Recent vulnerabilities

ID CVSS Description Vendor Product Published Updated
cve-2026-39420 MaxKB: Sandbox escape via LD_PRELOAD bypass 1Panel-dev
 MaxKB
 2026-04-14T00:13:01.189Z 2026-04-16T13:26:40.212Z
cve-2026-39424 MaxKB has CSV Injection in its Application Chat Export… 1Panel-dev
 MaxKB
 2026-04-14T00:56:56.625Z 2026-04-16T13:26:40.061Z
cve-2026-39426 MaxKB: Stored XSS via Unsanitized iframe_render Parsing 1Panel-dev
 MaxKB
 2026-04-14T01:25:10.592Z 2026-04-16T13:26:39.917Z
cve-2026-2396 List View Google Calendar <= 7.4.3 - Authenticated (Ad… kimipooh
 List View Google Calendar
 2026-04-14T23:26:07.293Z 2026-04-16T13:24:58.936Z
cve-2026-22617 5.7 (v3.1) Eaton Intelligent Power Protector (IPP) uses an i… Eaton
 IPP Software
 2026-04-16T05:02:07.710Z 2026-04-16T13:23:29.510Z
cve-2026-6362 N/A Use after free in Codecs in Google Chrome prior t… Google
 Chrome
 2026-04-15T19:04:57.143Z 2026-04-16T13:23:13.559Z
cve-2026-40947 2.9 (v3.1) Yubico libfido2 before 1.17.0, python-fido2 befor… Yubico
 libfido2
 2026-04-15T23:13:38.977Z 2026-04-16T13:18:13.069Z
cve-2026-6350 9.3 (v4.0) 9.8 (v3.1) Openfind|MailGates/MailAudit - Stack-based Buffer Overflow Openfind
 MailGates
 2026-04-16T02:30:17.942Z 2026-04-16T13:16:52.215Z
cve-2026-41015 7.4 (v3.1) radare2 before 9236f44, when configured on UNIX w… radare
 radare2
 2026-04-16T02:35:47.196Z 2026-04-16T13:15:26.207Z
cve-2026-22618 5.9 (v3.1) A security misconfiguration was identified in Eat… Eaton
 IPP software
 2026-04-16T05:11:06.548Z 2026-04-16T13:10:01.651Z
cve-2026-27305 8.6 (v3.1) ColdFusion | Improper Limitation of a Pathname to a Re… Adobe
 ColdFusion
 2026-04-14T21:53:57.015Z 2026-04-16T13:09:51.803Z
cve-2026-6351 8.7 (v4.0) 7.5 (v3.1) Openfind|MailGates/MailAudit - CRLF Injection Openfind
 MailGates
 2026-04-16T02:39:02.015Z 2026-04-16T13:02:24.951Z
cve-2026-4032 CodeColorer <= 0.10.1 - Unauthenticated Stored Cross-S… kpumuk
 CodeColorer
 2026-04-16T03:36:35.757Z 2026-04-16T13:01:34.884Z
cve-2026-40118 6.3 (v3.0) 5.1 (v4.0) UDP Console provided by Arcserve contains an inco… Arcserve
 UDP Console
 2026-04-16T04:19:27.326Z 2026-04-16T13:00:56.282Z
cve-2026-22615 6 (v3.1) Due to improper input validation in one of the Ea… Eaton
 IPP Software
 2026-04-16T04:45:58.055Z 2026-04-16T12:59:58.829Z
cve-2026-22619 7.8 (v3.1) Eaton Intelligent Power Protector (IPP) is affect… Eaton
 IPP software
 2026-04-16T05:26:48.952Z 2026-04-16T12:59:37.700Z
cve-2023-5872 4.3 (v3.1) Wago: Vulnerability in Smart Designer Web-Application Wago
 Smart Designer
 2026-04-16T04:55:36.146Z 2026-04-16T12:59:27.608Z
cve-2026-3599 Riaxe Product Customizer <= 2.1.2 - Unauthenticated SQ… imprintnext
 Riaxe Product Customizer
 2026-04-16T05:29:53.971Z 2026-04-16T12:58:22.965Z
cve-2026-3596 Riaxe Product Customizer <= 2.1.2 - Missing Authorizat… imprintnext
 Riaxe Product Customizer
 2026-04-16T05:29:52.265Z 2026-04-16T12:56:20.193Z
cve-2026-1620 Livemesh Addons by Elementor <= 9.0 - Authenticated (C… livemesh
 Livemesh Addons by Elementor
 2026-04-16T06:44:50.305Z 2026-04-16T12:55:49.055Z
cve-2026-1572 Livemesh Addons by Elementor <= 9.0 - Missing Authoriz… livemesh
 Livemesh Addons by Elementor
 2026-04-16T06:44:50.911Z 2026-04-16T12:55:37.314Z
cve-2026-0718 Post Grid Gutenberg Blocks for News, Magazines, Blog W… wpxpo
 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX
 2026-04-16T07:39:50.799Z 2026-04-16T12:55:16.326Z
cve-2025-14868 Career Section <= 1.6 - Cross-Site Request Forgery to … shahinurislam
 Career Section
 2026-04-16T07:39:49.576Z 2026-04-16T12:52:42.034Z
cve-2025-15621 5.7 (v4.0) Sparx Enterprise Architect Client does not verify the … Sparx Systems Pty Ltd.
 Sparx Enterprise Architect
 2026-04-16T12:40:08.962Z 2026-04-16T12:51:51.633Z
cve-2026-4127 Speedup Optimization <= 1.5.9 - Missing Authorization … charlycharm
 Speedup Optimization
 2026-03-21T03:26:41.459Z 2026-04-16T12:51:09.659Z
cve-2026-5968 N/A {'providerMetadata': {'orgId': 'b15e7b5b-3da4-40ae-a43c-f7aa60e62599', 'shortName': 'Wordfence', 'dateUpdated': '2026-04-16T12:36:56.881Z'}, 'rejectedReasons': [{'lang': 'en', 'value': '** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.'}]} N/A N/A 2026-04-16T12:36:56.881Z
cve-2026-40959 9.3 (v3.1) Luanti 5 before 5.15.2, when LuaJIT is used, allo… Luanti
 Luanti
 2026-04-16T00:51:19.520Z 2026-04-16T12:32:04.767Z
cve-2026-40960 8.1 (v3.1) Luanti 5 before 5.15.2 sometimes allows unintende… Luanti
 Luanti
 2026-04-16T00:54:45.935Z 2026-04-16T12:31:57.082Z
cve-2026-40962 4.9 (v3.1) FFmpeg before 8.1 has an integer overflow and res… FFmpeg
 FFmpeg
 2026-04-16T01:33:37.018Z 2026-04-16T12:31:48.767Z
cve-2026-6348 9.3 (v4.0) 8.8 (v3.1) Simopro Technology|WinMatrix - Missing Authentication Simopro Technology
 WinMatrix
 2026-04-16T01:53:07.148Z 2026-04-16T12:31:42.790Z
ID CVSS Description Vendor Product Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Package Published Updated
ID Description Type
ID Description Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Updated
ID Description Published Updated
jvndb-2016-000089 Trend Micro enterprise products HTTP header injection vulnerability 2016-06-02T16:18+09:00 2016-06-22T17:58+09:00
jvndb-2016-000074 Trend Micro enterprise products directory traversal vulnerability 2016-06-02T16:18+09:00 2016-06-22T17:56+09:00
jvndb-2016-000001 DX Library vulnerable to buffer overflow 2016-01-05T14:26+09:00 2016-06-08T18:06+09:00
jvndb-2016-000072 WebARENA formmail vulnerable to cross-site scripting 2016-05-27T13:54+09:00 2016-06-08T17:47+09:00
jvndb-2016-000071 WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting 2016-05-25T14:37+09:00 2016-06-08T17:23+09:00
jvndb-2016-000070 php-contact-form vulnerable to cross-site scripting 2016-05-24T12:27+09:00 2016-06-08T17:23+09:00
jvndb-2016-000069 MP Form Mail CGI Professional Edition vulnerable to directory traversal 2016-05-20T14:22+09:00 2016-06-08T17:23+09:00
jvndb-2016-000068 HumHub vulnerable to cross-site scripting 2016-05-24T12:24+09:00 2016-06-08T17:23+09:00
jvndb-2016-000066 Web Mailing List vulnerable to cross-site scripting 2016-05-19T13:37+09:00 2016-06-08T17:23+09:00
jvndb-2016-000026 Cybozu Office vulnerable to cross-site scripting 2016-02-15T16:21+09:00 2016-06-06T15:00+09:00
jvndb-2015-000152 Cybozu Garoon vulnerable to LDAP injection 2015-10-07T14:48+09:00 2016-06-02T19:15+09:00
jvndb-2016-000058 Apache Cordova fails to restrict access permissions 2016-05-11T14:16+09:00 2016-06-02T17:49+09:00
jvndb-2016-000063 FileMaker server issue where PHP source code may be viewable 2016-05-13T14:27+09:00 2016-06-02T09:43+09:00
jvndb-2016-000064 WordPress plugin "Ninja Forms" vulnerable to PHP object injection 2016-05-13T14:27+09:00 2016-06-01T17:00+09:00
jvndb-2016-000061 WN-GDN/R3 Series does not limit authentication attempts 2016-05-12T14:34+09:00 2016-06-01T16:52+09:00
jvndb-2016-000062 WN-G300R Series vulnerable to cross-site scripting 2016-05-12T14:34+09:00 2016-06-01T16:48+09:00
jvndb-2016-000059 Apache Cordova vulnerable to arbitrary plugin execution 2016-05-11T14:16+09:00 2016-06-01T16:30+09:00
jvndb-2016-000055 kintone mobile for Android information management vulnerability 2016-04-25T15:35+09:00 2016-06-01T16:21+09:00
jvndb-2016-000054 Electron may insecurely load Node modules 2016-04-22T13:49+09:00 2016-06-01T15:56+09:00
jvndb-2016-000052 EC-CUBE fails to restrict access permissions 2016-04-26T13:56+09:00 2016-05-31T17:41+09:00
jvndb-2016-000051 EC-CUBE fails to restrict access permissions 2016-04-26T13:56+09:00 2016-05-31T17:41+09:00
jvndb-2016-000053 EC-CUBE vulnerable to cross-site request forgery 2016-04-26T14:24+09:00 2016-05-31T17:40+09:00
jvndb-2015-000151 Multiple PHP code execution vulnerabilitles in Cybozu Garoon 2015-10-07T14:48+09:00 2016-05-30T15:34+09:00
jvndb-2015-000115 Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass 2015-09-11T14:16+09:00 2016-05-27T14:32+09:00
jvndb-2016-000057 Multiple shiro8 Co., Ltd. freearea_ addition_plugins for EC-CUBE vulnerable to cross-site scripting 2016-04-26T14:18+09:00 2016-05-25T17:48+09:00
jvndb-2015-000101 PHP for Windows vulnerable to OS command injection 2015-07-17T14:44+09:00 2016-05-19T17:43+09:00
jvndb-2016-000048 EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" vulnerable to cross-site scripting 2016-04-08T12:31+09:00 2016-05-06T16:13+09:00
jvndb-2016-000038 ActiveX control for EVA Animator vulnerable to buffer overflow 2016-04-04T15:30+09:00 2016-04-20T09:38+09:00
jvndb-2016-000035 Aterm WF800HP vulnerable to cross-site request forgery 2016-03-30T14:49+09:00 2016-04-18T15:42+09:00
jvndb-2016-000036 Aterm WG300HP vulnerable to cross-site request forgery 2016-03-30T14:49+09:00 2016-04-18T15:41+09:00
ID Description Updated
ID Description
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
certfr-2024-avi-0897 Multiples vulnérabilités dans les produits Cisco 2024-10-17T00:00:00.000000 2024-10-17T00:00:00.000000
certfr-2024-avi-0896 Vulnérabilité dans VMware HCX 2024-10-17T00:00:00.000000 2024-10-17T00:00:00.000000
certfr-2024-avi-0894 Vulnérabilité dans Drupal Core 2024-10-17T00:00:00.000000 2024-10-17T00:00:00.000000
certfr-2024-avi-0877 Multiples Vulnérabilités dans Mozilla Firefox 2024-10-15T00:00:00.000000 2024-10-17T00:00:00.000000
certfr-2024-avi-0892 Multiples vulnérabilités dans les produits SolarWinds 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0891 Vulnérabilité dans Synacor Zimbra Desktop 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0890 Multiples vulnérabilités dans les produits Atlassian 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0889 Multiples vulnérabilités dans Ruby on Rails 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0888 Multiples vulnérabilités dans Oracle Weblogic 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0887 Multiples vulnérabilités dans Oracle Virtualization 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0886 Multiples vulnérabilités dans Oracle Systems 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0885 Multiples vulnérabilités dans Oracle PeopleSoft 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0884 Multiples vulnérabilités dans Oracle MySQL 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0883 Multiples vulnérabilités dans Oracle Java SE 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0882 Multiples vulnérabilités dans Oracle Database Server 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0881 Multiples vulnérabilités dans Google Chrome 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0880 Multiples vulnérabilités dans les produits Trend Micro 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0879 Vulnérabilité dans Juniper Networks Junos OS 2024-10-16T00:00:00.000000 2024-10-16T00:00:00.000000
certfr-2024-avi-0878 Multiples vulnérabilités dans les produits Splunk 2024-10-15T00:00:00.000000 2024-10-15T00:00:00.000000
certfr-2024-avi-0781 Multiples vulnérabilités dans les produits Juniper Networks 2024-09-16T00:00:00.000000 2024-10-15T00:00:00.000000
certfr-2024-avi-0741 Multiples vulnérabilités dans Juniper Secure Analytics 2024-09-05T00:00:00.000000 2024-10-15T00:00:00.000000
certfr-2024-avi-0575 Multiples vulnérabilités dans les produits Juniper Networks 2024-07-12T00:00:00.000000 2024-10-15T00:00:00.000000
certfr-2024-avi-0876 Multiples vulnérabilités dans Moodle 2024-10-14T00:00:00.000000 2024-10-14T00:00:00.000000
certfr-2024-avi-0875 Multiples vulnérabilités dans les produits Moxa 2024-10-14T00:00:00.000000 2024-10-14T00:00:00.000000
certfr-2024-avi-0874 Multiples vulnérabilités dans Google Android 2024-10-11T00:00:00.000000 2024-10-11T00:00:00.000000
certfr-2024-avi-0873 Multiples vulnérabilités dans les produits IBM 2024-10-11T00:00:00.000000 2024-10-11T00:00:00.000000
certfr-2024-avi-0872 Multiples vulnérabilités dans le noyau Linux de Debian LTS 2024-10-11T00:00:00.000000 2024-10-11T00:00:00.000000
certfr-2024-avi-0871 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2024-10-11T00:00:00.000000 2024-10-11T00:00:00.000000
certfr-2024-avi-0870 Multiples vulnérabilités dans le noyau Linux de SUSE 2024-10-11T00:00:00.000000 2024-10-11T00:00:00.000000
certfr-2024-avi-0869 Vulnérabilité dans Mozilla Thunderbird 2024-10-11T00:00:00.000000 2024-10-11T00:00:00.000000
ID Description Published Updated