Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32147 | 5.3 (v4.0) | SFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT |
Erlang |
OTP |
2026-04-21T12:01:20.350Z | 2026-04-21T12:01:20.350Z |
| cve-2026-41039 | 8.7 (v4.0) | Information Disclosure Vulnerability in Quantum Networ… |
Quantum Networks |
Router QN-I-470 |
2026-04-21T10:28:24.521Z | 2026-04-21T10:28:24.521Z |
| cve-2026-41038 | 7.6 (v4.0) | Weak Password Policy Vulnerability in Quantum Networks… |
Quantum Networks |
Router QN-I-470 |
2026-04-21T10:22:09.254Z | 2026-04-21T10:22:09.254Z |
| cve-2026-41036 | 8.7 (v4.0) | Command Injection Vulnerability in Quantum Networks Ro… |
Quantum Networks |
Router QN-I-470 |
2026-04-21T10:07:47.488Z | 2026-04-21T10:07:47.488Z |
| cve-2026-41037 | 8.7 (v4.0) | Missing Rate Limiting Vulnerability in Quantum Network… |
Quantum Networks |
Router QN-I-470 |
2026-04-21T10:04:56.462Z | 2026-04-21T10:11:27.782Z |
| cve-2026-6553 | 7.3 (v4.0) | TYPO3 CMS Stores Cleartext Password in User Settings Module |
TYPO3 |
TYPO3 CMS |
2026-04-21T10:04:02.525Z | 2026-04-21T10:08:27.342Z |
| cve-2026-39467 | 7.2 (v3.1) | WordPress Responsive Slider by MetaSlider plugin <= 3.… |
MetaSlider |
Responsive Slider by MetaSlider |
2026-04-21T09:35:29.246Z | 2026-04-21T09:35:29.246Z |
| cve-2026-3317 | 5.1 (v4.0) | Reflected Cross-Site Scripting in Navigate CMS application |
Navigate |
Navigate CMS |
2026-04-21T09:03:59.773Z | 2026-04-21T09:03:59.773Z |
| cve-2025-13826 | 8.2 (v4.0) | Incorrect input validation on the Zervit portable HTTP… |
Zervit |
portable HTTP/Web server |
2026-04-21T08:19:57.983Z | 2026-04-21T08:19:57.983Z |
| cve-2026-6711 | Website LLMs.txt <= 8.2.6 - Reflected Cross-Site Scripting |
ryhowa |
Website LLMs.txt |
2026-04-21T06:43:59.951Z | 2026-04-21T06:43:59.951Z | |
| cve-2026-6712 | Website LLMs.txt <= 8.2.6 - Authenticated (Admin+) Sto… |
ryhowa |
Website LLMs.txt |
2026-04-21T06:43:59.539Z | 2026-04-21T06:43:59.539Z | |
| cve-2026-6703 | Responsive Blocks <= 2.2.1 - Missing Authorization to … |
cyberchimps |
Responsive Blocks – Page Builder for Blocks & Patterns |
2026-04-21T06:43:58.955Z | 2026-04-21T06:43:58.955Z | |
| cve-2026-31368 | 7.8 (v3.1) | Privilege Bypass in AiAssistant |
Honor |
AIAssistant |
2026-04-21T06:40:08.446Z | 2026-04-21T06:40:08.446Z |
| cve-2026-31370 | 6.3 (v3.1) | Information Leak Vulnerability in Honor E |
Honor |
Honor E |
2026-04-21T06:30:53.883Z | 2026-04-21T06:30:53.883Z |
| cve-2026-31369 | 3.2 (v3.1) | Privilege Bypass in PcManager |
Honor |
PcManager |
2026-04-21T06:26:52.403Z | 2026-04-21T06:26:52.403Z |
| cve-2026-5965 | 9.3 (v4.0) 9.8 (v3.1) | NewSoft|NewSoftOA - OS Command Injection |
NewSoft |
NewSoftOA |
2026-04-21T03:32:55.138Z | 2026-04-21T03:32:55.138Z |
| cve-2026-6674 | Plugin: CMS für Motorrad Werkstätten <= 1.0.0 - Authen… |
tholstkabelbwde |
Plugin: CMS für Motorrad Werkstätten |
2026-04-21T02:25:40.676Z | 2026-04-21T02:25:40.676Z | |
| cve-2026-6675 | Responsive Blocks <= 2.2.0 - Unauthenticated Open Emai… |
cyberchimps |
Responsive Blocks – Page Builder for Blocks & Patterns |
2026-04-21T02:25:39.847Z | 2026-04-21T02:25:39.847Z | |
| cve-2026-40497 | FreeScout Vulnerable to CSS Injection via Stored Style… |
freescout-help-desk |
freescout |
2026-04-21T01:45:55.492Z | 2026-04-21T01:45:55.492Z | |
| cve-2026-6058 | 4.5 (v3.1) | ** UNSUPPORTED WHEN ASSIGNED ** An improper encod… |
Zyxel |
WRE6505 v2 firmware |
2026-04-21T01:42:07.433Z | 2026-04-21T01:48:13.740Z |
| cve-2026-40496 | FreeScout has Predictable Attachment Token that Allows… |
freescout-help-desk |
freescout |
2026-04-21T01:38:50.117Z | 2026-04-21T01:38:50.117Z | |
| cve-2026-39973 | Apktool: Path Traversal to Arbitrary File Write |
iBotPeaches |
Apktool |
2026-04-21T01:35:22.396Z | 2026-04-21T01:35:22.396Z | |
| cve-2026-40250 | OpenEXR has integer overflow in DWA decoder outBufferE… |
AcademySoftwareFoundation |
openexr |
2026-04-21T01:33:00.212Z | 2026-04-21T01:33:00.212Z | |
| cve-2026-40244 | OpenEXR has integer overflow in DWA setupChannelData p… |
AcademySoftwareFoundation |
openexr |
2026-04-21T01:30:55.061Z | 2026-04-21T01:30:55.061Z | |
| cve-2026-39886 | OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl() |
AcademySoftwareFoundation |
openexr |
2026-04-21T01:27:01.371Z | 2026-04-21T01:27:01.371Z | |
| cve-2026-39866 | Lawnchair vulnerable to Command Injection via unquoted… |
LawnchairLauncher |
lawnchair |
2026-04-21T01:19:47.510Z | 2026-04-21T01:19:47.510Z | |
| cve-2026-39861 | Claude Code: Sandbox Escape via Symlink Following Allo… |
anthropics |
claude-code |
2026-04-21T00:56:39.062Z | 2026-04-21T00:56:39.062Z | |
| cve-2026-39386 | Neko has Self-service Privilege Escalation for Authent… |
m1k1o |
neko |
2026-04-21T00:50:34.656Z | 2026-04-21T00:50:34.656Z | |
| cve-2026-40264 | OpenBao's Token Store Allows Cross-Namespace Renewal, … |
openbao |
openbao |
2026-04-21T00:47:38.156Z | 2026-04-21T00:47:38.156Z | |
| cve-2026-39396 | OpenBao has Decompression Bomb via Unbounded Copy in O… |
openbao |
openbao |
2026-04-21T00:44:53.943Z | 2026-04-21T00:44:53.943Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-012056 | Multiple vulnerabilities in silex technology SD-330AC and AMC Manager | 2026-04-21T15:27+09:00 | 2026-04-21T15:27+09:00 |
| jvndb-2026-000051 | SKYSEA Client View and SKYMEC IT Manager improper file access permission settings | 2026-04-20T14:47+09:00 | 2026-04-20T14:47+09:00 |
| jvndb-2026-011472 | OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries | 2026-04-17T14:54+09:00 | 2026-04-17T14:54+09:00 |
| jvndb-2026-000057 | Multiple vulnerabilities in CubeCart | 2026-04-17T13:32+09:00 | 2026-04-17T13:32+09:00 |
| jvndb-2026-000056 | Arcserve UDP Console vulnerable to redirect to a dummy URL | 2026-04-16T17:29+09:00 | 2026-04-16T17:29+09:00 |
| jvndb-2026-000055 | GROWI vulnerable to stored cross-site scripting | 2026-04-15T17:21+09:00 | 2026-04-15T17:21+09:00 |
| jvndb-2026-010851 | Stack-based buffer overflow vulnerability in Dynabook Bluetooth ACPI Drivers | 2026-04-14T18:13+09:00 | 2026-04-14T18:13+09:00 |
| jvndb-2026-000053 | EmoCheck loads Dynamic Link Libraries insecurely | 2026-04-10T13:38+09:00 | 2026-04-10T13:38+09:00 |
| jvndb-2026-000052 | Multiple vulnerabilities in MATCHA series | 2026-04-08T16:15+09:00 | 2026-04-08T16:15+09:00 |
| jvndb-2026-000050 | Multiple vulnerabilities in Movable Type | 2026-04-08T16:15+09:00 | 2026-04-08T16:15+09:00 |
| jvndb-2026-010301 | Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010300 | Multiple Vulnerabilities in Hitachi Ops Center Viewpoint | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010299 | Multiple Vulnerabilities in Hitachi Ops Center Common Services | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-000049 | Multiple vulnerabilities in NEC Aterm series (NV26-001) | 2026-04-03T15:09+09:00 | 2026-04-03T15:09+09:00 |
| jvndb-2026-009720 | Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) | 2026-04-02T14:58+09:00 | 2026-04-03T15:50+09:00 |
| jvndb-2026-009412 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009411 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009410 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009409 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009408 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009406 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009147 | Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2026-03-27T18:18+09:00 | 2026-03-27T18:18+09:00 |
| jvndb-2026-009148 | Open Redirect Vulnerability in Hitachi Ops Center Administrator | 2026-03-27T18:17+09:00 | 2026-03-27T18:17+09:00 |
| jvndb-2026-000047 | Multiple vulnerabilities in baserCMS | 2026-03-27T18:00+09:00 | 2026-03-27T18:00+09:00 |
| jvndb-2026-000045 | WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting | 2026-03-27T17:34+09:00 | 2026-03-27T17:34+09:00 |
| jvndb-2026-000046 | Multiple vulnerabilities in BUFFALO Wi-Fi routers | 2026-03-27T17:18+09:00 | 2026-03-27T17:18+09:00 |
| jvndb-2026-000044 | Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000042 | Digital Photo Frame GH-WDF10A vulnerable to improper access restriction | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000043 | SHARP routers missing authentication for some web APIs | 2026-03-25T18:41+09:00 | 2026-03-25T18:41+09:00 |
| jvndb-2026-000040 | Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries | 2026-03-25T18:13+09:00 | 2026-03-25T18:13+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0463 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0462 | Multiples vulnérabilités dans Microsoft Edge | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0461 | Multiples vulnérabilités dans Apache Kafka | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0460 | Vulnérabilité dans Xen | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0459 | Vulnérabilité dans Mattermost Server | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0458 | Vulnérabilité dans les produits Moxa | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0457 | Multiples vulnérabilités dans Spring Framework | 2026-04-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-avi-0456 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-17T00:00:00.000000 | 2026-04-17T00:00:00.000000 |
| certfr-2026-avi-0455 | Multiples vulnérabilités dans IBM QRadar | 2026-04-17T00:00:00.000000 | 2026-04-17T00:00:00.000000 |
| certfr-2026-avi-0454 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-04-17T00:00:00.000000 | 2026-04-17T00:00:00.000000 |
| certfr-2026-avi-0453 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-04-17T00:00:00.000000 | 2026-04-17T00:00:00.000000 |
| certfr-2026-avi-0452 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-04-17T00:00:00.000000 | 2026-04-17T00:00:00.000000 |
| certfr-2026-avi-0451 | Multiples vulnérabilités dans les produits Cisco | 2026-04-16T00:00:00.000000 | 2026-04-16T00:00:00.000000 |
| certfr-2026-avi-0450 | Multiples vulnérabilités dans les produits Splunk | 2026-04-16T00:00:00.000000 | 2026-04-16T00:00:00.000000 |
| certfr-2026-avi-0449 | Vulnérabilité dans Apache Kafka | 2026-04-16T00:00:00.000000 | 2026-04-16T00:00:00.000000 |
| certfr-2026-avi-0448 | Multiples vulnérabilités dans Google Chrome | 2026-04-16T00:00:00.000000 | 2026-04-16T00:00:00.000000 |
| certfr-2026-avi-0447 | Multiples vulnérabilités dans Drupal | 2026-04-16T00:00:00.000000 | 2026-04-16T00:00:00.000000 |
| certfr-2026-avi-0446 | Multiples vulnérabilités dans Mattermost Server | 2026-04-16T00:00:00.000000 | 2026-04-17T00:00:00.000000 |
| certfr-2026-avi-0445 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0444 | Multiples vulnérabilités dans Microsoft Azure | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0443 | Multiples vulnérabilités dans Microsoft .Net | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0442 | Multiples vulnérabilités dans Microsoft Windows | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0441 | Multiples vulnérabilités dans Microsoft Office | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0440 | Multiples vulnérabilités dans les produits Fortinet | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0439 | Multiples vulnérabilités dans Ivanti Neurons | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0438 | Multiples vulnérabilités dans les produits Adobe | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0437 | Vulnérabilité dans Python | 2026-04-15T00:00:00.000000 | 2026-04-15T00:00:00.000000 |
| certfr-2026-avi-0436 | Multiples vulnérabilités dans Tenable Identity Exposure | 2026-04-15T00:00:00.000000 | 2026-04-16T00:00:00.000000 |
| certfr-2026-avi-0435 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0434 | Multiples vulnérabilités dans les produits SAP | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-ale-004 | Vulnérabilité dans F5 BIG-IP Access Policy Manager | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-ale-003 | Note d’alerte – Ciblage des messageries instantanées | 2026-03-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-ale-002 | [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-03-26T00:00:00.000000 |
| certfr-2026-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-09T00:00:00.000000 |
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-12-09T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-03T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-01-14T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2025-01-27T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-23T00:00:00.000000 | 2025-03-31T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2024-10-22T00:00:00.000000 | 2025-03-31T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |