Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-27021	6.9 (4.0)	Discourse: Poll voters endpoint lacked post visibility…	discourse	discourse	2026-02-26T19:50:56.341Z	2026-02-28T03:25:15.137Z
CVE-2026-2775	9.8 (3.1)	Mitigation bypass in the DOM: HTML Parser component	Mozilla	Firefox	2026-02-24T13:33:11.553Z	2026-02-28T03:21:34.289Z
CVE-2026-2776	10 (3.1)	Sandbox escape due to incorrect boundary conditions in…	Mozilla	Firefox	2026-02-24T13:33:12.247Z	2026-02-28T03:19:44.671Z
CVE-2026-2778	10 (3.1)	Sandbox escape due to incorrect boundary conditions in…	Mozilla	Firefox	2026-02-24T13:33:13.564Z	2026-02-28T03:18:10.437Z
CVE-2026-2779	9.8 (3.1)	Incorrect boundary conditions in the Networking: JAR c…	Mozilla	Firefox	2026-02-24T13:33:14.195Z	2026-02-28T03:16:09.978Z
CVE-2026-2784	9.8 (3.1)	Mitigation bypass in the DOM: Security component	Mozilla	Firefox	2026-02-24T13:33:17.554Z	2026-02-28T03:14:35.231Z
CVE-2026-2788	9.8 (3.1)	Incorrect boundary conditions in the Audio/Video: GMP …	Mozilla	Firefox	2026-02-24T13:33:20.287Z	2026-02-28T03:12:31.648Z
CVE-2026-2791	9.8 (3.1)	Mitigation bypass in the Networking: Cache component	Mozilla	Firefox	2026-02-24T13:33:22.237Z	2026-02-28T03:10:50.975Z
CVE-2023-37028	6.5 (3.1)	A Null pointer dereference vulnerability in the M…	n/a	n/a	2025-01-21T00:00:00.000Z	2026-02-28T03:06:39.990Z
CVE-2024-29741	7.8 (3.1)	In pblS2mpuResume of s2mpu.c, there is a possible…	Google	Android	2024-04-05T20:02:15.409Z	2026-02-28T03:02:40.798Z
CVE-2024-26480	7.5 (3.1)	An issue in Statping-ng v.0.91.0 allows an attack…	n/a	n/a	2026-02-11T00:00:00.000Z	2026-02-28T03:01:46.335Z
CVE-2025-69971	9.8 (3.1)	FUXA v1.2.7 contains a hard-coded credential vuln…	n/a	n/a	2026-02-03T00:00:00.000Z	2026-02-28T02:59:59.337Z
CVE-2025-69421	N/A	NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex…	OpenSSL	OpenSSL	2026-01-27T16:01:26.435Z	2026-02-28T02:58:24.792Z
CVE-2025-66374	7.8 (3.1)	CyberArk Endpoint Privilege Manager Agent through…	n/a	n/a	2026-02-03T00:00:00.000Z	2026-02-28T02:56:22.099Z
CVE-2025-65887	6.5 (3.1)	A division-by-zero vulnerability in the flow.floo…	n/a	n/a	2026-01-28T00:00:00.000Z	2026-02-28T02:54:45.328Z
CVE-2025-6591	0 (4.0)	HTML injection in API action=feedcontributions output …	Wikimedia Foundation	MediaWiki	2026-02-02T23:02:33.728Z	2026-02-28T02:52:57.390Z
CVE-2026-2773	9.8 (3.1)	Incorrect boundary conditions in the Web Audio component	Mozilla	Firefox	2026-02-24T13:33:10.177Z	2026-02-28T02:38:52.756Z
CVE-2026-2766	9.8 (3.1)	Use-after-free in the JavaScript Engine: JIT component	Mozilla	Firefox	2026-02-24T13:33:04.946Z	2026-02-28T02:32:50.044Z
CVE-2026-2765	9.8 (3.1)	Use-after-free in the JavaScript Engine component	Mozilla	Firefox	2026-02-24T13:33:03.943Z	2026-02-28T02:31:24.689Z
CVE-2026-2764	9.8 (3.1)	JIT miscompilation, use-after-free in the JavaScript E…	Mozilla	Firefox	2026-02-24T13:33:03.207Z	2026-02-28T02:29:08.622Z
CVE-2026-2763	9.8 (3.1)	Use-after-free in the JavaScript Engine component	Mozilla	Firefox	2026-02-24T13:33:02.514Z	2026-02-28T02:27:22.934Z
CVE-2026-2762	9.8 (3.1)	Integer overflow in the JavaScript: Standard Library c…	Mozilla	Firefox	2026-02-24T13:33:01.761Z	2026-02-28T02:25:03.772Z
CVE-2026-2460	7.6 (4.0)	A vulnerability exists in REB500 for an authentic…	Hitachi Energy	Relion REB500	2026-02-24T13:24:34.836Z	2026-02-28T02:23:18.377Z
CVE-2026-2459	7.4 (4.0)	A vulnerability exists in REB500 for an authentic…	Hitachi Energy	Relion REB500	2026-02-24T13:21:42.470Z	2026-02-28T02:22:21.519Z
CVE-2026-1773	8.7 (4.0)	IEC 60870-5-104: Potential Denial of Service impa…	Hitachi Energy	RTU500 series CMU firmware	2026-02-24T13:13:17.990Z	2026-02-28T02:20:00.192Z
CVE-2026-1772	5.3 (4.0)	RTU500 web interface: An unprivileged user can re…	Hitachi Energy	RTU500 series CMU firmware	2026-02-24T13:03:23.592Z	2026-02-28T02:19:01.092Z
CVE-2026-27129	5.7 (4.0)	Cloud Metadata SSRF Protection Bypass via IPv6 Resolution	craftcms	cms	2026-02-24T02:45:45.494Z	2026-02-28T02:17:18.957Z
CVE-2026-27128	6.9 (4.0)	Craft CMS's race condition in Token Service potentiall…	craftcms	cms	2026-02-24T02:42:53.706Z	2026-02-28T02:13:48.422Z
CVE-2026-27127	7 (4.0)	Craft CMS has Cloud Metadata SSRF Protection Bypass vi…	craftcms	cms	2026-02-24T02:39:44.569Z	2026-02-28T02:12:36.723Z
CVE-2026-3065	5.3 (4.0) 6.3 (3.1) 6.3 (3.0)	HummerRisk Cloud Task Dry-run CloudTaskService.java Co…	n/a	HummerRisk	2026-02-24T02:32:10.391Z	2026-02-28T02:11:08.525Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-2773	9.8 (3.1)	Incorrect boundary conditions in the Web Audio component	Mozilla	Firefox	2026-02-24T13:33:10.177Z	2026-02-28T02:38:52.756Z
CVE-2026-2766	9.8 (3.1)	Use-after-free in the JavaScript Engine: JIT component	Mozilla	Firefox	2026-02-24T13:33:04.946Z	2026-02-28T02:32:50.044Z
CVE-2026-2765	9.8 (3.1)	Use-after-free in the JavaScript Engine component	Mozilla	Firefox	2026-02-24T13:33:03.943Z	2026-02-28T02:31:24.689Z
CVE-2026-2764	9.8 (3.1)	JIT miscompilation, use-after-free in the JavaScript E…	Mozilla	Firefox	2026-02-24T13:33:03.207Z	2026-02-28T02:29:08.622Z
CVE-2026-2763	9.8 (3.1)	Use-after-free in the JavaScript Engine component	Mozilla	Firefox	2026-02-24T13:33:02.514Z	2026-02-28T02:27:22.934Z
CVE-2026-2762	9.8 (3.1)	Integer overflow in the JavaScript: Standard Library c…	Mozilla	Firefox	2026-02-24T13:33:01.761Z	2026-02-28T02:25:03.772Z
CVE-2026-3054	5.3 (4.0) 4.3 (3.1) 4.3 (3.0)	Alinto SOGo cross site scripting	Alinto	SOGo	2026-02-24T02:02:06.992Z	2026-02-24T20:45:48.226Z
CVE-2026-26369	9.3 (4.0) 9.8 (3.1)	JUNG eNet SMART HOME server 2.2.1/2.3.1 Privilege Esca…	JUNG	eNet SMART HOME server	2026-02-15T15:29:56.204Z	2026-02-17T16:50:04.129Z
CVE-2026-26368	8.7 (4.0) 8.8 (3.1)	JUNG eNet SMART HOME server 2.2.1/2.3.1 Account Takeov…	JUNG	eNet SMART HOME server	2026-02-15T15:29:55.403Z	2026-02-17T16:50:34.868Z
CVE-2026-23595	8.8 (3.1)	Unauthenticated Authentication Bypass in application A…	Hewlett Packard Enterprise (HPE)	HPE Aruba Networking Private 5G Core	2026-02-17T20:45:43.833Z	2026-02-18T15:18:41.436Z
CVE-2026-23596	6.5 (3.1)	Unauthenticated Improper Access Control in management …	Hewlett Packard Enterprise (HPE)	HPE Aruba Networking Private 5G Core	2026-02-17T20:46:12.694Z	2026-02-18T15:15:27.361Z
CVE-2026-23598	6.5 (3.1)	Unauthenticated Information Disclosure in application …	Hewlett Packard Enterprise (HPE)	HPE Aruba Networking Private 5G Core	2026-02-17T20:47:21.374Z	2026-02-27T14:19:25.480Z
CVE-2026-23597	6.5 (3.1)	Unauthenticated Information Disclosure in application …	Hewlett Packard Enterprise (HPE)	HPE Aruba Networking Private 5G Core	2026-02-17T20:46:45.035Z	2026-02-18T14:42:46.651Z
CVE-2024-55928	6.5 (3.1)	Clear text secrets returned & Remote system secrets in…	Xerox	Xerox Workplace Suite	2025-01-23T17:25:46.915Z	2025-02-24T17:16:19.462Z
CVE-2024-55927	7.6 (3.1)	Flawed token generation implementation & Hard-coded ke…	Xerox	Xerox Workplace Suite	2025-01-23T17:20:29.974Z	2025-02-24T17:12:10.831Z
CVE-2024-55926	7.6 (3.1)	Arbitrary file upload, deletion and read through heade…	Xerox	Xerox Workplace Suite	2025-01-23T17:12:21.371Z	2025-02-24T17:11:02.567Z
CVE-2024-55925	7.5 (3.1)	API Security bypass through header manipulation	Xerox	Xerox Workplace Suite	2025-01-23T17:03:33.187Z	2025-09-17T16:49:42.753Z
CVE-2026-28213	9.8 (3.1)	EverShop Vulnerable to Arbitrary Customer Account Take…	evershopcommerce	evershop	2026-02-26T22:31:47.122Z	2026-02-27T18:51:10.647Z
CVE-2026-28279	7.4 (3.1)	`osctrl-admin` Vulnerable to OS Command Injection via …	jmpsec	osctrl	2026-02-26T22:59:29.972Z	2026-02-27T17:33:49.803Z
CVE-2026-3255	N/A	HTTP::Session2 versions before 1.12 for Perl may gener…	TOKUHIROM	HTTP::Session2	2026-02-27T20:12:35.414Z	2026-02-28T00:15:39.689Z
CVE-2026-28422	2.2 (3.1)	Vim has stack-buffer-overflow in build_stl_str_hl()	vim	vim	2026-02-27T22:08:11.384Z	2026-02-28T00:15:38.152Z
CVE-2026-28421	5.3 (3.1)	Vim has a heap-buffer-overflow and a segmentation fault	vim	vim	2026-02-27T22:06:34.312Z	2026-02-28T00:15:36.679Z
CVE-2026-28420	4.4 (3.1)	Vim has Heap-based Buffer Overflow and OOB Read in :terminal	vim	vim	2026-02-27T22:04:36.189Z	2026-02-28T00:15:35.201Z
CVE-2026-28419	5.3 (3.1)	Vim has Heap-based Buffer Underflow in Emacs tags parsing	vim	vim	2026-02-27T22:02:55.952Z	2026-02-28T00:15:33.748Z
CVE-2026-28418	4.4 (3.1)	Vim has Heap-based Buffer Overflow in Emacs tags parsing	vim	vim	2026-02-27T21:58:37.277Z	2026-02-28T00:15:32.223Z
CVE-2026-28417	4.4 (3.1)	Vim has OS Command Injection in netrw	vim	vim	2026-02-27T21:54:35.196Z	2026-02-28T00:15:30.536Z
CVE-2018-25160	N/A	HTTP::Session2 versions through 1.09 for Perl does not…	TOKUHIROM	HTTP::Session2	2026-02-27T20:15:31.418Z	2026-02-28T00:15:29.050Z
CVE-2026-28280	6.1 (3.1)	`osctrl-admin` has Stored Cross-Site Scripting (XSS) i…	jmpsec	osctrl	2026-02-26T23:00:58.040Z	2026-02-26T23:00:58.040Z
CVE-2026-3037	8 (3.1)	Copeland XWEB and XWEB Pro OS Command Injection	Copeland	Copeland XWEB 300D PRO	2026-02-27T01:06:42.223Z	2026-02-27T19:09:35.935Z
CVE-2025-11950	6.3 (3.1)	Reflected XSS in Knowhy's EduAsist	KNOWHY Advanced Technology Trading Ltd. Co.	EduAsist	2026-02-27T12:55:36.793Z	2026-02-27T12:55:36.793Z

ID	Description	Published	Updated
fkie_cve-2026-3054	A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The …	2026-02-24T03:16:02.977	2026-02-28T01:36:15.960
fkie_cve-2026-26369	eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insuffi…	2026-02-15T16:15:54.407	2026-02-28T01:34:28.150
fkie_cve-2026-26368	eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the resetU…	2026-02-15T16:15:54.237	2026-02-28T01:33:46.257
fkie_cve-2026-23595	An authentication bypass in the application API allows an unauthorized administrative account to be…	2026-02-17T21:22:15.757	2026-02-28T01:31:52.473
fkie_cve-2026-23596	A vulnerability in the management API of the affected product could allow an unauthenticated remote…	2026-02-17T21:22:15.913	2026-02-28T01:30:22.830
fkie_cve-2026-23598	Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allo…	2026-02-17T21:22:16.193	2026-02-28T01:30:07.653
fkie_cve-2026-23597	Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allo…	2026-02-17T21:22:16.053	2026-02-28T01:28:43.053
fkie_cve-2024-55928	Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vuln…	2025-01-23T18:15:32.100	2026-02-28T01:22:35.880
fkie_cve-2024-55927	A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-co…	2025-01-23T18:15:31.940	2026-02-28T01:21:42.500
fkie_cve-2024-55926	A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on …	2025-01-23T18:15:31.780	2026-02-28T01:20:33.507
fkie_cve-2024-55925	In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the H…	2025-01-23T17:15:15.380	2026-02-28T01:19:44.767
fkie_cve-2026-28213	EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in …	2026-02-26T23:16:35.770	2026-02-28T01:18:18.080
fkie_cve-2026-28279	osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerabi…	2026-02-26T23:16:37.567	2026-02-28T01:17:13.797
fkie_cve-2026-3255	HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand(…	2026-02-27T20:21:41.180	2026-02-28T01:16:05.430
fkie_cve-2026-28422	Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow…	2026-02-27T22:16:25.667	2026-02-28T01:16:05.320
fkie_cve-2026-28421	Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-over…	2026-02-27T22:16:25.493	2026-02-28T01:16:05.203
fkie_cve-2026-28420	Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer ove…	2026-02-27T22:16:25.330	2026-02-28T01:16:05.077
fkie_cve-2026-28419	Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer und…	2026-02-27T22:16:25.163	2026-02-28T01:16:04.963
fkie_cve-2026-28418	Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer ove…	2026-02-27T22:16:25.003	2026-02-28T01:16:04.850
fkie_cve-2026-28417	Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection…	2026-02-27T22:16:24.833	2026-02-28T01:16:04.733
fkie_cve-2018-25160	HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session…	2026-02-27T21:16:03.590	2026-02-28T01:16:04.347
fkie_cve-2026-28280	osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting (XS…	2026-02-26T23:16:37.740	2026-02-28T01:14:46.000
fkie_cve-2026-3037	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an aut…	2026-02-27T02:16:20.330	2026-02-28T01:13:53.703
fkie_cve-2025-11950	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera…	2026-02-27T13:16:01.953	2026-02-28T01:12:40.380
fkie_cve-2025-11252	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2026-02-27T13:16:01.343	2026-02-28T01:09:31.663
fkie_cve-2026-1725	GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that coul…	2026-02-25T21:16:36.833	2026-02-28T01:06:15.320
fkie_cve-2026-1747	GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 b…	2026-02-25T21:16:36.993	2026-02-28T01:05:55.340
fkie_cve-2026-2845	An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 b…	2026-02-25T21:16:44.547	2026-02-28T01:05:22.467
fkie_cve-2026-27630	TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 a…	2026-02-26T00:16:23.813	2026-02-28T01:01:22.727
fkie_cve-2026-27633	TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 h…	2026-02-26T00:16:24.130	2026-02-28T01:00:49.873

ID	Severity	Description	Published	Updated
ghsa-5c6j-r48x-rmvq	8.1 (3.1)	Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()	2026-02-28T02:50:45Z	2026-02-28T02:50:45Z
ghsa-945p-3jhm-6rcp	6.9 (4.0)	malcontent: Nested archive extraction failure can drop content from scan inputs	2026-02-28T02:50:09Z	2026-02-28T02:50:09Z
ghsa-8rr6-2qw5-pc7r	6.8 (3.1)	PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages	2026-02-28T02:49:29Z	2026-02-28T02:49:29Z
ghsa-j8cj-hw74-64jv		Hive has Double-free and Use After Free Vulnerabilities	2026-02-28T02:48:45Z	2026-02-28T02:48:45Z
ghsa-8p85-9qpw-fwgw	8.2 (4.0)	@fastify/middie has Improper Path Normalization when Using Path-Scoped Middleware	2026-02-28T02:47:17Z	2026-02-28T02:47:17Z
ghsa-f2v5-7jq9-h8cg	6.9 (4.0)	pypdf: Manipulated RunLengthDecode streams can exhaust RAM	2026-02-28T02:46:10Z	2026-02-28T02:46:10Z
ghsa-hfcp-477w-3wjw	8.3 (3.1)	rubyipmi is vulnerable to OS Command Injection through malicious usernames	2026-02-27T09:30:29Z	2026-02-28T02:45:38Z
ghsa-7g5x-9c4v-4w5r	3.1 (3.1)	Keycloak REST Services has a WebAuthn Attestation Statement Verification Bypass	2026-02-27T09:30:29Z	2026-02-28T02:44:46Z
ghsa-v4jw-m6rm-399h	4.9 (3.1)	Keycloak Server Private SPI: Improper Access Control Allows Administrators to Bypass Attribute Visi…	2026-02-27T09:30:29Z	2026-02-28T02:42:55Z
ghsa-gx6c-pv62-9mcf	3.3 (3.1) 1.9 (4.0)	Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner	2026-02-27T06:31:28Z	2026-02-28T02:26:37Z
ghsa-8xwf-cr4r-856r	9.1 (3.1)	OpenStack Vitrage: Unauthorized Access to the Host can Lead to Eval Injection	2026-02-27T06:31:28Z	2026-02-28T02:24:32Z
ghsa-7977-c43c-xpwj	9.9 (3.1)	OpenClaw is vulnerable to validation bypass through GNU long-option abbreviations in allowlist mode	2026-02-27T06:31:28Z	2026-02-28T02:17:24Z
ghsa-gxvv-45f6-3ch8	8.5 (3.1)	openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References	2025-12-16T15:30:42Z	2026-02-28T02:15:59Z
ghsa-rx6w-2w6h-r346	4.3 (3.1) 2.1 (4.0)	PSI Probe: Broken access control can lead to DoS	2026-02-27T00:31:46Z	2026-02-28T02:09:13Z
ghsa-4rv8-5cmm-2r22	6.1 (3.1)	osctrl has Stored Cross-Site Scripting (XSS) in On-Demand Query List	2026-02-28T02:07:15Z	2026-02-28T02:07:15Z
ghsa-rchw-322g-f7rm	7.3 (3.1)	osctrl is Vulnerable to OS Command Injection via Environment Configuration	2026-02-28T02:05:48Z	2026-02-28T02:05:48Z
ghsa-fpg4-jhqr-589c	1.7 (4.0)	SvelteKit has deserialization expansion in unvalidated `form` remote function leading to Denial of…	2026-02-28T02:04:39Z	2026-02-28T02:04:39Z
ghsa-72hv-8253-57qq	8.7 (4.0)	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition	2026-02-28T02:01:05Z	2026-02-28T02:01:06Z
ghsa-rfjg-6m84-crj2	9.8 (3.1)	Vikunja Vulnerable to Account Takeover via Password Reset Token Reuse	2026-02-28T01:59:28Z	2026-02-28T01:59:28Z
ghsa-x7g6-7v62-f6fh		Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2026-02-28T00:31:02Z	2026-02-28T00:31:02Z
ghsa-prmh-rp39-qc4m	9.3 (4.0)	openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::…	2026-02-28T00:31:02Z	2026-02-28T00:31:02Z
ghsa-pmx8-fmc2-4rjp	5.3 (4.0)	Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 co…	2026-02-28T00:31:01Z	2026-02-28T00:31:02Z
ghsa-mg2w-x76x-59h8	9.3 (4.0)	openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in …	2026-02-28T00:31:02Z	2026-02-28T00:31:02Z
ghsa-428h-8xhf-g3cw	9.3 (4.0)	openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in …	2026-02-28T00:31:02Z	2026-02-28T00:31:02Z
ghsa-fqr4-q363-g7gm	6.5 (3.1) 5.9 (4.0)	Cross-Site Request Forgery (CSRF) vulnerability in OpenText™ Web Site Management Server allows Cros…	2026-02-20T00:31:53Z	2026-02-28T00:31:01Z
ghsa-fg7c-375r-xggv	5.4 (3.1) 7.5 (4.0)	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera…	2026-02-20T00:31:53Z	2026-02-28T00:31:01Z
ghsa-5jm3-f2cq-hw7c	7.5 (3.1) 7.1 (4.0)	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ope…	2026-02-20T00:31:53Z	2026-02-28T00:31:01Z
ghsa-558g-hvr5-cchr	5.4 (3.1) 7.0 (4.0)	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera…	2026-02-20T00:31:53Z	2026-02-28T00:31:01Z
ghsa-5qq8-6gv4-wmcc	9.5 (4.0)	Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injec…	2026-02-18T18:30:39Z	2026-02-28T00:31:00Z
ghsa-w22q-m2fm-x9f4	7.5 (3.1)	phpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare Endpoint	2026-02-27T21:01:58Z	2026-02-27T22:20:47Z

ID	Severity	Description	Package	Published	Updated
pysec-2023-121		A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a…	zstd	2023-03-31T20:15:00+00:00	2026-02-25T19:20:58+00:00
pysec-2024-85	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-02-25T10:47:20.527736Z
pysec-2024-84	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-02-25T10:47:20.405923Z
pysec-2024-83	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-02-25T10:47:20.277592Z
pysec-2024-82	8.8 (3.1)	Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB…	mindsdb	2024-09-12T13:15:00Z	2026-02-25T10:47:20.150040Z
pysec-2023-278	5.3 (3.1)	MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1…	mindsdb	2023-12-11T21:15:00Z	2026-02-25T10:47:20.007476Z
pysec-2026-1		A PyPI user account compromised by an attacker and was able to upload a malicious version…	dydx-v4-client		2026-01-28T21:09:02+00:00
pysec-2025-52		gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.	mlflow	2025-06-23T15:15:29Z	2025-12-05T13:25:55.146081Z
pysec-2020-220		A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll…	ansible	2020-10-05T14:15:00Z	2025-10-31T04:43:53.616247Z
pysec-2025-72		The `num2words` project was compromised via a phishing attack and two new versions were u…	num2words		2025-07-31T14:34:47+00:00
pysec-2025-71		Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas…	cadwyn	2025-07-21T21:15:25+00:00	2025-07-23T15:24:03.825615+00:00
pysec-2025-70	10.0 (3.1)	A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen…	langchain-community	2025-06-23T21:15:25+00:00	2025-07-16T21:23:40.211079+00:00
pysec-2024-259	9.8 (3.1)	In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m…	torch	2024-10-29T21:15:04+00:00	2025-07-16T03:09:57.748865+00:00
pysec-2024-258		In scrapy/scrapy, an issue was identified where the Authorization header is not removed d…	scrapy	2024-05-20T08:15:08+00:00	2025-07-15T17:37:50.051730+00:00
pysec-2025-69		In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem…	roundup	2025-07-13T20:15:25+00:00	2025-07-13T21:23:01.161315+00:00
pysec-2025-68	8.0 (3.1)	A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.449399+00:00
pysec-2025-67	9.8 (3.1)	A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.385619+00:00
pysec-2025-66		Improper privilege management in a REST interface allowed registered users to access unau…	streampipes	2025-03-03T11:15:11+00:00	2025-07-08T15:23:46.628375+00:00
pysec-2025-65		A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0…	llama-index	2025-07-07T13:15:28+00:00	2025-07-07T15:23:42.730681+00:00
pysec-2025-61		Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap …	pillow	2025-07-01T19:15:27Z	2025-07-07T14:12:46.226030Z
pysec-2025-64	9.8 (3.1)	A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0…	python-a2a	2025-06-17T07:15:18+00:00	2025-07-02T21:23:13.806273+00:00
pysec-2025-63		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe…	vllm	2025-03-19T16:15:32+00:00	2025-07-01T23:22:49.176005+00:00
pysec-2025-62		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal…	vllm	2025-02-07T20:15:34+00:00	2025-07-01T23:22:49.083695+00:00
pysec-2025-60		Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform…	apache-iotdb	2025-05-14T11:16:28+00:00	2025-07-01T21:22:47.232036+00:00
pysec-2025-59		Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack…	apache-iotdb	2025-05-14T11:15:47+00:00	2025-07-01T21:22:47.177405+00:00
pysec-2024-257	7.5 (3.1)	Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-03-22T23:15:07+00:00	2025-06-30T15:23:50.085549+00:00
pysec-2025-58	8.8 (3.1)	vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl…	vllm	2025-01-27T18:15:41+00:00	2025-06-27T21:22:36.583615+00:00
pysec-2025-57		A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent…	zenml	2025-03-20T10:15:48+00:00	2025-06-27T17:22:55.175431+00:00
pysec-2025-56	4.3 (3.1)	OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t…	octoprint	2025-04-22T18:15:59+00:00	2025-06-27T17:22:53.513680+00:00
pysec-2024-256		Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-12-03T16:15:24+00:00	2025-06-27T17:22:53.325430+00:00

ID	Description	Type
tid-412	Some devices will allow for the forwarding of packets to other connected devices (e.g., r…	networking
tid-411	The device utilizes a weak or insecure cryptographic protocol or algorithm that can be br…	networking
tid-410	While encrypting data can prevent a threat actor from directly obtaining the plaintext co…	networking
tid-408	Some devices do not adequately encrypt communications that includes operational or manage…	networking
tid-407	Threat actors may be able to replay a message to a device to cause an unwanted function, …	networking
tid-406	Some devices operate using protocols that have no capacity for network-level authenticati…	networking
tid-405	Remote connections and communications can consume various device resources (e.g., network…	networking
tid-404	Some devices will have operating modes that put the device in an inoperable state. Device…	networking
tid-401	Some devices may support proprietary protocols, or may add proprietary functionality to o…	networking
tid-330	Algorithms or code implementations of cryptographic processes will sometimes leak informa…	application-software
tid-329	If a device stores passwords in an unsafe manner (e.g., in a cleartext file with no read …	application-software
tid-328	Hardcoded credentials typically cannot be changed by end-users and are often undocumented…	application-software
tid-327	If an application does not properly restrict data writes to allocated memory locations, a…	application-software
tid-326	Many object-oriented languages use serialization to convert class objects into byte strin…	application-software
tid-325	The device uses HTTP headers that are unencrypted, not-validated, and/or unauthenticated.…	application-software
tid-324	If a device does not properly authenticate all HTTP requests, a threat actor can directly…	application-software
tid-323	A threat actor can send requests for files or content that resides in different directori…	application-software
tid-322	If a threat actor can include malicious JavaScript within a page viewed by a legitimate d…	application-software
tid-321	A threat actor can hijack an insufficiently protected HTTP session token to gain unauthor…	application-software
tid-320	The device does not property restrict, filter, or validate the content of web-based reque…	application-software
tid-319	The device does not properly restrict, filter, or validate the content of web-based reque…	application-software
tid-318	The device uses a cryptographic library or implementation that either introduces an addit…	application-software
tid-317	If the device does not generate sufficiently random cryptographic primitives, a threat ac…	application-software
tid-316	Certificate-based authentication depends on the correct parsing and validation of an X.50…	application-software
tid-315	If the device includes a password retrieval mechanism, a threat actor could use that mech…	application-software
tid-314	A threat actor could gain unauthorized access by continually guessing passwords. This cou…	application-software
tid-313	A threat actor can change or reset a password or credential without being authenticated. …	application-software
tid-312	A device’s credential change mechanisms can be abused to lock out users from their own de…	application-software
tid-311	Devices often include default credentials from the vendor. Default credentials can be cha…	application-software
tid-310	If an application does not authenticate all connections from a remote device or system, a…	application-software

ID	Description	Updated
gsd-2024-33884	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.534455Z
gsd-2024-33901	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.525896Z
gsd-2024-33887	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.503613Z
gsd-2024-33895	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.493081Z
gsd-2024-33894	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.488420Z
gsd-2024-33902	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.486429Z
gsd-2024-33888	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.468423Z
gsd-2024-33885	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.441746Z
gsd-2024-33891	Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th…	2024-04-29T05:02:07.412035Z
gsd-2024-33899	RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr…	2024-04-29T05:02:07.400574Z
gsd-2024-33889	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.392587Z
gsd-2024-33893	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.381761Z
gsd-2024-33892	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.378170Z
gsd-2024-33890	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.344384Z
gsd-2024-33896	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.313250Z
gsd-2024-33903	In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede…	2024-04-29T05:02:07.295775Z
gsd-2024-33900	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.290639Z
gsd-2024-33898	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287632Z
gsd-2024-33886	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287167Z
gsd-2024-33897	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.283756Z
gsd-2024-33883	The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa…	2024-04-29T05:02:07.271727Z
gsd-2024-4303	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.716348Z
gsd-2024-4300	E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo…	2024-04-29T05:02:05.715239Z
gsd-2024-4297	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo…	2024-04-29T05:02:05.700888Z
gsd-2024-4301	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.678292Z
gsd-2024-4296	The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock…	2024-04-29T05:02:05.621428Z
gsd-2024-4299	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc…	2024-04-29T05:02:05.606402Z
gsd-2024-4302	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.603637Z
gsd-2024-4298	The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit…	2024-04-29T05:02:05.598531Z
gsd-2024-33876	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.990196Z

ID	Description	Published	Updated
mal-2026-1082	Malicious code in cdf-clients (PyPI)	2026-02-27T21:33:39Z	2026-02-27T21:33:39Z
mal-2026-1081	Malicious code in marionette-react-view (npm)	2026-02-27T20:57:39Z	2026-02-27T20:57:39Z
mal-2026-1060	Malicious code in @zinley/orion (npm)	2026-02-27T12:04:26Z	2026-02-27T20:13:17Z
mal-2026-1080	Malicious code in hashtools32 (PyPI)	2026-02-27T19:50:28Z	2026-02-27T19:50:28Z
mal-2026-1079	Malicious code in sokettry (npm)	2026-02-27T16:29:27Z	2026-02-27T16:29:28Z
mal-2026-1078	Malicious code in socket-dgxeon (npm)	2026-02-27T16:29:28Z	2026-02-27T16:29:28Z
mal-2026-1077	Malicious code in dgxeon-soket4 (npm)	2026-02-27T16:29:27Z	2026-02-27T16:29:28Z
mal-2026-1076	Malicious code in dgxeon-soket3 (npm)	2026-02-27T16:29:27Z	2026-02-27T16:29:28Z
mal-2026-1075	Malicious code in dgxeon-soket2 (npm)	2026-02-27T16:29:27Z	2026-02-27T16:29:28Z
mal-2026-1073	Malicious code in baileys-xeonbot (npm)	2026-02-27T16:29:27Z	2026-02-27T16:29:28Z
mal-2026-1072	Malicious code in @dgxeon/libsignal-node (npm)	2026-02-27T16:29:28Z	2026-02-27T16:29:28Z
mal-2026-1074	Malicious code in dgxeon-soket (npm)	2026-02-27T16:29:27Z	2026-02-27T16:29:27Z
mal-2026-1066	Malicious code in @skyzopedia/baileys-mod (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:54Z
mal-2026-1070	Malicious code in @skyzopedia/ubot (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:47Z
mal-2026-1069	Malicious code in @skyzopedia/libsignal-node (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:47Z
mal-2026-1068	Malicious code in @skyzopedia/brat (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:47Z
mal-2026-1067	Malicious code in @skyzopedia/baileys-pro (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:47Z
mal-2026-1065	Malicious code in @skyzopedia/baileys (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:47Z
mal-2026-1071	Malicious code in libsignal-skyzopedia (npm)	2026-02-27T16:13:46Z	2026-02-27T16:13:46Z
mal-2026-1064	Malicious code in cicd-ppe-redteam-test02 (PyPI)	2026-02-27T13:50:48Z	2026-02-27T15:19:51Z
mal-2026-1063	Malicious code in cicd-ppe-redteam-test01 (PyPI)	2026-02-27T13:42:21Z	2026-02-27T14:49:19Z
mal-2026-1061	Malicious code in newman-reporter-genuinepoc (npm)	2026-02-27T11:55:41Z	2026-02-27T11:55:41Z
mal-2026-1062	Malicious code in express-core-validator (npm)	2026-02-27T11:51:42Z	2026-02-27T11:51:42Z
mal-2026-1059	Malicious code in nuget-task-common (npm)	2026-02-27T09:55:28Z	2026-02-27T10:18:30Z
mal-2026-1053	Malicious code in hardhat-node (npm)	2026-02-26T13:32:42Z	2026-02-26T22:14:36Z
mal-2026-1052	Malicious code in foundry-toolkit (npm)	2026-02-26T20:50:45Z	2026-02-26T22:14:36Z
mal-2026-1050	Malicious code in launch-darkly-js (npm)	2026-02-26T20:10:47Z	2026-02-26T20:10:47Z
mal-2026-1057	Malicious code in windowston (npm)	2026-02-26T17:51:38Z	2026-02-26T17:51:38Z
mal-2026-1049	Malicious code in flycord (PyPI)	2026-02-26T15:38:34Z	2026-02-26T15:38:34Z
mal-2026-1048	Malicious code in edx-salesforce (PyPI)	2026-02-26T13:55:39Z	2026-02-26T14:07:49Z

ID	Description	Published	Updated
wid-sec-w-2025-2712	Mattermost: Schwachstelle ermöglicht Offenlegung von Informationen	2025-12-01T23:00:00.000+00:00	2026-02-26T23:00:00.000+00:00
wid-sec-w-2026-0514	FreeRDP: Mehrere Schwachstellen	2026-02-24T23:00:00.000+00:00	2026-02-25T23:00:00.000+00:00
wid-sec-w-2026-0484	ImageMagick: Mehrere Schwachstellen	2026-02-23T23:00:00.000+00:00	2026-02-25T23:00:00.000+00:00
wid-sec-w-2026-0331	BeyondTrust Privileged Remote Access und Remote Support: Schwachstelle ermöglicht Codeausführung	2026-02-05T23:00:00.000+00:00	2026-02-25T23:00:00.000+00:00
wid-sec-w-2026-0496	Fortinet FortiOS: Mehrere Schwachstellen	2018-05-22T22:00:00.000+00:00	2026-02-24T23:00:00.000+00:00
wid-sec-w-2026-0478	GIMP: Mehrere Schwachstellen ermöglichen Denial of Service	2017-12-19T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0448	Red Hat Enterprise Linux (MUNGE): Schwachstelle ermöglicht Privilegieneskalation	2026-02-17T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0446	libssh: Mehrere Schwachstellen ermöglichen Manipulation von Dateien und DoS	2026-02-17T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0362	Red Hat Enterprise Linux (Lodash): Schwachstelle ermöglicht Denial of Service	2026-02-10T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0353	libpng: Schwachstelle ermöglicht Codeausführung	2026-02-09T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0345	Golang Go: Mehrere Schwachstellen	2026-02-08T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0324	Linux Kernel: Mehrere Schwachstellen	2026-02-04T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0244	FreeRDP: Mehrere Schwachstellen	2026-01-27T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0237	libpng: Mehrere Schwachstellen ermöglichen Denial of Service	2026-01-27T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0234	OpenSSL: Mehrere Schwachstellen	2026-01-27T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0224	Grafana: Mehrere Schwachstellen	2026-01-26T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0129	Golang Go: Mehrere Schwachstellen	2026-01-15T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0114	Red Hat OpenShift (github.com/sirupsen/logrus): Schwachstelle ermöglicht Denial of Service	2026-01-14T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0111	FreeRDP: Mehrere Schwachstellen	2026-01-13T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0086	Linux Kernel: Mehrere Schwachstellen	2026-01-13T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2026-0068	libpng (API-Funktionen): Mehrere Schwachstellen ermöglichen DoS und Offenlegung von Informationen	2026-01-12T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2931	GIMP: Schwachstelle ermöglicht Codeausführung	2025-12-29T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2881	Red Hat Enterprise Linux (multicluster global hub): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-12-17T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2871	GIMP: Mehrere Schwachstellen ermöglichen Codeausführung	2025-12-17T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2750	Apache HTTP Server: Mehrere Schwachstellen	2025-12-04T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2724	Golang Go: Mehrere Schwachstellen	2025-12-02T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2608	Golang Go: Schwachstelle ermöglicht Denial of Service	2025-11-16T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2431	Linux Kernel: Mehrere Schwachstellen	2025-10-28T23:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2301	Red Hat Enterprise Linux: Mehrere Schwachstellen	2025-10-14T22:00:00.000+00:00	2026-02-23T23:00:00.000+00:00
wid-sec-w-2025-2227	Golang Go: Mehrere Schwachstellen	2025-10-07T22:00:00.000+00:00	2026-02-23T23:00:00.000+00:00

ID	Description	Published	Updated
ncsc-2026-0073	Kwetsbaarheid verholpen in Juniper Junos OS Evolved	2026-02-27T09:48:51.845864Z	2026-02-27T09:48:51.845864Z
ncsc-2026-0072	Kwetsbaarheden verholpen in GitLab	2026-02-27T07:15:18.318821Z	2026-02-27T07:15:18.318821Z
ncsc-2026-0071	Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager	2026-02-25T17:11:09.013125Z	2026-02-25T17:11:09.013125Z
ncsc-2026-0070	Kwetsbaarheden verholpen in VMware Aria Operations	2026-02-25T11:24:46.807867Z	2026-02-25T11:24:46.807867Z
ncsc-2026-0069	Kwetsbaarheden verholpen in SolarWinds Serv-U	2026-02-25T10:39:38.154815Z	2026-02-25T10:39:38.154815Z
ncsc-2026-0068	Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform	2026-02-23T14:27:28.865278Z	2026-02-23T14:27:28.865278Z
ncsc-2026-0043	Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile	2026-01-29T19:15:04.575371Z	2026-02-20T14:47:02.047999Z
ncsc-2026-0067	Kwetsbaarheden verholpen in GitHub Enterprise Server	2026-02-20T10:13:39.540778Z	2026-02-20T10:13:39.540778Z
ncsc-2026-0066	Kwetsbaarheid verholpen in Google Chrome	2026-02-19T08:29:30.712590Z	2026-02-19T08:29:30.712590Z
ncsc-2026-0065	Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines	2026-02-18T13:18:23.815384Z	2026-02-18T13:18:23.815384Z
ncsc-2026-0064	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2026-02-13T13:35:03.870920Z	2026-02-13T13:35:03.870920Z
ncsc-2026-0063	Kwetsbaarheden verholpen in Apple macOS	2026-02-13T13:24:06.433550Z	2026-02-13T13:24:06.433550Z
ncsc-2026-0048	Kwetsbaarheid verholpen in BeyondTrust Remote Support	2026-02-09T10:27:57.867529Z	2026-02-13T12:54:32.614217Z
ncsc-2026-0062	Kwetsbaarheden verholpen in GitLab CE/EE	2026-02-11T11:45:05.986313Z	2026-02-11T11:45:05.986313Z
ncsc-2026-0061	Kwetsbaarheden verholpen in Fortinet FortiOS	2026-02-11T11:34:50.888067Z	2026-02-11T11:34:50.888067Z
ncsc-2026-0060	Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient	2026-02-11T11:34:36.684955Z	2026-02-11T11:34:36.684955Z
ncsc-2026-0059	Kwetsbaarheden verholpen in Ivanti Endpoint Manager	2026-02-11T08:16:27.583936Z	2026-02-11T08:16:27.583936Z
ncsc-2026-0058	Kwetsbaarheden verholpen in Microsoft Office	2026-02-10T19:11:42.825147Z	2026-02-10T19:11:42.825147Z
ncsc-2026-0057	Kwetsbaarheden verholpen in Microsoft Azure	2026-02-10T19:08:27.878305Z	2026-02-10T19:08:27.878305Z
ncsc-2026-0056	Kwetsbaarheden verholpen in Microsoft Developer Tools	2026-02-10T19:07:16.028511Z	2026-02-10T19:07:16.028511Z
ncsc-2026-0055	Kwetsbaarheid verholpen in Microsoft SQL Server	2026-02-10T19:05:45.729972Z	2026-02-10T19:05:45.729972Z
ncsc-2026-0054	Kwetsbaarheid verholpen in Microsoft Exchange	2026-02-10T19:04:51.366294Z	2026-02-10T19:04:51.366294Z
ncsc-2026-0053	Kwetsbaarheden verholpen in Microsoft Windows	2026-02-10T19:01:45.561771Z	2026-02-10T19:01:45.561771Z
ncsc-2026-0052	Kwetsbaarheden verholpen in SAP producten	2026-02-10T12:28:40.531069Z	2026-02-10T12:28:40.531069Z
ncsc-2026-0051	Kwetsbaarheden verholpen in Siemens producten	2026-02-10T12:27:40.637581Z	2026-02-10T12:27:40.637581Z
ncsc-2026-0050	Kwetsbaarheid verholpen in PEAR	2026-02-09T10:41:43.856342Z	2026-02-09T10:41:43.856342Z
ncsc-2026-0049	Kwetsbaarheden verholpen in n8n	2026-02-09T10:39:40.792744Z	2026-02-09T10:39:40.792744Z
ncsc-2026-0047	Kwetsbaarheid verholpen in Fortinet FortiClient EMS	2026-02-09T10:16:18.048622Z	2026-02-09T10:16:18.048622Z
ncsc-2026-0046	Kwetsbaarheden verholpen in Samsung mobile	2026-02-09T07:48:28.751473Z	2026-02-09T07:48:28.751473Z
ncsc-2026-0040	Kwetsbaarheid verholpen in SmarterTools SmarterMail	2026-01-27T10:51:39.476320Z	2026-02-06T09:25:57.008166Z

ID	Description	Published	Updated
tssa-2025-00001	Project CSAF document	2025-10-06T11:54:52.856Z	2025-10-06T11:54:52.856Z

ID	Description	Published	Updated
ssa-613116	SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1	2025-08-12T00:00:00Z	2026-02-24T00:00:00Z
ssa-355557	SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2	2025-08-12T00:00:00Z	2026-02-24T00:00:00Z
ssa-089022	SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3	2026-01-28T00:00:00Z	2026-02-24T00:00:00Z
ssa-965753	SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-864900	SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices	2025-05-13T00:00:00Z	2026-02-10T00:00:00Z
ssa-783261	SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2	2012-12-12T00:00:00Z	2026-02-10T00:00:00Z
ssa-674753	SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices	2026-01-13T00:00:00Z	2026-02-10T00:00:00Z
ssa-625934	SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-599451	SSA-599451: Multiple Vulnerabilities in SiPass integrated	2025-10-14T00:00:00Z	2026-02-10T00:00:00Z
ssa-535115	SSA-535115: Data Validation Vulnerability in NX Before V2512	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-513708	SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices	2025-06-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-507364	SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-445819	SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-311973	SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC)	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-282044	SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery	2025-08-12T00:00:00Z	2026-02-10T00:00:00Z
ssa-265688	SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1	2024-04-09T00:00:00Z	2026-02-10T00:00:00Z
ssa-216014	SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs	2025-03-11T00:00:00Z	2026-02-10T00:00:00Z
ssa-212953	SSA-212953: Multiple Vulnerabilities in COMOS	2025-12-09T00:00:00Z	2026-02-10T00:00:00Z
ssa-130874	SSA-130874: Buffer Overflow Vulnerability in SCALANCE X Switches	2012-04-05T00:00:00Z	2026-02-10T00:00:00Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-035571	SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-978177	SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices	2025-08-12T00:00:00Z	2026-01-13T00:00:00Z
ssa-928984	SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)	2024-12-16T00:00:00Z	2026-01-13T00:00:00Z
ssa-912274	SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17	2025-12-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-858251	SSA-858251: Authentication Bypass Vulnerabilities in OPC UA	2025-03-11T00:00:00Z	2026-01-13T00:00:00Z
ssa-832273	SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices	2024-03-12T00:00:00Z	2026-01-13T00:00:00Z
ssa-827968	SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-698820	SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices	2024-07-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-693776	SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2	2025-06-10T00:00:00Z	2026-01-13T00:00:00Z
ssa-366067	SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices	2024-03-12T00:00:00Z	2026-01-13T00:00:00Z

ID	Description	Published	Updated
rhsa-2026:2765	Red Hat Security Advisory: Satellite 6.16.6.1 Async Update	2026-02-16T21:33:28+00:00	2026-02-17T12:41:50+00:00
rhsa-2026:2769	Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security and bug fix updates	2026-02-17T00:55:59+00:00	2026-02-17T12:41:47+00:00
rhsa-2026:2764	Red Hat Security Advisory: Satellite 6.17.6.3 Async Update	2026-02-16T19:06:28+00:00	2026-02-17T12:41:47+00:00
rhsa-2026:2762	Red Hat Security Advisory: Red Hat Quay 3.10.18	2026-02-16T17:44:31+00:00	2026-02-17T12:41:47+00:00
rhsa-2026:2760	Red Hat Security Advisory: Satellite 6.18.3 Async Update	2026-02-16T16:52:18+00:00	2026-02-17T12:41:47+00:00
rhsa-2026:2572	Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.14.2 security update	2026-02-11T16:14:44+00:00	2026-02-17T12:41:47+00:00
rhsa-2026:2754	Red Hat Security Advisory: Red Hat Quay 3.9.18	2026-02-16T15:43:51+00:00	2026-02-17T12:41:46+00:00
rhsa-2026:2728	Red Hat Security Advisory: python-urllib3 security update	2026-02-16T11:56:59+00:00	2026-02-17T12:41:46+00:00
rhsa-2026:2723	Red Hat Security Advisory: python-urllib3 security update	2026-02-16T11:26:37+00:00	2026-02-17T12:41:45+00:00
rhsa-2026:2718	Red Hat Security Advisory: python-urllib3 security update	2026-02-16T11:40:57+00:00	2026-02-17T12:41:45+00:00
rhsa-2026:2717	Red Hat Security Advisory: python-urllib3 security update	2026-02-16T11:34:12+00:00	2026-02-17T12:41:45+00:00
rhsa-2026:2695	Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI	2026-02-12T22:43:13+00:00	2026-02-17T12:41:45+00:00
rhsa-2026:2681	Red Hat Security Advisory: Red Hat Quay 3.16.2	2026-02-12T17:29:21+00:00	2026-02-17T12:41:45+00:00
rhsa-2026:2675	Red Hat Security Advisory: Red Hat Developer Hub 1.8.3 release.	2026-02-12T15:30:56+00:00	2026-02-17T12:41:45+00:00
rhsa-2026:2654	Red Hat Security Advisory: Release of components for Service Telemetry Framework 1.5.7	2026-02-12T13:46:10+00:00	2026-02-17T12:41:44+00:00
rhsa-2026:2571	Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.2 security update	2026-02-11T15:58:30+00:00	2026-02-17T12:41:43+00:00
rhsa-2026:2563	Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update	2026-02-11T14:34:45+00:00	2026-02-17T12:41:43+00:00
rhsa-2026:2500	Red Hat Security Advisory: Red Hat multicluster global hub 1.4.4 security update	2026-02-11T05:02:44+00:00	2026-02-17T12:41:43+00:00
rhsa-2026:2456	Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release.	2026-02-10T17:06:01+00:00	2026-02-17T12:41:43+00:00
rhsa-2026:2454	Red Hat Security Advisory: DevWorkspace Operator 0.39.0 release.	2026-02-10T15:32:22+00:00	2026-02-17T12:41:43+00:00
rhsa-2026:2441	Red Hat Security Advisory: go-toolset:rhel8 security update	2026-02-10T13:45:07+00:00	2026-02-17T12:41:43+00:00
rhsa-2026:2376	Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release.	2026-02-09T23:40:14+00:00	2026-02-17T12:41:42+00:00
rhsa-2026:2375	Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release.	2026-02-09T22:06:53+00:00	2026-02-17T12:41:42+00:00
rhsa-2026:2374	Red Hat Security Advisory: Red Hat Web Terminal Operator 1.13.0 release.	2026-02-09T21:56:53+00:00	2026-02-17T12:41:41+00:00
rhsa-2026:2371	Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.1 release.	2026-02-09T20:49:08+00:00	2026-02-17T12:41:41+00:00
rhsa-2026:2367	Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.1 release.	2026-02-09T18:49:52+00:00	2026-02-17T12:41:41+00:00
rhsa-2026:2343	Red Hat Security Advisory: Red Hat OpenShift API for Data Protection	2026-02-09T14:20:06+00:00	2026-02-17T12:41:41+00:00
rhsa-2026:2334	Red Hat Security Advisory: go-toolset:rhel8 security update	2026-02-09T12:48:48+00:00	2026-02-17T12:41:41+00:00
rhsa-2026:2323	Red Hat Security Advisory: git-lfs security update	2026-02-09T11:51:28+00:00	2026-02-17T12:41:41+00:00
rhsa-2026:2320	Red Hat Security Advisory: golang security update	2026-02-09T11:08:53+00:00	2026-02-17T12:41:40+00:00

ID	Description	Published	Updated
icsa-26-057-10	Copeland XWEB and XWEB Pro	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-09	Yokogawa CENTUM VP R6, R7	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-08	Mobility46 mobility46.se	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-07	EV Energy ev.energy	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-06	SWITCH EV swtchenergy.com	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-05	Chargemap chargemap.com	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-04	EV2GO ev2go.io	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-03	CloudCharge cloudcharge.se	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-02	Pelco, Inc. Sarix Pro 3 Series IP Cameras	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-01	Johnson Controls, Inc. Frick Controls Quantum HD	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-048-04	Honeywell HIB2PI and HDZ Series CCTV Cameras (Update A)	2026-02-17T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-25-133-02	Hitachi Energy Relion 670/650/SAM600-IO Series (Update C)	2023-11-28T00:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-043-06	Siemens SINEC OS	2026-01-28T00:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-26-027-01	iba Systems ibaPDA	2026-01-27T07:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-25-226-15	Siemens SINEC OS	2025-08-12T00:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-25-226-07	Siemens Third-Party Components in SINEC OS	2025-08-12T00:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-26-055-02	Schneider Electric EcoStruxure Building Operation Workstation	2026-02-10T08:00:00.000000Z	2026-02-24T07:00:00.000000Z
icsa-26-055-01	InSAT MasterSCADA BUK-TS	2026-02-24T07:00:00.000000Z	2026-02-24T07:00:00.000000Z
icsa-25-070-01	Schneider Electric Uni-Telway Driver (Update C)	2025-02-11T05:00:00.000000Z	2026-02-24T07:00:00.000000Z
icsa-24-296-01	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)	2024-10-22T06:00:00.000000Z	2026-02-24T07:00:00.000000Z
icsa-22-202-04	ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)	2022-07-26T06:00:00.000000Z	2026-02-24T07:00:00.000000Z
icsa-26-055-03	Gardyn Home Kit	2026-02-24T06:00:00.000000Z	2026-02-24T06:00:00.000000Z
icsa-26-020-01	Schneider Electric EcoStruxure Foxboro DCS (Update A)	2025-12-09T08:00:00.000000Z	2026-02-24T06:00:00.000000Z
va-25-297-01	IBM DOORS Next Generation multiple vulnerabilities	2025-10-22T18:45:47Z	2026-02-18T00:00:00Z
icsa-26-048-03	GE Vernova Enervista UR Setup	2026-02-17T07:00:00.000000Z	2026-02-17T07:00:00.000000Z
icsa-26-048-02	Delta Electronics ASDA-Soft	2026-02-17T07:00:00.000000Z	2026-02-17T07:00:00.000000Z
icsa-26-048-01	Siemens Simcenter Femap and Nastran	2026-02-10T00:00:00.000000Z	2026-02-17T07:00:00.000000Z
icsa-26-043-10	Airleader Master	2026-02-12T07:00:00.000000Z	2026-02-12T07:00:00.000000Z
icsa-26-043-09	Hitachi Energy SuprOS	2026-01-27T00:00:00.000000Z	2026-02-12T07:00:00.000000Z
icsa-26-043-08	Siemens NX	2026-02-10T00:00:00.000000Z	2026-02-12T07:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-ucsm-cmdinj-gvxlpesb	Cisco UCS Manager Software Command Injection Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-ucsm-afwae-mogufyln	Cisco UCS Manager Software Privilege Escalation Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-ucsfxosxss-7skve8zv	Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-ucsciv-wgytc78q	Cisco FXOS and UCS Manager Software Command Injection Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-sdwan-rpa-ehchtzk	Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-sdwan-authbp-qwcx8d4v	Cisco Catalyst SD-WAN Vulnerabilities	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4	Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-dsnmp-cnn39uh	Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-cpdos-qlsv6pfd	Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3	Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw	Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf	Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability	2026-02-04T16:00:00+00:00	2026-02-20T21:08:47+00:00
cisco-sa-voice-rce-morhqy4b	Cisco Unified Communications Products Remote Code Execution Vulnerability	2026-01-21T16:00:00+00:00	2026-02-13T15:21:01+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh	Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities	2025-10-15T16:00:00+00:00	2026-02-12T18:38:13+00:00
cisco-sa-tce-roomos-dos-9v9jrc2q	Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability	2026-02-04T16:00:00+00:00	2026-02-12T17:37:39+00:00
cisco-sa-snort3-dcerpc-vulns-j9hnf4th	Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities	2026-01-07T16:00:00+00:00	2026-02-10T20:42:07+00:00
cisco-sa-pi-xss-byevkcd	Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability	2026-02-04T16:00:00+00:00	2026-02-04T16:00:00+00:00
cisco-sa-epnm-pi-redirect-6sx82dn	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability	2026-02-04T16:00:00+00:00	2026-02-04T16:00:00+00:00
cisco-sa-cmm-file-up-ky47n8kk	Cisco Meeting Management Arbitrary File Upload Vulnerability	2026-02-04T16:00:00+00:00	2026-02-04T16:00:00+00:00
cisco-sa-ucce-pcce-xss-2jvyg3ud	Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities	2026-01-21T16:00:00+00:00	2026-01-21T16:00:00+00:00
cisco-sa-intersight-privesc-p6tbm6jk	Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability	2026-01-21T16:00:00+00:00	2026-01-21T16:00:00+00:00
cisco-sa-iec6400-pem5uq7v	Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability	2026-01-21T16:00:00+00:00	2026-01-21T16:00:00+00:00
cisco-sa-sma-attack-n9bf4	Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager	2025-12-17T16:00:00+00:00	2026-01-15T16:01:43+00:00
cisco-sa-ise-xss-9tdh2kx	Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-ise-xss-964cdxw5	Cisco Identity Services Engine Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-epnm-pi-stored-xss-gekx8ywk	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-ise-xxe-jwsbsdkt	Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability	2026-01-07T16:00:00+00:00	2026-01-07T16:00:00+00:00
cisco-sa-react-flight-tyw32ddb	Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025	2025-12-04T16:00:00+00:00	2025-12-17T22:37:17+00:00
cisco-sa-ise-multiple-vulns-o9beswjh	Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities	2025-11-05T16:00:00+00:00	2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn	Multiple Cisco Contact Center Products Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-18T14:49:09+00:00

ID	Description	Published	Updated
sca-2026-0005	Vulnerabilities affecting SICK LMS1000 and SICK MRS1000	2026-02-27T14:00:00.000Z	2026-02-27T14:00:00.000Z
sca-2026-0004	Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products	2026-02-13T14:00:00.000Z	2026-02-13T14:00:00.000Z
sca-2026-0003	Vulnerability affecting SICK nanoScan3 and microScan3	2026-01-26T14:00:00.000Z	2026-01-26T14:00:00.000Z
sca-2026-0002	Vulnerabilities affecting SICK Incoming Goods Suite	2026-01-15T14:00:00.000Z	2026-01-22T19:00:00.000Z
sca-2026-0001	Vulnerabilities affecting SICK TDC-X401GL	2026-01-15T14:00:00.000Z	2026-01-15T14:00:00.000Z
sca-2025-0013	Vulnerabilities affecting SICK TLOC100-100	2025-10-27T14:00:00.000Z	2025-11-11T14:00:00.000Z
sca-2025-0014	CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC	2025-11-03T11:00:00.000Z	2025-11-03T14:00:00.000Z
sca-2025-0012	Sudo vulnerability affects SICK SID products	2025-10-27T11:00:00.000Z	2025-10-27T14:00:00.000Z
sca-2025-0011	Vulnerabilities affecting Endress+Hauser SSG-E210GC	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0010	Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0009	Vulnerabilities affecting SICK TDC-E210GC	2025-08-01T13:00:00.000Z	2025-08-01T13:00:00.000Z
sca-2025-0008	Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4	2025-07-03T13:00:00.000Z	2025-07-03T13:00:00.000Z
sca-2025-0007	Multiple vulnerabilities in SICK Field Analytics and SICK Media Server	2025-06-12T13:00:00.000Z	2025-06-12T13:00:00.000Z
sca-2025-0003	FreeRTOS Vulnerabilities have no impact on SICK Products	2025-02-28T00:00:00.000Z	2025-05-20T11:00:00.000Z
sca-2025-0006	Vulnerability affecting picoScan and multiScan	2025-04-28T13:00:00.000Z	2025-04-28T13:00:00.000Z
sca-2025-0005	Vulnerabilities in SICK Flexi Compact	2025-04-28T10:00:00.000Z	2025-04-28T10:00:00.000Z
sca-2025-0004	Critical vulnerabilities in SICK DL100-2xxxxxxx	2025-03-14T11:00:00.000Z	2025-03-14T11:00:00.000Z
sca-2025-0001	Multiple vulnerabilities in SICK MEAC300	2025-02-14T14:00:00.000Z	2025-02-21T14:00:00.000Z
sca-2025-0002	Vulnerability in SICK Lector8xx and SICK InspectorP8xx	2025-02-14T10:19:00.000Z	2025-02-14T10:19:00.000Z
sca-2024-0007	Vulnerability in SICK OLM	2024-12-31T00:00:00.000Z	2024-12-31T00:00:00.000Z
sca-2024-0006	Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx	2024-12-06T00:00:00.000Z	2024-12-06T00:00:00.000Z
sca-2024-0005	Vulnerability in SICK Incoming Goods Suite	2024-11-19T00:00:00.000Z	2024-11-19T00:00:00.000Z
sca-2024-0004	Third party vulnerabilities in SICK CDE-100	2024-11-07T12:00:00.000Z	2024-11-07T12:00:00.000Z
sca-2024-0003	Critical vulnerability in multiple SICK products	2024-10-17T13:00:00.000Z	2024-10-17T13:00:00.000Z
sca-2024-0002	Vulnerability in SICK MSC800	2024-09-11T23:00:00.000Z	2024-09-11T23:00:00.000Z
sca-2024-0001	Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics	2024-01-29T00:00:00.000Z	2024-01-29T00:00:00.000Z
sca-2023-0011	Vulnerability in multiple SICK Flexi Soft Gateways	2023-10-23T11:00:00.000Z	2023-10-23T11:00:00.000Z
sca-2023-0010	Vulnerabilities in SICK Application Processing Unit	2023-10-09T11:00:00.000Z	2023-10-09T11:00:00.000Z
sca-2023-0008	Vulnerability in SICK SIM1012	2023-09-29T13:00:00.000Z	2023-09-29T13:00:00.000Z
sca-2023-0009	Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products	2023-09-29T10:00:00.000Z	2023-09-29T10:00:00.000Z

ID	Description	Published	Updated
nn-2025:15-01	Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:14-01	HTML injection in Asset List in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:13-01	Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:12-01	HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:11-01	Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0	2025-11-25T11:00:00.000Z	2025-11-26T11:00:00.000Z
nn-2025:9-01	Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:8-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:7-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:6-01	Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:5-01	Incorrect authorization for CLI in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:4-01	Client-side path traversal in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:10-01	Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:3-01	Incorrect authorization for traces request/download in CMC before 25.1.0	2025-08-26T11:00:00.000Z	2025-08-26T11:00:00.000Z
nn-2025:2-01	Privilege escalation in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2025:1-01	Authenticated RCE in update functionality in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2024:2-01	Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0	2024-09-11T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2024:1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:7-01	DoS via SAML configuration in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:6-01	Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:4-01	Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:3-01	Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:2-01	Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:15-01	Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:11-01	SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:10-01	DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2022:2-02	Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z

ID	Description	Published	Updated
oxdc-adv-2025-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001	2025-10-31T00:00:00+00:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0003	OX App Suite Security Advisory OXAS-ADV-2025-0003	2025-09-24T00:00:00+02:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0002	OX App Suite Security Advisory OXAS-ADV-2025-0002	2025-08-12T00:00:00+02:00	2025-10-31T00:00:00+00:00
oxas-adv-2025-0001	OX App Suite Security Advisory OXAS-ADV-2025-0001	2025-01-27T00:00:00+01:00	2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxas-adv-2024-0005	OX App Suite Security Advisory OXAS-ADV-2024-0005	2024-07-08T00:00:00+02:00	2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001	2024-09-02T00:00:00+02:00	2024-09-06T00:00:00+00:00
oxas-adv-2024-0004	OX App Suite Security Advisory OXAS-ADV-2024-0004	2024-06-13T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0003	OX App Suite Security Advisory OXAS-ADV-2024-0003	2024-04-24T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0002	OX App Suite Security Advisory OXAS-ADV-2024-0002	2024-03-06T00:00:00+01:00	2024-05-06T00:00:00+00:00
oxas-adv-2024-0001	OX App Suite Security Advisory OXAS-ADV-2024-0001	2024-02-08T00:00:00+01:00	2024-04-25T00:00:00+00:00
oxas-adv-2023-0007	OX App Suite Security Advisory OXAS-ADV-2023-0007	2023-12-11T00:00:00+01:00	2024-02-16T00:00:00+00:00
oxas-adv-2023-0006	OX App Suite Security Advisory OXAS-ADV-2023-0006	2023-09-25T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0005	OX App Suite Security Advisory OXAS-ADV-2023-0005	2023-09-19T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0004	OX App Suite Security Advisory OXAS-ADV-2023-0004	2023-08-01T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0003	OX App Suite Security Advisory OXAS-ADV-2023-0003	2023-05-02T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0002	OX App Suite Security Advisory OXAS-ADV-2023-0002	2023-03-20T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0001	OX App Suite Security Advisory OXAS-ADV-2023-0001	2023-02-06T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0002	OX App Suite Security Advisory OXAS-ADV-2022-0002	2022-11-02T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0001	OX App Suite Security Advisory OXAS-ADV-2022-0001	2022-08-10T00:00:00+02:00	2024-01-22T00:00:00+00:00

ID	Description	Published	Updated
msrc_cve-2026-21523	GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability	2026-02-10T08:00:00.000Z	2026-02-27T08:00:00.000Z
msrc_cve-2026-21518	GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability	2026-02-10T08:00:00.000Z	2026-02-27T08:00:00.000Z
msrc_cve-2026-21620	TFTP Path Traversal	2026-02-02T00:00:00.000Z	2026-02-27T01:36:54.000Z
msrc_cve-2026-27571	nats-server websockets are vulnerable to pre-auth memory DoS	2026-02-02T00:00:00.000Z	2026-02-27T01:01:45.000Z
msrc_cve-2025-69873	ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a\|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation.	2026-02-02T00:00:00.000Z	2026-02-27T01:01:37.000Z
msrc_cve-2026-27969	Vitess users with backup storage access can write to arbitrary file paths on restore	2026-02-02T00:00:00.000Z	2026-02-27T01:01:29.000Z
msrc_cve-2026-27965	Vitess users with backup storage access can gain unauthorized access to production deployment environments	2026-02-02T00:00:00.000Z	2026-02-27T01:01:23.000Z
msrc_cve-2026-21863	Malformed Valkey Cluster bus message can lead to Remote DoS	2026-02-02T00:00:00.000Z	2026-02-26T14:36:37.000Z
msrc_cve-2025-67733	Valkey Affected by RESP Protocol Injection via Lua error_reply	2026-02-02T00:00:00.000Z	2026-02-26T14:36:30.000Z
msrc_cve-2025-61144	libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.	2026-02-02T00:00:00.000Z	2026-02-26T14:36:23.000Z
msrc_cve-2025-61143	libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.	2026-02-02T00:00:00.000Z	2026-02-26T14:36:13.000Z
msrc_cve-2026-27211	Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse	2026-02-02T00:00:00.000Z	2026-02-26T14:36:00.000Z
msrc_cve-2025-65637	A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.	2025-12-02T00:00:00.000Z	2026-02-26T14:35:34.000Z
msrc_cve-2026-23225	sched/mmcid: Don't assume CID is CPU owned on mode switch	2026-02-02T00:00:00.000Z	2026-02-26T01:37:47.000Z
msrc_cve-2026-23224	erofs: fix UAF issue for file-backed mounts w/ directio option	2026-02-02T00:00:00.000Z	2026-02-26T01:37:41.000Z
msrc_cve-2026-23223	xfs: fix UAF in xchk_btree_check_block_owner	2026-02-02T00:00:00.000Z	2026-02-26T01:37:34.000Z
msrc_cve-2025-71230	hfs: ensure sb->s_fs_info is always cleaned up	2026-02-02T00:00:00.000Z	2026-02-26T01:37:27.000Z
msrc_cve-2026-23229	crypto: virtio - Add spinlock protection with virtqueue notification	2026-02-02T00:00:00.000Z	2026-02-26T01:37:21.000Z
msrc_cve-2025-11563	wcurl path traversal with percent-encoded slashes	2026-02-02T00:00:00.000Z	2026-02-26T01:02:25.000Z
msrc_cve-2025-62878	Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern	2026-02-02T00:00:00.000Z	2026-02-26T01:02:12.000Z
msrc_cve-2025-61145	libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.	2026-02-02T00:00:00.000Z	2026-02-26T01:01:48.000Z
msrc_cve-2021-20233	A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.	2021-03-02T00:00:00.000Z	2026-02-26T01:01:23.000Z
msrc_cve-2021-20225	A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.	2021-03-02T00:00:00.000Z	2026-02-26T01:01:16.000Z
msrc_cve-2026-26960	node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction	2026-02-02T00:00:00.000Z	2026-02-25T01:38:11.000Z
msrc_cve-2025-68973	In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)	2025-12-02T00:00:00.000Z	2026-02-25T01:36:51.000Z
msrc_cve-2026-2739	This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.	2026-02-02T00:00:00.000Z	2026-02-25T01:03:52.000Z
msrc_cve-2025-38656	wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()	2025-08-02T00:00:00.000Z	2026-02-25T01:03:29.000Z
msrc_cve-2023-53543	vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check	2025-10-02T00:00:00.000Z	2026-02-25T01:03:25.000Z
msrc_cve-2026-27199	Werkzeug safe_join() allows Windows special device names	2026-02-02T00:00:00.000Z	2026-02-25T01:03:19.000Z
msrc_cve-2025-38553	net/sched: Restrict conditions for adding duplicating netems to qdisc tree	2025-08-02T00:00:00.000Z	2026-02-24T14:46:20.000Z

ID	Description	Published	Updated
3adr011525	ABB Automation Builder Gateway for Windows with insecure defaults	2026-02-24T00:30:00.000Z	2026-02-24T00:30:00.000Z
3adr011524	AC500 V3 Multiple vulnerabilities	2026-02-24T00:30:00.000Z	2026-02-24T00:30:00.000Z
sa25p007	B&R Automation Studio Update of SQLite version	2026-02-18T00:30:00.000Z	2026-02-18T00:30:00.000Z
sa26p001	PVI Insertion of Sensitive Information into Logfile	2026-01-29T00:30:00.000Z	2026-01-29T00:30:00.000Z
sa24p003	B&R PCs vulnerable to PixieFail attack	2026-01-29T00:30:00.000Z	2026-01-29T00:30:00.000Z
7paa013309	System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability	2024-06-05T00:30:00.000Z	2026-01-23T00:30:00.000Z
sa25p005	B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server	2026-01-19T00:30:00.000Z	2026-01-19T00:30:00.000Z
sa25p004	Automation Studio Insufficient Server Certificate Validation	2026-01-19T00:30:00.000Z	2026-01-19T00:30:00.000Z
9akk108472a1331	ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory	2026-01-16T00:30:00.000Z	2026-01-16T00:30:00.000Z
2crt000009	WebPro SNMP Card PowerValue Multiple Vulnerabilities	2026-01-07T00:30:00.000Z	2026-01-07T00:30:00.000Z
9akk108471a8107	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-09-16T00:30:00.000Z	2025-11-28T08:00:00.000Z
4hzm000603	ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC)	2025-11-27T00:30:00.000Z	2025-11-28T00:30:00.000Z
7paa022088	Edgenius Management Portal Authentication Bypass	2025-11-20T00:30:00.000Z	2025-11-20T00:30:00.000Z
2nga002813	PCM600 SharpZip library vulnerability	2025-11-03T00:30:00.000Z	2025-11-03T00:30:00.000Z
4tz00000006007	ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations	2025-10-20T00:30:00.000Z	2025-10-23T00:30:00.000Z
9akk108471a8948	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-10-20T00:30:00.000Z	2025-10-21T00:30:00.000Z
3kxg200000r4801	CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability	2025-04-16T00:30:00.000Z	2025-10-20T00:30:00.000Z
sa25p003	B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-14T00:30:00.000Z
4tz00000006008	LVS MConfig Insecure memory handling	2025-10-08T00:30:00.000Z	2025-10-08T00:30:00.000Z
sa25p002	B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7808	EIBPORT Reflected XSS	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7121	FLXeon Controllers Multiple vulnerabilities	2025-09-09T00:30:00.000Z	2025-09-18T00:30:00.000Z
9akk108471a4462	ELSB/BLBA ASPECT advisory several CVEs	2025-08-11T00:30:00.000Z	2025-09-04T00:30:00.000Z
9akk108471a3623	RMC - 100 Vulnerabilities in web UI (REST Interface)	2025-07-03T00:30:00.000Z	2025-08-18T00:30:00.000Z
2nga002743	ABB AbilityTM zenon Remote Transport Vulnerability	2025-08-12T00:30:00.000Z	2025-08-12T00:30:00.000Z
3adr011407	ABB Automation Builder Vulnerabilities in user management and access control	2025-04-30T00:00:00.000Z	2025-07-25T00:00:00.000Z
3adr011432	AC500 V2 Buffer overread on Modbus protocol	2025-07-23T00:30:00.000Z	2025-07-23T00:30:00.000Z
9akk108471a4556	Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode.	2025-07-21T00:30:00.000Z	2025-07-21T00:30:00.000Z
2crt000008	Lite Panel Pro Vulnerability in Session Management	2025-06-26T00:30:00.000Z	2025-06-26T00:30:00.000Z
9akk108470a8948	ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway.	2025-05-29T00:30:00.000Z	2025-06-05T00:30:00.000Z

ID	Description	Updated
var-201507-0645	D-Link is an internationally renowned provider of network equipment and solutions, includ…	2025-12-23T00:12:08.164000Z
var-201011-0225	Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent …	2025-12-23T00:11:40.995000Z
var-201109-0089	Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used…	2025-12-23T00:10:18.602000Z
var-201112-0173	The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, …	2025-12-23T00:05:56.162000Z
var-201103-0371	SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d…	2025-12-23T00:04:00.173000Z
var-201807-0341	ABB Panel Builder 800 all versions has an improper input validation vulnerability which m…	2025-12-23T00:03:51.024000Z
var-200702-0378	Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 …	2025-12-23T00:03:37.932000Z
var-201805-1147	WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe…	2025-12-23T00:01:35.037000Z
var-200607-0396	Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b…	2025-12-23T00:00:47.326000Z
var-201208-0222	Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r…	2025-12-23T00:00:27.061000Z
var-202001-0832	A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic…	2025-12-23T00:00:23.174000Z
var-202001-0833	A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo…	2025-12-23T00:00:23.098000Z
var-201702-0423	An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft…	2025-12-22T23:59:50.708000Z
var-201109-0081	Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in S…	2025-12-22T23:57:06.902000Z
var-201112-0097	Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a…	2025-12-22T23:57:03.107000Z
var-201904-0181	Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow…	2025-12-22T23:55:40.719000Z
var-202407-0233	Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data …	2025-12-22T23:55:32.693000Z
var-200202-0006	Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause…	2025-12-22T23:55:29.383000Z
var-201407-0233	Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote atta…	2025-12-22T23:54:37.672000Z
var-201806-1058	Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo…	2025-12-22T23:54:32.706000Z
var-201810-0396	Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili…	2025-12-22T23:54:32.435000Z
var-201402-0026	Buffer overflow in the process_ra function in the router advertisement daemon (radvd) bef…	2025-12-22T23:52:50.537000Z
var-201402-0028	The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni…	2025-12-22T23:52:50.479000Z
var-201402-0027	The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re…	2025-12-22T23:52:50.408000Z
var-201803-1810	A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial …	2025-12-22T23:52:40.263000Z
var-201906-1029	In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne…	2025-12-22T23:52:37.978000Z
var-201908-0863	Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE…	2025-12-22T23:52:37.116000Z
var-202005-0008	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf…	2025-12-22T23:52:36.251000Z
var-200512-0643	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe…	2025-12-22T23:51:40.221000Z
var-200512-0297	Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit…	2025-12-22T23:51:40.129000Z

ID	Description	Published	Updated
jvndb-2026-000031	Improper file access permission settings in the installers for multiple Soliton Systems products	2026-02-27T15:41+09:00	2026-02-27T15:41+09:00
jvndb-2026-000030	IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization	2026-02-27T15:41+09:00	2026-02-27T15:41+09:00
jvndb-2026-000029	Multiple vulnerabilities in the installer of FinalCode Client	2026-02-26T14:24+09:00	2026-02-26T14:24+09:00
jvndb-2026-004811	Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager	2026-02-26T11:02+09:00	2026-02-26T11:02+09:00
jvndb-2026-004810	Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager	2026-02-26T11:02+09:00	2026-02-26T11:02+09:00
jvndb-2026-000026	Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal	2026-02-25T15:14+09:00	2026-02-25T15:14+09:00
jvndb-2026-004359	Security information for Hitachi Disk Array Systems	2026-02-20T18:35+09:00	2026-02-20T18:35+09:00
jvndb-2026-000027	WordPress Plugin "Survey Maker" vulnerable to cross-site scripting	2026-02-20T12:32+09:00	2026-02-20T12:32+09:00
jvndb-2026-000028	Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries	2026-02-20T12:31+09:00	2026-02-20T12:31+09:00
jvndb-2026-003912	Vulnerability in Cosminexus HTTP Server and Hitachi Web Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003911	Vulnerability in Cosminexus HTTP Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003910	Multiple Vulnerabilities in Cosminexus HTTP Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003909	Multiple Vulnerabilities in Hitachi Command Suite products	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003908	Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003907	Multiple Vulnerabilities in JP1	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003906	Multiple Vulnerabilities in Cosminexus	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003905	Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-000025	Joomla! CMS vulnerable to cross-site scripting	2026-02-17T12:46+09:00	2026-02-17T12:46+09:00
jvndb-2026-000023	FileZen vulnerable to OS command injection	2026-02-13T16:51+09:00	2026-02-13T17:08+09:00
jvndb-2026-000024	Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries	2026-02-12T13:32+09:00	2026-02-12T13:32+09:00
jvndb-2026-000022	Oki Electric Industry products and OEM products register Windows services with unquoted file paths	2026-02-09T15:21+09:00	2026-02-09T15:21+09:00
jvndb-2026-000021	web2py vulnerable to open redirect	2026-02-05T15:01+09:00	2026-02-05T15:01+09:00
jvndb-2026-000017	Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows	2026-02-03T14:57+09:00	2026-02-05T14:41+09:00
jvndb-2026-000020	Multiple vulnerabilities in Movable Type	2026-02-04T16:15+09:00	2026-02-04T16:15+09:00
jvndb-2026-000016	Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries	2026-02-03T14:57+09:00	2026-02-04T12:39+09:00
jvndb-2024-002831	ELECOM wireless LAN routers vulnerable to OS command injection	2024-02-22T08:15+09:00	2026-02-04T12:02+09:00
jvndb-2025-000041	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-06-24T14:50+09:00	2026-02-03T15:35+09:00
jvndb-2024-000078	Multiple vulnerabilities in ELECOM wireless LAN routers	2024-07-30T15:34+09:00	2026-02-03T15:35+09:00
jvndb-2026-000019	Multiple vulnerabilities in ELECOM wireless LAN products	2026-02-03T14:57+09:00	2026-02-03T14:57+09:00
jvndb-2026-000015	Sonatype Nexus Repository vulnerable to server-side request forgery	2026-02-02T15:18+09:00	2026-02-02T15:18+09:00

ID	Description	Updated
ts-2026-001	TS-2026-001	2026-01-15T00:00
ts-2025-008	TS-2025-008	2025-11-19T00:00
ts-2025-007	TS-2025-007	2025-11-07T00:00
ts-2025-006	TS-2025-006	2025-10-28T00:00
ts-2025-005	TS-2025-005	2025-08-07T00:00
ts-2025-004	TS-2025-004	2025-05-27T00:00
ts-2025-003	TS-2025-003	2025-05-21T00:00
ts-2025-002	TS-2025-002	2025-05-15T00:00
ts-2025-001	TS-2025-001	2025-03-07T00:00
ts-2024-013	TS-2024-013	2024-12-04T00:00
ts-2024-012	TS-2024-012	2024-10-02T00:00
ts-2024-011	TS-2024-011	2024-07-22T00:00
ts-2024-010	TS-2024-010	2024-07-19T00:00
ts-2024-009	TS-2024-009	2024-06-27T00:00
ts-2024-008	TS-2024-008	2024-06-14T00:00
ts-2024-007	TS-2024-007	2024-06-12T00:00
ts-2024-006	TS-2024-006	2024-05-22T00:00
ts-2024-005	TS-2024-005	2024-05-08T00:00
ts-2024-004	TS-2024-004	2024-05-06T00:00
ts-2024-003	TS-2024-003	2024-04-23T00:00
ts-2024-002	TS-2024-002	2024-01-30T00:00
ts-2024-001	TS-2024-001	2024-01-08T00:00
ts-2023-009	TS-2023-009	2023-12-22T00:00
ts-2023-008	TS-2023-008	2023-11-01T00:00
ts-2023-007	TS-2023-007	2023-10-26T00:00
ts-2023-006	TS-2023-006	2023-08-22T00:00
ts-2023-005	TS-2023-005	2023-04-28T00:00
ts-2023-004	TS-2023-004	2023-04-04T00:00
ts-2023-003	TS-2023-003	2023-03-22T00:00
ts-2023-002	TS-2023-002	2023-01-24T00:00

ID	Description	Published	Updated
suse-su-2026:0670-1	Security update for ucode-intel	2026-02-26T15:21:41Z	2026-02-26T15:21:41Z
suse-su-2026:0669-1	Security update for ucode-intel	2026-02-26T15:21:31Z	2026-02-26T15:21:31Z
suse-su-2026:0668-1	Security update for ucode-intel	2026-02-26T15:21:13Z	2026-02-26T15:21:13Z
suse-su-2026:0667-1	Security update for redis7	2026-02-26T15:19:55Z	2026-02-26T15:19:55Z
suse-su-2026:0666-1	Security update for docker	2026-02-26T15:17:25Z	2026-02-26T15:17:25Z
suse-su-2026:0665-1	Security update for frr	2026-02-26T15:16:24Z	2026-02-26T15:16:24Z
suse-su-2026:0664-1	Security update for python3	2026-02-26T15:15:20Z	2026-02-26T15:15:20Z
suse-su-2026:0663-1	Security update for python	2026-02-26T15:13:11Z	2026-02-26T15:13:11Z
suse-su-2026:0662-1	Security update for qemu	2026-02-26T15:12:26Z	2026-02-26T15:12:26Z
suse-su-2026:0661-1	Security update for erlang	2026-02-26T15:10:09Z	2026-02-26T15:10:09Z
suse-su-2026:0659-1	Security update for docker-stable	2026-02-26T15:08:37Z	2026-02-26T15:08:37Z
suse-su-2026:0658-1	Security update for libsoup	2026-02-26T15:07:42Z	2026-02-26T15:07:42Z
suse-su-2026:0657-1	Security update for libsoup2	2026-02-26T15:07:11Z	2026-02-26T15:07:11Z
suse-su-2026:0656-1	Security update for freerdp	2026-02-26T15:06:36Z	2026-02-26T15:06:36Z
suse-su-2026:0642-1	Security update for python313	2026-02-26T11:53:34Z	2026-02-26T11:53:34Z
suse-su-2026:0650-1	Security update for redis	2026-02-25T16:33:31Z	2026-02-25T16:33:31Z
suse-su-2026:0649-1	Security update for freerdp	2026-02-25T16:31:37Z	2026-02-25T16:31:37Z
suse-su-2026:0648-1	Security update for libjxl	2026-02-25T16:30:57Z	2026-02-25T16:30:57Z
suse-su-2026:0647-1	Security update for expat	2026-02-25T16:30:09Z	2026-02-25T16:30:09Z
suse-su-2026:0646-1	Security update for expat	2026-02-25T16:29:24Z	2026-02-25T16:29:24Z
suse-su-2026:0645-1	Security update for python3	2026-02-25T16:29:02Z	2026-02-25T16:29:02Z
suse-su-2026:0644-1	Security update for python312	2026-02-25T16:28:23Z	2026-02-25T16:28:23Z
suse-su-2026:0643-1	Security update for python39	2026-02-25T16:27:51Z	2026-02-25T16:27:51Z
suse-su-2026:0641-1	Security update for docker-stable	2026-02-25T16:25:10Z	2026-02-25T16:25:10Z
suse-su-2026:0619-1	Security update for openvswitch	2026-02-24T15:36:20Z	2026-02-24T15:36:20Z
suse-su-2026:0618-1	Security update for protobuf	2026-02-24T15:35:39Z	2026-02-24T15:35:39Z
suse-su-2026:0617-1	Security update for the Linux Kernel	2026-02-24T15:19:04Z	2026-02-24T15:19:04Z
suse-su-2026:0616-1	Security update for postgresql14	2026-02-24T15:16:11Z	2026-02-24T15:16:11Z
suse-su-2026:0615-1	Security update for postgresql15	2026-02-24T15:15:59Z	2026-02-24T15:15:59Z
suse-su-2026:0614-1	Security update for postgresql16	2026-02-24T15:15:47Z	2026-02-24T15:15:47Z

ID	Description	Published	Updated
opensuse-su-2026:10256-1	regclient-0.11.2-1.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10255-1	docker-stable-24.0.9_ce-17.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10254-1	cockpit-tukit-0.1.7~git0.61e54f1-3.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10253-1	cockpit-subscriptions-14.4-4.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10252-1	cockpit-repos-4.7-4.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10251-1	cockpit-packages-4.1-4.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10250-1	cockpit-machines-348-1.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10249-1	cmctl-2.4.1-1.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10248-1	MozillaThunderbird-140.8.0-1.1 on GA media	2026-02-25T00:00:00Z	2026-02-25T00:00:00Z
opensuse-su-2026:10240-1	weblate-5.16-1.1 on GA media	2026-02-23T00:00:00Z	2026-02-23T00:00:00Z
opensuse-su-2026:10239-1	warewulf4-4.6.5-2.1 on GA media	2026-02-23T00:00:00Z	2026-02-23T00:00:00Z
opensuse-su-2026:10238-1	python311-PyPDF2-2.11.1-4.1 on GA media	2026-02-23T00:00:00Z	2026-02-23T00:00:00Z
opensuse-su-2026:10237-1	libopenssl-3-devel-3.5.3-2.1 on GA media	2026-02-23T00:00:00Z	2026-02-23T00:00:00Z
opensuse-su-2026:10236-1	heroic-games-launcher-2.20.0-1.1 on GA media	2026-02-23T00:00:00Z	2026-02-23T00:00:00Z
opensuse-su-2026:10235-1	cosign-3.0.5-1.1 on GA media	2026-02-23T00:00:00Z	2026-02-23T00:00:00Z
opensuse-su-2026:10233-1	kyverno-1.17.1-1.1 on GA media	2026-02-20T00:00:00Z	2026-02-20T00:00:00Z
opensuse-su-2026:10232-1	cosign-3.0.4-2.1 on GA media	2026-02-20T00:00:00Z	2026-02-20T00:00:00Z
opensuse-su-2026:10231-1	busybox-1.37.0-9.1 on GA media	2026-02-20T00:00:00Z	2026-02-20T00:00:00Z
opensuse-su-2026:10224-1	rclone-1.73.1-1.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10223-1	python313-3.13.12-1.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10222-1	python312-3.12.12-5.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10221-1	python311-3.11.14-4.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10220-1	istioctl-1.28.4-1.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10219-1	dnsdist-2.0.2-1.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10218-1	MozillaThunderbird-140.7.2-1.1 on GA media	2026-02-18T00:00:00Z	2026-02-18T00:00:00Z
opensuse-su-2026:10210-1	python311-pip-26.0.1-1.1 on GA media	2026-02-16T00:00:00Z	2026-02-16T00:00:00Z
opensuse-su-2026:10209-1	libsoup-2_4-1-2.74.3-16.1 on GA media	2026-02-16T00:00:00Z	2026-02-16T00:00:00Z
opensuse-su-2026:10208-1	libsoup-3_0-0-3.6.5-13.1 on GA media	2026-02-16T00:00:00Z	2026-02-16T00:00:00Z
opensuse-su-2026:10207-1	frr-10.2.1-4.1 on GA media	2026-02-16T00:00:00Z	2026-02-16T00:00:00Z
opensuse-su-2026:10200-1	python310-3.10.19-4.1 on GA media	2026-02-13T00:00:00Z	2026-02-13T00:00:00Z

ID	Description	Published	Updated
sevd-2026-041-02	Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation	2026-02-10T08:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2026-041-01	Improper Check for Unusual or Exceptional Conditions on Multiple Products	2026-02-10T08:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2025-343-01	EcoStruxure™ Foxboro DCS	2025-12-09T08:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2025-189-03	EcoStruxure™ Power Operation	2025-07-08T04:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2025-042-02	Improper Input Validation Vulnerability in Uni-Telway Driver	2025-02-11T05:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2026-013-04	Multiple Vulnerabilities on EcoStruxure Power Build Rapsody	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2026-013-03	Multiple Vulnerabilities on Zigbee Products	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2026-013-02	Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2026-013-01	Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2025-014-06	RemoteConnect and SCADAPack™ x70 Utilities	2025-01-14T00:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2024-317-03	Modicon Controllers M340 / Momentum / MC80	2024-11-12T05:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2025-343-02	EcoStruxure™ Foxboro DCS Advisor	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
sevd-2025-252-01	Multiple Altivar Process Drives and Communication Modules	2025-09-09T04:00:00.000Z	2025-12-09T08:00:00.000Z
sevd-2023-192-04	CODESYS Runtime Vulnerabilities	2023-07-11T07:15:18.000Z	2025-12-09T08:00:00.000Z
sevd-2021-159-04	ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools	2021-06-08T04:36:25.000Z	2025-11-15T00:00:00.000Z
sevd-2022-284-03	ISaGRAF Workbench for SAGE RTU	2022-10-10T22:13:16.000Z	2025-11-14T06:30:00.000Z
sevd-2025-315-02	EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio	2025-11-11T08:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-315-01	PowerChute™ Serial Shutdown	2025-11-11T08:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-224-02	EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO)	2025-08-12T04:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-224-01	Saitel DR & Saitel DP Remote Terminal Unit	2025-08-12T04:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-014-07	FlexNet Publisher Vulnerability	2025-01-14T07:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-287-01	EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server	2025-10-14T07:00:00.000Z	2025-10-14T07:00:00.000Z
sevd-2025-133-01	Modicon Controllers M241/M251/M258/LMC058	2025-05-13T04:00:00.000Z	2025-10-14T07:00:00.000Z
sevd-2024-345-03	Modicon M241 / M251 / M258 / LMC058	2024-12-10T05:00:00.000Z	2025-10-14T07:00:00.000Z
sevd-2024-191-04	Modicon Controllers M241/ M251, M258 / LMC058 and M262	2024-07-09T00:00:00.000Z	2025-10-14T07:00:00.000Z
sevd-2025-133-05	Galaxy VS, Galaxy VL, Galaxy VXL	2025-05-13T04:00:00.000Z	2025-09-24T04:00:00.000Z
sevd-2025-252-02	Saitel DR & Saitel DP Remote Terminal Unit	2025-09-09T04:00:00.000Z	2025-09-09T04:00:00.000Z
sevd-2025-224-04	EcoStruxure™ Building Operation Enterprise Server, EcoStruxure™ Building Operation Enterprise Central, and EcoStruxure™ Workstation	2025-08-12T04:00:00.000Z	2025-09-09T04:00:00.000Z
sevd-2025-224-03	Schneider Electric Software Update	2025-08-12T04:00:00.000Z	2025-09-09T04:00:00.000Z
sevd-2025-014-02	Pro-face GP-Pro EX and Remote HMI	2025-01-14T00:00:00.000Z	2025-09-09T04:00:00.000Z

ID	Description	Published	Updated
bit-pytorch-2025-2149	PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization	2026-02-26T15:23:05.500Z	2026-02-26T15:46:51.306Z
bit-pytorch-2025-2148	PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption	2026-02-26T15:23:02.496Z	2026-02-26T15:46:51.306Z
bit-neo4j-2026-1337	Insufficient escaping of unicode characters in query log	2026-02-26T15:16:17.899Z	2026-02-26T15:46:51.306Z
bit-valkey-2026-27623	Valkey has Pre-Authentication DOS from malformed RESP request	2026-02-26T08:53:22.415Z	2026-02-26T09:13:58.886Z
bit-valkey-2026-21863	Malformed Valkey Cluster bus message can lead to Remote DoS	2026-02-26T08:53:20.799Z	2026-02-26T09:13:58.886Z
bit-valkey-2025-67733	Valkey Affected by RESP Protocol Injection via Lua error_reply	2026-02-26T08:53:18.978Z	2026-02-26T09:13:58.886Z
bit-superset-2026-23983	Apache Superset: Sensitive Data Exposure via REST API (disabled by default)	2026-02-26T08:54:03.107Z	2026-02-26T09:13:58.886Z
bit-superset-2026-23982	Apache Superset: Improper Authorization in Dataset Creation Allows Access Control Bypass	2026-02-26T08:54:01.397Z	2026-02-26T09:13:58.886Z
bit-superset-2026-23980	Apache Superset: Improper Neutralization of Special Elements used in a SQL Command	2026-02-26T08:53:59.760Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-25613	An unsafe cast in the MongoDB query planner can result in a segmentation fault.	2026-02-26T08:47:48.322Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-25610	Invalid $geoNear index hint may cause server crash	2026-02-26T08:47:46.620Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-25609	profile command may permit unauthorized configuration	2026-02-26T08:47:44.983Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-1850	An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification	2026-02-26T08:47:43.390Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-1849	Mongod can run out of stack memory when expressions create deeply nested documents	2026-02-26T08:47:41.788Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-1848	Connections received from the proxy port may not count towards total accepted connections	2026-02-26T08:47:40.094Z	2026-02-26T09:13:58.886Z
bit-mongodb-2026-1847	MongoDB Server may crash when inserting large documents	2026-02-26T08:47:38.190Z	2026-02-26T09:13:58.886Z
bit-bpftool-2025-29481		2025-04-16T07:06:29.453Z	2026-02-26T09:13:58.886Z
bit-appsmith-2026-24042	Appsmith public apps can execute unpublished actions (viewMode confusion)	2026-01-29T08:36:35.250Z	2026-02-26T09:13:58.886Z
bit-apache-2021-41773	Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49	2024-03-06T10:54:39.310Z	2026-02-26T09:13:58.886Z
bit-airflow-2025-68675	Apache Airflow: proxy credentials for various providers might leak in task logs	2026-01-21T08:39:24.383Z	2026-02-26T09:13:58.886Z
bit-airflow-2025-27555	Apache Airflow: Connection Secrets not masked in UI when Connection are added via Airflow cli	2026-02-26T08:39:17.851Z	2026-02-26T09:13:58.886Z
bit-airflow-2024-56373	Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information	2026-02-26T08:39:15.266Z	2026-02-26T09:13:58.886Z
bit-apache-2022-28614	read beyond bounds via ap_rwrite()	2024-03-06T10:52:51.677Z	2026-02-25T15:48:08.458Z
bit-tensorflow-2021-37691	Division by zero in LSH in TensorFlow Lite	2024-03-06T11:16:41.709Z	2026-02-24T21:09:55.900Z
bit-superset-2021-37839	Improper access to dataset metadata information	2025-02-05T07:29:47.009Z	2026-02-24T21:09:55.900Z
bit-grafana-2021-39226	Snapshot authentication bypass in grafana	2024-03-06T10:59:36.715Z	2026-02-24T21:09:55.900Z
bit-superset-2021-28125	Apache Superset Open Redirect	2025-02-05T07:29:54.416Z	2026-02-24T18:11:25.008Z
bit-tomcat-2026-24733	Apache Tomcat: Security constraint bypass with HTTP/0.9	2026-02-20T09:52:58.708Z	2026-02-24T09:11:39.593Z
bit-tomcat-2025-66614	Apache Tomcat: Client certificate verification bypass due to virtual host mapping	2026-02-20T09:52:57.300Z	2026-02-24T09:11:39.593Z
bit-python-2026-0865	wsgiref.headers.Headers allows header newline injection	2026-01-26T14:50:04.789Z	2026-02-24T09:11:39.593Z

ID	Description	Published	Updated
cleanstart-2026-vu62737	excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate	2026-02-26T00:41:56.473097Z	2026-02-25T07:34:17Z
cleanstart-2026-zs11519	Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0	2026-02-25T00:49:13.663387Z	2026-02-24T09:23:19Z
cleanstart-2026-xk29348	Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 8.4.0-r0	2026-02-25T00:39:11.477214Z	2026-02-24T09:23:19Z
cleanstart-2026-wk32717	During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...	2026-02-25T00:52:13.178542Z	2026-02-24T09:23:19Z
cleanstart-2026-uk11127	During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...	2026-02-25T00:52:43.391940Z	2026-02-24T09:23:19Z
cleanstart-2026-rd09851	net/url package does not set a limit on the number of query parameters in a query	2026-02-25T00:53:44.039015Z	2026-02-24T09:23:19Z
cleanstart-2026-pm90259	Cancelling a query (e	2026-02-25T00:50:43.010672Z	2026-02-24T09:23:19Z
cleanstart-2026-oo47906	Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0	2026-02-25T00:49:14.177631Z	2026-02-24T09:23:19Z
cleanstart-2026-ds30740	go-git is a highly extensible git implementation library written in pure Go	2026-02-25T00:46:12.495329Z	2026-02-24T09:23:19Z
cleanstart-2026-dn18334	During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...	2026-02-25T00:39:41.622120Z	2026-02-24T09:23:19Z
cleanstart-2026-dc27717	OpenVPN version 2	2026-02-25T00:39:42.192253Z	2026-02-24T09:23:19Z
cleanstart-2026-yq79300	Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate	2026-02-24T00:45:20.890998Z	2026-02-23T12:58:32Z
cleanstart-2026-sp64433	Security fixes for GHSA-6rw7-vpxm-498p, GHSA-73rr-hh4g-fpgx, GHSA-8qq5-rm4j-mr97 applied in versions: 4.2.1.1-r1	2026-02-24T00:44:51.180009Z	2026-02-23T12:58:32Z
cleanstart-2026-lm41397	node-tar is a full-featured Tar for Node	2026-02-24T00:40:50.950958Z	2026-02-23T12:58:32Z
cleanstart-2026-yn08405	Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 7.1.1-r7	2026-02-19T00:39:05.944714Z	2026-02-18T09:40:19Z
cleanstart-2026-oj16660	Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.28.4-r0	2026-02-19T00:39:07.225007Z	2026-02-18T09:40:19Z
cleanstart-2026-nn87556	Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.29.0-r0	2026-02-19T00:39:07.788394Z	2026-02-18T09:40:19Z
cleanstart-2026-ln12820	vulnerability has been identified in Node	2026-02-19T00:58:49.154512Z	2026-02-18T09:40:19Z
cleanstart-2026-kn34553	vulnerability has been identified in Node	2026-02-19T00:58:48.926519Z	2026-02-18T09:40:19Z
cleanstart-2026-kn30288	Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-rhfx-m35p-ff5j, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.27.5-r1, 1.27.6-r0	2026-02-19T00:39:07.163109Z	2026-02-18T09:40:19Z
cleanstart-2026-zt77083	When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers	2026-02-18T00:40:43.959662Z	2026-02-17T14:16:07Z
cleanstart-2026-rs39538	excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate	2026-02-18T00:37:41.553514Z	2026-02-17T14:16:07Z
cleanstart-2026-lr19699	Within HostnameError	2026-02-18T00:37:41.636616Z	2026-02-17T14:16:07Z
cleanstart-2026-dt95939	excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate	2026-02-18T00:37:41.674179Z	2026-02-17T14:16:07Z
cleanstart-2026-at88149	excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate	2026-02-18T00:37:41.548996Z	2026-02-17T14:16:07Z
cleanstart-2026-xv54160	Within HostnameError	2026-02-17T00:41:15.330012Z	2026-02-16T09:23:22Z
cleanstart-2026-vg57433	Within HostnameError	2026-02-17T00:39:45.599344Z	2026-02-16T09:23:22Z
cleanstart-2026-uh39784	SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process	2026-02-17T00:40:45.017480Z	2026-02-16T09:23:22Z
cleanstart-2026-jr03360	Within HostnameError	2026-02-17T00:39:45.300172Z	2026-02-16T09:23:22Z
cleanstart-2026-gg58376	Within HostnameError	2026-02-17T00:41:15.939977Z	2026-02-16T09:23:22Z

ID	Published	Updated
drupal-contrib-2026-019	2026-02-25T18:51:43.000Z	2026-02-25T18:51:43.000Z
drupal-contrib-2026-018	2026-02-25T18:51:26.000Z	2026-02-25T18:51:26.000Z
drupal-contrib-2026-017	2026-02-25T18:51:01.000Z	2026-02-25T18:51:01.000Z
drupal-contrib-2026-016	2026-02-25T18:49:59.000Z	2026-02-25T18:49:59.000Z
drupal-contrib-2026-015	2026-02-25T18:47:57.000Z	2026-02-25T18:47:57.000Z
drupal-contrib-2026-014	2026-02-25T18:46:10.000Z	2026-02-25T18:46:10.000Z
drupal-contrib-2026-013	2026-02-25T18:45:13.000Z	2026-02-25T18:45:13.000Z
drupal-contrib-2026-012	2026-02-25T18:44:38.000Z	2026-02-25T18:44:38.000Z
drupal-contrib-2026-011	2026-02-25T18:43:32.000Z	2026-02-25T18:43:32.000Z
drupal-contrib-2026-010	2026-02-11T16:54:18.000Z	2026-02-25T17:17:46.000Z
drupal-contrib-2026-009	2026-02-11T16:53:32.000Z	2026-02-12T15:37:20.000Z
drupal-contrib-2026-008	2026-02-04T17:23:40.000Z	2026-02-04T17:23:40.000Z
drupal-contrib-2026-007	2026-01-28T17:29:32.000Z	2026-01-28T17:29:32.000Z
drupal-contrib-2026-006	2026-01-28T17:28:31.000Z	2026-01-28T17:28:31.000Z
drupal-contrib-2026-005	2026-01-14T17:57:31.000Z	2026-01-14T18:33:02.000Z
drupal-contrib-2026-004	2026-01-14T17:56:28.000Z	2026-01-14T17:56:28.000Z
drupal-contrib-2026-003	2026-01-14T17:55:41.000Z	2026-01-14T17:55:41.000Z
drupal-contrib-2026-002	2026-01-14T17:54:33.000Z	2026-01-14T17:54:33.000Z
drupal-contrib-2026-001	2026-01-14T17:53:33.000Z	2026-01-14T17:53:33.000Z
drupal-contrib-2025-126	2025-12-17T17:47:13.000Z	2025-12-17T17:47:13.000Z
drupal-contrib-2025-125	2025-12-10T17:53:01.000Z	2025-12-10T19:09:57.000Z
drupal-contrib-2025-119	2025-12-03T18:48:23.000Z	2025-12-03T19:05:53.000Z
drupal-contrib-2025-124	2025-12-03T18:49:57.000Z	2025-12-03T18:49:57.000Z
drupal-contrib-2025-123	2025-12-03T18:49:40.000Z	2025-12-03T18:49:40.000Z
drupal-contrib-2025-122	2025-12-03T18:49:18.000Z	2025-12-03T18:49:18.000Z
drupal-contrib-2025-121	2025-12-03T18:48:57.000Z	2025-12-03T18:48:57.000Z
drupal-contrib-2025-120	2025-12-03T18:48:37.000Z	2025-12-03T18:48:37.000Z
drupal-contrib-2025-118	2025-12-03T18:48:10.000Z	2025-12-03T18:48:10.000Z
drupal-contrib-2025-117	2025-12-03T18:47:37.000Z	2025-12-03T18:47:37.000Z
drupal-contrib-2025-088	2025-07-09T16:37:40.000Z	2025-11-22T09:22:47.000Z

ID	Description	Published	Updated
cnvd-2026-10895	WordPress插件Pixel Manager for WooCommerce信息泄露漏洞	2025-11-20	2026-02-14
cnvd-2026-10894	WordPress插件Quiz Maker信息泄露漏洞	2025-11-21	2026-02-14
cnvd-2026-10893	WordPress插件WP FullCalendar信息泄露漏洞	2026-01-30	2026-02-14
cnvd-2026-10892	WordPress插件WP Directory Kit信息泄露漏洞	2026-01-30	2026-02-14
cnvd-2026-10891	WordPress插件CubeWP – All-in-One Dynamic Content Framework信息泄露漏洞	2026-01-30	2026-02-14
cnvd-2026-10890	WordPress插件Contact Form 7 GetResponse Extension信息泄露漏洞	2026-01-30	2026-02-14
cnvd-2026-10889	WordPress插件Cargus信息泄露漏洞	2026-01-30	2026-02-14
cnvd-2026-10888	WordPress插件Booking Ultra Pro信息泄露漏洞	2026-01-30	2026-02-14
cnvd-2026-10887	MailEnable存在未明漏洞（CNVD-2026-10887）	2025-12-18	2026-02-14
cnvd-2026-10885	FRRouting拒绝服务漏洞（CNVD-2026-10885）	2025-10-31	2026-02-14
cnvd-2026-06351	用友网络科技股份有限公司U8+渠道管理(高级版)存在SQL注入漏洞（CNVD-C-2025-1245200）	2025-12-31	2026-02-14
cnvd-2026-10886	MailEnable存在未明漏洞	2025-12-18	2026-02-13
cnvd-2026-10884	FRRouting拒绝服务漏洞（CNVD-2026-10884）	2025-10-31	2026-02-13
cnvd-2026-10883	FRRouting拒绝服务漏洞（CNVD-2026-10883）	2025-10-31	2026-02-13
cnvd-2026-10882	FRRouting拒绝服务漏洞	2025-10-31	2026-02-13
cnvd-2026-10881	mall-swarm授权问题漏洞（CNVD-2026-10881）	2025-11-18	2026-02-13
cnvd-2026-10880	mall-swarm存在未明漏洞	2025-11-18	2026-02-13
cnvd-2026-10879	mall-swarm授权问题漏洞（CNVD-2026-10879）	2025-11-18	2026-02-13
cnvd-2026-10878	mall-swarm授权问题漏洞（CNVD-2026-10878）	2025-11-18	2026-02-13
cnvd-2026-10877	mall-swarm授权问题漏洞（CNVD-2026-10877）	2025-11-18	2026-02-13
cnvd-2026-10876	mall-swarm授权问题漏洞	2025-12-10	2026-02-13
cnvd-2026-10875	Huawei HarmonyOS卡框架模块多线程竞争条件漏洞	2026-01-19	2026-02-13
cnvd-2026-10874	Huawei HarmonyOS和EMUI克隆模块中间人攻击漏洞	2026-01-19	2026-02-13
cnvd-2026-10873	Huawei HarmonyOS和EMUI媒体库模块权限验证绕过漏洞（CNVD-2026-10873）	2026-01-19	2026-02-13
cnvd-2026-10872	Huawei HarmonyOS和EMUI媒体库模块权限验证绕过漏洞	2026-01-19	2026-02-13
cnvd-2026-10871	WordPress插件metasync存在未明漏洞	2026-02-04	2026-02-12
cnvd-2026-10870	WordPress插件Simple User Registration访问控制错误漏洞	2026-02-04	2026-02-12
cnvd-2026-10859	Adobe Substance 3D Modeler越界写入漏洞（CNVD-2026-10859）	2026-01-19	2026-02-12
cnvd-2026-10858	Adobe Substance 3D Modeler越界写入漏洞（CNVD-2026-10858）	2026-01-19	2026-02-12
cnvd-2026-10857	Rockwell Automation FactoryTalk Linx权限提升漏洞（CNVD-2026-10857）	2025-10-17	2026-02-12

ID	Description	Published	Updated
certfr-2026-avi-0227	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0226	Multiples vulnérabilités dans le noyau Linux de Red Hat	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0225	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0224	Multiples vulnérabilités dans les produits IBM	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0223	Multiples vulnérabilités dans les produits Microsoft	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0222	Multiples vulnérabilités dans Microsoft Edge	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0221	Multiples vulnérabilités dans les produits Centreon	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0220	Multiples vulnérabilités dans les produits Elastic	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0219	Vulnérabilité dans Stormshield Network Security	2026-02-27T00:00:00.000000	2026-02-27T00:00:00.000000
certfr-2026-avi-0218	Multiples vulnérabilités dans les produits VMware	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0217	Multiples vulnérabilités dans SPIP	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0216	Vulnérabilité dans PostgreSQL	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0215	Multiples vulnérabilités dans les produits Microsoft	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0214	Vulnérabilité dans Juniper Networks Junos OS Evolved	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0213	Multiples vulnérabilités dans les produits Cisco	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0212	Multiples vulnérabilités dans les produits Centreon	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0211	Multiples vulnérabilités dans Wireshark	2026-02-26T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2026-avi-0210	Multiples vulnérabilités dans Cisco Catalyst SD-WAN	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0209	Multiples vulnérabilités dans les produits VMware	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0208	Vulnérabilité dans les produits Synology	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0207	Multiples vulnérabilités dans GitLab	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0206	Multiples vulnérabilités dans les produits Trend Micro	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0205	Multiples vulnérabilités dans SolarWinds Serv-U	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0204	Multiples vulnérabilités dans les produits Mozilla	2026-02-25T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0179	Multiples vulnérabilités dans SPIP	2026-02-18T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0155	Multiples vulnérabilités dans SPIP	2026-02-12T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2025-avi-0043	Multiples vulnérabilités dans SPIP	2025-01-17T00:00:00.000000	2026-02-25T00:00:00.000000
certfr-2026-avi-0203	Vulnérabilité dans Microsoft Azure Linux	2026-02-24T00:00:00.000000	2026-02-24T00:00:00.000000
certfr-2026-avi-0202	Multiples vulnérabilités dans les produits SonicWall	2026-02-24T00:00:00.000000	2026-02-24T00:00:00.000000
certfr-2026-avi-0201	Multiples vulnérabilités dans Mattermost Server	2026-02-24T00:00:00.000000	2026-02-24T00:00:00.000000

ID	Description	Published	Updated
certfr-2026-ale-002	[MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN	2026-02-25T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2025-ale-014	[MàJ] Vulnérabilité dans React Server Components	2025-12-05T00:00:00.000000	2026-02-12T00:00:00.000000
certfr-2026-ale-001	[MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile	2026-01-30T00:00:00.000000	2026-02-03T00:00:00.000000
certfr-2025-ale-013	[MàJ] Multiples vulnérabilités dans Cisco ASA et FTD	2025-09-25T00:00:00.000000	2025-10-06T00:00:00.000000
certfr-2025-ale-012	Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-09-26T00:00:00.000000
certfr-2025-ale-010	[MàJ] Multiples vulnérabilités dans Microsoft SharePoint	2025-07-21T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-ale-011	Incidents de sécurité dans les pare-feux SonicWall	2025-08-05T00:00:00.000000	2025-08-18T00:00:00.000000
certfr-2025-ale-009	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-07-01T00:00:00.000000	2025-07-17T00:00:00.000000
certfr-2025-ale-004	Activités de post-exploitation dans Fortinet FortiGate	2025-04-11T00:00:00.000000	2025-08-07T00:00:00.000000
certfr-2025-ale-008	[MàJ] Vulnérabilité dans Roundcube	2025-06-05T00:00:00.000000	2025-07-21T00:00:00.000000
certfr-2025-ale-007	Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM)	2025-05-14T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-006	Vulnérabilité dans les produits Fortinet	2025-05-13T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-005	Vulnérabilité dans SAP NetWeaver	2025-04-28T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-003	[MàJ] Vulnérabilité dans les produits Ivanti	2025-04-04T00:00:00.000000	2025-04-11T00:00:00.000000
certfr-2025-ale-002	[MàJ] Vulnérabilité dans les produits Fortinet	2025-05-07T00:00:00.000000	2025-01-14T00:00:00.000000
certfr-2025-ale-001	[MàJ] Vulnérabilité dans les produits Ivanti	2025-01-09T00:00:00.000000	2025-04-01T00:00:00.000000
certfr-2024-ale-014	[MàJ] Multiples vulnérabilités dans Fortinet FortiManager	2024-10-30T00:00:00.000000	2024-10-23T00:00:00.000000
certfr-2024-ale-013	Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA)	2025-03-31T00:00:00.000000	2024-10-25T00:00:00.000000
certfr-2024-ale-015	[MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks	2024-11-15T00:00:00.000000	2024-11-18T00:00:00.000000
certfr-2024-ale-012	[MàJ] Vulnérabilités affectant OpenPrinting CUPS	2024-09-27T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-011	Vulnérabilité dans SonicWall	2024-09-10T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-010	Multiples vulnérabilités dans Roundcube	2024-08-09T00:00:00.000000	2024-10-07T00:00:00.000000
certfr-2024-ale-009	Vulnérabilité dans OpenSSH	2024-07-01T00:00:00.000000	2024-07-03T00:00:00.000000
certfr-2024-ale-008	[MàJ] Vulnérabilité dans les produits Check Point	2024-05-30T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-007	Multiples vulnérabilités dans les produits Cisco	2024-04-25T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-006	[MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect	2024-04-12T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-004	[MàJ] Vulnérabilité dans Fortinet FortiOS	2024-02-09T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-005	[MàJ] Vulnérabilité dans Microsoft Outlook	2024-02-15T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-003	[MàJ] Incident affectant les solutions AnyDesk	2024-02-05T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-001	[MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways	2024-01-11T00:00:00.000000	2024-04-15T00:00:00.000000

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1-2026-0015	7.2 (4.0)	Threat actors use FortiCloud SSO bypass to collect LDA…	fortinet	fortios	2026-02-09T09:09:00.000Z	2026-02-09T09:14:59.004089Z
GCVE-1-2026-0013	2.1 (4.0)	Flask Application Username Route Collision Allows Rese…	vulnerability-lookup	vulnerability-lookup	2026-02-04T19:27:00.000Z	2026-02-04T19:32:49.787763Z
GCVE-1-2026-0014	7.4 (4.0)	Missing Authorization Check Allows Unauthorized Modifi…	vulnerability-lookup	vulnerability-lookup	2026-02-04T19:32:14.341383Z	2026-02-04T19:32:14.341383Z
GCVE-1-2026-0012	2.1 (4.0)	Authentication Error Message Allows Email Address Enum…	vulnerability-lookup	vulnerability-lookup	2026-02-04T19:21:34.411344Z	2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011	8.7 (4.0)	Out-of-bounds memory write in the network packet …	EA Games	Command & Conquer: Generals	2026-01-29T14:37:00.000Z	2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010	9.3 (4.0)	Improper input validation in the file transfer ha…	EA Games	Command & Conquer: Generals	2026-01-29T14:33:18.822829Z	2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009	9.3 (4.0)	Stack-based buffer overflow in the multiplayer ne…	EA Games	Command & Conquer: Generals	2026-01-29T14:30:38.596928Z	2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008	10 (4.0)	gpg-agent stack buffer overflow in pkdecrypt using KEM	gnupg	gpg-agent	2026-01-28T13:48:12.350509Z	2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007	10 (4.0)	GNU InetUtils Security Advisory: remote authentication…	gnu	InetUtils	2026-01-20T20:57:00.000Z	2026-01-26T16:32:40.831364Z
GCVE-1-2026-0004	8.5 (4.0)	Authorization Bypass in Cerebrate IndividualsControlle…	cerebrate	cerebrate	2026-01-13T15:28:00.000Z	2026-01-13T15:38:37.744618Z
GCVE-1-2026-0005	8.5 (4.0)	Improper Access Control in Cerebrate Alignment Model A…	cerebrate	cerebrate	2026-01-13T15:31:00.000Z	2026-01-13T15:38:02.888546Z
GCVE-1-2026-0006	8.5 (4.0)	Improper Access Control in Cerebrate AuthKey and Encry…	cerebrate	cerebrate	2026-01-13T15:37:17.337254Z	2026-01-13T15:37:17.337254Z
GCVE-1-2026-0003	6.3 (4.0)	Stored/Reflected XSS via Unsanitized Parameters in URL…	misp	misp	2026-01-13T10:50:00.000Z	2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002	10 (4.0)	Heap-buffer-overflow in EXIF writer for extra IFD tags	ffmpeg	ffmpeg	2026-01-02T19:50:00.000Z	2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001	N/A	Bundle reference to gpg.fail	gnupg	gnupg	2026-01-02T10:20:00.000Z	2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041	6.4 (4.0)	[online services] Reflected Cross-Site Scripting (XSS)…	typo3	typo3	2025-12-19T14:25:00.000Z	2025-12-19T14:54:51.594645Z
GCVE-1-2025-0032	10 (4.0)	The default configuration of WatchGuard Firebox device…	watchguard	firebox	2025-12-03T16:25:00.000Z	2025-12-19T13:48:34.570799Z
GCVE-1-2025-0031	7.1 (4.0)	A cross-site scripting (XSS) vulnerability was identif…	misp	misp	2025-12-03T10:58:00.000Z	2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040	7.2 (4.0)	A cross-site scripting (XSS) vulnerability was id…	misp	misp	2025-12-13T08:44:32.378924Z	2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039	8.5 (4.0)	XSS Reintroduced in MISP Dashboard World Map Widget Du…	misp	misp	2025-12-10T14:33:52.856734Z	2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038	5 (4.0)	Reflected XSS in MISP Template Tag Removal and MISP Ad…	misp	misp	2025-12-10T14:10:00.000Z	2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037	7 (4.0)	Reflected XSS in MISP Dashboard Widgets via Unescaped …	misp	misp	2025-12-10T14:01:03.200804Z	2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036	8.3 (4.0)	A reflected cross-site scripting (XSS) vulnerability w…	misp	misp	2025-12-10T13:46:07.170083Z	2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035	8.3 (4.0)	Insufficient sanitization of bundle metadata (availabl…	CIRCL	vulnerability-lookup	2025-12-08T10:25:00.000Z	2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034	7 (4.0)	Missing CSRF protection on state-changing endpoints in…	CIRCL	vulnerability-lookup	2025-12-08T10:19:00.000Z	2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033	8.1 (4.0)	Vulnerability-lookup did not track or limit failed One…	CIRCL	vulnerability-lookup	2025-12-08T10:11:00.000Z	2025-12-08T12:12:53.235996Z
GCVE-1-2025-0030	6.2 (4.0)	A cross-site scripting (XSS) vulnerability in the MISP…	misp	misp	2025-12-03T10:53:00.000Z	2025-12-03T10:58:55.845341Z
GCVE-1-2025-0028	8.5 (4.0)	Information leakage vulnerability in the MISP Feed con…	misp	misp	2025-11-27T07:23:00.000Z	2025-12-02T08:51:35.429494Z
GCVE-1-2025-0027	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-27T07:17:00.000Z	2025-12-02T08:51:04.323899Z
GCVE-1-2025-0026	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:35:00.000Z	2025-12-02T08:50:46.381572Z

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011	9.1 (3.1)	HexStrike AI MCP Server Command Injection	0x4m4	HexStrike AI	2025-11-30T21:27:56.057Z	2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100	6.5 (3.1)	Abilis CPX Fallback Shell Connection Relay	Abilis	CPX	2025-11-04T00:23:23.924Z	2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010	7.3 (3.1)	Unitree Multiple Robotic Products Command Injection	Unitree	Go2	2025-09-26T06:53:49.585Z	2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001	4.3 (3.1)	Unauthenticated leak of sensitive information affectin…	Brother Industries, Ltd	HL-L8260CDN	2025-08-12T15:23:00.577Z	2025-08-15T05:53:23.017Z