Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-6328 | 8.3 (v4.0) | XQUIC Improper STREAM Frame Validation in Initial/Hand… |
XQUIC Project |
XQUIC |
2026-04-15T03:18:10.428Z | 2026-04-15T16:13:31.813Z |
| cve-2026-40499 | 8.4 (v4.0) | radare2 < 6.1.4 Command Injection via PDB Parser print… |
radareorg |
radare2 |
2026-04-15T02:05:20.899Z | 2026-04-20T15:51:22.636Z |
| cve-2026-1509 | Avada (Fusion) Builder <= 3.15.1 - Authenticated (Subs… |
themefusion |
Avada (Fusion) Builder |
2026-04-15T01:25:18.275Z | 2026-04-15T16:13:37.307Z | |
| cve-2026-1541 | Avada (Fusion) Builder <= 3.15.1 - Authenticated (Subs… |
themefusion |
Avada (Fusion) Builder |
2026-04-15T01:25:17.892Z | 2026-04-15T15:56:52.964Z | |
| cve-2026-4812 | Advanced Custom Fields (ACF®) <= 6.7.0 - Unauthenticat… |
wpengine |
Advanced Custom Fields (ACF®) |
2026-04-15T01:25:17.540Z | 2026-04-15T16:01:25.621Z | |
| cve-2026-2834 | Age Verification & Identity Verification by Token of T… |
tokenoftrust |
Age Verification & Identity Verification by Token of Trust |
2026-04-15T01:25:16.957Z | 2026-04-15T13:22:48.260Z | |
| cve-2025-54550 | Apache Airflow: RCE by race condition in example_xcom dag |
Apache Software Foundation |
Apache Airflow |
2026-04-15T00:22:03.305Z | 2026-04-19T23:46:54.404Z | |
| cve-2026-33806 | 7.5 (v3.1) | fastify vulnerable to Body Schema Validation Bypass vi… |
fastify |
fastify |
2026-04-15T00:14:02.376Z | 2026-04-15T16:13:42.961Z |
| cve-2026-40105 | XWiki has Reflected Cross-Site Scripting (XSS) in its … |
xwiki |
xwiki-platform |
2026-04-15T00:07:23.150Z | 2026-04-15T16:13:48.450Z | |
| cve-2026-40104 | XWiki's REST APIs can list all pages/spaces, leading t… |
xwiki |
org.xwiki.platform:xwiki-platform-oldcore |
2026-04-15T00:01:58.583Z | 2026-04-16T14:08:58.592Z | |
| cve-2026-30996 | N/A | An issue in the file handling logic of the compon… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:05:30.972Z |
| cve-2026-30995 | N/A | Slah CMS v1.5.0 and below was discovered to conta… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:23:41.420Z |
| cve-2026-30994 | N/A | Incorrect access control in the config.php compon… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:06:38.418Z |
| cve-2026-30993 | N/A | Slah CMS v1.5.0 and below was discovered to conta… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-16T14:06:34.679Z |
| cve-2026-30625 | N/A | Upsonic 0.71.6 contains a remote code execution v… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-16T13:55:52.158Z |
| cve-2026-30624 | N/A | Agent Zero 0.9.8 contains a remote code execution… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:02:40.808Z |
| cve-2026-30617 | N/A | LangChain-ChatChat 0.3.1 contains a remote code e… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:00:20.495Z |
| cve-2026-30616 | N/A | Jaaz 1.0.30 contains a remote code execution vuln… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:56:48.614Z |
| cve-2026-30615 | N/A | A prompt injection vulnerability in Windsurf 1.95… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:54:48.560Z |
| cve-2026-30461 | N/A | Daylight Studio FuelCMS v1.5.2 was discovered to … |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-16T14:02:08.595Z |
| cve-2026-30364 | N/A | CentSDR commit e40795 was discovered to contain a… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:49:52.557Z |
| cve-2025-67841 | N/A | Nordic Semiconductor IronSide SE for nRF54H20 bef… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-16T14:04:21.040Z |
| cve-2024-53412 | N/A | Command injection in the connect function in Niet… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:27:22.513Z |
| cve-2026-40096 | immich: Open Redirect via Shared Album name |
immich-app |
immich |
2026-04-14T23:54:17.662Z | 2026-04-15T16:19:07.744Z | |
| cve-2026-40091 | SpiceDB: SPICEDB_DATASTORE_CONN_URI is leaked on start… |
authzed |
spicedb |
2026-04-14T23:50:25.479Z | 2026-04-15T13:23:15.155Z | |
| cve-2026-40090 | Zarf has a Path Traversal via Malicious Package Metada… |
zarf-dev |
zarf |
2026-04-14T23:46:18.804Z | 2026-04-15T16:13:54.180Z | |
| cve-2026-39984 | Sigstore Timestamp Authority has Improper Certificate … |
sigstore |
timestamp-authority |
2026-04-14T23:41:47.909Z | 2026-04-16T14:00:55.081Z | |
| cve-2026-39971 | Serendipity: Host Header Injection leads to SMTP heade… |
s9y |
Serendipity |
2026-04-14T23:35:49.305Z | 2026-04-15T16:22:04.004Z | |
| cve-2026-39963 | Serendipity: Host Header Injection enables authenticat… |
s9y |
Serendipity |
2026-04-14T23:31:13.843Z | 2026-04-15T13:23:48.591Z | |
| cve-2026-1314 | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipb… |
iberezansky |
3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery |
2026-04-14T23:26:07.668Z | 2026-04-15T16:22:29.670Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2018-000908 | WebProxy vulnerable to directory traversal | 2018-03-13T16:48+09:00 | 2018-06-14T13:51+09:00 |
| jvndb-2018-000906 | TinyFTP Daemon vulnerable to buffer overflow | 2018-03-13T16:48+09:00 | 2018-06-14T14:12+09:00 |
| jvndb-2018-000905 | ViX may insecurely load Dynamic Link Libraries | 2018-03-13T16:48+09:00 | 2018-06-14T13:52+09:00 |
| jvndb-2018-000904 | PHP 2chBBS vulnerable to cross-site scripting | 2018-03-13T16:47+09:00 | 2018-06-14T13:55+09:00 |
| jvndb-2018-000900 | ArsenoL vulnerable to cross-site scripting | 2018-03-13T16:46+09:00 | 2018-06-14T13:58+09:00 |
| jvndb-2018-000907 | QQQ SYSTEMS vulnerable to arbitrary command injection | 2018-03-13T16:43+09:00 | 2018-06-14T13:53+09:00 |
| jvndb-2018-000903 | QQQ SYSTEMS vulnerable to cross-site scripting | 2018-03-13T16:43+09:00 | 2018-06-14T14:03+09:00 |
| jvndb-2018-000902 | QQQ SYSTEMS vulnerable to cross-site scripting | 2018-03-13T16:43+09:00 | 2018-06-14T13:39+09:00 |
| jvndb-2018-000901 | QQQ SYSTEMS vulnerable to cross-site scripting | 2018-03-13T16:43+09:00 | 2018-06-14T12:31+09:00 |
| jvndb-2018-000024 | Multiple vulnerabilities in CG-WGR1200 | 2018-03-09T13:56+09:00 | 2018-06-14T13:54+09:00 |
| jvndb-2018-000023 | WordPress plugin "WP All Import" vulnerable to cross-site scripting | 2018-03-08T14:10+09:00 | 2018-06-14T12:27+09:00 |
| jvndb-2018-000022 | WordPress plugin "WP All Import" vulnerable to cross-site scripting | 2018-03-08T14:10+09:00 | 2018-06-14T12:26+09:00 |
| jvndb-2018-000021 | Installer of WinShot may insecurely load Dynamic Link Libraries | 2018-03-05T15:10+09:00 | 2018-06-14T13:43+09:00 |
| jvndb-2018-000020 | Installer of JTrim may insecurely load Dynamic Link Libraries | 2018-03-05T14:07+09:00 | 2018-06-14T13:46+09:00 |
| jvndb-2018-000019 | Multiple vulnerabilities in Jubatus | 2018-03-02T13:45+09:00 | 2018-06-14T13:57+09:00 |
| jvndb-2018-000017 | Multiple vulnerabilities in WXR-1900DHP2 | 2018-02-26T14:10+09:00 | 2018-06-14T13:49+09:00 |
| jvndb-2018-000016 | LINE for iOS fails to verify SSL server certificates | 2018-02-22T15:29+09:00 | 2018-06-14T12:23+09:00 |
| jvndb-2018-000015 | Multiple vulnerabilities in FS010W | 2018-02-22T15:29+09:00 | 2018-04-11T12:31+09:00 |
| jvndb-2018-000013 | Insecure DLL Loading issue in multiple Trend Micro products | 2018-02-15T16:39+09:00 | 2018-04-11T12:23+09:00 |
| jvndb-2018-001389 | XXE Vulnerability in Hitachi Device Manager | 2018-02-14T14:59+09:00 | 2018-03-01T15:20+09:00 |
| jvndb-2018-001388 | Multiple Vulnerabilities in Hitachi Command Suite | 2018-02-14T14:58+09:00 | 2018-03-01T15:20+09:00 |
| jvndb-2018-000014 | Application and self-extracting archive containing the application of "FLET'S v4 / v6 address selection tool" may insecurely load Dynamic Link Libraries | 2018-02-13T15:43+09:00 | 2018-04-11T12:28+09:00 |
| jvndb-2018-000012 | Installer of "FLET'S Azukeru Backup Tool" may insecurely load Dynamic Link Libraries | 2018-02-13T15:37+09:00 | 2018-04-11T12:25+09:00 |
| jvndb-2018-000011 | MP Form Mail CGI eCommerce Edition vulnerable to OS command injection | 2018-02-08T12:21+09:00 | 2018-04-11T11:57+09:00 |
| jvndb-2018-000009 | The installer of Anshin net security for Windows may insecurely load Dynamic Link Libraries | 2018-02-06T15:05+09:00 | 2018-04-11T12:13+09:00 |
| jvndb-2018-000007 | Multiple I-O DATA network devices incorporating "MagicalFinder" vulnerable to OS command injection | 2018-02-06T14:22+09:00 | 2018-04-11T11:51+09:00 |
| jvndb-2018-000010 | WordPress plugin "MTS Simple Booking C" vulnerable to cross-site scripting | 2018-02-02T13:39+09:00 | 2018-04-11T11:53+09:00 |
| jvndb-2018-000008 | Spring Security and Spring Framework vulnerable to authentication bypass | 2018-02-02T12:28+09:00 | 2018-06-14T13:48+09:00 |
| jvndb-2018-000006 | Multiple vulnerabilities in epg search result viewer(kkcald) | 2018-02-01T13:58+09:00 | 2018-04-11T11:49+09:00 |
| jvndb-2017-004607 | Deep Discovery Email Inspector vulnerable to arbitrary code execution | 2018-01-31T13:43+09:00 | 2018-01-31T13:43+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0279 | Multiples vulnérabilités dans les produits IBM | 2025-04-04T00:00:00.000000 | 2025-04-04T00:00:00.000000 |
| certfr-2025-avi-0278 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-04-04T00:00:00.000000 | 2025-04-04T00:00:00.000000 |
| certfr-2025-avi-0277 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-04-04T00:00:00.000000 | 2025-04-04T00:00:00.000000 |
| certfr-2025-avi-0276 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-04-04T00:00:00.000000 | 2025-04-04T00:00:00.000000 |
| certfr-2025-avi-0275 | Multiples vulnérabilités dans Microsoft Edge | 2025-04-04T00:00:00.000000 | 2025-04-04T00:00:00.000000 |
| certfr-2025-avi-0274 | Multiples vulnérabilités dans MISP | 2025-04-04T00:00:00.000000 | 2025-04-04T00:00:00.000000 |
| certfr-2025-avi-0273 | Vulnérabilité dans les produits Ivanti | 2025-04-03T00:00:00.000000 | 2025-04-03T00:00:00.000000 |
| certfr-2025-avi-0272 | Multiples vulnérabilités dans les produits Splunk | 2025-04-03T00:00:00.000000 | 2025-04-03T00:00:00.000000 |
| certfr-2025-avi-0271 | Vulnérabilité dans Tenable Nessus Agent | 2025-04-03T00:00:00.000000 | 2025-04-03T00:00:00.000000 |
| certfr-2025-avi-0270 | Multiples vulnérabilités dans les produits Cisco | 2025-04-03T00:00:00.000000 | 2025-04-03T00:00:00.000000 |
| certfr-2025-avi-0269 | Multiples vulnérabilités dans les produits Moxa | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0268 | Vulnérabilité dans les produits VMware | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0267 | Multiples vulnérabilités dans MongoDB Server | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0266 | Multiples vulnérabilités dans les produits Mozilla | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0265 | Multiples vulnérabilités dans Google Chrome | 2025-04-02T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0264 | Multiples vulnérabilités dans Trend Micro Deep Security Agent | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0263 | Multiples vulnérabilités dans HPE Aruba Networking Virtual Intranet Access | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0262 | Multiples vulnérabilités dans les produits Kaspersky | 2025-04-02T00:00:00.000000 | 2025-04-02T00:00:00.000000 |
| certfr-2025-avi-0261 | Multiples vulnérabilités dans Microsoft Azure | 2025-04-01T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2025-avi-0260 | Multiples vulnérabilités dans Zabbix | 2025-04-01T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2025-avi-0259 | Multiples vulnérabilités dans les produits Fortinet | 2025-04-01T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2025-avi-0258 | Multiples vulnérabilités dans les produits Apple | 2025-04-01T00:00:00.000000 | 2025-04-30T00:00:00.000000 |
| certfr-2025-avi-0257 | Vulnérabilité dans Synology Mail Server | 2025-03-31T00:00:00.000000 | 2025-03-31T00:00:00.000000 |
| certfr-2025-avi-0256 | Multiples vulnérabilités dans Broadcom VMware Tanzu Greenplum | 2025-03-31T00:00:00.000000 | 2025-03-31T00:00:00.000000 |
| certfr-2025-avi-0255 | Multiples vulnérabilités dans les produits IBM | 2025-03-28T00:00:00.000000 | 2025-03-28T00:00:00.000000 |
| certfr-2025-avi-0254 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-03-28T00:00:00.000000 | 2025-03-28T00:00:00.000000 |
| certfr-2025-avi-0253 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-03-28T00:00:00.000000 | 2025-03-28T00:00:00.000000 |
| certfr-2025-avi-0252 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-03-28T00:00:00.000000 | 2025-03-28T00:00:00.000000 |
| certfr-2025-avi-0251 | Vulnérabilité dans Mozilla Firefox | 2025-03-28T00:00:00.000000 | 2025-03-28T00:00:00.000000 |
| certfr-2025-avi-0250 | Multiples vulnérabilités dans StormShield Network Security | 2025-03-28T00:00:00.000000 | 2025-03-28T00:00:00.000000 |