Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2026-6118		AstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_serv…	AstrBotDevs	AstrBot	2026-04-12T04:45:09.857Z	2026-04-14T13:56:56.956Z
cve-2026-6117		AstrBotDevs AstrBot install-upload Endpoint plugin.py …	AstrBotDevs	AstrBot	2026-04-12T04:30:12.395Z	2026-04-15T15:18:45.908Z
cve-2026-6116		Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os co…	Totolink	A7100RU	2026-04-12T04:15:13.953Z	2026-04-13T12:16:37.916Z
cve-2026-6115		Totolink A7100RU CGI cstecgi.cgi setAppCfg os command …	Totolink	A7100RU	2026-04-12T04:00:21.967Z	2026-04-13T17:50:25.532Z
cve-2026-6114		Totolink A7100RU CGI cstecgi.cgi setNetworkCfg os comm…	Totolink	A7100RU	2026-04-12T03:30:16.504Z	2026-04-14T16:33:32.690Z
cve-2026-6113		Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os c…	Totolink	A7100RU	2026-04-12T03:00:20.188Z	2026-04-14T13:58:57.661Z
cve-2026-6112		Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os comman…	Totolink	A7100RU	2026-04-12T02:45:13.694Z	2026-04-15T15:17:02.716Z
cve-2026-6111		FoundationAgents MetaGPT common.py decode_image server…	FoundationAgents	MetaGPT	2026-04-12T02:30:14.605Z	2026-04-13T12:19:44.261Z
cve-2026-1116		Cross-site Scripting (XSS) in parisneo/lollms	parisneo	parisneo/lollms	2026-04-12T02:22:52.389Z	2026-04-13T17:49:36.132Z
cve-2026-6110		FoundationAgents MetaGPT Tree-of-Thought Solver tot.py…	FoundationAgents	MetaGPT	2026-04-12T02:00:21.626Z	2026-04-13T17:48:44.488Z
cve-2026-6109		FoundationAgents MetaGPT Mineflayer HTTP API index.js …	FoundationAgents	MetaGPT	2026-04-12T01:30:15.439Z	2026-04-14T16:33:38.654Z
cve-2026-6108		1Panel-dev MaxKB Model Context Protocol Node base_mcp_…	1Panel-dev	MaxKB	2026-04-12T01:00:19.735Z	2026-04-14T14:00:16.365Z
cve-2026-6107		1Panel-dev MaxKB ChatHeadersMiddleware chat_headers_mi…	1Panel-dev	MaxKB	2026-04-12T00:45:18.908Z	2026-04-15T15:16:00.722Z
cve-2026-6106		1Panel-dev MaxKB Public Chat static_headers_middleware…	1Panel-dev	MaxKB	2026-04-11T22:15:14.027Z	2026-04-13T12:26:30.360Z
cve-2026-6105		perfree go-fastdfs-web doInstall InstallController.jav…	perfree	go-fastdfs-web	2026-04-11T22:00:24.856Z	2026-04-13T17:41:44.218Z
cve-2026-31845	9.3 (v4.0) 9.3 (v3.1) 6.4 (v2.0)	A reflected cross-site scripting (XSS) vulnerabil…	Rukovoditel	Rukovoditel CRM	2026-04-11T18:26:46.481Z	2026-04-13T17:44:03.965Z
cve-2026-32146	8.3 (v4.0)	Improper Path Validation in Git Dependency Handling Al…	Gleam	Gleam	2026-04-11T12:59:22.911Z	2026-04-22T16:03:21.163Z
cve-2026-23900	N/A	Extension - phoca.cz - Stored XSS vectors in Phoca Map…	phoca.cz	phoca.cz - Phoca Maps for Joomla	2026-04-11T12:52:12.525Z	2026-04-14T05:14:12.556Z
cve-2026-5809		wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Ar…	tomdever	wpForo Forum	2026-04-11T07:40:15.574Z	2026-04-13T15:15:07.646Z
cve-2026-34621	8.6 (v3.1)	Acrobat Reader \| Improperly Controlled Modification of…	Adobe	Acrobat Reader	2026-04-11T06:45:43.512Z	2026-04-14T03:55:27.955Z
cve-2026-3371		Tutor LMS <= 3.9.7 - Authenticated (Subscriber+) Insec…	themeum	Tutor LMS – eLearning and online course solution	2026-04-11T01:25:01.083Z	2026-04-13T15:15:07.829Z
cve-2026-4979		UsersWP <= 1.2.58 - Authenticated (Subscriber+) Server…	stiofansisland	UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP	2026-04-11T01:25:00.447Z	2026-04-13T15:15:07.967Z
cve-2026-5144		BuddyPress Groupblog <= 1.9.3 - Authenticated (Subscri…	boonebgorges	BuddyPress Groupblog	2026-04-11T01:24:59.754Z	2026-04-13T15:15:08.152Z
cve-2026-3498		BlockArt Blocks <= 2.2.15 - Authenticated (Author+) St…	wpblockart	BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library	2026-04-11T01:24:59.386Z	2026-04-13T12:27:05.181Z
cve-2026-4895		Greenshift <= 12.8.9 - Authenticated (Contributor+) St…	wpsoul	Greenshift – animation and page builder blocks	2026-04-11T01:24:58.983Z	2026-04-13T15:15:08.348Z
cve-2026-5217		Optimole <= 4.2.2 - Unauthenticated Stored Cross-Site …	optimole	Optimole – Optimize Images in Real Time	2026-04-11T01:24:58.602Z	2026-04-13T15:15:08.543Z
cve-2026-5207		LifterLMS <= 9.2.1 - Authenticated (Custom+) SQL Injec…	chrisbadgett	LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes	2026-04-11T01:24:58.163Z	2026-04-13T15:15:08.729Z
cve-2026-5226		Optimole <= 4.2.3 - Reflected Cross-Site Scripting via…	optimole	Optimole – Optimize Images in Real Time	2026-04-11T01:24:57.542Z	2026-04-13T12:27:49.136Z
cve-2026-3358		Tutor LMS <= 3.9.7 - Missing Authorization to Authenti…	themeum	Tutor LMS – eLearning and online course solution	2026-04-11T01:24:56.945Z	2026-04-13T15:15:08.860Z
cve-2026-40354	2.9 (v3.1)	Flatpak xdg-desktop-portal before 1.20.4 and 1.21…	Flatpak	xdg-desktop-portal	2026-04-11T00:29:03.467Z	2026-04-15T15:14:27.291Z

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Package	Published	Updated

ID	Description	Type

ID	Description	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Updated

ID	Description	Published	Updated
jvndb-2015-000047	bBlog vulnerable to cross-site request forgery	2015-04-07T12:12+09:00	2015-04-09T14:05+09:00
jvndb-2015-000049	"Restaurant Karaoke SHIDAX" App for Android fails to verify SSL server certificates	2015-04-03T13:36+09:00	2018-01-24T14:03+09:00
jvndb-2015-000048	Maruo Editor vulnerable to buffer overflow	2015-04-02T12:30+09:00	2015-04-07T17:28+09:00
jvndb-2015-000046	All in One SEO Pack information management vulnerability	2015-03-31T13:48+09:00	2015-04-07T17:27+09:00
jvndb-2015-000045	Android OS may behave as an open resolver	2015-03-27T14:12+09:00	2015-03-27T14:12+09:00
jvndb-2015-000044	WordPress theme flashy vulnerable to cross-site scripting	2015-03-26T14:04+09:00	2015-04-07T17:25+09:00
jvndb-2015-000043	Fumy Teacher's Schedule Board vulnerable to cross-site scripting	2015-03-26T14:00+09:00	2015-04-07T17:25+09:00
jvndb-2015-000042	The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass	2015-03-24T14:10+09:00	2016-08-26T16:37+09:00
jvndb-2015-000040	LINE vulnerable to script injection	2015-03-20T16:16+09:00	2024-05-09T18:15+09:00
jvndb-2015-000041	MP Form Mail CGI eCommerce edition vulnerable to code injection	2015-03-20T12:30+09:00	2015-03-24T15:11+09:00
jvndb-2015-000039	eXtplorer vulnerable to cross-site scripting	2015-03-17T13:41+09:00	2015-03-20T14:30+09:00
jvndb-2015-000038	All In One WP Security & Firewall vulnerable to cross-site request forgery	2015-03-06T13:46+09:00	2015-03-11T17:42+09:00
jvndb-2015-000037	All In One WP Security & Firewall vulnerable to SQL injection	2015-03-06T13:45+09:00	2015-03-11T17:55+09:00
jvndb-2015-000036	Maroyaka Relay Novel vulnerable to cross-site scripting	2015-03-04T14:49+09:00	2015-03-06T15:30+09:00
jvndb-2015-000035	Maroyaka Image Album vulnerable to cross-site scripting	2015-03-04T14:49+09:00	2015-03-06T15:21+09:00
jvndb-2015-000034	Maroyaka Simple Board vulnerable to cross-site scripting	2015-03-04T14:48+09:00	2015-03-06T15:07+09:00
jvndb-2015-000030	Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass	2015-03-03T13:39+09:00	2015-03-04T15:23+09:00
jvndb-2015-000029	BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass	2015-03-03T13:38+09:00	2015-03-04T15:22+09:00
jvndb-2015-001558	Cross-site Scripting Vulnerability in Hitachi IT Operations Analyzer	2015-02-27T15:57+09:00	2015-02-27T15:57+09:00
jvndb-2015-001557	Cross-site Scripting Vulnerability in JP1/IT Desktop Management - Manager and Hitachi IT Operations Director	2015-02-27T15:56+09:00	2015-02-27T15:56+09:00
jvndb-2015-001556	Multiple Cross-site Scripting Vulnerabilities in Hitachi Compute Systems Manager	2015-02-27T15:55+09:00	2015-02-27T15:55+09:00
jvndb-2015-000031	SEIL Series routers vulnerable to denial-of-service (DoS)	2015-02-27T15:39+09:00	2015-03-05T15:42+09:00
jvndb-2015-000033	Vulnerability in the jBCrypt key stretching process	2015-02-27T14:03+09:00	2015-03-03T15:58+09:00
jvndb-2015-000028	KENT-WEB Clip Board vulnerability where arbitary files may be deleted	2015-02-27T14:02+09:00	2015-03-03T15:59+09:00
jvndb-2015-000024	Joyful Note vulnerability in handling files	2015-02-27T13:57+09:00	2015-03-03T15:59+09:00
jvndb-2015-000032	checkpw vulnerable to denial-of-service (DoS)	2015-02-27T12:30+09:00	2015-03-03T15:57+09:00
jvndb-2015-000027	Zen Cart Japanese version vulnerable to cross-site scripting	2015-02-25T15:09+09:00	2015-03-02T14:19+09:00
jvndb-2015-000026	SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution	2015-02-25T15:00+09:00	2015-03-02T14:23+09:00
jvndb-2015-000023	Speed Software Root Explorer and Explorer vulnerable to directory traversal	2015-02-24T14:35+09:00	2015-02-26T17:18+09:00
jvndb-2015-000022	AL-Mail32 vulnerable to buffer overflow	2015-02-20T14:55+09:00	2015-02-24T16:36+09:00

ID	Description	Updated

ID	Description

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
certfr-2024-avi-0709	Multiples vulnérabilités dans GitLab	2024-08-22T00:00:00.000000	2024-08-22T00:00:00.000000
certfr-2024-avi-0708	Vulnérabilité dans les produits Cisco	2024-08-22T00:00:00.000000	2024-08-22T00:00:00.000000
certfr-2024-avi-0707	Vulnérabilité dans Mitel MiContact Center Business	2024-08-22T00:00:00.000000	2024-08-22T00:00:00.000000
certfr-2024-avi-0706	Multiples vulnérabilités dans Google Chrome	2024-08-22T00:00:00.000000	2024-08-22T00:00:00.000000
certfr-2024-avi-0705	Vulnérabilité dans MongoDB	2024-08-21T00:00:00.000000	2024-08-21T00:00:00.000000
certfr-2024-avi-0704	Vulnérabilité dans Microsoft Azure	2024-08-21T00:00:00.000000	2024-08-21T00:00:00.000000
certfr-2024-avi-0703	Multiples vulnérabilités dans les produits Atlassian	2024-08-21T00:00:00.000000	2024-08-21T00:00:00.000000
certfr-2024-avi-0702	Vulnérabilité dans SPIP	2024-08-21T00:00:00.000000	2024-09-16T00:00:00.000000
certfr-2024-avi-0701	Multiples vulnérabilités dans Joomla!	2024-08-21T00:00:00.000000	2024-08-21T00:00:00.000000
certfr-2024-avi-0700	Vulnérabilité dans Spring Security	2024-08-20T00:00:00.000000	2024-08-20T00:00:00.000000
certfr-2024-avi-0699	Multiples vulnérabilités dans les produits F5 et Nginx	2024-08-19T00:00:00.000000	2024-08-19T00:00:00.000000
certfr-2024-avi-0698	Vulnérabilité dans Microsoft Office	2024-08-19T00:00:00.000000	2024-08-19T00:00:00.000000
certfr-2024-avi-0697	Vulnérabilité dans Microsoft Edge	2024-08-19T00:00:00.000000	2024-08-19T00:00:00.000000
certfr-2024-avi-0696	Multiples vulnérabilités dans Moodle	2024-08-19T00:00:00.000000	2024-08-19T00:00:00.000000
certfr-2024-avi-0695	Multiples vulnérabilités dans le noyau Linux de Red Hat	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0694	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0693	Multiples vulnérabilités dans le noyau Linux de SUSE	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0692	Multiples vulnérabilités dans les produits IBM	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0691	Multiples vulnérabilités dans les produits Palo Alto Networks	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0690	Vulnérabilité dans Elastic APM Server	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0689	Multiples vulnérabilités dans Spring Framework	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0688	Vulnérabilité dans Grafana	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0687	Multiples vulnérabilités dans Mitel Unify OpenScape Business Application	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0686	Multiples vulnérabilités dans Xen	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0685	Vulnérabilité dans SolarWinds Web Help Desk	2024-08-16T00:00:00.000000	2024-08-16T00:00:00.000000
certfr-2024-avi-0684	Multiples vulnérabilités dans les produits Microsoft	2024-08-14T00:00:00.000000	2024-08-14T00:00:00.000000
certfr-2024-avi-0683	Multiples vulnérabilités dans Microsoft Azure	2024-08-14T00:00:00.000000	2024-08-14T00:00:00.000000
certfr-2024-avi-0682	Multiples vulnérabilités dans Microsoft .Net	2024-08-14T00:00:00.000000	2024-08-14T00:00:00.000000
certfr-2024-avi-0681	Multiples vulnérabilités dans Microsoft Windows	2024-08-14T00:00:00.000000	2024-08-14T00:00:00.000000
certfr-2024-avi-0680	Multiples vulnérabilités dans Microsoft Office	2024-08-14T00:00:00.000000	2024-08-14T00:00:00.000000

ID	Description	Published	Updated