Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-4682 | 8.7 (v4.0) | Certain HP DeskJet All In One (AIO) Devices – Potentia… |
HP Inc |
HP DeskJet 2800e All-in-One Printer series |
2026-04-15T14:32:31.348Z | 2026-04-15T18:45:14.071Z |
| cve-2026-4667 | 7.3 (v4.0) | HP System Optimizer - Escalation of Privilege |
HP Inc. |
OMEN Gaming Hub |
2026-04-15T14:22:55.333Z | 2026-04-15T18:51:17.119Z |
| cve-2026-25219 | Apache Airflow: Sensitive Azure Service Bus connection… |
Apache Software Foundation |
Apache Airflow |
2026-04-15T12:30:17.584Z | 2026-04-15T20:02:22.052Z | |
| cve-2026-4145 | 8.5 (v4.0) 7.8 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
Software Fix |
2026-04-15T12:28:19.642Z | 2026-04-15T13:02:39.038Z |
| cve-2026-4135 | 5.2 (v4.0) 6.6 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
Software Fix |
2026-04-15T12:28:12.205Z | 2026-04-15T13:05:12.030Z |
| cve-2026-4134 | 7 (v4.0) 7.3 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
Software Fix |
2026-04-15T12:28:05.838Z | 2026-04-15T13:08:19.333Z |
| cve-2026-1636 | 5.4 (v4.0) 6.7 (v3.1) | A potential DLL hijacking vulnerability was repor… |
Lenovo |
Service Bridge |
2026-04-15T12:27:54.562Z | 2026-04-16T03:55:27.379Z |
| cve-2026-0827 | 6.9 (v4.0) 7.1 (v3.1) | During an internal security assessment, a potenti… |
Lenovo |
Diagnostics |
2026-04-15T12:27:45.354Z | 2026-04-15T13:48:06.089Z |
| cve-2026-1852 | Product Pricing Table by WooBeWoo <= 1.1.0 - Cross-Sit… |
woobeewoo |
Product Pricing Table by WooBeWoo |
2026-04-15T11:30:25.272Z | 2026-04-15T13:05:00.238Z | |
| cve-2026-3590 | 6.5 (v3.1) | Race Condition in Guest Magic Link Authentication Allo… |
Mattermost |
Mattermost |
2026-04-15T11:00:14.880Z | 2026-04-15T14:00:27.030Z |
| cve-2026-30778 | Apache SkyWalking: The SkyWalking OAP /debugging/confi… |
Apache Software Foundation |
Apache SkyWalking |
2026-04-15T10:54:25.212Z | 2026-04-16T12:05:25.254Z | |
| cve-2026-40786 | N/A | WordPress MyRewards plugin <= 5.7.3 - Broken Access Co… |
Long Watch Studio |
MyRewards |
2026-04-15T10:21:36.068Z | 2026-04-16T14:20:54.766Z |
| cve-2026-40784 | N/A | WordPress FluentBoards plugin <= 1.91.2 - Insecure Dir… |
Mahmudul Hasan Arif |
FluentBoards |
2026-04-15T10:21:35.828Z | 2026-04-15T15:43:56.980Z |
| cve-2026-40778 | N/A | WordPress Majestic Support plugin <= 1.1.2 - Broken Ac… |
Majestic Support |
Majestic Support |
2026-04-15T10:21:35.665Z | 2026-04-16T14:35:34.783Z |
| cve-2026-40764 | N/A | WordPress Contact Form by WPForms plugin <= 1.10.0.2 -… |
Syed Balkhi |
Contact Form by WPForms |
2026-04-15T10:21:35.430Z | 2026-04-15T15:19:00.260Z |
| cve-2026-40763 | N/A | WordPress Royal Elementor Addons plugin <= 1.7.1056 - … |
WP Royal |
Royal Elementor Addons |
2026-04-15T10:21:35.155Z | 2026-04-16T14:41:45.860Z |
| cve-2026-40745 | N/A | WordPress Element Pack Elementor Addons plugin <= 8.4.… |
bdthemes |
Element Pack Elementor Addons |
2026-04-15T10:21:34.904Z | 2026-04-15T15:24:28.512Z |
| cve-2026-40744 | N/A | WordPress Beaver Builder plugin <= 2.10.1.2 - SQL Inje… |
Beaver Builder |
Beaver Builder |
2026-04-15T10:21:34.729Z | 2026-04-16T14:47:03.967Z |
| cve-2026-40742 | N/A | WordPress Nelio AB Testing plugin <= 8.2.8 - Sensitive… |
Nelio Software |
Nelio AB Testing |
2026-04-15T10:21:34.560Z | 2026-04-15T15:26:01.906Z |
| cve-2026-40740 | N/A | WordPress Tutor LMS plugin <= 3.9.7 - Broken Access Co… |
Themeum |
Tutor LMS |
2026-04-15T10:21:34.311Z | 2026-04-16T14:52:07.805Z |
| cve-2026-40737 | N/A | WordPress COMPE plugin <= 1.1.4 - Insecure Direct Obje… |
VillaTheme |
COMPE |
2026-04-15T10:21:34.150Z | 2026-04-15T15:48:21.784Z |
| cve-2026-40734 | N/A | WordPress Categories Images plugin <= 3.3.1 - Cross Si… |
Zahlan |
Categories Images |
2026-04-15T10:21:33.995Z | 2026-04-16T15:06:08.721Z |
| cve-2026-40730 | N/A | WordPress ThemeGrill Demo Importer plugin <= 2.0.0.6 -… |
ThemeGrill |
ThemeGrill Demo Importer |
2026-04-15T10:21:33.831Z | 2026-04-21T20:27:31.615Z |
| cve-2026-40729 | N/A | WordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 … |
bPlugins |
3D viewer – Embed 3D Models |
2026-04-15T10:21:33.661Z | 2026-04-16T15:09:41.105Z |
| cve-2026-40728 | N/A | WordPress Magazine Blocks plugin <= 1.8.3 - Broken Acc… |
BlockArt |
Magazine Blocks |
2026-04-15T10:21:33.433Z | 2026-04-15T15:36:33.255Z |
| cve-2026-28741 | 6.8 (v3.1) | CSRF Protection Bypass Allows Updating a User's Authen… |
Mattermost |
Mattermost |
2026-04-15T10:13:33.950Z | 2026-04-15T15:39:52.265Z |
| cve-2026-33805 | 9 (v4.0) | @fastify/reply-from vulnerable to connection header ab… |
@fastify/reply-from |
@fastify/reply-from |
2026-04-15T10:13:25.147Z | 2026-04-15T13:08:12.612Z |
| cve-2026-27769 | 2.7 (v3.1) | Connected Workspaces: Malicious remote server can mani… |
Mattermost |
Mattermost |
2026-04-15T10:11:07.676Z | 2026-04-15T13:08:35.452Z |
| cve-2026-33807 | 9.1 (v3.1) | @fastify/express vulnerable to middleware path doublin… |
fastify |
@fastify/express |
2026-04-15T09:52:26.838Z | 2026-04-15T13:09:45.259Z |
| cve-2024-33618 | Uncontrolled Resource Consumption in Bosch VMS Ce… |
Bosch |
BVMS |
2026-04-15T09:51:52.722Z | 2026-04-15T13:09:13.468Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2018-000082 | WL-330NUL vulnerable to cross-site request forgery | 2018-07-20T15:41+09:00 | 2019-07-25T14:38+09:00 |
| jvndb-2018-000074 | DLL planting vulnerability in multiple Yayoi 17 Series products | 2018-07-20T15:41+09:00 | 2019-07-25T15:04+09:00 |
| jvndb-2018-000081 | Multiple vulnerabilities in ORCA(Online Receipt Computer Advantage) | 2018-07-18T15:35+09:00 | 2019-07-25T16:59+09:00 |
| jvndb-2018-000080 | Movable Type plugin MTAppjQuery vulnerable to PHP code execution | 2018-07-18T15:35+09:00 | 2019-07-26T15:23+09:00 |
| jvndb-2018-000078 | WordPress plugin "FV Flowplayer Video Player" vulnerable to cross-site scripting | 2018-07-17T12:27+09:00 | 2019-07-25T17:12+09:00 |
| jvndb-2018-000079 | Explzh vulnerable to directory traversal | 2018-07-13T14:47+09:00 | 2019-07-25T16:26+09:00 |
| jvndb-2018-000077 | Multiple vulnerabilities in Aterm HC100RC | 2018-07-12T15:04+09:00 | 2019-08-27T13:52+09:00 |
| jvndb-2018-000076 | Multiple vulnerabilities in Aterm W300P | 2018-07-12T15:04+09:00 | 2019-08-27T16:56+09:00 |
| jvndb-2018-000075 | Multiple OS command injection vulnerabilities in Aterm WG1200HP | 2018-07-12T15:04+09:00 | 2019-08-27T13:44+09:00 |
| jvndb-2018-000072 | The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries | 2018-07-06T14:36+09:00 | 2019-07-05T17:38+09:00 |
| jvndb-2018-000071 | DHC Online Shop App for Android fails to verify SSL server certificates | 2018-07-06T14:36+09:00 | 2019-07-05T17:35+09:00 |
| jvndb-2018-000070 | Installer of Glary Utilities may insecurely load Dynamic Link Libraries | 2018-07-03T13:42+09:00 | 2019-07-05T17:52+09:00 |
| jvndb-2018-000069 | Cybozu Garoon vulnerable to SQL injection | 2018-07-02T15:22+09:00 | 2019-07-05T17:55+09:00 |
| jvndb-2018-000068 | Multiple vulnerabilities in Calsos CSDX and CSDJ series products | 2018-07-02T15:22+09:00 | 2019-07-24T14:31+09:00 |
| jvndb-2018-000067 | Mailman vulnerable to cross-site scripting | 2018-06-28T12:30+09:00 | 2019-07-24T15:21+09:00 |
| jvndb-2018-000066 | MemoCGI vulnerable to directory traversal | 2018-06-27T14:44+09:00 | 2019-07-05T17:58+09:00 |
| jvndb-2018-000065 | ANA App for iOS fails to verify SSL server certificates | 2018-06-15T14:40+09:00 | 2019-12-27T18:08+09:00 |
| jvndb-2018-000064 | Chrome Extension "5000 trillion yen converter" vulnerable to cross-site scripting | 2018-06-15T14:36+09:00 | 2018-06-15T14:36+09:00 |
| jvndb-2018-000062 | Local File Inclusion vulnerability in Zenphoto | 2018-06-13T15:11+09:00 | 2018-06-13T15:11+09:00 |
| jvndb-2018-000063 | LINE for Windows may insecurely load Dynamic Link Libraries | 2018-06-12T14:44+09:00 | 2018-06-12T14:44+09:00 |
| jvndb-2018-000061 | H2O vulnerable to buffer overflow | 2018-06-04T14:10+09:00 | 2018-06-04T14:10+09:00 |
| jvndb-2018-000060 | Multiple vulnerabilities in Pixelpost | 2018-05-31T14:07+09:00 | 2018-05-31T14:07+09:00 |
| jvndb-2018-000057 | The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely invoke an executable file | 2018-05-29T13:47+09:00 | 2019-12-27T18:09+09:00 |
| jvndb-2018-000059 | WordPress plugin "Site Reviews" vulnerable to cross-site scripting | 2018-05-28T14:11+09:00 | 2019-07-02T14:25+09:00 |
| jvndb-2018-000058 | WordPress plugin "Email Subscribers & Newsletters" vulnerable to cross-site scripting | 2018-05-28T14:11+09:00 | 2019-07-02T14:50+09:00 |
| jvndb-2018-003553 | Information Disclosure Vulnerability in Hitachi Automation Director | 2018-05-28T12:13+09:00 | 2018-07-31T12:16+09:00 |
| jvndb-2018-000046 | The installer of PlayMemories Home for Windows may insecurely load Dynamic Link Libraries | 2018-05-24T15:25+09:00 | 2019-07-02T14:31+09:00 |
| jvndb-2018-000056 | Susie plug-in "axpdfium" may insecurely load Dynamic Link Libraries | 2018-05-24T15:15+09:00 | 2019-07-02T14:53+09:00 |
| jvndb-2018-000054 | Multiple cross-site scripting vulnerabilities in Cybozu Mailwise | 2018-05-22T15:26+09:00 | 2018-08-30T17:47+09:00 |
| jvndb-2018-000055 | Multiple vulnerabilities in baserCMS | 2018-05-22T14:53+09:00 | 2019-12-27T18:10+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0339 | Vulnérabilité dans PostgreSQL PgBouncer | 2025-04-22T00:00:00.000000 | 2025-04-22T00:00:00.000000 |
| certfr-2025-avi-0338 | Vulnérabilité dans Tenable Security Center | 2025-04-22T00:00:00.000000 | 2025-04-22T00:00:00.000000 |
| certfr-2025-avi-0337 | Multiples vulnérabilités dans les produits IBM | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0336 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0335 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0334 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0333 | Multiples vulnérabilités dans le noyau Linux de Debian | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0332 | Vulnérabilité dans Liferay | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0331 | Multiples vulnérabilités dans Microsoft Edge | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0330 | Vulnérabilité dans les produits Moxa | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0329 | Multiples vulnérabilités dans Tenable Nessus | 2025-04-18T00:00:00.000000 | 2025-04-18T00:00:00.000000 |
| certfr-2025-avi-0328 | Multiples vulnérabilités dans Tenable Security Center | 2025-04-17T00:00:00.000000 | 2025-04-17T00:00:00.000000 |
| certfr-2025-avi-0327 | Vulnérabilité dans SonicWall Connect Tunnel | 2025-04-17T00:00:00.000000 | 2025-04-17T00:00:00.000000 |
| certfr-2025-avi-0326 | Vulnérabilité dans Cisco Webex App | 2025-04-17T00:00:00.000000 | 2025-04-17T00:00:00.000000 |
| certfr-2025-avi-0325 | Multiples vulnérabilités dans les produits Apple | 2025-04-17T00:00:00.000000 | 2025-04-17T00:00:00.000000 |
| certfr-2025-avi-0324 | Vulnérabilité dans Oracle Weblogic | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0323 | Multiples vulnérabilités dans Oracle Virtualization | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0322 | Multiples vulnérabilités dans Oracle Systems | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0321 | Multiples vulnérabilités dans Oracle PeopleSoft | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0320 | Multiples vulnérabilités dans Oracle MySQL | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0319 | Multiples vulnérabilités dans Oracle Java SE | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0318 | Multiples vulnérabilités dans Oracle Database Server | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0317 | Multiples vulnérabilités dans les produits Mozilla | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0316 | Multiples vulnérabilités dans les produits Atlassian | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0315 | Multiples vulnérabilités dans Google Chrome | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0314 | Vulnérabilité dans les produits Microsoft | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0313 | Vulnérabilité dans SolarWinds Serv-U | 2025-04-15T00:00:00.000000 | 2025-04-15T00:00:00.000000 |
| certfr-2025-avi-0312 | Multiples vulnérabilités dans les produits Mattermost | 2025-04-15T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0311 | Vulnérabilité dans Microsoft Visual Studio Code | 2025-04-14T00:00:00.000000 | 2025-04-14T00:00:00.000000 |
| certfr-2025-avi-0310 | Vulnérabilité dans Microsoft Edge | 2025-04-14T00:00:00.000000 | 2025-04-14T00:00:00.000000 |