Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35625 | 8.5 (v4.0) 7.8 (v3.1) | OpenClaw < 2026.3.25 - Privilege Escalation via Silent… |
OpenClaw |
OpenClaw |
2026-04-09T21:26:57.589Z | 2026-04-14T14:35:52.334Z |
| cve-2026-35624 | 2.3 (v4.0) 4.2 (v3.1) | OpenClaw < 2026.3.22 - Policy Confusion via Room Name … |
OpenClaw |
OpenClaw |
2026-04-09T21:26:56.154Z | 2026-04-10T17:16:01.616Z |
| cve-2026-35623 | 6.3 (v4.0) 4.8 (v3.1) | OpenClaw < 2026.3.25 - Brute-Force Attack via Missing … |
OpenClaw |
OpenClaw |
2026-04-09T21:26:53.011Z | 2026-04-10T15:55:21.367Z |
| cve-2026-35622 | 6 (v4.0) 5.9 (v3.1) | OpenClaw < 2026.3.22 - Improper Authentication Verific… |
OpenClaw |
OpenClaw |
2026-04-09T21:26:52.214Z | 2026-04-13T18:21:13.275Z |
| cve-2026-35618 | 8.3 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.23 - Replay Identity Drift via Query… |
OpenClaw |
OpenClaw |
2026-04-09T21:26:51.509Z | 2026-04-10T12:33:14.731Z |
| cve-2026-35617 | 2.3 (v4.0) 4.2 (v3.1) | OpenClaw < 2026.3.25 - Authorization Bypass via Group … |
OpenClaw |
OpenClaw |
2026-04-09T21:26:50.801Z | 2026-04-13T20:41:38.282Z |
| cve-2026-34512 | 7.2 (v4.0) 8.1 (v3.1) | OpenClaw < 2026.3.25 - Improper Access Control in /ses… |
OpenClaw |
OpenClaw |
2026-04-09T21:26:50.015Z | 2026-04-14T14:39:41.156Z |
| cve-2026-40152 | PraisonAIAgents has a Path Traversal via Unvalidated G… |
MervinPraison |
PraisonAIAgents |
2026-04-09T21:26:49.586Z | 2026-04-13T20:40:43.806Z | |
| cve-2026-21919 | 6.5 (v3.1) 7.1 (v4.0) | Junos OS and Junos OS Evolved: A high frequency of con… |
Juniper Networks |
Junos OS |
2026-04-09T21:26:46.081Z | 2026-04-13T18:06:20.368Z |
| cve-2026-21915 | 6.7 (v3.1) 8.4 (v4.0) | JSI Virtual Lightweight Collector: Shell escape allows… |
Juniper Networks |
JSI LWC |
2026-04-09T21:26:28.357Z | 2026-04-13T13:04:16.101Z |
| cve-2026-21904 | 6.1 (v3.1) 5.1 (v4.0) | Junos Space: ilpFilter field on nLegacy.jsp is vulnera… |
Juniper Networks |
Junos Space |
2026-04-09T21:26:09.896Z | 2026-04-10T14:14:55.321Z |
| cve-2026-40150 | PraisonAIAgents has SSRF and Local File Read via Unval… |
MervinPraison |
PraisonAIAgents |
2026-04-09T21:26:09.572Z | 2026-04-14T14:40:19.512Z | |
| cve-2025-59969 | 6.5 (v3.1) 7.1 (v4.0) | Junos OS Evolved: QFX5000 Series and PTX Series: An at… |
Juniper Networks |
Junos OS Evolved |
2026-04-09T21:25:32.594Z | 2026-04-10T18:15:06.090Z |
| cve-2026-33793 | 7.8 (v3.1) 8.5 (v4.0) | Junos OS and Junos OS Evolved: When an unsigned Python… |
Juniper Networks |
Junos OS |
2026-04-09T21:24:50.485Z | 2026-04-16T15:14:18.212Z |
| cve-2026-40149 | PraisonAI has an Unauthenticated Allow-List Manipulati… |
MervinPraison |
PraisonAI |
2026-04-09T21:23:03.831Z | 2026-04-13T15:37:53.846Z | |
| cve-2026-40148 | PraisonAI Affected by Decompression Bomb DoS via Recip… |
MervinPraison |
PraisonAI |
2026-04-09T21:22:20.446Z | 2026-04-13T20:39:49.494Z | |
| cve-2026-40117 | PraisonAIAgents Affected by Arbitrary File Read via re… |
MervinPraison |
PraisonAIAgents |
2026-04-09T21:21:28.463Z | 2026-04-10T18:14:21.572Z | |
| cve-2026-40116 | PraisonAI's Unauthenticated WebSocket Endpoint Proxies… |
MervinPraison |
PraisonAI |
2026-04-09T21:20:24.708Z | 2026-04-14T14:42:42.722Z | |
| cve-2026-40115 | PraisonAI has an Unrestricted Upload Size in WSGI Reci… |
MervinPraison |
PraisonAI |
2026-04-09T21:19:28.558Z | 2026-04-13T15:37:59.667Z | |
| cve-2026-40114 | PraisonAI has Server-Side Request Forgery via Unvalida… |
MervinPraison |
PraisonAI |
2026-04-09T21:18:31.554Z | 2026-04-13T20:38:45.906Z | |
| cve-2026-40113 | PraisonAI has an Argument Injection into Cloud Run Env… |
MervinPraison |
PraisonAI |
2026-04-09T21:17:32.682Z | 2026-04-10T18:13:14.057Z | |
| cve-2026-40112 | PraisonAI has Stored XSS via Unsanitized Agent Output … |
MervinPraison |
PraisonAI |
2026-04-09T21:16:13.223Z | 2026-04-14T14:43:44.627Z | |
| cve-2026-5263 | 7 (v4.0) | URI nameConstraints not enforced in ConfirmNameConstraints() |
wolfSSL |
wolfSSL |
2026-04-09T21:15:48.148Z | 2026-04-10T18:09:12.862Z |
| cve-2026-5981 | D-Link DIR-605L POST Request formAdvFirewall buffer overflow |
D-Link |
DIR-605L |
2026-04-09T21:15:20.887Z | 2026-04-13T20:37:56.459Z | |
| cve-2026-40111 | PraisonAIAgents has an OS Command Injection via shell=… |
MervinPraison |
PraisonAIAgents |
2026-04-09T21:14:55.352Z | 2026-04-13T15:38:08.279Z | |
| cve-2026-40109 | Flux notification-controller GCR Receiver missing emai… |
fluxcd |
notification-controller |
2026-04-09T21:06:59.688Z | 2026-04-14T15:02:39.499Z | |
| cve-2026-40107 | SiYuan Affected by Zero-Click NTLM Hash Theft and Blin… |
siyuan-note |
siyuan |
2026-04-09T21:03:58.572Z | 2026-04-10T18:12:28.538Z | |
| cve-2026-5446 | 6 (v4.0) | wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse |
wolfSSL |
wolfSSL |
2026-04-09T21:02:27.201Z | 2026-04-10T18:11:52.759Z |
| cve-2026-35206 | Helm Chart extraction output directory collapse via `C… |
helm |
helm |
2026-04-09T21:02:13.594Z | 2026-04-14T14:45:12.096Z | |
| cve-2026-5980 | D-Link DIR-605L POST Request formSetMACFilter buffer o… |
D-Link |
DIR-605L |
2026-04-09T21:00:23.939Z | 2026-04-10T14:05:53.814Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2013-000009 | imgboard vulnerable to cross-site scripting | 2013-02-14T14:10+09:00 | 2013-02-14T14:10+09:00 |
| jvndb-2013-001470 | Accela BizSearch Gateway Option for TeamWARE Spoofing Vulnerability | 2013-02-13T16:47+09:00 | 2013-02-13T16:47+09:00 |
| jvndb-2013-001321 | User Authentication Vulnerability in Operational Management Function of Cosminexus | 2013-02-12T14:24+09:00 | 2013-02-12T14:24+09:00 |
| jvndb-2013-000007 | Cybozu Garoon vulnerable to SQL injection | 2013-02-08T13:58+09:00 | 2013-02-08T13:58+09:00 |
| jvndb-2013-000008 | Cybozu Garoon vulnerable to cross-site scripting | 2013-02-08T13:53+09:00 | 2013-02-08T13:53+09:00 |
| jvndb-2013-000006 | mora Downloader may insecurely load executable files | 2013-02-07T14:00+09:00 | 2013-02-07T14:00+09:00 |
| jvndb-2013-000005 | Weathernews Touch for Android stores location information in the system log file | 2013-01-31T13:38+09:00 | 2013-01-31T13:38+09:00 |
| jvndb-2013-000004 | WebSphere Application Server (WAS) vulnerable to cross-site scripting | 2013-01-25T12:32+09:00 | 2013-01-25T12:32+09:00 |
| jvndb-2013-000003 | myu-s / PHP WeblogSystem by netmania vulnerable to cross-site scripting | 2013-01-22T15:22+09:00 | 2013-01-22T15:22+09:00 |
| jvndb-2013-000002 | Documents Pro (formerly Files HD) vulnerable to directory traversal | 2013-01-18T13:39+09:00 | 2013-01-18T13:39+09:00 |
| jvndb-2013-000001 | Documents Pro (formerly Files HD) vulnerable to cross-site scripting | 2013-01-18T13:36+09:00 | 2013-01-18T13:36+09:00 |
| jvndb-2012-005827 | Cross-site Scripting Vulnerability in Collaboration - Bulletin board in Multiple Hitachi Products | 2012-12-28T16:43+09:00 | 2012-12-28T16:43+09:00 |
| jvndb-2012-000113 | concrete5 vulnerable to cross-site scripting | 2012-12-21T12:41+09:00 | 2013-02-20T16:10+09:00 |
| jvndb-2012-000115 | Loctouch for Android information management vulnerability | 2012-12-21T12:37+09:00 | 2012-12-21T12:37+09:00 |
| jvndb-2012-000114 | Loctouch for Android vulnerable in handling of implicit intents | 2012-12-21T12:29+09:00 | 2012-12-21T12:29+09:00 |
| jvndb-2012-000112 | Opera Mini / Opera Mobile for Android vulnerable in the WebView class | 2012-12-20T15:04+09:00 | 2012-12-28T16:13+09:00 |
| jvndb-2012-000111 | Boat Browser / Boat Browser Mini vulnerable in the WebView class | 2012-12-20T15:00+09:00 | 2012-12-20T15:00+09:00 |
| jvndb-2012-000110 | WikkaWiki vulnerable to cross-site scripting | 2012-12-17T12:23+09:00 | 2012-12-17T12:23+09:00 |
| jvndb-2012-000109 | Welcart vulnerable to cross-site request forgery | 2012-12-14T12:52+09:00 | 2012-12-14T12:52+09:00 |
| jvndb-2012-000108 | Welcart vulnerable to cross-site scripting | 2012-12-14T12:50+09:00 | 2012-12-14T12:50+09:00 |
| jvndb-2012-000107 | KENT-WEB ACCESS REPORT vulnerable to cross-site scripting | 2012-12-06T12:41+09:00 | 2012-12-06T12:41+09:00 |
| jvndb-2012-000106 | KENT-WEB ACCESS REPORT vulnerable to cross-site scripting | 2012-12-06T12:40+09:00 | 2012-12-06T12:40+09:00 |
| jvndb-2012-000105 | Multiple KYOCERA mobile devices may reboot during email reception | 2012-11-30T13:58+09:00 | 2012-11-30T13:58+09:00 |
| jvndb-2012-005486 | Denial of Service (DoS) Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 | 2012-11-29T15:23+09:00 | 2012-11-29T15:23+09:00 |
| jvndb-2012-005485 | Hitachi Device Manager Software Denial of Service (DoS) Vulnerability | 2012-11-29T14:48+09:00 | 2012-11-29T14:48+09:00 |
| jvndb-2012-000104 | BIGACE vulnerable to session fixation | 2012-11-21T14:34+09:00 | 2012-11-21T14:34+09:00 |
| jvndb-2012-000103 | Monaca Debugger for Android information management vulnerability | 2012-11-16T14:10+09:00 | 2012-11-16T14:10+09:00 |
| jvndb-2012-000102 | Multiple Android devices vulnerable to denial-of-service (DoS) | 2012-11-14T15:07+09:00 | 2012-11-30T18:01+09:00 |
| jvndb-2012-000101 | BeZIP vulnerable to directory traversal | 2012-11-07T16:01+09:00 | 2012-11-07T16:01+09:00 |
| jvndb-2012-005201 | Multiple Vulnerabilities in Hitachi JP1/File Transmission Server/FTP | 2012-11-05T17:58+09:00 | 2012-11-26T18:01+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0378 | Multiples vulnérabilités dans Juniper Junos OS | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0377 | Multiples vulnérabilités dans les produits F5 | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0376 | Multiples vulnérabilités dans GitLab | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0375 | Vulnérabilité dans Xen | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0374 | Vulnérabilité dans Veeam Service Provider Console | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0373 | Vulnérabilité dans PostgreSQL | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0372 | Multiples vulnérabilités dans Google Chrome | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0371 | Multiples vulnérabilités dans Google Android | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0370 | Vulnérabilité dans iTunes pour Windows | 2024-05-10T00:00:00.000000 | 2024-05-10T00:00:00.000000 |
| certfr-2024-avi-0369 | Multiples vulnérabilités dans les produits GLPI | 2024-05-07T00:00:00.000000 | 2024-05-07T00:00:00.000000 |
| certfr-2024-avi-0368 | Vulnérabilité dans Moxa NPort | 2024-05-07T00:00:00.000000 | 2024-05-07T00:00:00.000000 |
| certfr-2024-avi-0367 | Vulnérabilité dans SolarWinds Serv-U | 2024-05-06T00:00:00.000000 | 2024-05-06T00:00:00.000000 |
| certfr-2024-avi-0366 | Multiples vulnérabilités dans les produits IBM | 2024-05-03T00:00:00.000000 | 2024-05-03T00:00:00.000000 |
| certfr-2024-avi-0365 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-05-03T00:00:00.000000 | 2024-05-03T00:00:00.000000 |
| certfr-2024-avi-0364 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-05-03T00:00:00.000000 | 2024-05-03T00:00:00.000000 |
| certfr-2024-avi-0363 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-05-03T00:00:00.000000 | 2024-05-03T00:00:00.000000 |
| certfr-2024-avi-0362 | Multiples vulnérabilités dans le greffon Media Streaming de Qnap | 2024-05-03T00:00:00.000000 | 2024-05-03T00:00:00.000000 |
| certfr-2024-avi-0361 | Multiples vulnérabilités dans PostgreSQL pgAdmin | 2024-05-03T00:00:00.000000 | 2024-05-03T00:00:00.000000 |
| certfr-2024-avi-0360 | Multiples vulnérabilités dans SonicWall GMS | 2024-05-02T00:00:00.000000 | 2024-05-02T00:00:00.000000 |
| certfr-2024-avi-0359 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2024-05-02T00:00:00.000000 | 2024-05-02T00:00:00.000000 |
| certfr-2024-avi-0358 | Multiples vulnérabilités dans Google Chrome | 2024-05-02T00:00:00.000000 | 2024-05-02T00:00:00.000000 |
| certfr-2024-avi-0357 | Multiples vulnérabilités dans Cisco IP Phone | 2024-05-02T00:00:00.000000 | 2024-05-02T00:00:00.000000 |
| certfr-2024-avi-0356 | Multiples vulnérabilités dans Tenable Nessus Network Monitor | 2024-04-30T00:00:00.000000 | 2024-04-30T00:00:00.000000 |
| certfr-2024-avi-0355 | Multiples vulnérabilités dans Microsoft Edge | 2024-04-29T00:00:00.000000 | 2024-04-29T00:00:00.000000 |
| certfr-2024-avi-0354 | Multiples vulnérabilités dans les produits Qnap | 2024-04-29T00:00:00.000000 | 2024-04-29T00:00:00.000000 |
| certfr-2024-avi-0353 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-04-26T00:00:00.000000 | 2024-04-26T00:00:00.000000 |
| certfr-2024-avi-0352 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-04-26T00:00:00.000000 | 2024-04-26T00:00:00.000000 |
| certfr-2024-avi-0351 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-04-26T00:00:00.000000 | 2024-04-26T00:00:00.000000 |
| certfr-2024-avi-0350 | Multiples vulnérabilités dans les produits IBM | 2024-04-26T00:00:00.000000 | 2024-04-26T00:00:00.000000 |
| certfr-2024-avi-0349 | Vulnérabilité dans les produits Belden | 2024-04-26T00:00:00.000000 | 2024-04-26T00:00:00.000000 |