Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-39410 | Hono has a non-breaking space prefix bypass in cookie … |
honojs |
hono |
2026-04-08T14:44:40.797Z | 2026-04-08T15:17:14.892Z | |
| cve-2026-39409 | Hono has incorrect IP matching in ipRestriction() for … |
honojs |
hono |
2026-04-08T14:43:36.476Z | 2026-04-08T16:13:05.175Z | |
| cve-2026-39408 | Hono has a path traversal in toSSG() allows writing fi… |
honojs |
hono |
2026-04-08T14:42:25.357Z | 2026-04-10T20:31:47.508Z | |
| cve-2026-39407 | Hono has a middleware bypass via repeated slashes in s… |
honojs |
hono |
2026-04-08T14:41:20.301Z | 2026-04-08T16:04:59.862Z | |
| cve-2026-39406 | @hono/node-server has a middleware bypass via repeated… |
honojs |
node-server |
2026-04-08T14:34:30.543Z | 2026-04-08T15:17:38.121Z | |
| cve-2026-39394 | CI4MS has an .env CRLF Injection via Unvalidated `host… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:32:31.680Z | 2026-04-08T16:13:10.966Z | |
| cve-2026-39393 | Post-Installation Re-entry via Cache-Dependent Install… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:31:44.692Z | 2026-04-10T20:29:43.521Z | |
| cve-2026-39392 | CI4MS has Stored XSS in Pages Content Due to Missing h… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:30:59.132Z | 2026-04-08T16:05:26.652Z | |
| cve-2026-39391 | CI4MS has Stored XSS via Unescaped Blacklist Note in A… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:30:18.750Z | 2026-04-08T15:18:08.667Z | |
| cve-2026-39390 | CI4MS has Stored XSS via srcdoc attribute bypass in Go… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:29:28.500Z | 2026-04-08T16:13:16.580Z | |
| cve-2026-39389 | CI4MS has a Hidden Items Authorization Bypass in Filee… |
ci4-cms-erp |
ci4ms |
2026-04-08T14:28:29.847Z | 2026-04-10T20:28:55.783Z | |
| cve-2026-39865 | Axios HTTP/2 Session Cleanup State Corruption Vulnerability |
axios |
axios |
2026-04-08T14:25:27.865Z | 2026-04-13T18:37:34.862Z | |
| cve-2025-58713 | 6.4 (v3.1) | Rhpam: privilege escalation via excessive /etc/passwd … |
Red Hat |
Red Hat Process Automation 7 |
2026-04-08T13:55:11.428Z | 2026-04-08T14:28:41.733Z |
| cve-2025-57853 | 6.4 (v3.1) | Web-terminal: privilege escalation via excessive /etc/… |
Red Hat |
Red Hat Web Terminal |
2026-04-08T13:55:06.787Z | 2026-04-08T16:06:20.933Z |
| cve-2025-57854 | 6.4 (v3.1) | Osus-operator: privilege escalation via excessive /etc… |
Red Hat |
Red Hat OpenShift Update Service |
2026-04-08T13:55:06.739Z | 2026-04-08T14:42:32.600Z |
| cve-2025-57851 | 6.4 (v3.1) | Mce: privilege escalation via excessive /etc/passwd pe… |
Red Hat |
Multicluster Engine for Kubernetes |
2026-04-08T13:55:00.925Z | 2026-04-08T15:18:38.990Z |
| cve-2025-57847 | 6.4 (v3.1) | Ansible-automation-platform: privilege escalation via … |
Red Hat |
Red Hat Ansible Automation Platform 2 |
2026-04-08T13:55:00.729Z | 2026-04-08T16:13:23.024Z |
| cve-2026-5795 | 7.4 (v3.1) | In Eclipse Jetty, the class JASPIAuthenticator in… |
Eclipse Foundation |
Eclipse Jetty |
2026-04-08T13:32:28.935Z | 2026-04-09T03:56:11.784Z |
| cve-2026-2509 | Page Builder: Pagelayer <= 2.0.8 - Authenticated (Cont… |
softaculous |
Page Builder: Pagelayer – Drag and Drop website builder |
2026-04-08T13:26:00.333Z | 2026-04-08T17:09:13.112Z | |
| cve-2025-14816 | 9.3 (v4.0) | Information Disclosure, Tampering, and Denial-of-Servi… |
Mitsubishi Electric Corporation |
GENESIS64 |
2026-04-08T13:23:41.344Z | 2026-04-08T16:04:26.135Z |
| cve-2025-14815 | 9.3 (v4.0) | Information Disclosure, Tampering, and Denial-of-Servi… |
Mitsubishi Electric Corporation |
GENESIS64 |
2026-04-08T13:15:30.168Z | 2026-04-08T16:03:44.001Z |
| cve-2026-31411 | N/A | net: atm: fix crash due to unvalidated vcc pointer in … |
Linux |
Linux |
2026-04-08T13:06:17.800Z | 2026-04-13T06:08:40.030Z |
| cve-2026-35023 | 5.3 (v4.0) 4.3 (v3.1) | Wimi Teamwork On-Premises < 8.2.0 IDOR via preview.php |
Cloud Solutions SAS |
Wimi Teamwork |
2026-04-08T12:59:26.364Z | 2026-04-09T17:57:56.369Z |
| cve-2026-28261 | 7.8 (v3.1) | Dell Elastic Cloud Storage, version 3.8.1.7 and p… |
Dell |
Elastic Cloud Storage |
2026-04-08T12:43:54.291Z | 2026-04-09T03:55:55.676Z |
| cve-2026-24511 | 4.4 (v3.1) | Dell PowerScale OneFS, versions 9.5.0.0 through 9… |
Dell |
PowerScale OneFS |
2026-04-08T12:28:21.077Z | 2026-04-08T16:13:35.249Z |
| cve-2026-5600 | 5.5 (v4.0) | A new API endpoint introduced in pretix 2025 that… |
pretix |
pretix |
2026-04-08T12:24:51.602Z | 2026-04-08T16:03:07.473Z |
| cve-2026-27102 | 6.6 (v3.1) | Dell PowerScale OneFS, versions 9.5.0.0 through 9… |
Dell |
PowerScale OneFS |
2026-04-08T12:11:23.717Z | 2026-04-13T15:37:35.174Z |
| cve-2026-5302 | 6.3 (v3.1) | Permissive Cross-domain Policy with Untrusted Domains … |
CoolerControl |
coolercontrold |
2026-04-08T12:05:06.430Z | 2026-04-08T14:10:15.915Z |
| cve-2026-5300 | 5.9 (v3.1) | Missing Authentication for Critical Function in cooler… |
CoolerControl |
coolercontrold |
2026-04-08T12:04:56.421Z | 2026-04-08T14:11:53.589Z |
| cve-2026-5301 | 7.6 (v3.1) | Improper Neutralization of Input During Web Page Gener… |
CoolerControl |
coolercontrol-ui |
2026-04-08T12:04:51.524Z | 2026-04-08T16:02:36.804Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2009-000056 | SugarCRM vulnerable to SQL injection | 2009-08-24T16:25+09:00 | 2009-08-24T16:25+09:00 |
| jvndb-2009-000054 | ColdFusion vulnerable to cross-site scripting | 2009-08-19T16:33+09:00 | 2009-08-19T16:33+09:00 |
| jvndb-2009-000053 | Cross-site request forgery vulnerability in FreeNAS | 2009-08-05T15:59+09:00 | 2009-08-05T15:59+09:00 |
| jvndb-2009-000052 | Cross-site scripting vulnerability in FreeNAS | 2009-08-05T15:58+09:00 | 2009-08-05T15:58+09:00 |
| jvndb-2009-000051 | Webservice-DIC yoyaku_v41 vulnerable to command injection | 2009-07-31T15:34+09:00 | 2009-07-31T15:34+09:00 |
| jvndb-2009-000050 | MySQL Connector/J vulnerable to SQL injection | 2009-07-29T15:30+09:00 | 2009-07-29T15:30+09:00 |
| jvndb-2009-000049 | Cross-site scripting vulnerability in RevoCounter CGI (Animation Counter) | 2009-07-24T17:19+09:00 | 2009-07-24T17:19+09:00 |
| jvndb-2009-000048 | shiromuku(fs6)DIARY cross-site scripting vulnerability | 2009-07-15T18:15+09:00 | 2009-07-15T18:15+09:00 |
| jvndb-2009-001741 | Hitachi Web Server Vulnerability in SSL Client Authentication | 2009-07-14T10:17+09:00 | 2014-05-21T18:16+09:00 |
| jvndb-2009-001740 | Hitachi Web Server Reverse Proxy Denial of Service (DoS) Vulnerability | 2009-07-14T10:17+09:00 | 2014-05-21T18:24+09:00 |
| jvndb-2009-001545 | Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Zip File Scanning Utility | 2009-07-07T11:12+09:00 | 2009-07-07T11:12+09:00 |
| jvndb-2009-001544 | Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process | 2009-07-07T11:12+09:00 | 2009-07-07T11:12+09:00 |
| jvndb-2009-000046 | PHP-I-BOARD from Let's PHP! vulnerable to directory traversal | 2009-07-01T17:54+09:00 | 2009-07-01T17:54+09:00 |
| jvndb-2009-000045 | PHP-I-BOARD from Let's PHP! vulnerable to cross-site scripting | 2009-07-01T17:54+09:00 | 2009-07-01T17:54+09:00 |
| jvndb-2009-000044 | Tree BBS from Let's PHP! vulnerable to cross-site scripting | 2009-07-01T17:53+09:00 | 2009-07-01T17:53+09:00 |
| jvndb-2009-000043 | Movable Type access restriction bypass vulnerability | 2009-07-01T17:53+09:00 | 2009-07-01T17:53+09:00 |
| jvndb-2009-000042 | Movable Type cross-site scripting vulnerability | 2009-07-01T17:53+09:00 | 2009-07-01T17:53+09:00 |
| jvndb-2009-000041 | Cross-site scripting vulnerability in PukiWikiMod from XOOPS Maniac | 2009-06-19T16:35+09:00 | 2009-06-19T16:35+09:00 |
| jvndb-2009-000040 | iPhone OS denial of service (DoS) vulnerability | 2009-06-18T17:54+09:00 | 2009-06-18T17:54+09:00 |
| jvndb-2009-000039 | Buffer overflow vulnerability in Microsoft Works converters | 2009-06-18T17:54+09:00 | 2009-06-18T17:54+09:00 |
| jvndb-2009-000038 | Cross-site scripting vulnerability in activeCollab | 2009-06-18T17:54+09:00 | 2009-06-18T17:54+09:00 |
| jvndb-2009-000037 | Apache Tomcat denial of service (DoS) vulnerability | 2009-06-18T17:54+09:00 | 2012-09-28T13:40+09:00 |
| jvndb-2009-000036 | Apache Tomcat information disclosure vulnerability | 2009-06-18T17:53+09:00 | 2012-09-28T13:35+09:00 |
| jvndb-2009-000035 | Predictable session ID vulnerability in Serene Bach | 2009-06-18T17:53+09:00 | 2009-06-18T17:53+09:00 |
| jvndb-2009-000034 | IMG-BBS from MT312 vulnerable to cross-site scripting | 2009-05-29T16:19+09:00 | 2009-05-29T16:19+09:00 |
| jvndb-2009-000033 | REP-BBS from MT312 vulnerable to cross-site scripting | 2009-05-29T16:19+09:00 | 2009-05-29T16:19+09:00 |
| jvndb-2009-000032 | Directory traversal vulnerability in multiple Cisco Systems products | 2009-05-29T16:19+09:00 | 2009-05-29T16:19+09:00 |
| jvndb-2009-000031 | Cross-site scripting vulnerability in leger (free edition) | 2009-05-27T18:28+09:00 | 2009-05-27T18:28+09:00 |
| jvndb-2009-000030 | a-News from Appleple vulnerable to cross-site scripting | 2009-05-22T14:31+09:00 | 2009-05-22T14:31+09:00 |
| jvndb-2009-000029 | HP System Management Homepage vulnerable to cross-site scripting | 2009-05-20T16:01+09:00 | 2009-05-20T16:01+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2023-avi-1050 | Multiples vulnérabilités dans Moodle | 2023-12-21T00:00:00.000000 | 2023-12-21T00:00:00.000000 |
| certfr-2023-avi-1049 | Multiples vulnérabilités dans Ivanti Avalanche | 2023-12-21T00:00:00.000000 | 2023-12-21T00:00:00.000000 |
| certfr-2023-avi-1048 | Multiples vulnérabilités dans les produits Mozilla | 2023-12-20T00:00:00.000000 | 2023-12-20T00:00:00.000000 |
| certfr-2023-avi-1047 | Vulnérabilité dans macOS Sonoma | 2023-12-20T00:00:00.000000 | 2023-12-20T00:00:00.000000 |
| certfr-2023-avi-1046 | Vulnérabilité dans Stormshield Network VPN Client | 2023-12-19T00:00:00.000000 | 2023-12-19T00:00:00.000000 |
| certfr-2023-avi-1045 | Vulnérabilité dans SPIP | 2023-12-19T00:00:00.000000 | 2023-12-19T00:00:00.000000 |
| certfr-2023-avi-1044 | Multiples vulnérabilités dans OpenSSH | 2023-12-19T00:00:00.000000 | 2023-12-19T00:00:00.000000 |
| certfr-2023-avi-1043 | Multiples vulnérabilités dans Zimbra Collaboration | 2023-12-18T00:00:00.000000 | 2023-12-18T00:00:00.000000 |
| certfr-2023-avi-1042 | Vulnérabilités dans MISP | 2023-12-18T00:00:00.000000 | 2023-12-18T00:00:00.000000 |
| certfr-2023-avi-1041 | Multiples vulnérabilités dans Nextcloud Server | 2023-12-18T00:00:00.000000 | 2023-12-18T00:00:00.000000 |
| certfr-2023-avi-1040 | Multiples vulnérabilités dans les produits Asterisk | 2023-12-18T00:00:00.000000 | 2023-12-18T00:00:00.000000 |
| certfr-2023-avi-1039 | Multiples vulnérabilités dans Stormshield Network Security | 2023-12-18T00:00:00.000000 | 2023-12-18T00:00:00.000000 |
| certfr-2023-avi-1038 | Multiples vulnérabilités dans les produits IBM | 2023-12-15T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1037 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2023-12-15T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1036 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2023-12-15T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1035 | Multiples vulnérabilités dans Microsoft Edge | 2023-12-15T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1034 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2023-12-15T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1033 | Multiples vulnérabilités dans Tenable Security Center | 2023-12-15T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1032 | Vulnérabilité dans Microsoft Azure | 2023-12-14T00:00:00.000000 | 2023-12-14T00:00:00.000000 |
| certfr-2023-avi-1031 | Multiples vulnérabilités dans Google Chrome | 2023-12-14T00:00:00.000000 | 2023-12-14T00:00:00.000000 |
| certfr-2023-avi-1030 | Vulnérabilité dans Squid | 2023-12-14T00:00:00.000000 | 2023-12-14T00:00:00.000000 |
| certfr-2023-avi-1029 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2023-12-14T00:00:00.000000 | 2023-12-14T00:00:00.000000 |
| certfr-2023-avi-1028 | Vulnérabilité dans les produits Wallix | 2023-12-14T00:00:00.000000 | 2023-12-14T00:00:00.000000 |
| certfr-2023-avi-1027 | Multiples vulnérabilités dans GitLab | 2023-12-14T00:00:00.000000 | 2023-12-15T00:00:00.000000 |
| certfr-2023-avi-1026 | Vulnérabilité dans VMware Workspace ONE Launcher | 2023-12-14T00:00:00.000000 | 2023-12-14T00:00:00.000000 |
| certfr-2023-avi-1025 | Multiples vulnérabilités dans les produits Microsoft | 2023-12-13T00:00:00.000000 | 2023-12-13T00:00:00.000000 |
| certfr-2023-avi-1024 | Multiples vulnérabilités dans Microsoft Azure | 2023-12-13T00:00:00.000000 | 2023-12-13T00:00:00.000000 |
| certfr-2023-avi-1023 | Multiples vulnérabilités dans Microsoft Windows | 2023-12-13T00:00:00.000000 | 2023-12-13T00:00:00.000000 |
| certfr-2023-avi-1022 | Multiples vulnérabilités dans Microsoft Office | 2023-12-13T00:00:00.000000 | 2023-12-13T00:00:00.000000 |
| certfr-2023-avi-1021 | Multiples vulnérabilités dans les produits PRIM'X | 2023-12-13T00:00:00.000000 | 2023-12-13T00:00:00.000000 |