Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33457 | Potential livestatus injection in prediction graph page |
Checkmk GmbH |
Checkmk |
2026-04-10T08:31:35.768Z | 2026-04-14T13:29:41.112Z | |
| cve-2026-39419 | MaxKB: Sandbox Result Validation Bypass via Tool Outpu… |
1Panel-dev |
MaxKB |
2026-04-14T01:03:40.653Z | 2026-04-14T13:28:04.792Z | |
| cve-2026-3690 | 7.4 (v3.0) | OpenClaw Canvas Authentication Bypass Vulnerability |
OpenClaw |
OpenClaw |
2026-04-11T00:17:32.474Z | 2026-04-14T13:28:03.464Z |
| cve-2026-40177 | Password bypass when 2FA is activated |
ajenti |
ajenti |
2026-04-10T19:29:00.851Z | 2026-04-14T13:26:56.925Z | |
| cve-2026-40315 | PraisonAI: SQLiteConversationStore didn't validate tab… |
MervinPraison |
PraisonAI |
2026-04-14T02:45:33.880Z | 2026-04-14T13:25:13.165Z | |
| cve-2026-40287 | PraisonAI has RCE via Automatic tools.py Import |
MervinPraison |
PraisonAI |
2026-04-14T02:55:38.270Z | 2026-04-14T13:23:29.807Z | |
| cve-2026-36948 | N/A | Sourcecodester Online Thesis Archiving System v1.… |
n/a |
n/a |
2026-04-13T00:00:00.000Z | 2026-04-14T13:20:38.064Z |
| cve-2026-1607 | Surbma | Booking.com <= 2.1 - Authenticated (Contribut… |
surbma |
Surbma | Booking.com Shortcode |
2026-04-14T03:37:32.795Z | 2026-04-14T13:18:48.779Z | |
| cve-2026-24032 | A vulnerability has been identified in SINEC NMS … |
Siemens |
SINEC NMS |
2026-04-14T08:40:39.853Z | 2026-04-14T13:18:01.056Z | |
| cve-2026-22564 | An Improper Access Control vulnerability could al… |
Ubiquiti Inc |
UniFi Play PowerAmp |
2026-04-13T21:28:10.865Z | 2026-04-14T13:14:19.961Z | |
| cve-2026-22566 | An Improper Access Control vulnerability could al… |
Ubiquiti Inc |
UniFi Play PowerAmp |
2026-04-13T21:28:10.973Z | 2026-04-14T13:14:19.836Z | |
| cve-2026-22562 | A malicious actor with access to the UniFi Play n… |
Ubiquiti Inc |
UniFi Play PowerAmp |
2026-04-13T21:28:11.025Z | 2026-04-14T13:14:19.709Z | |
| cve-2026-22563 | A series of Improper Input Validation vulnerabili… |
Ubiquiti Inc |
UniFi Play PowerAmp |
2026-04-13T21:28:11.100Z | 2026-04-14T13:14:19.586Z | |
| cve-2026-0512 | 6.1 (v3.1) | Cross-Site Scripting (XSS) vulnerability in SAP Suppli… |
SAP_SE |
SAP Supplier Relationship Management (SICF Handler in SRM Catalog) |
2026-04-14T00:06:08.757Z | 2026-04-14T13:14:19.450Z |
| cve-2026-24318 | 4.2 (v3.1) | Insecure Session Management vulnerability in SAP Busin… |
SAP_SE |
SAP BusinessObjects Business Intelligence Platform |
2026-04-14T00:06:18.337Z | 2026-04-14T13:14:19.302Z |
| cve-2026-27672 | 4.3 (v3.1) | Missing Authorization check in Material Master Application |
SAP_SE |
Material Master Application |
2026-04-14T00:06:27.780Z | 2026-04-14T13:14:19.176Z |
| cve-2026-27673 | 4.9 (v3.1) | Missing Authorization Check in SAP S/4HANA (Private Cl… |
SAP_SE |
SAP S/4HANA (Private Cloud and On-Premise) |
2026-04-14T00:06:38.160Z | 2026-04-14T13:14:19.040Z |
| cve-2026-27675 | 2 (v3.1) | Code Injection vulnerability in SAP Landscape Transformation |
SAP_SE |
SAP Landscape Transformation |
2026-04-14T00:07:01.278Z | 2026-04-14T13:14:18.764Z |
| cve-2026-27676 | 4.3 (v3.1) | Missing Authorization check in SAP S/4HANA OData Servi… |
SAP_SE |
SAP S/4HANA OData Service (Manage Technical Object Structures) |
2026-04-14T00:07:12.657Z | 2026-04-14T13:14:18.632Z |
| cve-2026-27677 | 6.5 (v3.1) | Missing Authorization check in SAP S/4HANA OData Servi… |
SAP_SE |
SAP S/4HANA OData Service (Manage Reference Equipment) |
2026-04-14T00:07:22.753Z | 2026-04-14T13:14:18.498Z |
| cve-2026-27678 | 6.5 (v3.1) | Missing Authorization check in SAP S/4HANA Backend ODa… |
SAP_SE |
SAP S/4HANA Backend OData Service (Manage Reference Structures) |
2026-04-14T00:07:33.397Z | 2026-04-14T13:14:18.299Z |
| cve-2026-27679 | 6.5 (v3.1) | Missing Authorization check in SAP S/4HANA Frontend OD… |
SAP_SE |
SAP S/4HANA Frontend OData Service (Manage Reference Structures) |
2026-04-14T00:07:44.698Z | 2026-04-14T13:14:18.168Z |
| cve-2026-27681 | 9.9 (v3.1) | SQL Injection vulnerability in SAP Business Planning a… |
SAP_SE |
SAP Business Planning and Consolidation and SAP Business Warehouse |
2026-04-14T00:08:05.791Z | 2026-04-14T13:14:18.028Z |
| cve-2026-27683 | 4.1 (v3.1) | Reflected cross site scripting vulnerability in SAP Bu… |
SAP_SE |
SAP BusinessObjects Business Intelligence Platform |
2026-04-14T00:08:15.599Z | 2026-04-14T13:14:17.886Z |
| cve-2026-34256 | 7.1 (v3.1) | Missing Authorization check in SAP ERP and SAP S/4 HAN… |
SAP_SE |
SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise) |
2026-04-14T00:08:26.993Z | 2026-04-14T13:14:17.750Z |
| cve-2026-34257 | 6.1 (v3.1) | Open Redirect vulnerability in SAP NetWeaver Applicati… |
SAP_SE |
SAP NetWeaver Application Server ABAP |
2026-04-14T00:08:39.814Z | 2026-04-14T13:14:17.620Z |
| cve-2026-34261 | 6.5 (v3.1) | Missing Authorization check in SAP Business Analytics … |
SAP_SE |
SAP Business Analytics and SAP Content Management |
2026-04-14T00:08:51.232Z | 2026-04-14T13:14:17.473Z |
| cve-2026-34262 | 5 (v3.1) | Information Disclosure Vulnerability in SAP HANA Cockp… |
SAP_SE |
SAP HANA Cockpit and HANA Database Explorer |
2026-04-14T00:09:03.364Z | 2026-04-14T13:14:17.275Z |
| cve-2026-34264 | 6.5 (v3.1) | Information Disclosure vulnerability in SAP Human Capi… |
SAP_SE |
SAP Human Capital Management for SAP S/4HANA |
2026-04-14T00:09:12.272Z | 2026-04-14T13:14:17.154Z |
| cve-2025-13822 | 5.3 (v4.0) | Authentication bypass in MCPHub |
MCPHub |
MCPHub |
2026-04-14T10:23:49.910Z | 2026-04-14T13:14:16.888Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2011-000003 | Aipo vulnerable to SQL injection | 2011-01-13T11:53+09:00 | 2011-01-13T11:53+09:00 |
| jvndb-2011-000002 | SGX-SP Final and SGX-SP Final NE vulnerable to cross-site scripting | 2011-01-13T11:46+09:00 | 2011-01-13T11:46+09:00 |
| jvndb-2011-000001 | Contents-Mall vulnerability in password handling | 2011-01-13T11:41+09:00 | 2011-01-13T11:41+09:00 |
| jvndb-2009-002207 | SquirrelMail vulnerable to cross-site request forgery | 2011-01-07T14:40+09:00 | 2011-01-07T14:40+09:00 |
| jvndb-2007-000398 | SquirrelMail vulnerable to cross-site scripting | 2011-01-07T14:39+09:00 | 2011-01-07T14:39+09:00 |
| jvndb-2010-002529 | Access Control Security Bypass Vulnerability in Interstage Application Server | 2010-12-24T16:25+09:00 | 2010-12-24T16:25+09:00 |
| jvndb-2010-002528 | Buffer Overflow Vulnerability in Hitachi Groupmax Related Products | 2010-12-24T16:22+09:00 | 2010-12-24T16:22+09:00 |
| jvndb-2010-000066 | AttacheCase may insecurely load executable files | 2010-12-17T18:30+09:00 | 2010-12-17T18:30+09:00 |
| jvndb-2010-001879 | Denial of Service (DoS) Vulnerability in JP1/NETM | 2010-09-01T14:12+09:00 | 2010-12-17T14:46+09:00 |
| jvndb-2010-000065 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:20+09:00 | 2010-12-15T18:20+09:00 |
| jvndb-2010-000064 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:19+09:00 | 2010-12-15T18:19+09:00 |
| jvndb-2010-000063 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:19+09:00 | 2010-12-15T18:19+09:00 |
| jvndb-2010-000062 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:18+09:00 | 2010-12-15T18:18+09:00 |
| jvndb-2010-002468 | EUR Form Client Arbitrary File Execution Vulnerability | 2010-12-14T15:21+09:00 | 2010-12-14T15:21+09:00 |
| jvndb-2010-002467 | Interstage Application Server Information Disclosure Vulnerability | 2010-12-14T15:18+09:00 | 2010-12-14T15:18+09:00 |
| jvndb-2010-001538 | Safari address bar spoofing vulnerability | 2010-11-26T17:16+09:00 | 2010-12-10T17:48+09:00 |
| jvndb-2010-000061 | Movable Type vulnerable to SQL injection | 2010-12-08T18:28+09:00 | 2010-12-08T18:28+09:00 |
| jvndb-2010-000060 | Movable Type vulnerable to cross-site scripting | 2010-12-08T18:26+09:00 | 2010-12-08T18:26+09:00 |
| jvndb-2010-000059 | Vulnerability in Epson printer driver installer where access permissions are changed | 2010-12-08T18:25+09:00 | 2010-12-08T18:25+09:00 |
| jvndb-2010-000058 | Clipboard contents alteration vulnerability in Grani | 2010-12-01T20:27+09:00 | 2010-12-01T20:27+09:00 |
| jvndb-2010-000057 | Clipboard contents alteration vulnerability in Sleipnir | 2010-12-01T20:27+09:00 | 2010-12-01T20:27+09:00 |
| jvndb-2010-000056 | Google Chrome information disclosure vulnerability | 2010-11-26T17:32+09:00 | 2010-11-26T17:32+09:00 |
| jvndb-2010-000053 | Ichitaro series vulnerable to arbitrary code execution | 2010-11-04T19:11+09:00 | 2010-11-05T16:15+09:00 |
| jvndb-2010-000052 | Ichitaro series vulnerable to arbitrary code execution | 2010-11-04T19:10+09:00 | 2010-11-05T16:15+09:00 |
| jvndb-2010-000051 | GVim may insecurely load dynamic libraries | 2010-11-01T18:51+09:00 | 2010-11-01T18:51+09:00 |
| jvndb-2010-000050 | Active! mail 6 vulnerable to HTTP header injection | 2010-10-29T20:36+09:00 | 2010-10-29T20:36+09:00 |
| jvndb-2010-000046 | Apsaly may insecurely load executable files | 2010-10-26T16:52+09:00 | 2010-10-26T16:52+09:00 |
| jvndb-2010-000045 | TeraPad may insecurely load dynamic libraries | 2010-10-26T16:51+09:00 | 2010-10-26T16:51+09:00 |
| jvndb-2010-000049 | Multiple Yokka provided products may insecurely load executable files | 2010-10-25T17:43+09:00 | 2010-10-25T17:43+09:00 |
| jvndb-2010-000048 | Sleipnir and Grani may insecurely load executable files | 2010-10-25T17:43+09:00 | 2010-10-25T17:43+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0112 | Multiples vulnérabilités dans MISP | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0111 | Vulnérabilité dans PostgreSQL | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0110 | Multiples vulnérabilités dans Microsoft Edge | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0109 | Vulnérabilité dans les produits Ivanti | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0107 | Vulnérabilité dans Elastic Kibana | 2024-02-08T00:00:00.000000 | 2024-02-08T00:00:00.000000 |
| certfr-2024-avi-0106 | Multiples vulnérabilités dans Fortinet FortiSIEM | 2024-02-08T00:00:00.000000 | 2024-02-08T00:00:00.000000 |
| certfr-2024-avi-0105 | Vulnérabilité dans SonicWall SonicOS | 2024-02-08T00:00:00.000000 | 2024-02-08T00:00:00.000000 |
| certfr-2024-avi-0104 | Multiples vulnérabilités dans les produits ClamAV | 2024-02-08T00:00:00.000000 | 2024-02-08T00:00:00.000000 |
| certfr-2024-avi-0103 | Multiples vulnérabilités dans les produits Cisco | 2024-02-08T00:00:00.000000 | 2024-02-08T00:00:00.000000 |
| certfr-2024-avi-0102 | Multiples vulnérabilités dans GitLab | 2024-02-08T00:00:00.000000 | 2024-02-08T00:00:00.000000 |
| certfr-2024-avi-0101 | Multiples vulnérabilités dans Google Android | 2024-02-07T00:00:00.000000 | 2024-02-07T00:00:00.000000 |
| certfr-2024-avi-0100 | Multiples vulnérabilités dans Google Chrome | 2024-02-07T00:00:00.000000 | 2024-02-07T00:00:00.000000 |
| certfr-2024-avi-0099 | Multiples vulnérabilités dans les produits Elastic | 2024-02-07T00:00:00.000000 | 2024-02-07T00:00:00.000000 |
| certfr-2024-avi-0098 | Multiples vulnérabilités dans VMware Aria Operations pour les réseaux | 2024-02-07T00:00:00.000000 | 2024-02-07T00:00:00.000000 |
| certfr-2024-avi-0097 | Multiples vulnérabilités dans Veeam Recovery Orchestrator | 2024-02-07T00:00:00.000000 | 2024-02-07T00:00:00.000000 |
| certfr-2024-avi-0096 | Multiples vulnérabilités dans les produits Tenable | 2024-02-07T00:00:00.000000 | 2024-02-07T00:00:00.000000 |
| certfr-2024-avi-0095 | Multiples vulnérabilités dans les produits Axis | 2024-02-06T00:00:00.000000 | 2024-02-06T00:00:00.000000 |
| certfr-2024-avi-0094 | Multiples vulnérabilités dans les produits Qnap | 2024-02-05T00:00:00.000000 | 2024-02-05T00:00:00.000000 |
| certfr-2024-avi-0093 | Vulnérabilité dans NetApp StorageGRID | 2024-02-05T00:00:00.000000 | 2024-02-05T00:00:00.000000 |
| certfr-2024-avi-0092 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-02-02T00:00:00.000000 | 2024-02-02T00:00:00.000000 |
| certfr-2024-avi-0091 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-02-02T00:00:00.000000 | 2024-02-02T00:00:00.000000 |
| certfr-2024-avi-0090 | Multiples vulnérabilités dans les produits IBM | 2024-02-02T00:00:00.000000 | 2024-02-02T00:00:00.000000 |
| certfr-2024-avi-0089 | Vulnérabilité dans Kaspersky Security pour Linux Mail Server | 2024-02-02T00:00:00.000000 | 2024-02-02T00:00:00.000000 |
| certfr-2024-avi-0088 | Multiples vulnérabilités dans Microsoft Edge | 2024-02-02T00:00:00.000000 | 2024-02-02T00:00:00.000000 |
| certfr-2024-avi-0087 | Multiples vulnérabilités dans les produits GLPI | 2024-02-01T00:00:00.000000 | 2024-02-01T00:00:00.000000 |
| certfr-2024-avi-0086 | Multiples vulnérabilités dans Juniper | 2024-02-01T00:00:00.000000 | 2024-02-01T00:00:00.000000 |
| certfr-2024-avi-0062 | Multiples vulnérabilités dans les produits Apple | 2024-01-23T00:00:00.000000 | 2024-02-01T00:00:00.000000 |
| certfr-2024-avi-0085 | Multiples vulnérabilités dans les produits Ivanti | 2024-01-31T00:00:00.000000 | 2024-01-31T00:00:00.000000 |
| certfr-2024-avi-0084 | Multiples vulnérabilités dans Wordpress | 2024-01-31T00:00:00.000000 | 2024-01-31T00:00:00.000000 |
| certfr-2024-avi-0083 | Vulnérabilité dans Microsoft Edge | 2024-01-31T00:00:00.000000 | 2024-01-31T00:00:00.000000 |