Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-9749 | 7.1 (v4.0) 6.5 (v3.1) | Using MaxKey() may crash the server |
MongoDB |
MongoDB Server |
2026-06-09T22:10:45.815Z | 2026-06-09T22:10:45.815Z |
| cve-2026-9748 | 7.1 (v4.0) 6.5 (v3.1) | $_internalConvertBucketIndexStats may crash the mongod… |
MongoDB |
MongoDB Server |
2026-06-09T22:08:22.075Z | 2026-06-09T22:08:22.075Z |
| cve-2026-9747 | 7.1 (v4.0) 6.5 (v3.1) | Crafted cross-shard merge aggregation crashes MongoDB Server |
MongoDB |
MongoDB Server |
2026-06-09T22:05:24.209Z | 2026-06-09T22:05:24.209Z |
| cve-2026-9746 | 7.1 (v4.0) 6.5 (v3.1) | Server crashes in case of the use of exchange |
MongoDB |
MongoDB Server |
2026-06-09T22:02:12.772Z | 2026-06-09T22:02:12.772Z |
| cve-2026-9743 | 7.1 (v4.0) 6.5 (v3.1) | Aggregation sub-pipeline null dereference may allow Do… |
MongoDB |
MongoDB server |
2026-06-09T21:59:34.669Z | 2026-06-09T21:59:34.669Z |
| cve-2026-9742 | 8.2 (v4.0) 7.5 (v3.1) | Authenticate command with specific mechanism parameter… |
MongoDB |
MongoDB Server |
2026-06-09T21:57:46.304Z | 2026-06-09T21:57:46.304Z |
| cve-2026-9741 | 7.1 (v4.0) 6.5 (v3.1) | Client side encryption fails to encrypt values in a $v… |
MongoDB |
MongoDB Server |
2026-06-09T21:56:01.111Z | 2026-06-09T21:56:01.111Z |
| cve-2026-34711 | 7.5 (v3.1) | CAI Content Credentials | Integer Overflow or Wraparou… |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:57.417Z | 2026-06-09T21:21:57.417Z |
| cve-2026-34712 | 7.5 (v3.1) | CAI Content Credentials | Improper Input Validation (CWE-20) |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:56.597Z | 2026-06-09T21:21:56.597Z |
| cve-2026-47904 | 6.2 (v3.1) | CAI Content Credentials | Uncontrolled Resource Consum… |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:55.688Z | 2026-06-09T21:21:55.688Z |
| cve-2026-47903 | 6.2 (v3.1) | CAI Content Credentials | Improper Input Validation (CWE-20) |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:54.849Z | 2026-06-09T21:21:54.849Z |
| cve-2026-47902 | 6.2 (v3.1) | CAI Content Credentials | Uncontrolled Resource Consum… |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:54.062Z | 2026-06-09T21:21:54.062Z |
| cve-2026-47905 | 6.2 (v3.1) | CAI Content Credentials | Uncontrolled Resource Consum… |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:53.212Z | 2026-06-09T21:21:53.212Z |
| cve-2026-34657 | 5.5 (v3.1) | CAI Content Credentials | Improper Limitation of a Pat… |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:52.359Z | 2026-06-09T21:21:52.359Z |
| cve-2026-34713 | 7.5 (v3.1) | CAI Content Credentials | Uncontrolled Resource Consum… |
Adobe |
CAI Content Credentials |
2026-06-09T21:21:51.492Z | 2026-06-09T21:21:51.492Z |
| cve-2026-25860 | 5.3 (v4.0) 6.1 (v3.1) | OpenClinic GA 5.351.19 Reflected XSS via DICOM Image U… |
frankverbeke |
OpenClinic GA |
2026-06-09T21:09:44.921Z | 2026-06-09T21:09:44.921Z |
| cve-2026-34417 | 5.1 (v4.0) 6.1 (v3.1) | OSCAL-GUI Reflected XSS via project parameter in oscal… |
brian-ruf |
OSCAL-GUI |
2026-06-09T21:02:40.964Z | 2026-06-09T21:02:40.964Z |
| cve-2026-34416 | 5.1 (v4.0) 6.1 (v3.1) | OSCAL-GUI Reflected XSS via project parameter in oscal.php |
brian-ruf |
OSCAL-GUI |
2026-06-09T20:59:29.063Z | 2026-06-09T20:59:29.063Z |
| cve-2026-47938 | 10 (v3.1) | Adobe Campaign Classic (ACC) | Server-Side Request For… |
Adobe |
Adobe Campaign Classic (ACC) |
2026-06-09T20:59:05.041Z | 2026-06-09T21:01:11.348Z |
| cve-2026-48303 | 10 (v3.1) | Adobe Campaign Classic (ACC) | Incorrect Authorization… |
Adobe |
Adobe Campaign Classic (ACC) |
2026-06-09T20:59:03.860Z | 2026-06-09T20:59:03.860Z |
| cve-2026-11799 | N/A | UXSS in Focus for iOS / Klar Webkit navigation |
Mozilla |
Focus for iOS |
2026-06-09T20:52:02.036Z | 2026-06-09T20:52:02.036Z |
| cve-2026-25557 | 5.1 (v4.0) 5.4 (v3.1) | Evoluted PHP Directory Listing Script 4.0.5 Reflected … |
Evoluted |
PHP Directory Listing Script |
2026-06-09T20:49:31.853Z | 2026-06-09T20:49:31.853Z |
| cve-2026-48291 | 7.8 (v3.1) | Format Plugins | Heap-based Buffer Overflow (CWE-122) |
Adobe |
Format Plugins |
2026-06-09T20:38:43.146Z | 2026-06-09T20:38:43.146Z |
| cve-2026-48292 | 7.8 (v3.1) | Format Plugins | Heap-based Buffer Overflow (CWE-122) |
Adobe |
Format Plugins |
2026-06-09T20:38:42.209Z | 2026-06-09T20:38:42.209Z |
| cve-2026-47929 | 8.4 (v3.1) | ColdFusion | Incorrect Authorization (CWE-863) |
Adobe |
ColdFusion |
2026-06-09T20:33:38.859Z | 2026-06-09T20:33:38.859Z |
| cve-2026-47932 | 8.8 (v3.1) | ColdFusion | Improper Limitation of a Pathname to a Re… |
Adobe |
ColdFusion |
2026-06-09T20:33:38.062Z | 2026-06-09T20:33:38.062Z |
| cve-2026-47960 | 7.4 (v3.1) | ColdFusion | Improper Restriction of XML External Enti… |
Adobe |
ColdFusion |
2026-06-09T20:33:37.237Z | 2026-06-09T20:33:37.237Z |
| cve-2026-47928 | 9.6 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:36.440Z | 2026-06-09T20:33:36.440Z |
| cve-2026-47931 | 8.4 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:35.611Z | 2026-06-09T20:33:35.611Z |
| cve-2026-47930 | 8.1 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-06-09T20:33:34.756Z | 2026-06-09T20:33:34.756Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000083 | CamView installer insecurely loads Dynamic Link Libraries | 2026-06-09T14:07+09:00 | 2026-06-09T14:07+09:00 |
| jvndb-2026-000082 | Multiple TP-Link products vulnerable to cleartext transmission of sensitive information | 2026-06-05T14:05+09:00 | 2026-06-05T14:05+09:00 |
| jvndb-2026-018098 | Security information for Hitachi Disk Array Systems | 2026-06-04T17:26+09:00 | 2026-06-04T17:26+09:00 |
| jvndb-2026-017436 | TP-Link Archer BE450 and BE7200 vulnerable to OS command injection | 2026-06-03T17:08+09:00 | 2026-06-03T17:08+09:00 |
| jvndb-2026-000081 | WordPress Plugin "Zoho Mail for WordPress" vulnerable to cross-site request forgery | 2026-06-03T14:10+09:00 | 2026-06-03T14:10+09:00 |
| jvndb-2026-017322 | Link following vulnerability in Canon My Image Garden for macOS and CUPS Printer Driver for macOS | 2026-06-01T17:37+09:00 | 2026-06-01T17:37+09:00 |
| jvndb-2026-000077 | Multiple vulnerabilities in ServerView Agents for Windows | 2026-06-01T17:34+09:00 | 2026-06-01T17:34+09:00 |
| jvndb-2026-000080 | Jupyter Server vulnerable to open redirect | 2026-05-28T13:42+09:00 | 2026-05-28T13:42+09:00 |
| jvndb-2026-016983 | Multiple Vulnerabilities in Cosminexus | 2026-05-27T15:09+09:00 | 2026-05-27T15:09+09:00 |
| jvndb-2026-016982 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2026-05-27T15:09+09:00 | 2026-05-27T15:09+09:00 |
| jvndb-2026-016981 | Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint | 2026-05-27T15:09+09:00 | 2026-05-27T15:09+09:00 |
| jvndb-2026-000079 | NEC Aterm series vulnerable to OS command injection (NV26-003) | 2026-05-25T15:35+09:00 | 2026-05-25T18:14+09:00 |
| jvndb-2026-000078 | NEC Aterm series vulnerable to cross-site scripting (NV26-002) | 2026-05-25T15:35+09:00 | 2026-05-25T18:06+09:00 |
| jvndb-2026-016976 | Security information for Hitachi Disk Array Systems | 2026-05-25T11:39+09:00 | 2026-05-25T11:39+09:00 |
| jvndb-2026-016802 | Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (May 2026) | 2026-05-22T16:44+09:00 | 2026-05-25T15:38+09:00 |
| jvndb-2026-016626 | Android App "RoboForm Password Manager" insufficient validation of Android intents | 2026-05-21T17:22+09:00 | 2026-05-21T17:22+09:00 |
| jvndb-2026-000076 | Movable Type vulnerable to missing authorization | 2026-05-20T15:21+09:00 | 2026-05-20T15:21+09:00 |
| jvndb-2026-000054 | Multiple vulnerabilities in "Musetheque V4 Information Disclosure for IPKNOWLEDGE" | 2026-05-15T13:57+09:00 | 2026-05-15T13:57+09:00 |
| jvndb-2026-000074 | WPS Office improper access restriction to its named pipe | 2026-05-14T16:16+09:00 | 2026-05-14T16:16+09:00 |
| jvndb-2026-000075 | Bytello Share (Windows Edition) installer executable insecurely loads Dynamic Link Libraries | 2026-05-13T15:41+09:00 | 2026-05-13T15:41+09:00 |
| jvndb-2026-000072 | GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow | 2026-05-13T15:41+09:00 | 2026-05-15T15:37+09:00 |
| jvndb-2026-000069 | Android App "Anshin Filter for au" vulnerable to cleartext transmission of sensitive information | 2026-05-13T15:41+09:00 | 2026-05-13T15:41+09:00 |
| jvndb-2026-000073 | Multiple vulnerabilities in ELECOM wireless LAN routers and access points (May 2026) | 2026-05-12T15:16+09:00 | 2026-05-20T11:52+09:00 |
| jvndb-2026-015132 | Canon Production Printers and Office Multifunction Printers vulnerable to information disclosure | 2026-05-12T14:04+09:00 | 2026-05-12T14:04+09:00 |
| jvndb-2026-000071 | GROWI vulnerable to path traversal | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000070 | libXpm vulnerable to out-of-bounds read | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000068 | Lhaz and Lhaz+ vulnerable to path traversal | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000067 | "Kura Sushi Official App" vulnerable to improper certificate validation | 2026-05-11T18:20+09:00 | 2026-05-11T18:20+09:00 |
| jvndb-2026-000066 | Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2026-04-30T17:02+09:00 | 2026-04-30T17:02+09:00 |
| jvndb-2026-006408 | Apache ActiveMQ series improper validation of MQTT packets [AMQ-9810] | 2026-04-24T17:56+09:00 | 2026-04-24T17:56+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0703 | Vulnérabilité dans Laravel | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0702 | Multiples vulnérabilités dans Spring Micrometer | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0701 | Multiples vulnérabilités dans les produits Microsoft | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0700 | Multiples vulnérabilités dans Microsoft Edge | 2026-06-08T00:00:00.000000 | 2026-06-08T00:00:00.000000 |
| certfr-2026-avi-0699 | Vulnérabilité dans Cisco Catalyst SD-WAN | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0698 | Multiples vulnérabilités dans les produits IBM | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0697 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0696 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0695 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0694 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0693 | Multiples vulnérabilités dans Microsoft Azure Linux | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0692 | Multiples vulnérabilités dans Google Chrome | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0691 | Multiples vulnérabilités dans CPython | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0690 | Multiples vulnérabilités dans Traefik | 2026-06-05T00:00:00.000000 | 2026-06-05T00:00:00.000000 |
| certfr-2026-avi-0689 | Vulnérabilité dans les produits Cisco | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0688 | Multiples vulnérabilités dans FreeRadius | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0687 | Multiples vulnérabilités dans Synology Chat Server pour DSM | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0686 | Multiples vulnérabilités dans les produits NetApp | 2026-06-04T00:00:00.000000 | 2026-06-04T00:00:00.000000 |
| certfr-2026-avi-0685 | Multiples vulnérabilités dans Microsoft Azure Linux | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0684 | Multiples vulnérabilités dans Mozilla Firefox | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0683 | Vulnérabilité dans HPE Aruba Networking AOS-CX | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0682 | Vulnérabilité dans les produits Laravel | 2026-06-03T00:00:00.000000 | 2026-06-03T00:00:00.000000 |
| certfr-2026-avi-0681 | Multiples vulnérabilités dans les produits Microsoft | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0680 | Multiples vulnérabilités dans Microsoft Edge | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0679 | Multiples vulnérabilités dans Google Android | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0678 | Vulnérabilité dans Apache Kafka | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0677 | Vulnérabilité dans les produits Ivanti | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0676 | Multiples vulnérabilités dans Mozilla Firefox | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0675 | Multiples vulnérabilités dans GLPI | 2026-06-02T00:00:00.000000 | 2026-06-02T00:00:00.000000 |
| certfr-2026-avi-0674 | Multiples vulnérabilités dans les produits Microsoft | 2026-06-01T00:00:00.000000 | 2026-06-01T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-ale-005 | Vulnérabilité dans Microsoft Exchange Server | 2026-05-15T00:00:00.000000 | 2026-05-15T00:00:00.000000 |
| certfr-2026-ale-004 | Vulnérabilité dans F5 BIG-IP Access Policy Manager | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-ale-003 | Note d’alerte – Ciblage des messageries instantanées | 2026-03-20T00:00:00.000000 | 2026-04-20T00:00:00.000000 |
| certfr-2026-ale-002 | [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-03-26T00:00:00.000000 |
| certfr-2026-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-09T00:00:00.000000 |
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-12-09T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-03T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-01-14T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2025-01-27T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-23T00:00:00.000000 | 2025-03-31T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2024-10-22T00:00:00.000000 | 2025-03-31T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |