Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-41330 | 2 (v4.0) 4.4 (v3.1) | OpenClaw < 2026.3.31 - Environment Variable Override v… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:16.941Z | 2026-04-21T13:39:27.598Z |
| cve-2026-41329 | 9 (v4.0) 9.9 (v3.1) | OpenClaw < 2026.3.31 - Sandbox Bypass via Heartbeat Co… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:16.222Z | 2026-04-20T23:08:16.222Z |
| cve-2026-41303 | 8.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.28 - Authorization Bypass in Discord… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:15.511Z | 2026-04-21T13:35:55.924Z |
| cve-2026-41302 | 4.8 (v4.0) 7.6 (v3.1) | OpenClaw < 2026.3.31 - Server-Side Request Forgery via… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:14.782Z | 2026-04-20T23:08:14.782Z |
| cve-2026-41301 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairi… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:14.023Z | 2026-04-21T13:33:53.554Z |
| cve-2026-41300 | 6.9 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.31 - Attacker-Discovered Endpoint Pr… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:13.304Z | 2026-04-21T13:03:24.309Z |
| cve-2026-41299 | 7.1 (v4.0) 7.1 (v3.1) | OpenClaw < 2026.3.28 - Client Identity Spoofing in cha… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:12.586Z | 2026-04-21T13:38:25.512Z |
| cve-2026-41298 | 5.3 (v4.0) 5.4 (v3.1) | OpenClaw < 2026.4.2 - Authorization Bypass in Session … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:11.787Z | 2026-04-21T17:34:23.419Z |
| cve-2026-41297 | 4.8 (v4.0) 7.6 (v3.1) | OpenClaw < 2026.3.31 - Server-Side Request Forgery via… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:10.955Z | 2026-04-21T13:41:34.057Z |
| cve-2026-41296 | 8.8 (v4.0) 8.2 (v3.1) | OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:10.194Z | 2026-04-20T23:08:10.194Z |
| cve-2026-41295 | 8.5 (v4.0) 7.8 (v3.1) | OpenClaw < 2026.4.2 - Untrusted Workspace Channel Shad… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:09.503Z | 2026-04-21T13:35:47.883Z |
| cve-2026-41294 | 8.5 (v4.0) 8.6 (v3.1) | OpenClaw < 2026.3.28 - Environment Variable Injection … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:08.795Z | 2026-04-21T13:04:36.188Z |
| cve-2026-40045 | 5.9 (v4.0) 5.7 (v3.1) | OpenClaw < 2026.4.2 - Cleartext Credential Transmissio… |
OpenClaw |
OpenClaw |
2026-04-20T23:08:07.952Z | 2026-04-21T13:37:43.951Z |
| cve-2026-34082 | Dify has IDOR in deleting someone else's chat conversation |
langgenius |
dify |
2026-04-20T23:03:18.158Z | 2026-04-21T13:36:45.614Z | |
| cve-2026-5721 | wpDataTables – WordPress Data Table, Dynamic Tables & … |
wpdatatables |
wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin |
2026-04-20T22:25:26.695Z | 2026-04-20T22:25:26.695Z | |
| cve-2026-6729 | 5.3 (v4.0) 6.3 (v3.1) | HKUDS OpenHarness Session Key Collision Privilege Escalation |
HKUDS |
OpenHarness |
2026-04-20T22:01:38.766Z | 2026-04-21T17:39:32.967Z |
| cve-2026-0930 | 2.3 (v4.0) | Potential wolfSSHd Buffer out-of-bounds Read on Window… |
wolfSSL |
wolfSSH |
2026-04-20T21:28:33.227Z | 2026-04-21T13:37:15.647Z |
| cve-2026-22051 | 2.3 (v4.0) | StorageGRID (formerly StorageGRID Webscale) versi… |
NETAPP |
StorageGRID (formerly StorageGRID Webscale) |
2026-04-20T21:27:36.822Z | 2026-04-21T13:40:46.948Z |
| cve-2026-5450 | N/A | scanf %mc off-by-one heap buffer overflow |
The GNU C Library |
glibc |
2026-04-20T20:55:41.170Z | 2026-04-20T20:55:41.170Z |
| cve-2026-5928 | N/A | Static buffer overflow in deprecated nis_local_principal |
The GNU C Library |
glibc |
2026-04-20T20:37:31.743Z | 2026-04-20T20:37:31.743Z |
| cve-2026-5358 | N/A | Static buffer overflow in deprecated nis_local_principal |
The GNU C Library |
glibc |
2026-04-20T20:37:23.178Z | 2026-04-20T20:37:23.178Z |
| cve-2026-33626 | LMDeploy Vulnerable to Server-Side Request Forgery (SS… |
InternLM |
lmdeploy |
2026-04-20T20:29:19.558Z | 2026-04-20T20:29:19.558Z | |
| cve-2026-4852 | Image Source Control Lite – Show Image Credits and Cap… |
webzunft |
Image Source Control Lite – Show Image Credits and Captions |
2026-04-20T20:26:53.256Z | 2026-04-21T13:53:14.507Z | |
| cve-2026-33432 | Roxy-WI has Pre-Authentication LDAP Injection that Lea… |
roxy-wi |
roxy-wi |
2026-04-20T20:26:52.217Z | 2026-04-21T17:38:09.523Z | |
| cve-2026-33431 | Roxy-WI Vulnerable to Authenticated Arbitrary File Rea… |
roxy-wi |
roxy-wi |
2026-04-20T20:24:15.319Z | 2026-04-21T13:42:19.802Z | |
| cve-2026-34403 | Nginx-UI vulnerable to Cross-Site WebSocket Hijacking … |
0xJacky |
nginx-ui |
2026-04-20T20:16:47.597Z | 2026-04-21T13:36:46.510Z | |
| cve-2026-33031 | Nginx-UI: Disabled users retain full API access throug… |
0xJacky |
nginx-ui |
2026-04-20T20:12:07.905Z | 2026-04-21T13:35:20.144Z | |
| cve-2026-32613 | Spinnaker vulnerable to RCE via expression parsing due… |
spinnaker |
spinnaker |
2026-04-20T20:07:24.697Z | 2026-04-20T20:08:54.702Z | |
| cve-2026-32604 | Spinnaker vulnerable to RCE when using gitrepo artifac… |
spinnaker |
spinnaker |
2026-04-20T20:00:57.517Z | 2026-04-21T17:36:56.642Z | |
| cve-2026-6249 | 8.7 (v4.0) 8.8 (v3.1) | Vvveb CMS 1.0.8 Remote Code Execution via Media Upload |
Vvveb |
Vvveb CMS |
2026-04-20T19:57:37.655Z | 2026-04-21T13:43:17.635Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-010603 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs | 2025-08-05T11:29+09:00 | 2025-08-05T11:29+09:00 |
| jvndb-2025-010408 | Multiple vulnerabilities in PowerCMS | 2025-08-01T12:05+09:00 | 2025-08-01T12:05+09:00 |
| jvndb-2025-000055 | ZXHN-F660T and ZXHN-F660A use a common credential for all installations | 2025-07-31T15:12+09:00 | 2025-07-31T15:12+09:00 |
| jvndb-2025-000054 | Apache Jena Fuseki vulnerable to path traversal | 2025-07-30T14:17+09:00 | 2025-07-30T14:17+09:00 |
| jvndb-2025-000053 | "SwitchBot" App vulnerable to insertion of sensitive information into log file | 2025-07-29T13:44+09:00 | 2025-07-29T13:44+09:00 |
| jvndb-2025-010056 | TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection | 2025-07-28T17:53+09:00 | 2025-07-28T17:53+09:00 |
| jvndb-2025-000052 | TP-Link Archer C1200 vulnerable to clickjacking | 2025-07-24T14:16+09:00 | 2025-07-24T14:16+09:00 |
| jvndb-2025-000051 | Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input | 2025-07-23T13:54+09:00 | 2025-07-23T13:54+09:00 |
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0283 | Vulnérabilité dans Microsoft Edge | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0282 | Multiples vulnérabilités dans Veeam Backup & Replication | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0281 | Multiples vulnérabilités dans les produits Splunk | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0280 | Multiples vulnérabilités dans les produits Apple | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0279 | Multiples vulnérabilités dans Cisco IOS XR | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0278 | Multiples vulnérabilités dans Google Chrome | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0277 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0276 | Multiples vulnérabilités dans GitLab | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0275 | Vulnérabilité dans GLPI | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0274 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0273 | Multiples vulnérabilités dans Microsoft Azure | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0272 | Multiples vulnérabilités dans Microsoft .Net | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0271 | Multiples vulnérabilités dans Microsoft Windows | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0270 | Multiples vulnérabilités dans Microsoft Office | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0269 | Multiples vulnérabilités dans Curl | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0268 | Multiples vulnérabilités dans Traefik | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0267 | Multiples vulnérabilités dans Mozilla Firefox | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0266 | Multiples vulnérabilités dans VMware Tanzu | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0265 | Multiples vulnérabilités dans les produits Fortinet | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0264 | Multiples vulnérabilités dans les produits Adobe | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0263 | Vulnérabilité dans Ivanti Desktop and Server Management (DSM) | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0262 | Multiples vulnérabilités dans HPE Aruba Networking AOS-CX | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0261 | Multiples vulnérabilités dans les produits Intel | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0260 | Multiples vulnérabilités dans WordPress | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0259 | Multiples vulnérabilités dans Stormshield Network Security | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0258 | Vulnérabilité dans Microsoft CBL-Mariner | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0257 | Vulnérabilité dans Mozilla Focus | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0256 | Multiples vulnérabilités dans les produits SAP | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0255 | Multiples vulnérabilités dans les produits Siemens | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0254 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2015-ale-002 | Vulnérabilité dans Adobe Flash Player | 2015-02-02T00:00:00.000000 | 2015-02-05T00:00:00.000000 |
| certfr-2015-ale-001 | Vulnérabilité dans Adobe Flash Player | 2015-01-22T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-011 | Vulnérabilité de l'implémentation Kerberos dans Microsoft Windows | 2014-11-18T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-010 | Vulnérabilité de l'implémentation des protocoles SSL/TLS dans Microsoft Windows | 2014-11-11T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-009 | Vulnérabilité dans Microsoft OLE | 2014-10-22T00:00:00.000000 | 2014-11-12T00:00:00.000000 |
| certfr-2014-ale-008 | Vulnérabilité dans Drupal | 2014-10-16T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-007 | Vulnérabilité dans SSLv3 | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-ale-006 | Vulnérabilité dans GNU bash | 2014-09-25T00:00:00.000000 | 2014-09-30T00:00:00.000000 |
| certfr-2014-ale-005 | Vulnérabilité dans Microsoft Internet Explorer | 2014-04-28T00:00:00.000000 | 2014-05-02T00:00:00.000000 |
| certfr-2014-ale-004 | Vulnérabilité dans Apache Struts | 2014-04-25T00:00:00.000000 | 2014-04-29T00:00:00.000000 |
| certfr-2014-ale-003 | Vulnérabilité dans OpenSSL | 2014-04-08T00:00:00.000000 | 2014-07-30T00:00:00.000000 |
| certfr-2014-ale-002 | Vulnérabilité dans Microsoft Word | 2014-03-25T00:00:00.000000 | 2014-04-09T00:00:00.000000 |
| certfr-2014-ale-001 | Vulnérabilité dans Microsoft Internet Explorer | 2014-02-14T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certa-2013-ale-008 | Vulnérabilité critique dans le noyau de Microsoft Windows | 2013-11-28T00:00:00.000000 | 2014-01-16T00:00:00.000000 |
| certa-2013-ale-007 | Vulnérabilité dans un composant graphique de Microsoft | 2013-11-06T00:00:00.000000 | 2013-12-10T00:00:00.000000 |
| certa-2013-ale-006 | Vulnérabilité dans Microsoft Internet Explorer | 2013-09-18T00:00:00.000000 | 2013-10-09T00:00:00.000000 |
| certa-2013-ale-005 | Vulnérabilité dans le noyau Linux | 2013-05-14T00:00:00.000000 | 2013-05-24T00:00:00.000000 |
| certa-2013-ale-004 | Vulnérabilité dans Adobe ColdFusion | 2013-05-10T00:00:00.000000 | 2013-05-15T00:00:00.000000 |
| certa-2013-ale-003 | Vulnérabilité dans Microsoft Internet Explorer 8 | 2013-05-06T00:00:00.000000 | 2013-05-15T00:00:00.000000 |
| certa-2013-ale-002 | Vulnérabilités dans Adobe Reader et Acrobat | 2013-02-14T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2013-ale-001 | Vulnérabilités dans Oracle Java | 2013-01-10T00:00:00.000000 | 2013-01-15T00:00:00.000000 |
| certa-2012-ale-010 | Vulnérabilité dans Internet Explorer | 2012-12-31T00:00:00.000000 | 2013-01-15T00:00:00.000000 |
| certa-2012-ale-009 | Vulnérabilité dans les pilotes NVidia | 2012-12-26T00:00:00.000000 | 2013-01-07T00:00:00.000000 |
| certa-2012-ale-008 | Vulnérabilité dans certains terminaux Samsung | 2012-12-18T00:00:00.000000 | 2012-12-18T00:00:00.000000 |
| certa-2012-ale-007 | Vulnérabilité dans MySQL | 2012-12-06T00:00:00.000000 | 2013-01-07T00:00:00.000000 |
| certa-2012-ale-006 | Vulnérabilité dans Internet Explorer | 2012-09-18T00:00:00.000000 | 2012-09-21T00:00:00.000000 |
| certa-2012-ale-005 | Vulnérabilité dans Oracle Java | 2012-08-27T00:00:00.000000 | 2012-08-31T00:00:00.000000 |
| certa-2012-ale-004 | Vulnérabilité dans Microsoft Exchange et Fast Search Server 2010 | 2012-07-25T00:00:00.000000 | 2012-08-16T00:00:00.000000 |
| certa-2012-ale-003 | Vulnérabilité dans Microsoft XML Core Services | 2012-06-14T00:00:00.000000 | 2012-08-17T00:00:00.000000 |
| certa-2012-ale-002 | Vulnérabilité dans Windows RDP | 2012-03-14T00:00:00.000000 | 2012-04-13T00:00:00.000000 |