Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-40588 | blueprintUE: Authenticated Password Change Does Not Ve… |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:12:08.938Z | 2026-04-21T17:12:08.938Z | |
| cve-2026-40587 | blueprintUE: Active Sessions Are Not Invalidated After… |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:11:23.740Z | 2026-04-21T17:11:23.740Z | |
| cve-2026-40586 | blueprintUE: Login Endpoint Has No Rate Limiting, Lock… |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:10:05.432Z | 2026-04-21T17:10:05.432Z | |
| cve-2026-41191 | FreeScout's signature only mailbox permission allows u… |
freescout-help-desk |
freescout |
2026-04-21T17:09:26.481Z | 2026-04-21T17:09:26.481Z | |
| cve-2026-40585 | blueprintUE: Password Reset Tokens Have No Expiry Window |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:09:17.982Z | 2026-04-21T17:09:17.982Z | |
| cve-2026-41190 | FreeScout has assigned-only visibility bypass via save… |
freescout-help-desk |
freescout |
2026-04-21T17:06:31.785Z | 2026-04-21T17:06:31.785Z | |
| cve-2026-41189 | FreeScout has assigned-only visibility bypass that all… |
freescout-help-desk |
freescout |
2026-04-21T17:04:07.469Z | 2026-04-21T17:04:07.469Z | |
| cve-2026-41183 | FreeScout allows non-folder conversation queries to di… |
freescout-help-desk |
freescout |
2026-04-21T17:00:39.033Z | 2026-04-21T17:00:39.033Z | |
| cve-2026-38835 | N/A | Tenda W30E V2.0 V16.01.0.21 was found to contain … |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T16:59:46.480Z |
| cve-2026-40583 | UltraDAG: SmartOp Vote Path Triggers Fatal Supply Inva… |
UltraDAGcom |
core |
2026-04-21T16:57:42.100Z | 2026-04-21T16:57:42.100Z | |
| cve-2026-40592 | FreeScout's cross-user undo reply allows mailbox peers… |
freescout-help-desk |
freescout |
2026-04-21T16:57:33.146Z | 2026-04-21T16:57:33.146Z | |
| cve-2026-38834 | N/A | Tenda W30E V2.0 V16.01.0.21 was found to contain … |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T16:56:31.418Z |
| cve-2026-35451 | Twenty: Stored XSS via BlockNote FileBlock |
twentyhq |
twenty |
2026-04-21T16:22:30.378Z | 2026-04-21T16:56:02.097Z | |
| cve-2026-40591 | FreeScout: Improper Authorization in Phone Conversatio… |
freescout-help-desk |
freescout |
2026-04-21T16:54:14.113Z | 2026-04-21T16:54:14.113Z | |
| cve-2026-40590 | FreeScout's Customer AJAX Create Modifies Hidden Exist… |
freescout-help-desk |
freescout |
2026-04-21T16:52:27.992Z | 2026-04-21T16:52:27.992Z | |
| cve-2026-40576 | Improper Limitation of a Pathname to a Restricted Dire… |
haris-musa |
excel-mcp-server |
2026-04-21T16:35:15.592Z | 2026-04-21T16:50:25.987Z | |
| cve-2026-40589 | FreeScout has Customer Edit Cross-Mailbox Email Takeover |
freescout-help-desk |
freescout |
2026-04-21T16:50:22.119Z | 2026-04-21T16:50:22.119Z | |
| cve-2026-25542 | Tekton Pipelines: VerificationPolicy regex pattern byp… |
tektoncd |
pipeline |
2026-04-21T16:05:43.217Z | 2026-04-21T16:48:15.671Z | |
| cve-2026-40570 | FreeScout's Missing Authorization in load_customer_inf… |
freescout-help-desk |
freescout |
2026-04-21T16:48:08.260Z | 2026-04-21T16:48:08.260Z | |
| cve-2026-29179 | October: Editor Sub-Permission Bypass for Asset and Bl… |
octobercms |
october |
2026-04-21T16:19:52.447Z | 2026-04-21T16:46:47.873Z | |
| cve-2026-40569 | FreeScout's Mass Assignment in Mailbox Connection Sett… |
freescout-help-desk |
freescout |
2026-04-21T16:46:15.796Z | 2026-04-21T16:46:15.796Z | |
| cve-2026-24176 | 4.3 (v3.1) | NVIDIA KAI Scheduler contains a vulnerability whe… |
NVIDIA |
KAI Scheduler |
2026-04-21T16:17:00.601Z | 2026-04-21T16:43:30.471Z |
| cve-2026-24177 | 7.7 (v3.1) | NVIDIA KAI Scheduler contains a vulnerability whe… |
NVIDIA |
KAI Scheduler |
2026-04-21T16:17:26.431Z | 2026-04-21T16:42:36.727Z |
| cve-2026-24189 | 8.2 (v3.1) | NVIDIA CUDA-Q contains a vulnerability in an endp… |
NVIDIA |
CUDA-Q |
2026-04-21T16:17:54.323Z | 2026-04-21T16:41:23.992Z |
| cve-2026-6766 | N/A | Incorrect boundary conditions in the Libraries compone… |
Mozilla |
Firefox |
2026-04-21T12:40:59.634Z | 2026-04-21T16:38:35.189Z |
| cve-2026-6703 | Responsive Blocks <= 2.2.1 - Missing Authorization to … |
cyberchimps |
Responsive Blocks – Page Builder for Blocks & Patterns |
2026-04-21T06:43:58.955Z | 2026-04-21T16:36:19.694Z | |
| cve-2026-40574 | OAuth2 Proxy has an Authorization Bypass in Email Doma… |
oauth2-proxy |
oauth2-proxy |
2026-04-21T16:32:34.537Z | 2026-04-21T16:32:34.537Z | |
| cve-2026-30452 | N/A | Textpattern CMS 4.9.0 contains a Broken Access Co… |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T16:32:19.608Z |
| cve-2026-6768 | N/A | Mitigation bypass in the Networking: Cookies component |
Mozilla |
Firefox |
2026-04-21T12:41:01.028Z | 2026-04-21T16:32:17.447Z |
| cve-2026-6743 | WebSystems WebTOTUM Calendar cross site scripting |
WebSystems |
WebTOTUM |
2026-04-21T16:30:14.358Z | 2026-04-21T16:30:14.358Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000059 | Seagate Toolkit registers a Windows service with an unquoted file path | 2025-08-14T12:32+09:00 | 2025-08-19T14:40+09:00 |
| jvndb-2025-010854 | Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection | 2025-08-07T12:25+09:00 | 2025-08-19T11:36+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-000060 | PgManage vulnerable to injection | 2025-08-18T13:40+09:00 | 2025-08-18T13:40+09:00 |
| jvndb-2025-000058 | WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection | 2025-08-08T15:29+09:00 | 2025-08-08T15:29+09:00 |
| jvndb-2025-010972 | Multiple SEIKO EPSON products use weak initial passwords | 2025-08-08T14:50+09:00 | 2025-08-08T14:50+09:00 |
| jvndb-2025-000057 | Multiple vulnerabilities in Mubit Powered BLUE 870 | 2025-08-08T14:47+09:00 | 2025-08-08T14:47+09:00 |
| jvndb-2025-000056 | Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series | 2025-08-06T16:38+09:00 | 2025-08-06T16:38+09:00 |
| jvndb-2025-010603 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs | 2025-08-05T11:29+09:00 | 2025-08-05T11:29+09:00 |
| jvndb-2025-010408 | Multiple vulnerabilities in PowerCMS | 2025-08-01T12:05+09:00 | 2025-08-01T12:05+09:00 |
| jvndb-2025-000055 | ZXHN-F660T and ZXHN-F660A use a common credential for all installations | 2025-07-31T15:12+09:00 | 2025-07-31T15:12+09:00 |
| jvndb-2025-000054 | Apache Jena Fuseki vulnerable to path traversal | 2025-07-30T14:17+09:00 | 2025-07-30T14:17+09:00 |
| jvndb-2025-000053 | "SwitchBot" App vulnerable to insertion of sensitive information into log file | 2025-07-29T13:44+09:00 | 2025-07-29T13:44+09:00 |
| jvndb-2025-010056 | TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection | 2025-07-28T17:53+09:00 | 2025-07-28T17:53+09:00 |
| jvndb-2025-000052 | TP-Link Archer C1200 vulnerable to clickjacking | 2025-07-24T14:16+09:00 | 2025-07-24T14:16+09:00 |
| jvndb-2025-000051 | Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input | 2025-07-23T13:54+09:00 | 2025-07-23T13:54+09:00 |
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000030 | Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2025-05-12T18:00+09:00 | 2025-07-17T10:06+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0289 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-03-13T00:00:00.000000 | 2026-03-13T00:00:00.000000 |
| certfr-2026-avi-0288 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-03-13T00:00:00.000000 | 2026-03-13T00:00:00.000000 |
| certfr-2026-avi-0287 | Multiples vulnérabilités dans les produits NetApp | 2026-03-13T00:00:00.000000 | 2026-03-13T00:00:00.000000 |
| certfr-2026-avi-0286 | Multiples vulnérabilités dans Google Chrome | 2026-03-13T00:00:00.000000 | 2026-03-13T00:00:00.000000 |
| certfr-2026-avi-0285 | Vulnérabilité dans Python | 2026-03-13T00:00:00.000000 | 2026-03-13T00:00:00.000000 |
| certfr-2026-avi-0284 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0283 | Vulnérabilité dans Microsoft Edge | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0282 | Multiples vulnérabilités dans Veeam Backup & Replication | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0281 | Multiples vulnérabilités dans les produits Splunk | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0280 | Multiples vulnérabilités dans les produits Apple | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0279 | Multiples vulnérabilités dans Cisco IOS XR | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0278 | Multiples vulnérabilités dans Google Chrome | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0277 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0276 | Multiples vulnérabilités dans GitLab | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0275 | Vulnérabilité dans GLPI | 2026-03-12T00:00:00.000000 | 2026-03-12T00:00:00.000000 |
| certfr-2026-avi-0274 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0273 | Multiples vulnérabilités dans Microsoft Azure | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0272 | Multiples vulnérabilités dans Microsoft .Net | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0271 | Multiples vulnérabilités dans Microsoft Windows | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0270 | Multiples vulnérabilités dans Microsoft Office | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0269 | Multiples vulnérabilités dans Curl | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0268 | Multiples vulnérabilités dans Traefik | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0267 | Multiples vulnérabilités dans Mozilla Firefox | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0266 | Multiples vulnérabilités dans VMware Tanzu | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0265 | Multiples vulnérabilités dans les produits Fortinet | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0264 | Multiples vulnérabilités dans les produits Adobe | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0263 | Vulnérabilité dans Ivanti Desktop and Server Management (DSM) | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0262 | Multiples vulnérabilités dans HPE Aruba Networking AOS-CX | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0261 | Multiples vulnérabilités dans les produits Intel | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0260 | Multiples vulnérabilités dans WordPress | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2015-ale-002 | Vulnérabilité dans Adobe Flash Player | 2015-02-02T00:00:00.000000 | 2015-02-05T00:00:00.000000 |
| certfr-2015-ale-001 | Vulnérabilité dans Adobe Flash Player | 2015-01-22T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-011 | Vulnérabilité de l'implémentation Kerberos dans Microsoft Windows | 2014-11-18T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-010 | Vulnérabilité de l'implémentation des protocoles SSL/TLS dans Microsoft Windows | 2014-11-11T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-008 | Vulnérabilité dans Drupal | 2014-10-16T00:00:00.000000 | 2015-01-30T00:00:00.000000 |
| certfr-2014-ale-009 | Vulnérabilité dans Microsoft OLE | 2014-10-22T00:00:00.000000 | 2014-11-12T00:00:00.000000 |
| certfr-2014-ale-007 | Vulnérabilité dans SSLv3 | 2014-10-15T00:00:00.000000 | 2014-10-15T00:00:00.000000 |
| certfr-2014-ale-006 | Vulnérabilité dans GNU bash | 2014-09-25T00:00:00.000000 | 2014-09-30T00:00:00.000000 |
| certfr-2014-ale-003 | Vulnérabilité dans OpenSSL | 2014-04-08T00:00:00.000000 | 2014-07-30T00:00:00.000000 |
| certfr-2014-ale-005 | Vulnérabilité dans Microsoft Internet Explorer | 2014-04-28T00:00:00.000000 | 2014-05-02T00:00:00.000000 |
| certfr-2014-ale-004 | Vulnérabilité dans Apache Struts | 2014-04-25T00:00:00.000000 | 2014-04-29T00:00:00.000000 |
| certfr-2014-ale-002 | Vulnérabilité dans Microsoft Word | 2014-03-25T00:00:00.000000 | 2014-04-09T00:00:00.000000 |
| certfr-2014-ale-001 | Vulnérabilité dans Microsoft Internet Explorer | 2014-02-14T00:00:00.000000 | 2014-03-12T00:00:00.000000 |
| certa-2013-ale-008 | Vulnérabilité critique dans le noyau de Microsoft Windows | 2013-11-28T00:00:00.000000 | 2014-01-16T00:00:00.000000 |
| certa-2013-ale-007 | Vulnérabilité dans un composant graphique de Microsoft | 2013-11-06T00:00:00.000000 | 2013-12-10T00:00:00.000000 |
| certa-2013-ale-006 | Vulnérabilité dans Microsoft Internet Explorer | 2013-09-18T00:00:00.000000 | 2013-10-09T00:00:00.000000 |
| certa-2005-ale-013 | Vulnérabilité dans Citrix Metaframe Presentation | 2005-10-07T00:00:00.000000 | 2013-06-06T00:00:00.000000 |
| certa-2013-ale-005 | Vulnérabilité dans le noyau Linux | 2013-05-14T00:00:00.000000 | 2013-05-24T00:00:00.000000 |
| certa-2013-ale-004 | Vulnérabilité dans Adobe ColdFusion | 2013-05-10T00:00:00.000000 | 2013-05-15T00:00:00.000000 |
| certa-2013-ale-003 | Vulnérabilité dans Microsoft Internet Explorer 8 | 2013-05-06T00:00:00.000000 | 2013-05-15T00:00:00.000000 |
| certa-2013-ale-002 | Vulnérabilités dans Adobe Reader et Acrobat | 2013-02-14T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2008-ale-013 | Vulnérabilité du service sadmind de Sun Solaris | 2008-10-17T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2009-ale-017 | Vulnérabilités dans l'implémentation TCP/IP de divers produits | 2009-09-09T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2007-ale-011 | Vulnérabilité du composant d'indexation des serveurs Microsoft IIS | 2007-06-06T00:00:00.000000 | 2013-02-19T00:00:00.000000 |
| certa-2012-ale-001 | Vulnérabilité dans Cisco IronPort | 2012-02-01T00:00:00.000000 | 2013-02-05T00:00:00.000000 |
| certa-2009-ale-014 | Multiples vulnérabilités du client de messagerie Mozilla Thunderbird | 2009-08-07T00:00:00.000000 | 2013-02-05T00:00:00.000000 |
| certa-2013-ale-001 | Vulnérabilités dans Oracle Java | 2013-01-10T00:00:00.000000 | 2013-01-15T00:00:00.000000 |
| certa-2012-ale-010 | Vulnérabilité dans Internet Explorer | 2012-12-31T00:00:00.000000 | 2013-01-15T00:00:00.000000 |
| certa-2012-ale-009 | Vulnérabilité dans les pilotes NVidia | 2012-12-26T00:00:00.000000 | 2013-01-07T00:00:00.000000 |
| certa-2012-ale-007 | Vulnérabilité dans MySQL | 2012-12-06T00:00:00.000000 | 2013-01-07T00:00:00.000000 |