Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-2032 | N/A | Interrupted page loads in new tabs could allow website… |
Mozilla |
Firefox for iOS |
2026-02-16T14:13:23.899Z | 2026-04-14T15:09:28.604Z |
| cve-2025-14283 | BlockArt Blocks – Gutenberg Blocks, Page Builder Block… |
wpblockart |
BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library |
2026-01-28T11:23:40.744Z | 2026-04-14T15:08:54.044Z | |
| cve-2026-39484 | N/A | WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redi… |
John Darrel |
Hide My WP Ghost |
2026-04-08T08:30:10.796Z | 2026-04-14T15:08:46.015Z |
| cve-2025-14063 | SEO Links Interlinking <= 1.7.9.9.1 - Reflected Cross-… |
seomantis |
SEO Links Interlinking |
2026-01-28T11:23:40.286Z | 2026-04-14T15:08:26.508Z | |
| cve-2026-0844 | Simple User Registration <= 6.7 - Authenticated (Subsc… |
nmedia |
Simple User Registration |
2026-01-28T11:23:39.860Z | 2026-04-14T15:08:02.908Z | |
| cve-2026-4913 | 5.7 (v3.1) | Improper protection of an alternate path in Ivant… |
Ivanti |
Neurons for ITSM (On-Premise) |
2026-04-14T14:10:30.529Z | 2026-04-14T15:07:48.368Z |
| cve-2025-15347 | Creator LMS – The LMS for Creators, Coaches, and Train… |
getwpfunnels |
Creator LMS – Online Courses and eLearning Plugin |
2026-01-20T14:26:33.130Z | 2026-04-14T15:07:39.389Z | |
| cve-2026-0726 | Nexter Extension – Site Enhancements Toolkit <= 4.4.6 … |
posimyththemes |
Nexter Extension – Security, Performance, Code Snippets & Site Toolkit |
2026-01-20T14:26:31.228Z | 2026-04-14T15:07:20.489Z | |
| cve-2026-22486 | 5.3 (v3.1) | WordPress Re Gallery plugin <= 1.18.9 - Broken Access … |
|
Re Gallery |
2026-01-08T16:46:02.803Z | 2026-04-14T15:07:00.637Z |
| cve-2026-40109 | Flux notification-controller GCR Receiver missing emai… |
fluxcd |
notification-controller |
2026-04-09T21:06:59.688Z | 2026-04-14T15:02:39.499Z | |
| cve-2026-35600 | Vikunja has HTML Injection via Task Titles in Overdue … |
go-vikunja |
vikunja |
2026-04-10T16:07:07.846Z | 2026-04-14T15:01:18.724Z | |
| cve-2026-35670 | 6 (v4.0) 5.9 (v3.1) | OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Use… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:28.524Z | 2026-04-14T14:59:51.073Z |
| cve-2026-35664 | 6.9 (v4.0) 5.3 (v3.1) | OpenClaw < 2026.3.25 - DM Pairing Bypass via Legacy Ca… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:24.375Z | 2026-04-14T14:57:59.515Z |
| cve-2026-35658 | 6 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Im… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:20.067Z | 2026-04-14T14:56:40.942Z |
| cve-2026-39538 | N/A | WordPress Mikado Core plugin <= 1.6 - Local File Inclu… |
Mikado-Themes |
Mikado Core |
2026-04-08T08:30:17.109Z | 2026-04-14T14:55:17.915Z |
| cve-2026-35652 | 6.9 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.22 - Unauthorized Action Execution v… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:15.676Z | 2026-04-14T14:55:03.900Z |
| cve-2026-35643 | 8.6 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.22 - Arbitrary Code Execution via Un… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:11.209Z | 2026-04-14T14:54:05.741Z |
| cve-2026-35596 | Vikunja has Broken Access Control on Label Read via SQ… |
go-vikunja |
vikunja |
2026-04-10T15:59:43.255Z | 2026-04-14T14:51:51.537Z | |
| cve-2026-29043 | HDF5 H5T__ref_mem_setnull Heap Buffer Overflow |
HDFGroup |
hdf5 |
2026-04-10T15:35:51.682Z | 2026-04-14T14:50:46.566Z | |
| cve-2026-40227 | 6.2 (v3.1) | In systemd 260 before 261, a local unprivileged u… |
systemd |
systemd |
2026-04-10T15:19:51.433Z | 2026-04-14T14:49:32.971Z |
| cve-2023-54359 | 8.8 (v4.0) 8.2 (v3.1) | WordPress adivaha Travel Plugin 2.3 SQL Injection via pid |
Adivaha |
WordPress adivaha Travel Plugin |
2026-04-09T20:54:49.464Z | 2026-04-14T14:49:14.120Z |
| cve-2026-39526 | N/A | WordPress WpStream plugin < 4.11.2 - Insecure Direct O… |
wpstream |
WpStream |
2026-04-08T08:30:16.335Z | 2026-04-14T14:49:04.879Z |
| cve-2026-5977 | Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os co… |
Totolink |
A7100RU |
2026-04-09T20:15:14.227Z | 2026-04-14T14:48:40.525Z | |
| cve-2026-40226 | 6.4 (v3.1) | In nspawn in systemd 233 through 259 before 260, … |
systemd |
systemd |
2026-04-10T15:18:10.447Z | 2026-04-14T14:48:20.451Z |
| cve-2026-40087 | LangChain has incomplete f-string validation in prompt… |
langchain-ai |
langchain |
2026-04-09T19:34:55.198Z | 2026-04-14T14:48:03.160Z | |
| cve-2026-35206 | Helm Chart extraction output directory collapse via `C… |
helm |
helm |
2026-04-09T21:02:13.594Z | 2026-04-14T14:45:12.096Z | |
| cve-2026-39516 | N/A | WordPress Nexter Blocks plugin <= 4.7.0 - Sensitive Da… |
POSIMYTH |
Nexter Blocks |
2026-04-08T08:30:14.904Z | 2026-04-14T14:44:55.335Z |
| cve-2026-40112 | PraisonAI has Stored XSS via Unsanitized Agent Output … |
MervinPraison |
PraisonAI |
2026-04-09T21:16:13.223Z | 2026-04-14T14:43:44.627Z | |
| cve-2026-40116 | PraisonAI's Unauthenticated WebSocket Endpoint Proxies… |
MervinPraison |
PraisonAI |
2026-04-09T21:20:24.708Z | 2026-04-14T14:42:42.722Z | |
| cve-2025-63743 | N/A | Cross-Site Scripting vulnerability in the Snipe-I… |
n/a |
n/a |
2026-04-13T00:00:00.000Z | 2026-04-14T14:41:41.195Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2012-000010 | Pocket WiFi (GP02) vulnerable to cross-site request forgery | 2012-02-01T14:12+09:00 | 2012-02-01T14:12+09:00 |
| jvndb-2012-001191 | Arbitrary Code Execution Vulnerability in Hitachi COBOL2002 | 2012-01-27T10:44+09:00 | 2012-01-27T10:44+09:00 |
| jvndb-2012-001190 | Hitachi IT Operations Director Cross-Site Scripting Vulnerability | 2012-01-27T10:38+09:00 | 2012-01-27T10:38+09:00 |
| jvndb-2012-001189 | Hitachi IT Operations Analyzer Cross-Site Scripting Vulnerability | 2012-01-27T10:37+09:00 | 2012-01-27T10:37+09:00 |
| jvndb-2012-000008 | glucose 2 vulnerable to arbitrary script execution | 2012-01-23T18:27+09:00 | 2012-01-23T18:27+09:00 |
| jvndb-2012-000004 | osCommerce Japanese version vulnerable to cross-site scripting | 2012-01-20T16:23+09:00 | 2012-01-20T16:23+09:00 |
| jvndb-2012-000006 | osCommerce vulnerable to directory traversal | 2012-01-20T16:09+09:00 | 2012-01-20T16:09+09:00 |
| jvndb-2012-000007 | Oracle WebLogic Server vulnerable to cross-site scripting | 2012-01-20T15:37+09:00 | 2012-01-20T15:37+09:00 |
| jvndb-2012-000002 | Cogent DataHub vulnerable to HTTP header injection | 2012-01-11T15:12+09:00 | 2012-01-13T16:08+09:00 |
| jvndb-2012-000001 | Cogent DataHub vulnerable to cross-site scripting | 2012-01-11T15:22+09:00 | 2012-01-13T15:57+09:00 |
| jvndb-2012-000003 | Wibu-Systems CodeMeter Runtime vulnerable to denial-of-service | 2012-01-11T15:02+09:00 | 2012-01-11T15:02+09:00 |
| jvndb-2011-002122 | An authentication information Exposure Vulnerability in JP1/IT Resource Management - Manager | 2012-01-06T19:53+09:00 | 2012-01-06T19:53+09:00 |
| jvndb-2011-003295 | JP1/Cm2/Network Node Manager i Denial of Service (DoS) Vulnerability | 2012-01-06T19:51+09:00 | 2012-01-06T19:51+09:00 |
| jvndb-2011-000108 | Movable Type Plugin MailForm vulnerable to cross-site scripting | 2011-12-26T14:49+09:00 | 2011-12-26T14:49+09:00 |
| jvndb-2011-000109 | WordPress vulnerable to arbitrary PHP code execution | 2011-12-26T14:28+09:00 | 2011-12-26T14:28+09:00 |
| jvndb-2011-000110 | WordPress Japanese vulnerable to cross-site scripting | 2011-12-26T14:26+09:00 | 2011-12-26T14:26+09:00 |
| jvndb-2011-000107 | PukiWiki Plus! vulnerable to cross-site scripting | 2011-12-22T18:16+09:00 | 2011-12-22T18:16+09:00 |
| jvndb-2011-000106 | Apache Struts vulnerable to cross-site scripting | 2011-12-22T18:08+09:00 | 2011-12-22T18:08+09:00 |
| jvndb-2011-000102 | Multiple vulnerabilities in products that use the Preboot Execution Environment (PXE) SDK | 2011-12-15T16:26+09:00 | 2011-12-20T18:14+09:00 |
| jvndb-2011-000099 | ChaSen vulnerable to buffer overflow | 2011-11-08T18:31+09:00 | 2011-12-20T18:13+09:00 |
| jvndb-2011-000105 | Safari for iOS vulnerable to denial-of-service | 2011-12-15T16:30+09:00 | 2011-12-15T16:30+09:00 |
| jvndb-2011-000104 | FFFTP may insecurely load executable files | 2011-12-09T17:08+09:00 | 2011-12-09T17:08+09:00 |
| jvndb-2011-000103 | phpWebSite vulnerable to cross-site scripting | 2011-12-08T17:15+09:00 | 2011-12-08T17:15+09:00 |
| jvndb-2011-000101 | Etomite vulnerable to cross-site scripting | 2011-12-06T17:45+09:00 | 2011-12-06T17:45+09:00 |
| jvndb-2011-000100 | PowerChute Business Edition vulnerable to cross-site scripting | 2011-12-06T16:49+09:00 | 2011-12-06T16:49+09:00 |
| jvndb-2011-000079 | Cybozu Office vulnerable in restricting access | 2011-10-11T09:11+09:00 | 2011-11-28T16:48+09:00 |
| jvndb-2011-000076 | Nikki vulnerable to OS command injection | 2011-11-21T18:23+09:00 | 2011-11-21T18:23+09:00 |
| jvndb-2011-000075 | Nikki vulnerable to directory traversal | 2011-11-21T18:22+09:00 | 2011-11-21T18:22+09:00 |
| jvndb-2011-000098 | Iwate Portal Bar vulnerable to arbitrary script execution | 2011-11-08T18:25+09:00 | 2011-11-08T18:25+09:00 |
| jvndb-2011-000094 | Multiple SKYARC System Co., Ltd. products vulnerable to cross-site request forgery | 2011-10-31T18:03+09:00 | 2011-11-08T17:38+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0233 | Multiples vulnérabilités dans AXIS OS | 2024-03-19T00:00:00.000000 | 2024-03-19T00:00:00.000000 |
| certfr-2024-avi-0232 | Vulnérabilité dans les produits Spring Security | 2024-03-19T00:00:00.000000 | 2024-03-19T00:00:00.000000 |
| certfr-2024-avi-0231 | Multiples vulnérabilités dans les produits GLPI | 2024-03-19T00:00:00.000000 | 2024-03-19T00:00:00.000000 |
| certfr-2024-avi-0230 | Vulnérabilité dans Kaspersky Password Manager | 2024-03-18T00:00:00.000000 | 2024-03-18T00:00:00.000000 |
| certfr-2024-avi-0229 | Vulnérabilité dans Tenable Nessus | 2024-03-18T00:00:00.000000 | 2024-03-18T00:00:00.000000 |
| certfr-2024-avi-0228 | Multiples vulnérabilités dans IBM | 2024-03-15T00:00:00.000000 | 2024-03-15T00:00:00.000000 |
| certfr-2024-avi-0227 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-03-15T00:00:00.000000 | 2024-03-15T00:00:00.000000 |
| certfr-2024-avi-0226 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-03-15T00:00:00.000000 | 2024-03-15T00:00:00.000000 |
| certfr-2024-avi-0225 | Multiples vulnérabilités dans Juniper Secure Analytics | 2024-03-15T00:00:00.000000 | 2024-03-15T00:00:00.000000 |
| certfr-2024-avi-0224 | Multiples vulnérabilités dans Microsoft Edge | 2024-03-15T00:00:00.000000 | 2024-03-15T00:00:00.000000 |
| certfr-2024-avi-0223 | Vulnérabilité dans Spring Framework | 2024-03-15T00:00:00.000000 | 2024-03-15T00:00:00.000000 |
| certfr-2024-avi-0222 | Vulnérabilité dans Synology Router Manager | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0221 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0220 | Multiples vulnérabilités dans Cisco IOS XR | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0219 | Vulnérabilité dans les produits Mitel | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0218 | Multiples vulnérabilités dans Apache Tomcat | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0217 | Multiples vulnérabilités dans SonicWall | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0216 | Multiples vulnérabilités dans les produits Xen | 2024-03-14T00:00:00.000000 | 2024-03-14T00:00:00.000000 |
| certfr-2024-avi-0215 | Vulnérabilité dans Adobe ColdFusion | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0214 | Multiples vulnérabilités dans les produits Stormshield Network Security | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0213 | Multiples vulnérabilités dans les produits Intel | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0212 | Multiples vulnérabilités dans les produits Fortinet | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0211 | Multiples vulnérabilités dans les produits Citrix | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0210 | Vulnérabilité dans Google Chrome | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0209 | Multiples vulnérabilités dans les produits SAP | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0208 | Multiples vulnérabilités dans les produits Microsoft | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0207 | Multiples vulnérabilités dans Microsoft Azure | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0206 | Multiples vulnérabilités dans Microsoft .Net | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0205 | Multiples vulnérabilités dans Microsoft Windows | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |
| certfr-2024-avi-0204 | Multiples vulnérabilités dans Microsoft Office | 2024-03-13T00:00:00.000000 | 2024-03-13T00:00:00.000000 |