Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-6746 | N/A | Use-after-free in the DOM: Core & HTML component |
Mozilla |
Firefox |
2026-04-21T12:40:44.148Z | 2026-04-21T17:41:59.488Z |
| cve-2026-40604 | ClearanceKit: opfilter system extension can be suspend… |
craigjbass |
clearancekit |
2026-04-21T17:41:53.580Z | 2026-04-21T17:41:53.580Z | |
| cve-2026-40161 | Tekton Pipelines: Git resolver API mode leaks system-c… |
tektoncd |
pipeline |
2026-04-21T16:26:27.381Z | 2026-04-21T17:41:38.895Z | |
| cve-2026-40602 | hass-cli: Handling of user-supplied Jinja2 templates |
home-assistant-ecosystem |
home-assistant-cli |
2026-04-21T17:40:10.251Z | 2026-04-21T17:40:10.251Z | |
| cve-2026-6779 | N/A | Other issue in the JavaScript Engine component |
Mozilla |
Firefox |
2026-04-21T12:41:09.740Z | 2026-04-21T17:39:59.928Z |
| cve-2026-6729 | 5.3 (v4.0) 6.3 (v3.1) | HKUDS OpenHarness Session Key Collision Privilege Escalation |
HKUDS |
OpenHarness |
2026-04-20T22:01:38.766Z | 2026-04-21T17:39:32.967Z |
| cve-2026-40590 | FreeScout's Customer AJAX Create Modifies Hidden Exist… |
freescout-help-desk |
freescout |
2026-04-21T16:52:27.992Z | 2026-04-21T17:39:21.865Z | |
| cve-2026-33432 | Roxy-WI has Pre-Authentication LDAP Injection that Lea… |
roxy-wi |
roxy-wi |
2026-04-20T20:26:52.217Z | 2026-04-21T17:38:09.523Z | |
| cve-2026-41189 | FreeScout has assigned-only visibility bypass that all… |
freescout-help-desk |
freescout |
2026-04-21T17:04:07.469Z | 2026-04-21T17:37:13.107Z | |
| cve-2026-32604 | Spinnaker vulnerable to RCE when using gitrepo artifac… |
spinnaker |
spinnaker |
2026-04-20T20:00:57.517Z | 2026-04-21T17:36:56.642Z | |
| cve-2025-69993 | Leaflet versions up to and including 1.9.4 are vu… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-21T17:36:25.753Z | |
| cve-2026-6248 | wpForo Forum <= 3.0.5 - Authenticated (Subscriber+) Ar… |
tomdever |
wpForo Forum |
2026-04-20T18:31:33.290Z | 2026-04-21T17:35:30.317Z | |
| cve-2026-26067 | October: Safe Mode Bypass via CSS Preprocessor Compilers |
octobercms |
october |
2026-04-21T16:16:03.293Z | 2026-04-21T17:35:19.882Z | |
| cve-2026-41298 | 5.3 (v4.0) 5.4 (v3.1) | OpenClaw < 2026.4.2 - Authorization Bypass in Session … |
OpenClaw |
OpenClaw |
2026-04-20T23:08:11.787Z | 2026-04-21T17:34:23.419Z |
| cve-2026-40566 | FreeScout vulnerable to SSRF via IMAP/SMTP Connection … |
freescout-help-desk |
freescout |
2026-04-21T16:04:35.587Z | 2026-04-21T17:33:11.528Z | |
| cve-2026-40584 | RansomLook - Improper Filtering of Private Location En… |
RansomLook |
RansomLook |
2026-04-21T17:05:25.349Z | 2026-04-21T17:29:55.759Z | |
| cve-2026-6778 | N/A | Invalid pointer in the Audio/Video: Playback component |
Mozilla |
Firefox |
2026-04-21T12:41:09.098Z | 2026-04-21T17:26:08.027Z |
| cve-2026-40050 | 9.8 (v3.1) | CrowdStrike LogScale Unauthenticated Path Traversal |
CrowdStrike |
LogScale Self-Hosted |
2026-04-21T16:48:24.722Z | 2026-04-21T17:25:29.299Z |
| cve-2026-21571 | This Critical severity OS Command Injection vulne… |
Atlassian |
Bamboo Data Center |
2026-04-21T17:00:05.524Z | 2026-04-21T17:24:23.557Z | |
| cve-2026-5652 | 9 (v3.1) | Authorization Bypass Through User-Controlled Key in Cr… |
Arcadia Technology, LLC |
Crafty Controller |
2026-04-21T16:33:56.878Z | 2026-04-21T17:22:27.276Z |
| cve-2026-6777 | N/A | Other issue in the Networking: DNS component |
Mozilla |
Firefox |
2026-04-21T12:41:08.452Z | 2026-04-21T17:19:18.744Z |
| cve-2026-41194 | FreeScout's Mailbox OAuth disconnect uses a state-chan… |
freescout-help-desk |
freescout |
2026-04-21T17:16:50.438Z | 2026-04-21T17:16:50.438Z | |
| cve-2026-41193 | FreeScout has Zip Slip path traversal in module instal… |
freescout-help-desk |
freescout |
2026-04-21T17:15:26.236Z | 2026-04-21T17:15:26.236Z | |
| cve-2026-41192 | FreeScout's client-controlled attachment IDs allow del… |
freescout-help-desk |
freescout |
2026-04-21T17:12:42.628Z | 2026-04-21T17:12:42.628Z | |
| cve-2026-40588 | blueprintUE: Authenticated Password Change Does Not Ve… |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:12:08.938Z | 2026-04-21T17:12:08.938Z | |
| cve-2026-40587 | blueprintUE: Active Sessions Are Not Invalidated After… |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:11:23.740Z | 2026-04-21T17:11:23.740Z | |
| cve-2026-40586 | blueprintUE: Login Endpoint Has No Rate Limiting, Lock… |
blueprintue |
blueprintue-self-hosted-edition |
2026-04-21T17:10:05.432Z | 2026-04-21T17:10:05.432Z | |
| cve-2026-41191 | FreeScout's signature only mailbox permission allows u… |
freescout-help-desk |
freescout |
2026-04-21T17:09:26.481Z | 2026-04-21T17:09:26.481Z | |
| cve-2026-41183 | FreeScout allows non-folder conversation queries to di… |
freescout-help-desk |
freescout |
2026-04-21T17:00:39.033Z | 2026-04-21T17:00:39.033Z | |
| cve-2026-38835 | N/A | Tenda W30E V2.0 V16.01.0.21 was found to contain … |
n/a |
n/a |
2026-04-21T00:00:00.000Z | 2026-04-21T16:59:46.480Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2024-004595 | Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series | 2024-07-29T17:51+09:00 | 2025-06-30T09:56+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| jvndb-2025-000038 | UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints | 2025-06-12T15:56+09:00 | 2025-06-12T15:56+09:00 |
| jvndb-2025-000037 | Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery | 2025-06-06T13:56+09:00 | 2025-06-06T13:56+09:00 |
| jvndb-2025-000036 | TimeWorks vulnerable to path traversal | 2025-06-03T15:35+09:00 | 2025-06-03T15:35+09:00 |
| jvndb-2025-000035 | Improper file access permission settings in PC Time Tracer | 2025-06-03T14:40+09:00 | 2025-06-03T14:40+09:00 |
| jvndb-2025-000034 | Multiple vulnerabilities in wivia 5 | 2025-05-30T15:57+09:00 | 2025-05-30T15:57+09:00 |
| jvndb-2025-001238 | Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers | 2025-01-29T13:41+09:00 | 2025-05-27T16:06+09:00 |
| jvndb-2025-000032 | Mailform Pro CGI generating error messages containing sensitive information | 2025-05-26T14:22+09:00 | 2025-05-26T14:22+09:00 |
| jvndb-2025-000033 | Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox' | 2025-05-23T15:36+09:00 | 2025-05-23T15:36+09:00 |
| jvndb-2025-005467 | Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers | 2025-05-22T15:03+09:00 | 2025-05-22T15:03+09:00 |
| jvndb-2024-000117 | Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2024-10-31T16:44+09:00 | 2025-05-19T17:59+09:00 |
| jvndb-2025-005107 | Multiple vulnerabilities in V-SFT | 2025-05-16T14:32+09:00 | 2025-05-16T14:32+09:00 |
| jvndb-2025-005057 | Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series' | 2025-05-15T18:27+09:00 | 2025-05-15T18:27+09:00 |
| jvndb-2025-005050 | Multiple vulnerabilities in a-blog cms | 2025-05-15T18:11+09:00 | 2025-05-15T18:11+09:00 |
| jvndb-2025-000031 | Pgpool-II vulnerable to authentication bypass by primary weakness | 2025-05-15T16:14+09:00 | 2025-05-15T16:14+09:00 |
| jvndb-2025-004863 | Panasonic IR Control Hub vulnerable to Unauthorised firmware loading | 2025-05-14T11:30+09:00 | 2025-05-14T11:30+09:00 |
| jvndb-2025-004671 | Multiple vulnerabilities in GL-MT2500 and GL-MT2500A | 2025-05-12T17:52+09:00 | 2025-05-12T17:52+09:00 |
| jvndb-2025-001016 | OMRON NJ/NX series vulnerable to path traversal | 2025-02-06T18:27+09:00 | 2025-05-08T17:44+09:00 |
| jvndb-2025-004079 | Improper access permission settings in multiple SEIKO EPSON printer drivers for Windows OS | 2025-04-30T11:46+09:00 | 2025-04-30T11:46+09:00 |
| jvndb-2025-004076 | Security Update for Trend Micro Trend Vision One (April 2025) | 2025-04-30T10:38+09:00 | 2025-04-30T10:38+09:00 |
| jvndb-2025-000029 | Multiple vulnerabilities in Quick Agent | 2025-04-25T13:49+09:00 | 2025-04-25T13:49+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0259 | Multiples vulnérabilités dans Stormshield Network Security | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0258 | Vulnérabilité dans Microsoft CBL-Mariner | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0257 | Vulnérabilité dans Mozilla Focus | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0256 | Multiples vulnérabilités dans les produits SAP | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0255 | Multiples vulnérabilités dans les produits Siemens | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0254 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0253 | Multiples vulnérabilités dans Microsoft Edge | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0252 | Multiples vulnérabilités dans les produits Moxa | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0251 | Multiples vulnérabilités dans Apache Zookeeper | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0250 | Vulnérabilité dans Apereo CAS | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0249 | Multiples vulnérabilités dans les produits IBM | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0248 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0247 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0246 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0245 | Vulnérabilité dans Zabbix | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0244 | Vulnérabilité dans Nextcloud Flow | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0242 | Multiples vulnérabilités dans les produits Cisco | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0241 | Vulnérabilité dans ClamAV | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0240 | Vulnérabilité dans CPython | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0239 | Multiples vulnérabilités dans Google Chrome | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0238 | Vulnérabilité dans NetApp ONTAP 9 | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0237 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0236 | Multiples vulnérabilités dans Traefik | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0235 | Multiples vulnérabilités dans HPE Aruba Networking AOS | 2026-03-04T00:00:00.000000 | 2026-03-04T00:00:00.000000 |
| certfr-2026-avi-0234 | Vulnérabilité dans Tenable Nessus Manager | 2026-03-04T00:00:00.000000 | 2026-03-04T00:00:00.000000 |
| certfr-2026-avi-0233 | Multiples vulnérabilités dans Google Pixel | 2026-03-04T00:00:00.000000 | 2026-03-04T00:00:00.000000 |
| certfr-2026-avi-0232 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-03T00:00:00.000000 | 2026-03-03T00:00:00.000000 |
| certfr-2026-avi-0231 | Multiples vulnérabilités dans Google Android | 2026-03-03T00:00:00.000000 | 2026-03-03T00:00:00.000000 |
| certfr-2026-avi-0230 | Multiples vulnérabilités dans Docker Desktop | 2026-03-03T00:00:00.000000 | 2026-03-03T00:00:00.000000 |
| certfr-2026-avi-0217 | Multiples vulnérabilités dans SPIP | 2026-02-26T00:00:00.000000 | 2026-03-03T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2012-ale-008 | Vulnérabilité dans certains terminaux Samsung | 2012-12-18T00:00:00.000000 | 2012-12-18T00:00:00.000000 |
| certa-2012-ale-006 | Vulnérabilité dans Internet Explorer | 2012-09-18T00:00:00.000000 | 2012-09-21T00:00:00.000000 |
| certa-2012-ale-005 | Vulnérabilité dans Oracle Java | 2012-08-27T00:00:00.000000 | 2012-08-31T00:00:00.000000 |
| certa-2012-ale-003 | Vulnérabilité dans Microsoft XML Core Services | 2012-06-14T00:00:00.000000 | 2012-08-17T00:00:00.000000 |
| certa-2012-ale-004 | Vulnérabilité dans Microsoft Exchange et Fast Search Server 2010 | 2012-07-25T00:00:00.000000 | 2012-08-16T00:00:00.000000 |
| certa-2012-ale-002 | Vulnérabilité dans Windows RDP | 2012-03-14T00:00:00.000000 | 2012-04-13T00:00:00.000000 |
| certa-2011-ale-008 | Vulnérabilité dans Adobe Reader et Acrobat | 2011-12-07T00:00:00.000000 | 2012-01-10T00:00:00.000000 |
| certa-2011-ale-007 | Vulnérabilité dans ftpd et ProFTPD sur FreeBSD | 2011-12-02T00:00:00.000000 | 2011-12-26T00:00:00.000000 |
| certa-2011-ale-006 | Exploitation d'une vulnérabilité dans la gestion des polices TrueType sur Windows | 2011-11-04T00:00:00.000000 | 2011-12-14T00:00:00.000000 |
| certa-2011-ale-005 | Exploitation malveillante d'une fonctionnalité du protocole SSL afin de provoquer un déni de service | 2011-10-27T00:00:00.000000 | 2011-10-27T00:00:00.000000 |
| certa-2011-ale-004 | Vulnérabilités dans Apple iOS | 2011-07-05T00:00:00.000000 | 2011-07-18T00:00:00.000000 |
| certa-2011-ale-003 | Vulnérabilité dans Adobe Flash Player, Adobe Reader et Acrobat | 2011-04-12T00:00:00.000000 | 2011-06-20T00:00:00.000000 |
| certa-2011-ale-002 | Vulnérabilité dans Adobe Flash Player, Adobe Reader et Acrobat | 2011-03-15T00:00:00.000000 | 2011-03-22T00:00:00.000000 |
| certa-2011-ale-001 | Vulnérabilité dans le moteur de rendu graphique de Windows | 2011-01-05T00:00:00.000000 | 2011-02-10T00:00:00.000000 |
| certa-2010-ale-021 | Vulnérabilité dans Microsoft Internet Explorer | 2010-12-22T00:00:00.000000 | 2011-02-09T00:00:00.000000 |
| certa-2010-ale-019 | Vulnérabilité dans Microsoft Internet Explorer | 2010-11-03T00:00:00.000000 | 2010-12-17T00:00:00.000000 |
| certa-2010-ale-018 | Vulnérabilité dans Adobe Flash Player, Adobe Reader et Acrobat | 2010-10-28T00:00:00.000000 | 2010-11-18T00:00:00.000000 |
| certa-2010-ale-020 | Vulnérabilité dans Adobe Reader et Acrobat | 2010-11-05T00:00:00.000000 | 2010-11-17T00:00:00.000000 |
| certa-2010-ale-016 | Vulnérabilité Adobe Shockwave Player | 2010-10-22T00:00:00.000000 | 2010-10-29T00:00:00.000000 |
| certa-2010-ale-017 | Vulnérabilité dans Mozilla Firefox | 2010-10-27T00:00:00.000000 | 2010-10-28T00:00:00.000000 |
| certa-2010-ale-014 | Vulnérabilité dans Adobe Reader et Adobe Acrobat | 2010-09-09T00:00:00.000000 | 2010-10-06T00:00:00.000000 |
| certa-2010-ale-015 | Vulnérabilité dans Adobe Flash Player | 2010-09-14T00:00:00.000000 | 2010-09-21T00:00:00.000000 |
| certa-2010-ale-013 | Vulnérabilité dans le contrôle ActiveX Apple QuickTime | 2010-08-31T00:00:00.000000 | 2010-09-17T00:00:00.000000 |
| certa-2010-ale-012 | Vulnérabilité dans Adobe Reader et Adobe Acrobat | 2010-08-06T00:00:00.000000 | 2010-08-20T00:00:00.000000 |
| certa-2010-ale-011 | Vulnérabilités dans Apple iOS | 2010-08-04T00:00:00.000000 | 2010-08-12T00:00:00.000000 |
| certa-2010-ale-010 | Vulnérabilité dans le Shell de Microsoft Windows | 2010-07-19T00:00:00.000000 | 2010-08-03T00:00:00.000000 |
| certa-2010-ale-009 | Exploitation par un code malveillant d'une vulnérabilité Microsoft Windows non corrigée | 2010-07-16T00:00:00.000000 | 2010-08-03T00:00:00.000000 |
| certa-2010-ale-008 | Vulnérabilité dans le Centre d'aide et de support Windows | 2010-06-10T00:00:00.000000 | 2010-07-15T00:00:00.000000 |
| certa-2010-ale-007 | Vulnérabilité Shockwave Flash pour les produits Adobe | 2010-06-05T00:00:00.000000 | 2010-06-30T00:00:00.000000 |
| certa-2009-ale-019 | Vulnérabilité dans Windows 7 et Windows Server 2008 R2 | 2009-11-16T00:00:00.000000 | 2010-06-10T00:00:00.000000 |