microsoft Office Word | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-488 | Vulnérabilités dans le pilote de format OpenType Font | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-487 | Vulnérabilité dans Microsoft .NET | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-486 | Vulnérabilité dans le moteur de polices Embedded OpenType de Windows | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-485 | Vulnérabilité dans le service de partage réseau de Media Player | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-484 | Vulnérabilité dans Microsoft Foundation Classes | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |
| certa-2010-avi-483 | Vulnérabilités dans les pilotes en mode noyau de Windows | 2010-10-13T00:00:00.000000 | 2010-10-13T00:00:00.000000 |