Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-39630 | N/A | WordPress Getty Images plugin <= 4.1.0 - Server Side R… |
Getty Images |
Getty Images |
2026-04-08T08:30:28.416Z | 2026-04-14T14:40:51.531Z |
| cve-2026-40225 | 6.4 (v3.1) | In udev in systemd before 260, local root executi… |
systemd |
systemd |
2026-04-10T15:16:19.827Z | 2026-04-14T14:40:30.611Z |
| cve-2026-40150 | PraisonAIAgents has SSRF and Local File Read via Unval… |
MervinPraison |
PraisonAIAgents |
2026-04-09T21:26:09.572Z | 2026-04-14T14:40:19.512Z | |
| cve-2026-34512 | 7.2 (v4.0) 8.1 (v3.1) | OpenClaw < 2026.3.25 - Improper Access Control in /ses… |
OpenClaw |
OpenClaw |
2026-04-09T21:26:50.015Z | 2026-04-14T14:39:41.156Z |
| cve-2026-40217 | 8.8 (v3.1) | LiteLLM through 2026-04-08 allows remote attacker… |
BerriAI |
LiteLLM |
2026-04-10T13:43:23.147Z | 2026-04-14T14:39:03.619Z |
| cve-2026-5507 | 4.1 (v4.0) | Session Cache Restore — Arbitrary Free via Deserialize… |
wolfSSL |
wolfSSL |
2026-04-09T22:18:44.067Z | 2026-04-14T14:38:40.362Z |
| cve-2026-6037 | code-projects Vehicle Showroom Management System AddVe… |
code-projects |
Vehicle Showroom Management System |
2026-04-10T08:30:10.270Z | 2026-04-14T14:37:44.352Z | |
| cve-2026-6032 | code-projects Simple Laundry System checkcheckout.php … |
code-projects |
Simple Laundry System |
2026-04-10T07:15:13.733Z | 2026-04-14T14:36:35.348Z | |
| cve-2026-35625 | 8.5 (v4.0) 7.8 (v3.1) | OpenClaw < 2026.3.25 - Privilege Escalation via Silent… |
OpenClaw |
OpenClaw |
2026-04-09T21:26:57.589Z | 2026-04-14T14:35:52.334Z |
| cve-2026-6027 | Totolink A7100RU CGI cstecgi.cgi setUrlFilterRules os … |
Totolink |
A7100RU |
2026-04-10T06:00:22.402Z | 2026-04-14T14:35:29.203Z | |
| cve-2025-13914 | 8.7 (v3.1) 7 (v4.0) | Apstra: SSH host key validation vulnerability for mana… |
Juniper Networks |
Apstra |
2026-04-09T21:32:14.834Z | 2026-04-14T14:35:15.915Z |
| cve-2026-5504 | 6.3 (v4.0) | PKCS7 CBC Padding Oracle — Plaintext Recovery |
wolfSSL |
wolfSSL |
2026-04-09T22:33:42.179Z | 2026-04-14T14:34:40.546Z |
| cve-2026-6015 | Tenda AC9 POST Request QuickIndex formQuickIndex stack… |
Tenda |
AC9 |
2026-04-10T04:45:15.605Z | 2026-04-14T14:34:24.148Z | |
| cve-2026-5295 | 5.9 (v4.0) | Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_Decryp… |
wolfSSL |
wolfSSL |
2026-04-09T22:53:10.635Z | 2026-04-14T14:32:57.454Z |
| cve-2026-40200 | An issue was discovered in musl libc 0.7.10 throu… |
musl-libc |
musl |
2026-04-10T00:00:00.000Z | 2026-04-14T14:32:24.901Z | |
| cve-2026-35594 | Vikunja Link Share JWT tokens remain valid for 72 hour… |
go-vikunja |
vikunja |
2026-04-10T15:55:04.929Z | 2026-04-14T14:32:15.339Z | |
| cve-2026-1937 | YayMail <= 4.3.2 - Missing Authorization to Authentica… |
yaycommerce |
YayMail – WooCommerce Email Customizer |
2026-02-18T06:42:41.042Z | 2026-04-14T14:31:45.787Z | |
| cve-2026-35641 | 8.4 (v4.0) 7.8 (v3.1) | OpenClaw < 2026.3.24 - Arbitrary Code Execution via .n… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:10.490Z | 2026-04-14T14:30:49.773Z |
| cve-2026-6100 | 9.1 (v4.0) | Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decomp… |
Python Software Foundation |
CPython |
2026-04-13T17:15:47.606Z | 2026-04-14T14:30:25.622Z |
| cve-2026-4786 | 7 (v4.0) | Incomplete mitigation of CVE-2026-4519, %action expans… |
Python Software Foundation |
CPython |
2026-04-13T21:52:19.036Z | 2026-04-14T14:30:19.762Z |
| cve-2026-35651 | 5.3 (v4.0) 4.3 (v3.1) | OpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence … |
OpenClaw |
OpenClaw |
2026-04-10T16:03:14.791Z | 2026-04-14T14:29:29.531Z |
| cve-2026-23781 | N/A | An issue was discovered in BMC Control-M/MFT 9.0.… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T14:29:17.309Z |
| cve-2026-35657 | 7.1 (v4.0) 6.5 (v3.1) | OpenClaw < 2026.3.25 - Authorization Bypass in HTTP Se… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:19.372Z | 2026-04-14T14:28:51.873Z |
| cve-2025-64999 | Cross-site scripting in HTML logs of Synthetic Monitor… |
Checkmk GmbH |
Checkmk |
2026-02-26T10:26:00.127Z | 2026-04-14T14:28:26.527Z | |
| cve-2026-35663 | 8.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.25 - Privilege Escalation via Backen… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:23.672Z | 2026-04-14T14:28:08.608Z |
| cve-2026-35669 | 8.7 (v4.0) 8.8 (v3.1) | OpenClaw < 2026.3.25 - Privilege Escalation via Gatewa… |
OpenClaw |
OpenClaw |
2026-04-10T16:03:27.834Z | 2026-04-14T14:27:24.570Z |
| cve-2026-36236 | N/A | SourceCodester Engineers Online Portal v1.0 is vu… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T14:25:25.580Z |
| cve-2026-39640 | N/A | WordPress Theme Editor plugin <= 3.2 - Cross Site Requ… |
mndpsingh287 |
Theme Editor |
2026-04-08T08:30:31.919Z | 2026-04-14T14:22:14.760Z |
| cve-2026-35598 | Vikunja has Missing Authorization on CalDAV Task Read |
go-vikunja |
vikunja |
2026-04-10T16:04:32.083Z | 2026-04-14T14:20:44.249Z | |
| cve-2026-36233 | N/A | A SQL injection vulnerability was found in the as… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T14:19:38.512Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2011-000093 | Multiple SKYARC System Co., Ltd. products fail to restrict access permissions | 2011-10-31T17:54+09:00 | 2011-11-08T17:38+09:00 |
| jvndb-2011-000097 | WebObjects vulnerable to cross-site scripting | 2011-11-04T17:36+09:00 | 2011-11-04T17:36+09:00 |
| jvndb-2011-000096 | Opengear console servers vulnerable to authentication bypass | 2011-11-04T17:34+09:00 | 2011-11-04T17:34+09:00 |
| jvndb-2011-000095 | CSWorks LiveData Service vulnerable to denial-of-service (DoS) | 2011-11-01T16:05+09:00 | 2011-11-02T14:42+09:00 |
| jvndb-2011-000089 | Touhou Hisouten vulnerable to denial-of-service | 2011-10-28T17:49+09:00 | 2011-10-28T17:49+09:00 |
| jvndb-2011-000092 | Multiple D-Link products vulnerable to buffer overflow | 2011-10-28T17:42+09:00 | 2011-10-28T17:42+09:00 |
| jvndb-2011-000091 | FFFTP may insecurely load executable files | 2011-10-28T17:39+09:00 | 2011-10-28T17:39+09:00 |
| jvndb-2011-000082 | WEB FORUM vulnerable to cross-site scripting | 2011-10-11T19:28+09:00 | 2011-10-25T13:46+09:00 |
| jvndb-2011-000081 | WEB FORUM vulnerable to cross-site scripting | 2011-10-11T19:27+09:00 | 2011-10-25T13:45+09:00 |
| jvndb-2011-000080 | WEB FORUM vulnerable to cross-site scripting | 2011-10-11T19:24+09:00 | 2011-10-25T13:44+09:00 |
| jvndb-2011-000087 | EC-CUBE vulnerable to SQL injection | 2011-10-14T17:53+09:00 | 2011-10-14T17:53+09:00 |
| jvndb-2011-000086 | DBD::mysqlPP vulnerable to SQL injection | 2011-10-14T17:50+09:00 | 2011-10-14T17:50+09:00 |
| jvndb-2011-000085 | DAEMON Tools vulnerable to denial-of-service | 2011-10-13T18:58+09:00 | 2011-10-13T18:58+09:00 |
| jvndb-2011-000084 | Pligg vulnerable to cross-site scripting | 2011-10-13T18:56+09:00 | 2011-10-13T18:56+09:00 |
| jvndb-2011-000083 | Plume vulnerable to cross-site scripting | 2011-10-13T18:38+09:00 | 2011-10-13T18:38+09:00 |
| jvndb-2011-000078 | A-Form vulnerable in restricting access | 2011-10-11T09:08+09:00 | 2011-10-11T09:08+09:00 |
| jvndb-2011-000077 | Enkai-kun vulnerable to cross-site scripting | 2011-10-11T09:00+09:00 | 2011-10-11T09:00+09:00 |
| jvndb-2011-000066 | BaserCMS vulnerable to access restriction | 2011-09-30T18:45+09:00 | 2011-09-30T18:45+09:00 |
| jvndb-2011-000065 | BaserCMS vulnerable to cross-site scripting | 2011-09-30T18:39+09:00 | 2011-09-30T18:39+09:00 |
| jvndb-2011-000074 | SemanticScuttle vulnerable to cross-site scripting | 2011-09-16T18:08+09:00 | 2011-09-16T18:08+09:00 |
| jvndb-2011-000073 | Megalith vulnerable to authentication bypass | 2011-09-12T09:19+09:00 | 2011-09-12T09:19+09:00 |
| jvndb-2011-000072 | GTK+ may insecurely load dynamic libraries | 2011-09-02T19:26+09:00 | 2011-09-02T19:26+09:00 |
| jvndb-2011-000071 | Juniper Networks IDP ACM vulnerable to cross-site scripting | 2011-09-02T19:22+09:00 | 2011-09-02T19:22+09:00 |
| jvndb-2011-000070 | Sage vulnerable to arbitrary script execution | 2011-09-02T19:19+09:00 | 2011-09-02T19:19+09:00 |
| jvndb-2011-000069 | Sage vulnerable to arbitrary script execution | 2011-09-02T19:14+09:00 | 2011-09-02T19:14+09:00 |
| jvndb-2011-000068 | Multiple vulnerabilities in Phorum | 2011-09-02T19:11+09:00 | 2011-09-02T19:11+09:00 |
| jvndb-2011-000067 | WebsiteBaker vulnerable to cross-site scripting | 2011-08-26T15:50+09:00 | 2011-08-26T15:50+09:00 |
| jvndb-2011-000064 | Microsoft Windows XP vulnerable to denial-of-service (DoS) | 2011-08-19T16:32+09:00 | 2011-08-19T16:32+09:00 |
| jvndb-2011-000063 | Aipo vulnerable to SQL injection | 2011-08-16T16:44+09:00 | 2011-08-16T16:44+09:00 |
| jvndb-2011-000062 | Aipo vulnerable to cross-site request forgery | 2011-08-16T16:41+09:00 | 2011-08-16T16:41+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0203 | Multiples vulnérabilités dans les produits Siemens | 2024-03-12T00:00:00.000000 | 2024-03-12T00:00:00.000000 |
| certfr-2024-avi-0202 | Multiples vulnérabilités dans les produits Schneider | 2024-03-12T00:00:00.000000 | 2024-03-12T00:00:00.000000 |
| certfr-2024-avi-0201 | Multiples vulnérabilités dans les produits Qnap | 2024-03-11T00:00:00.000000 | 2024-03-11T00:00:00.000000 |
| certfr-2024-avi-0200 | Vulnérabilité dans les produits MongoDB | 2024-03-11T00:00:00.000000 | 2024-03-11T00:00:00.000000 |
| certfr-2024-avi-0199 | Multiples vulnérabilités dans IBM | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0198 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0197 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0196 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0195 | Multiples vulnérabilités dans Microsoft Edge | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0194 | Multiples vulnérabilités dans les produits Apple | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0193 | Vulnérabilité dans Grafana | 2024-03-08T00:00:00.000000 | 2024-03-08T00:00:00.000000 |
| certfr-2024-avi-0192 | Vulnérabilité dans VMware Cloud Director | 2024-03-07T00:00:00.000000 | 2024-03-07T00:00:00.000000 |
| certfr-2024-avi-0191 | Multiples vulnérabilités dans GitLab | 2024-03-07T00:00:00.000000 | 2024-03-07T00:00:00.000000 |
| certfr-2024-avi-0190 | Multiples vulnérabilités dans les produits Cisco | 2024-03-07T00:00:00.000000 | 2024-03-07T00:00:00.000000 |
| certfr-2024-avi-0189 | Vulnérabilité dans Moxa NPort W2150A/W2250A Series | 2024-03-06T00:00:00.000000 | 2024-03-06T00:00:00.000000 |
| certfr-2024-avi-0188 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2024-03-06T00:00:00.000000 | 2024-03-06T00:00:00.000000 |
| certfr-2024-avi-0187 | Multiples vulnérabilités dans Google Chrome | 2024-03-06T00:00:00.000000 | 2024-03-06T00:00:00.000000 |
| certfr-2024-avi-0186 | Multiples vulnérabilités dans les produits VMware | 2024-03-06T00:00:00.000000 | 2024-03-06T00:00:00.000000 |
| certfr-2024-avi-0185 | Multiples vulnérabilités dans les produits Apple | 2024-03-06T00:00:00.000000 | 2024-03-06T00:00:00.000000 |
| certfr-2024-avi-0184 | Vulnérabilité dans SolarWinds Security Event Manager | 2024-03-05T00:00:00.000000 | 2024-03-05T00:00:00.000000 |
| certfr-2024-avi-0183 | Vulnérabilité dans Mozilla Thunderbird | 2024-03-05T00:00:00.000000 | 2024-03-05T00:00:00.000000 |
| certfr-2024-avi-0182 | Vulnérabilité dans les produits Squid | 2024-03-05T00:00:00.000000 | 2024-03-05T00:00:00.000000 |
| certfr-2024-avi-0181 | Multiples vulnérabilités dans Google Android | 2024-03-05T00:00:00.000000 | 2024-03-05T00:00:00.000000 |
| certfr-2024-avi-0180 | Multiples vulnérabilités dans les produits IBM | 2024-03-01T00:00:00.000000 | 2024-03-01T00:00:00.000000 |
| certfr-2024-avi-0179 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-03-01T00:00:00.000000 | 2024-03-01T00:00:00.000000 |
| certfr-2024-avi-0178 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-03-01T00:00:00.000000 | 2024-03-01T00:00:00.000000 |
| certfr-2024-avi-0177 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-03-01T00:00:00.000000 | 2024-03-01T00:00:00.000000 |
| certfr-2024-avi-0176 | Multiples vulnérabilités dans Mitel MiContact Center Business | 2024-03-01T00:00:00.000000 | 2024-03-01T00:00:00.000000 |
| certfr-2024-avi-0175 | Multiples vulnérabilités dans Microsoft Edge | 2024-03-01T00:00:00.000000 | 2024-03-01T00:00:00.000000 |
| certfr-2024-avi-0174 | Multiples vulnérabilités dans Cisco NX-OS | 2024-02-29T00:00:00.000000 | 2024-02-29T00:00:00.000000 |