Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-5713 | 5.3 (v4.0) | Out-of-bounds read/write during remote profiling and a… |
Python Software Foundation |
CPython |
2026-04-14T15:11:51.122Z | 2026-04-15T17:24:22.172Z |
| cve-2026-30995 | N/A | Slah CMS v1.5.0 and below was discovered to conta… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:23:41.420Z |
| cve-2025-15636 | 6.5 (v3.1) | WordPress YouTube Showcase plugin <= 3.5.1 - Cross Sit… |
Emarket-design |
YouTube Showcase |
2026-04-15T15:55:51.930Z | 2026-04-15T17:23:39.918Z |
| cve-2025-63029 | 7.6 (v3.1) | WordPress WCFM Marketplace plugin <= 3.7.1 - SQL Injec… |
WC Lovers |
WCFM Marketplace |
2026-04-15T16:21:23.512Z | 2026-04-15T17:16:01.919Z |
| cve-2026-20132 | Cisco Identity Services Engine Multiple Cross-Site Scr… |
Cisco |
Cisco Identity Services Engine Software |
2026-04-15T16:03:14.842Z | 2026-04-15T17:06:38.222Z | |
| cve-2026-20078 | Cisco Unity Connection Arbitrary File Download Vulnerability |
Cisco |
Cisco Unity Connection |
2026-04-15T16:03:16.698Z | 2026-04-15T17:06:38.080Z | |
| cve-2026-20081 | Cisco Unity Connection Arbitrary File Download Vulnerability |
Cisco |
Cisco Unity Connection |
2026-04-15T16:03:23.282Z | 2026-04-15T17:06:37.914Z | |
| cve-2026-20148 | Cisco Identity Services Engine Path Traversal Vulnerability |
Cisco |
Cisco Identity Services Engine Software |
2026-04-15T16:03:31.727Z | 2026-04-15T16:56:35.471Z | |
| cve-2026-20161 | Cisco ThousandEyes Enterprise Agent Arbitrary File Ove… |
Cisco |
Cisco ThousandEyes Enterprise Agent |
2026-04-15T16:03:43.769Z | 2026-04-15T16:56:35.191Z | |
| cve-2026-20170 | A vulnerability in the Desktop Agent functionalit… |
Cisco |
Cisco Webex Contact Center |
2026-04-15T16:10:03.920Z | 2026-04-15T16:56:34.563Z | |
| cve-2026-20060 | Cisco Unity Connection Open Redirect Vulnerability |
Cisco |
Cisco Unity Connection |
2026-04-15T16:11:20.842Z | 2026-04-15T16:56:34.222Z | |
| cve-2026-20061 | Cisco Unity Connection SQL Injection Vulnerability |
Cisco |
Cisco Unity Connection |
2026-04-15T16:11:20.865Z | 2026-04-15T16:56:34.089Z | |
| cve-2026-20059 | Cisco Unity Connection Reflected Cross-Site Scripting … |
Cisco |
Cisco Unity Connection |
2026-04-15T16:11:22.828Z | 2026-04-15T16:56:33.949Z | |
| cve-2026-1314 | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipb… |
iberezansky |
3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery |
2026-04-14T23:26:07.668Z | 2026-04-15T16:22:29.670Z | |
| cve-2026-39971 | Serendipity: Host Header Injection leads to SMTP heade… |
s9y |
Serendipity |
2026-04-14T23:35:49.305Z | 2026-04-15T16:22:04.004Z | |
| cve-2026-40096 | immich: Open Redirect via Shared Album name |
immich-app |
immich |
2026-04-14T23:54:17.662Z | 2026-04-15T16:19:07.744Z | |
| cve-2026-35589 | nanobot: Cross-Site WebSocket Hijacking in WhatsApp Br… |
HKUDS |
nanobot |
2026-04-14T22:47:32.837Z | 2026-04-15T16:14:06.128Z | |
| cve-2026-39884 | MCP Server Kubernetes has Argument Injection in its po… |
Flux159 |
mcp-server-kubernetes |
2026-04-14T23:25:59.780Z | 2026-04-15T16:13:59.605Z | |
| cve-2026-40090 | Zarf has a Path Traversal via Malicious Package Metada… |
zarf-dev |
zarf |
2026-04-14T23:46:18.804Z | 2026-04-15T16:13:54.180Z | |
| cve-2026-40105 | XWiki has Reflected Cross-Site Scripting (XSS) in its … |
xwiki |
xwiki-platform |
2026-04-15T00:07:23.150Z | 2026-04-15T16:13:48.450Z | |
| cve-2026-33806 | 7.5 (v3.1) | fastify vulnerable to Body Schema Validation Bypass vi… |
fastify |
fastify |
2026-04-15T00:14:02.376Z | 2026-04-15T16:13:42.961Z |
| cve-2026-1509 | Avada (Fusion) Builder <= 3.15.1 - Authenticated (Subs… |
themefusion |
Avada (Fusion) Builder |
2026-04-15T01:25:18.275Z | 2026-04-15T16:13:37.307Z | |
| cve-2026-6328 | 8.3 (v4.0) | XQUIC Improper STREAM Frame Validation in Initial/Hand… |
XQUIC Project |
XQUIC |
2026-04-15T03:18:10.428Z | 2026-04-15T16:13:31.813Z |
| cve-2026-5397 | 7.8 (v3.1) | Vulnerability Related to an Uncontrolled Search Path E… |
OMRON SOCIAL SOLUTIONS CO., Ltd. |
PowerAttendant Standard Edition |
2026-04-15T04:11:29.716Z | 2026-04-15T16:13:26.313Z |
| cve-2026-26291 | 5.4 (v3.0) 4.8 (v4.0) | Stored cross-site scripting vulnerability exists … |
GROWI, Inc. |
GROWI |
2026-04-15T04:19:31.678Z | 2026-04-15T16:13:20.770Z |
| cve-2026-5617 | Login as User <= 1.0.3 - Authenticated (Subscriber+) P… |
royalnavneet |
Login as User – Switch User & WooCommerce Login as Customer |
2026-04-15T07:45:29.695Z | 2026-04-15T16:13:15.117Z | |
| cve-2026-4011 | Power Charts <= 0.1.0 - Authenticated (Contributor+) S… |
dgwyer |
Power Charts – Responsive Beautiful Charts & Graphs |
2026-04-15T08:28:17.209Z | 2026-04-15T16:13:09.653Z | |
| cve-2026-3643 | Accessibly <= 3.0.3 - Missing Authorization to Unauthe… |
onthemapmarketing |
Accessibly – WordPress Website Accessibility |
2026-04-15T08:28:17.565Z | 2026-04-15T16:13:04.206Z | |
| cve-2026-4812 | Advanced Custom Fields (ACF®) <= 6.7.0 - Unauthenticat… |
wpengine |
Advanced Custom Fields (ACF®) |
2026-04-15T01:25:17.540Z | 2026-04-15T16:01:25.621Z | |
| cve-2026-1541 | Avada (Fusion) Builder <= 3.15.1 - Authenticated (Subs… |
themefusion |
Avada (Fusion) Builder |
2026-04-15T01:25:17.892Z | 2026-04-15T15:56:52.964Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-001959 | JBoss RichFaces vulnerable to remote Java code execution | 2015-04-14T13:24+09:00 | 2015-04-14T13:24+09:00 |
| jvndb-2015-000047 | bBlog vulnerable to cross-site request forgery | 2015-04-07T12:12+09:00 | 2015-04-09T14:05+09:00 |
| jvndb-2015-000017 | Saurus CMS Community Edition vulnerable to cross-site scripting | 2015-02-17T14:20+09:00 | 2015-04-08T15:20+09:00 |
| jvndb-2015-000018 | C-BOARD Moyuku vulnerable to arbitrary file creation | 2015-02-17T14:21+09:00 | 2015-04-07T17:57+09:00 |
| jvndb-2015-000048 | Maruo Editor vulnerable to buffer overflow | 2015-04-02T12:30+09:00 | 2015-04-07T17:28+09:00 |
| jvndb-2015-000046 | All in One SEO Pack information management vulnerability | 2015-03-31T13:48+09:00 | 2015-04-07T17:27+09:00 |
| jvndb-2015-000044 | WordPress theme flashy vulnerable to cross-site scripting | 2015-03-26T14:04+09:00 | 2015-04-07T17:25+09:00 |
| jvndb-2015-000043 | Fumy Teacher's Schedule Board vulnerable to cross-site scripting | 2015-03-26T14:00+09:00 | 2015-04-07T17:25+09:00 |
| jvndb-2015-000045 | Android OS may behave as an open resolver | 2015-03-27T14:12+09:00 | 2015-03-27T14:12+09:00 |
| jvndb-2015-000041 | MP Form Mail CGI eCommerce edition vulnerable to code injection | 2015-03-20T12:30+09:00 | 2015-03-24T15:11+09:00 |
| jvndb-2015-000039 | eXtplorer vulnerable to cross-site scripting | 2015-03-17T13:41+09:00 | 2015-03-20T14:30+09:00 |
| jvndb-2015-000037 | All In One WP Security & Firewall vulnerable to SQL injection | 2015-03-06T13:45+09:00 | 2015-03-11T17:55+09:00 |
| jvndb-2015-000038 | All In One WP Security & Firewall vulnerable to cross-site request forgery | 2015-03-06T13:46+09:00 | 2015-03-11T17:42+09:00 |
| jvndb-2015-000036 | Maroyaka Relay Novel vulnerable to cross-site scripting | 2015-03-04T14:49+09:00 | 2015-03-06T15:30+09:00 |
| jvndb-2015-000035 | Maroyaka Image Album vulnerable to cross-site scripting | 2015-03-04T14:49+09:00 | 2015-03-06T15:21+09:00 |
| jvndb-2015-000034 | Maroyaka Simple Board vulnerable to cross-site scripting | 2015-03-04T14:48+09:00 | 2015-03-06T15:07+09:00 |
| jvndb-2015-000019 | Squid input validation vulnerability | 2015-02-20T14:55+09:00 | 2015-03-06T14:57+09:00 |
| jvndb-2015-000031 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2015-02-27T15:39+09:00 | 2015-03-05T15:42+09:00 |
| jvndb-2015-000030 | Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass | 2015-03-03T13:39+09:00 | 2015-03-04T15:23+09:00 |
| jvndb-2015-000029 | BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass | 2015-03-03T13:38+09:00 | 2015-03-04T15:22+09:00 |
| jvndb-2015-001269 | Cross-site Scripting Vulnerability in Hitachi Application Server Help | 2015-02-16T11:21+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2015-001268 | Cross-site Scripting Vulnerability in Hitachi Command Suite Products | 2015-02-16T11:12+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-004833 | Vulnerability in JP1/NETM/DM and Job Management Partner 1/Software Distribution data reproduction functionality | 2014-11-11T15:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-002802 | Xml eXternal Entity Vulnerability in XML link function of Hitachi COBOL2002 | 2014-06-12T11:43+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-002800 | Multiple Vulnerabilities in Hitachi Tuning Manager and JP1/Performance Management - Manager Web Option | 2014-06-12T11:43+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-001594 | JP1/File Transmission Server / FTP vulnerable to access control violation | 2014-03-11T16:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-001593 | JP1/Integrated Management - Service Support vulnerable to cross-site scripting | 2014-03-11T15:54+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-001203 | A Problem of CPU Consumption in Host Data Collector bundled with Hitachi Device Manager Software | 2014-01-22T18:06+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2015-000028 | KENT-WEB Clip Board vulnerability where arbitary files may be deleted | 2015-02-27T14:02+09:00 | 2015-03-03T15:59+09:00 |
| jvndb-2015-000024 | Joyful Note vulnerability in handling files | 2015-02-27T13:57+09:00 | 2015-03-03T15:59+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0672 | Multiples vulnérabilités dans les produits Siemens | 2024-08-13T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0684 | Multiples vulnérabilités dans les produits Microsoft | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0683 | Multiples vulnérabilités dans Microsoft Azure | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0682 | Multiples vulnérabilités dans Microsoft .Net | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0681 | Multiples vulnérabilités dans Microsoft Windows | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0680 | Multiples vulnérabilités dans Microsoft Office | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0679 | Multiples vulnérabilités dans les produits Intel | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0678 | Multiples vulnérabilités dans les produits Adobe | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0677 | Multiples vulnérabilités dans les produits Fortinet | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0676 | Multiples vulnérabilités dans Tenable Security Center | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0675 | Multiples vulnérabilités dans Nagios XI | 2024-08-14T00:00:00.000000 | 2024-08-14T00:00:00.000000 |
| certfr-2024-avi-0674 | Multiples vulnérabilités dans Zabbix | 2024-08-13T00:00:00.000000 | 2024-08-13T00:00:00.000000 |
| certfr-2024-avi-0673 | Multiples vulnérabilités dans les produits Schneider Electric | 2024-08-13T00:00:00.000000 | 2024-08-13T00:00:00.000000 |
| certfr-2024-avi-0671 | Multiples vulnérabilités dans les produits SAP | 2024-08-13T00:00:00.000000 | 2024-08-13T00:00:00.000000 |
| certfr-2024-avi-0670 | Multiples vulnérabilités dans Splunk Machine Learning Toolkit | 2024-08-13T00:00:00.000000 | 2024-08-13T00:00:00.000000 |
| certfr-2024-avi-0669 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0668 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0667 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0666 | Multiples vulnérabilités dans les produits IBM | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0665 | Multiples vulnérabilités dans Microsoft Edge | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0664 | Vulnérabilité dans PostgreSQL | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0663 | Vulnérabilité dans Asterisk | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0662 | Vulnérabilité dans MongoDB | 2024-08-09T00:00:00.000000 | 2024-08-09T00:00:00.000000 |
| certfr-2024-avi-0661 | Multiples vulnérabilités dans les produits Cisco | 2024-08-08T00:00:00.000000 | 2024-08-08T00:00:00.000000 |
| certfr-2024-avi-0660 | Multiples vulnérabilités dans Microsoft Windows | 2024-08-08T00:00:00.000000 | 2024-08-08T00:00:00.000000 |
| certfr-2024-avi-0659 | Multiples vulnérabilités dans GitLab | 2024-08-08T00:00:00.000000 | 2024-08-08T00:00:00.000000 |
| certfr-2024-avi-0658 | Multiples vulnérabilités dans Google Chrome | 2024-08-07T00:00:00.000000 | 2024-08-07T00:00:00.000000 |
| certfr-2024-avi-0657 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2024-08-07T00:00:00.000000 | 2024-08-07T00:00:00.000000 |
| certfr-2024-avi-0656 | Multiples vulnérabilités dans les produits Mozilla | 2024-08-07T00:00:00.000000 | 2024-08-07T00:00:00.000000 |
| certfr-2024-avi-0655 | Multiples vulnérabilités dans Google Android | 2024-08-07T00:00:00.000000 | 2024-08-07T00:00:00.000000 |