Vulnerability-Lookup

Recent vulnerabilities from

Select from 69 available sources using the dropdown above.

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-40352	8.8 (3.1)	FastGPT: NoSQL Injection in updatePasswordByOld Leads …	labring	FastGPT	2026-04-17T21:09:32.913Z	2026-04-17T21:09:32.913Z
CVE-2026-40306	6.9 (4.0)	DNN has same HostGUID for all new installs	dnnsoftware	Dnn.Platform	2026-04-17T21:09:30.317Z	2026-04-17T21:09:30.317Z
CVE-2026-40305	4.3 (3.1)	DNN has Force Friend Request Acceptance	dnnsoftware	Dnn.Platform	2026-04-17T21:06:09.237Z	2026-04-17T21:06:09.237Z
CVE-2026-40351	9.8 (3.1)	FastGPT: NoSQL Injection in loginByPassword leads to A…	labring	FastGPT	2026-04-17T21:05:05.911Z	2026-04-17T21:05:05.911Z
CVE-2026-40304	5.3 (3.1)	zrok's broken ownership check in DELETE /api/v2/unacce…	openziti	zrok	2026-04-17T21:04:23.648Z	2026-04-17T21:04:23.648Z
CVE-2026-40303	7.5 (3.1)	zrok allows unauthenticated DoS via unbounded memory a…	openziti	zrok	2026-04-17T21:01:51.899Z	2026-04-17T21:01:51.899Z
CVE-2026-40196	8.1 (3.1)	HomeBox has Unauthorized API Access via Retained defau…	sysadminsmedia	homebox	2026-04-17T21:01:18.530Z	2026-04-17T21:01:18.530Z
CVE-2026-40302	6.1 (3.1)	zrok has reflected XSS in GitHub OAuth callback via un…	openziti	zrok	2026-04-17T20:56:08.368Z	2026-04-17T20:56:08.368Z
CVE-2026-40155	5.4 (3.1)	Auth0 Next.js SDK has Improper Proxy Cache Lookup	auth0	nextjs-auth0	2026-04-17T20:54:38.958Z	2026-04-17T20:54:38.958Z
CVE-2026-40301	4.7 (3.1)	rhukster/dom-sanitizer: SVG <style> tag allows CSS inj…	rhukster	dom-sanitizer	2026-04-17T20:51:37.226Z	2026-04-17T20:51:37.226Z
CVE-2026-40299	6.9 (4.0)	next-intl has an open redirect vulnerability	amannn	next-intl	2026-04-17T20:49:05.642Z	2026-04-17T20:49:05.642Z
CVE-2026-40293	6.5 (3.1)	OpenFGA Playground Preshared Key Exposure	openfga	openfga	2026-04-17T20:47:06.804Z	2026-04-17T20:47:06.804Z
CVE-2026-35603	5.4 (4.0)	Claude Code: Insecure System-Wide Configuration Loadin…	anthropics	claude-code	2026-04-17T20:38:49.901Z	2026-04-17T20:38:49.901Z
CVE-2026-31927	4.9 (3.1)	Anviz CX7 Firmware Relative Path Traversal	Anviz	Anviz CX7 Firmware	2026-04-17T19:24:53.893Z	2026-04-17T20:34:41.679Z
CVE-2026-35402	2.3 (4.0)	mcp-neo4j-cypher: SSRF and Data Modification via read_…	neo4j-contrib	mcp-neo4j	2026-04-17T20:34:06.510Z	2026-04-17T20:34:06.510Z
CVE-2026-33569	6.5 (3.1)	Anviz Products Cleartext Transmission of Sensitive Inf…	Anviz	Anviz CX7 Firmware	2026-04-17T19:30:46.066Z	2026-04-17T20:32:48.104Z
CVE-2026-35682	8.8 (3.1)	Anviz CX2 Lite Command Injection	Anviz	Anviz CX2 Lite Firmware	2026-04-17T19:46:26.716Z	2026-04-17T20:30:18.510Z
CVE-2026-33436	3.1 (3.1)	Stirling-PDF: Reflected XSS through crafted filename i…	Stirling-Tools	Stirling-PDF	2026-04-17T20:29:43.262Z	2026-04-17T20:29:43.262Z
CVE-2026-40434	8.1 (3.1)	Anviz CrossChex Standard Improper Verification of Sour…	Anviz	Anviz CrossChex Standard	2026-04-17T19:49:28.099Z	2026-04-17T20:28:02.785Z
CVE-2026-40286	7.5 (3.1)	WeGIA has Cross-Site Scripting in Controle de Contribuição	LabRedesCefetRJ	WeGIA	2026-04-17T20:27:59.131Z	2026-04-17T20:27:59.131Z
CVE-2026-32650	7.5 (3.1)	Anviz CrossChex Standard Algorithm Downgrade	Anviz	Anviz CrossChex Standard	2026-04-17T19:52:45.308Z	2026-04-17T20:26:17.922Z
CVE-2026-23500	9.4 (4.0)	Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_P…	Dolibarr	dolibarr	2026-04-17T20:25:49.843Z	2026-04-17T20:25:49.843Z
CVE-2026-40285	8.8 (3.1)	WeGIA has SQL Injection via Session Variable Override …	LabRedesCefetRJ	WeGIA	2026-04-17T20:25:33.185Z	2026-04-17T20:25:33.185Z
CVE-2026-40527	8.5 (4.0) 7.8 (3.1)	radare2 Command Injection via DWARF Parameter Names	radareorg	radare2	2026-04-17T20:25:20.143Z	2026-04-17T20:25:20.143Z
CVE-2026-40284	6.8 (3.1)	WeGIA has stored XSS in listar_despachos.php	LabRedesCefetRJ	WeGIA	2026-04-17T20:24:10.282Z	2026-04-17T20:24:10.282Z
CVE-2026-40282	6.4 (4.0)	WeGIA has stored XSS in intercorrencia_visualizar.php	LabRedesCefetRJ	WeGIA	2026-04-17T20:16:46.878Z	2026-04-17T20:23:13.483Z
CVE-2026-35512	8.7 (4.0)	xrdp: Heap buffer overflow in EGFX channel	neutrinolabs	xrdp	2026-04-17T20:21:59.868Z	2026-04-17T20:21:59.868Z
CVE-2026-33689	8.7 (4.0)	xrdp: Pre-authentication out-of-bounds reads in channe…	neutrinolabs	xrdp	2026-04-17T20:16:31.248Z	2026-04-17T20:16:31.248Z
CVE-2026-33145	6.3 (3.1)	xrdp: Authenticated RCE via unsanitized AlternateShell…	neutrinolabs	xrdp	2026-04-17T20:14:14.048Z	2026-04-17T20:15:20.525Z
CVE-2026-32324	7.7 (3.1)	Anviz CX7 Firmware Use of Hard-coded Cryptographic Key	Anviz	Anviz CX7 Firmware	2026-04-17T19:22:12.097Z	2026-04-17T20:10:48.189Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-35596	4.3 (3.1)	Vikunja has Broken Access Control on Label Read via SQ…	go-vikunja	vikunja	2026-04-10T15:59:43.255Z	2026-04-14T14:51:51.537Z
CVE-2026-35597	5.9 (3.1)	Vikunja Affected by TOTP Brute-Force Due to Non-Functi…	go-vikunja	vikunja	2026-04-10T16:03:19.636Z	2026-04-13T15:37:11.358Z
CVE-2026-35598	4.3 (3.1)	Vikunja has Missing Authorization on CalDAV Task Read	go-vikunja	vikunja	2026-04-10T16:04:32.083Z	2026-04-14T14:20:44.249Z
CVE-2026-35599	6.5 (3.1)	Vikunja has an Algorithmic Complexity DoS in Repeating…	go-vikunja	vikunja	2026-04-10T16:05:57.581Z	2026-04-10T18:28:29.310Z
CVE-2026-35600	5.4 (3.1)	Vikunja has HTML Injection via Task Titles in Overdue …	go-vikunja	vikunja	2026-04-10T16:07:07.846Z	2026-04-14T15:01:18.724Z
CVE-2026-35601	4.1 (3.1)	Vikunja has an iCalendar Property Injection via CRLF i…	go-vikunja	vikunja	2026-04-10T16:08:50.519Z	2026-04-13T15:37:03.974Z
CVE-2026-35602	5.4 (3.1)	Vikunja has a File Size Limit Bypass via Vikunja Import	go-vikunja	vikunja	2026-04-10T16:10:39.630Z	2026-04-14T14:19:30.140Z
CVE-2026-29063	8.7 (4.0)	Immutable.js: Improperly Controlled Modification of Ob…	immutable-js	immutable-js	2026-03-06T18:25:22.438Z	2026-03-06T19:33:31.642Z
CVE-2026-31940	7.5 (3.1)	Session Fixation in Chamilo LMS	chamilo	chamilo-lms	2026-04-10T17:35:10.661Z	2026-04-14T14:12:28.550Z
CVE-2026-31941	7.7 (3.1)	Server-Side Request Forgery (SSRF) in Chamilo LMS	chamilo	chamilo-lms	2026-04-10T17:37:50.948Z	2026-04-10T18:33:22.920Z
CVE-2026-32892	9.1 (3.1)	OS Command Injection in Chamilo LMS 1.11.36	chamilo	chamilo-lms	2026-04-10T17:56:57.695Z	2026-04-14T14:07:14.704Z
CVE-2025-15602	8.7 (4.0) 8.8 (3.1)	Snipe-IT < 8.3.7 Mass Assignment Vulnerability Leading…	Grokability, Inc.	Snipe-IT	2026-03-06T16:16:08.531Z	2026-03-09T15:12:11.595Z
CVE-2026-32893	5.4 (3.1)	Chamilo LMS has Reflected XSS via Unsanitized http_bui…	chamilo	chamilo-lms	2026-04-10T17:42:24.220Z	2026-04-15T14:51:41.852Z
CVE-2026-32894	7.1 (3.1)	Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour…	chamilo	chamilo-lms	2026-04-10T17:44:24.994Z	2026-04-13T15:36:28.238Z
CVE-2026-32930	7.1 (3.1)	Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour…	chamilo	chamilo-lms	2026-04-10T17:48:51.774Z	2026-04-10T18:32:13.726Z
CVE-2026-32931	7.5 (3.1)	Chamilo LMS has Arbitrary File Upload via MIME-Only Va…	chamilo	chamilo-lms	2026-04-10T17:50:40.176Z	2026-04-15T14:56:10.732Z
CVE-2026-32932	4.7 (3.1)	Chamilo LMS has an Open Redirect via Unvalidated 'page…	chamilo	chamilo-lms	2026-04-10T17:51:58.480Z	2026-04-13T15:36:22.092Z
CVE-2026-33141	6.5 (3.1)	Chamilo LMS has an IDOR in REST API Stats Endpoint Exp…	chamilo	chamilo-lms	2026-04-10T18:01:26.027Z	2026-04-14T14:06:11.889Z
CVE-2026-31939	8.3 (3.1)	Path Traversal (Arbitrary File Delete) in Chamilo LMS	chamilo	chamilo-lms	2026-04-10T17:32:29.252Z	2026-04-13T15:36:34.681Z
CVE-2026-34238	5.1 (3.1)	ImageMagick: Integer overflow in despeckle operation c…	ImageMagick	ImageMagick	2026-04-13T21:14:07.180Z	2026-04-14T13:46:39.542Z
CVE-2026-33899	5.3 (3.1)	ImageMagick: Heap BufferOverflow write of single zero …	ImageMagick	ImageMagick	2026-04-13T20:46:43.781Z	2026-04-16T13:26:40.513Z
CVE-2026-28518	8.4 (4.0) 7.8 (3.1)	OpenViking .ovpack Import ZIP Slip Path Traversal	Volcengine	OpenViking	2026-03-03T14:36:13.472Z	2026-03-31T20:44:01.330Z
CVE-2026-33900	5.9 (3.1)	ImageMagick has a Heap overflow caused by integer over…	ImageMagick	ImageMagick	2026-04-13T20:50:19.615Z	2026-04-14T16:28:41.536Z
CVE-2026-33894	7.5 (3.1)	Forge has signature forgery in RSA-PKCS due to ASN.1 e…	digitalbazaar	forge	2026-03-27T20:45:49.583Z	2026-03-31T14:05:14.708Z
CVE-2026-40527	8.5 (4.0) 7.8 (3.1)	radare2 Command Injection via DWARF Parameter Names	radareorg	radare2	2026-04-17T20:25:20.143Z	2026-04-17T20:25:20.143Z
CVE-2026-40303	7.5 (3.1)	zrok allows unauthenticated DoS via unbounded memory a…	openziti	zrok	2026-04-17T21:01:51.899Z	2026-04-17T21:01:51.899Z
CVE-2026-40302	6.1 (3.1)	zrok has reflected XSS in GitHub OAuth callback via un…	openziti	zrok	2026-04-17T20:56:08.368Z	2026-04-17T20:56:08.368Z
CVE-2026-40301	4.7 (3.1)	rhukster/dom-sanitizer: SVG <style> tag allows CSS inj…	rhukster	dom-sanitizer	2026-04-17T20:51:37.226Z	2026-04-17T20:51:37.226Z
CVE-2026-40299	6.9 (4.0)	next-intl has an open redirect vulnerability	amannn	next-intl	2026-04-17T20:49:05.642Z	2026-04-17T20:49:05.642Z
CVE-2026-40293	6.5 (3.1)	OpenFGA Playground Preshared Key Exposure	openfga	openfga	2026-04-17T20:47:06.804Z	2026-04-17T20:47:06.804Z

ID	Description	Published	Updated
fkie_cve-2026-35602	Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the Vikunja file im…	2026-04-10T17:17:03.993	2026-04-17T21:49:40.743
fkie_cve-2026-29063	Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, an…	2026-03-06T19:16:21.557	2026-04-17T21:32:18.947
fkie_cve-2026-31940	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicc_hacp.…	2026-04-10T18:16:41.483	2026-04-17T21:31:36.710
fkie_cve-2026-31941	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains …	2026-04-10T18:16:41.640	2026-04-17T21:31:11.793
fkie_cve-2026-32892	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains …	2026-04-10T18:16:41.797	2026-04-17T21:30:50.533
fkie_cve-2025-15602	Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges th…	2026-03-06T17:16:24.600	2026-04-17T21:30:32.877
fkie_cve-2026-32893	Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, a Reflected Cross-Site Scripting …	2026-04-10T18:16:41.953	2026-04-17T21:30:03.257
fkie_cve-2026-32894	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Ob…	2026-04-10T18:16:42.117	2026-04-17T21:28:56.970
fkie_cve-2026-32930	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Ob…	2026-04-10T18:16:42.280	2026-04-17T21:28:36.707
fkie_cve-2026-32931	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file …	2026-04-10T18:16:42.430	2026-04-17T21:27:59.237
fkie_cve-2026-32932	Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vuln…	2026-04-10T18:16:42.590	2026-04-17T21:27:32.730
fkie_cve-2026-33141	Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Referen…	2026-04-10T18:16:42.743	2026-04-17T21:24:02.230
fkie_cve-2026-31939	Chamilo LMS is a learning management system. Prior to 1.11.38, there is a path traversal in main/ex…	2026-04-10T18:16:41.313	2026-04-17T21:23:42.527
fkie_cve-2026-34238	ImageMagick is free and open-source software used for editing and manipulating digital images. In v…	2026-04-13T22:16:29.310	2026-04-17T21:22:41.077
fkie_cve-2026-33899	ImageMagick is free and open-source software used for editing and manipulating digital images. In v…	2026-04-13T21:16:25.170	2026-04-17T21:20:26.970
fkie_cve-2026-28518	OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerabilit…	2026-03-03T15:16:20.593	2026-04-17T21:19:50.927
fkie_cve-2026-33900	ImageMagick is free and open-source software used for editing and manipulating digital images. In v…	2026-04-13T21:16:25.333	2026-04-17T21:19:44.483
fkie_cve-2026-33894	Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScri…	2026-03-27T21:17:25.983	2026-04-17T21:16:42.030
fkie_cve-2026-40527	radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj comman…	2026-04-17T21:16:35.373	2026-04-17T21:16:35.373
fkie_cve-2026-40303	zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, en…	2026-04-17T21:16:35.140	2026-04-17T21:16:35.140
fkie_cve-2026-40302	zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, th…	2026-04-17T21:16:34.997	2026-04-17T21:16:34.997
fkie_cve-2026-40301	DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::san…	2026-04-17T21:16:34.850	2026-04-17T21:16:34.850
fkie_cve-2026-40299	next-intl provides internationalization for Next.js. Applications using the `next-intl` middleware …	2026-04-17T21:16:34.707	2026-04-17T21:16:34.707
fkie_cve-2026-40293	OpenFGA is an authorization/permission engine built for developers. In versions 0.1.4 through 1.13.…	2026-04-17T21:16:34.567	2026-04-17T21:16:34.567
fkie_cve-2026-40286	WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit…	2026-04-17T21:16:34.430	2026-04-17T21:16:34.430
fkie_cve-2026-40285	WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injectio…	2026-04-17T21:16:34.267	2026-04-17T21:16:34.267
fkie_cve-2026-40284	WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit…	2026-04-17T21:16:34.140	2026-04-17T21:16:34.140
fkie_cve-2026-40282	WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit…	2026-04-17T21:16:34.007	2026-04-17T21:16:34.007
fkie_cve-2026-40196	HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerabili…	2026-04-17T21:16:33.863	2026-04-17T21:16:33.863
fkie_cve-2026-40155	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In…	2026-04-17T21:16:33.713	2026-04-17T21:16:33.713

ID	Severity	Description	Published	Updated
ghsa-8gmg-3w2q-65f4	8.4 (3.1)	OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file over…	2026-04-17T22:21:41Z	2026-04-17T22:21:41Z
ghsa-3jfp-46x4-xgfj	6.9 (4.0)	yard: Possible arbitrary path traversal and file access via yard server	2026-04-17T22:21:03Z	2026-04-17T22:21:03Z
ghsa-85gx-3qv6-4463	8.1 (3.1)	Dapr: Service Invocation path traversal ACL bypass	2026-04-17T22:20:40Z	2026-04-17T22:20:40Z
ghsa-5cwg-9f6j-9jvx	5.4 (4.0)	Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows	2026-04-17T22:19:38Z	2026-04-17T22:19:38Z
ghsa-f7fh-qg34-x2xh	6.3 (4.0)	OpenClaw: CDP /json/version WebSocket URL could pivot to untrusted second-hop targets	2026-04-17T22:18:28Z	2026-04-17T22:18:28Z
ghsa-jhpv-5j76-m56h	6.0 (4.0)	OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure	2026-04-17T22:17:57Z	2026-04-17T22:17:57Z
ghsa-66r7-m7xm-v49h	7.1 (4.0)	OpenClaw: QQBot media tags could read arbitrary local files through reply text	2026-04-17T22:17:05Z	2026-04-17T22:17:05Z
ghsa-2cq5-mf3v-mx44	8.6 (4.0)	OpenClaw: busybox and toybox applet execution weakened exec approval binding	2026-04-17T22:16:04Z	2026-04-17T22:16:04Z
ghsa-7jp6-r74r-995q	7.1 (4.0)	OpenClaw: Matrix profile config persistence was reachable from operator.write message tools	2026-04-17T22:15:27Z	2026-04-17T22:15:27Z
ghsa-736r-jwj6-4w23	8.3 (4.0)	OpenClaw: Sandboxed agents could escape exec routing via host=node override	2026-04-17T22:14:56Z	2026-04-17T22:14:56Z
ghsa-536q-mj95-h29h	5.3 (4.0)	OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage	2026-04-17T22:14:29Z	2026-04-17T22:14:29Z
ghsa-qmwg-qprg-3j38	5.9 (4.0)	OpenClaw: Browser interaction routes could pivot into local CDP and regain file reads	2026-04-17T22:14:20Z	2026-04-17T22:14:20Z
ghsa-939r-rj45-g2rj	8.6 (4.0)	OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins	2026-04-17T22:12:49Z	2026-04-17T22:12:49Z
ghsa-527m-976r-jf79	6.3 (4.0)	OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement	2026-04-17T22:11:33Z	2026-04-17T22:11:33Z
ghsa-rj2p-j66c-mgqh	6.9 (4.0)	OpenClaw: Browser tabs action select and close routes bypassed SSRF policy	2026-04-17T22:01:57Z	2026-04-17T22:01:57Z
ghsa-f3h5-h452-vp3j	5.3 (4.0)	OpenClaw: Nostr profile mutation routes allowed operator.write config persistence	2026-04-17T22:00:59Z	2026-04-17T22:00:59Z
ghsa-525j-hqq2-66r4	7.5 (4.0)	OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0	2026-04-17T21:59:55Z	2026-04-17T21:59:55Z
ghsa-82qx-6vj7-p8m2	7.1 (4.0)	OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows	2026-04-17T21:58:46Z	2026-04-17T21:58:46Z
ghsa-jf25-7968-h2h5	5.3 (4.0)	OpenClaw: screen_record outPath bypassed workspace-only filesystem guard	2026-04-17T21:58:24Z	2026-04-17T21:58:24Z
ghsa-53vx-pmqw-863c	6.9 (4.0)	OpenClaw: Browser SSRF policy default allowed private-network navigation	2026-04-17T21:58:15Z	2026-04-17T21:58:15Z
ghsa-xq94-r468-qwgj	6.3 (4.0)	OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding	2026-04-17T21:58:01Z	2026-04-17T21:58:01Z
ghsa-2767-2q9v-9326	5.3 (4.0)	OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes	2026-04-17T21:57:31Z	2026-04-17T21:57:31Z
ghsa-7wv4-cc7p-jhxc	6.8 (4.0)	OpenClaw: Workspace .env could inject OpenClaw runtime-control variables	2026-04-17T21:56:12Z	2026-04-17T21:56:12Z
ghsa-c9h3-5p7r-mrjh	5.3 (4.0)	OpenClaw: Discord event cover images bypassed sandbox media normalization	2026-04-17T21:56:04Z	2026-04-17T21:56:04Z
ghsa-49cg-279w-m73x	6.0 (4.0)	OpenClaw: Empty approver lists could grant explicit approval authorization	2026-04-17T21:55:54Z	2026-04-17T21:55:54Z
ghsa-7g8c-cfr3-vqqr	6.6 (4.0)	OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input	2026-04-17T21:55:20Z	2026-04-17T21:55:21Z
ghsa-vfp4-8x56-j7c5	7.1 (4.0)	OpenClaw: Exec environment denylist missed high-risk interpreter startup variables	2026-04-17T21:54:20Z	2026-04-17T21:54:21Z
ghsa-j6c7-3h5x-99g9	6.3 (4.0)	OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms	2026-04-17T21:53:36Z	2026-04-17T21:53:36Z
ghsa-5gjc-grvm-m88j	4.9 (4.0)	OpenClaw: Memory dreaming config persistence was reachable from operator.write commands	2026-04-17T21:53:17Z	2026-04-17T21:53:17Z
ghsa-gc9r-867r-j85f	1.7 (4.0)	OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks	2026-04-17T21:51:04Z	2026-04-17T21:51:04Z

ID	Severity	Description	Package	Published	Updated
pysec-2025-36	9.8 (3.1)	Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida…	langflow	2025-04-07T15:15:44+00:00	2025-05-07T19:22:44.993642+00:00
pysec-2024-246	5.3 (3.1)	Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in…	vyper	2024-04-25T17:15:50+00:00	2025-05-05T19:21:20.899426+00:00
pysec-2024-111	9.1 (3.1)	A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha…	langchain	2024-10-29T13:15:00Z	2025-05-02T18:39:47.588215Z
pysec-2024-245		Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated user…	apache-airflow	2024-02-29T11:15:08+00:00	2025-05-01T21:22:38.598048+00:00
pysec-2025-35	7.5 (3.1)	Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp…	weblate	2025-04-15T21:16:04+00:00	2025-04-30T17:22:51.467257+00:00
pysec-2025-34		The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_…	picklescan	2025-04-24T01:15:49+00:00	2025-04-24T03:08:15.436691+00:00
pysec-2025-33	7.5 (3.1)	Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the…	vyper	2025-01-14T18:16:05+00:00	2025-04-23T21:23:01.322686+00:00
pysec-2025-32	9.8 (3.1)	BentoML is a Python library for building online serving systems optimized for AI apps and…	bentoml	2025-04-09T16:15:25+00:00	2025-04-22T19:21:34.073355+00:00
pysec-2025-31		vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen…	vyper	2025-02-21T22:15:13+00:00	2025-04-09T17:27:28.116292+00:00
pysec-2025-30		vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single …	vyper	2025-02-21T22:15:13+00:00	2025-04-09T17:27:28.064106+00:00
pysec-2025-29		vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the …	vyper	2025-02-21T22:15:13+00:00	2025-04-09T17:27:28.005382+00:00
pysec-2025-28		The Snowflake Connector for Python provides an interface for developing Python applicatio…	snowflake-connector-python	2025-01-29T21:15:21+00:00	2025-04-09T17:27:27.772920+00:00
pysec-2025-27		The Snowflake Connector for Python provides an interface for developing Python applicatio…	snowflake-connector-python	2025-01-29T21:15:21+00:00	2025-04-09T17:27:27.711157+00:00
pysec-2025-26		The Snowflake Connector for Python provides an interface for developing Python applicatio…	snowflake-connector-python	2025-01-29T21:15:21+00:00	2025-04-09T17:27:27.645758+00:00
pysec-2021-891	7.8 (3.1)	CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 S…	salt	2021-03-03T10:15:13+00:00	2025-04-09T17:27:27.582884+00:00
pysec-2025-25	6.5 (3.1)	Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle…	rembg	2025-03-03T17:15:14+00:00	2025-04-09T17:27:27.532849+00:00
pysec-2025-24	7.5 (3.1)	Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove…	rembg	2025-03-03T17:15:14+00:00	2025-04-09T17:27:27.486485+00:00
pysec-2025-23		Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform…	ray	2025-03-06T05:15:16+00:00	2025-04-09T17:27:27.434099+00:00
pysec-2022-43179	7.3 (3.1)	Poetry is a dependency manager for Python. To handle dependencies that come from a Git re…	poetry	2022-09-07T19:15:08+00:00	2025-04-09T17:27:27.255151+00:00
pysec-2025-22	9.8 (3.1)	A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot…	plotai	2025-03-10T14:15:24+00:00	2025-04-09T17:27:27.203714+00:00
pysec-2023-311	5.4 (3.1)	plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen…	plone-namedfile	2023-09-21T15:15:10+00:00	2025-04-09T17:27:27.153848+00:00
pysec-2025-21	9.8 (3.1)	picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch…	picklescan	2025-03-10T12:15:12+00:00	2025-04-09T17:27:27.016747+00:00
pysec-2025-20	6.5 (3.1)	picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i…	picklescan	2025-03-10T12:15:10+00:00	2025-04-09T17:27:26.966215+00:00
pysec-2025-19	9.8 (3.1)	picklescan before 0.0.22 only considers standard pickle file extensions in the scope for …	picklescan	2025-03-03T19:15:34+00:00	2025-04-09T17:27:26.916350+00:00
pysec-2025-18		picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf…	picklescan	2025-02-26T15:15:24+00:00	2025-04-09T17:27:26.867210+00:00
pysec-2023-310	7.5 (3.1)	Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO…	mobsf	2023-09-21T22:15:11+00:00	2025-04-09T17:27:26.663665+00:00
pysec-2025-17	5.5 (3.1)	In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett…	mlflow	2025-03-20T10:15:54+00:00	2025-04-09T17:27:26.322333+00:00
pysec-2023-309	8.8 (3.1)	Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.	mlflow	2023-12-13T00:15:07+00:00	2025-04-09T17:27:26.271200+00:00
pysec-2023-308	10.0 (3.1)	Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.	mlflow	2023-07-19T01:15:10+00:00	2025-04-09T17:27:26.223213+00:00
pysec-2025-16	7.5 (3.1)	LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu…	lnbits	2025-04-06T20:15:15+00:00	2025-04-09T17:27:25.872691+00:00

ID	Description	Updated
gsd-2024-33855	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.741239Z
gsd-2024-33851	phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point…	2024-04-28T05:02:07.732559Z
gsd-2024-33879	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.727068Z
gsd-2024-4294	A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Ap…	2024-04-28T05:02:06.079201Z
gsd-2024-4292	A vulnerability classified as critical has been found in Contemporary Controls BASrouter …	2024-04-28T05:02:06.073286Z
gsd-2024-4295	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:06.068263Z
gsd-2024-4291	A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri…	2024-04-28T05:02:06.058388Z
gsd-2024-4293	A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana…	2024-04-28T05:02:06.052534Z
gsd-2023-52722	An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER …	2024-04-28T05:01:28.746814Z
gsd-2022-48685	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:00:27.870720Z
gsd-2022-48684	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:00:27.715598Z
gsd-2024-24777	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:24.547536Z
gsd-2024-28875	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:20.401696Z
gsd-2024-33786	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.606155Z
gsd-2024-33697	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-27T05:02:18.598872Z
gsd-2024-33722	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.598142Z
gsd-2024-33784	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.595808Z
gsd-2024-33788	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.591276Z
gsd-2024-33814	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.590797Z
gsd-2024-33701	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.589032Z
gsd-2024-33776	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.587852Z
gsd-2024-33712	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.587066Z
gsd-2024-33840	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.586722Z
gsd-2024-33838	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.585807Z
gsd-2024-33749	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.584613Z
gsd-2024-33839	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.579161Z
gsd-2024-33733	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.577869Z
gsd-2024-33845	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.569462Z
gsd-2024-33741	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.568527Z
gsd-2024-33738	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.562140Z

ID	Description	Published	Updated
mal-2025-1994	Malicious code in requesttss (PyPI)	2025-01-25T16:53:01Z	2026-04-16T15:42:11Z
mal-2025-1984	Malicious code in nflx-metaflow (PyPI)	2025-02-05T22:04:22Z	2026-04-16T15:42:11Z
mal-2025-1980	Malicious code in mlc-ai-nightly (PyPI)	2025-01-21T18:27:56Z	2026-04-16T15:42:11Z
mal-2025-192914	Malicious code in queenbee-plugin (RubyGems)	2025-12-23T08:41:05Z	2026-04-16T15:42:11Z
mal-2025-191631	Malicious code in hexdecpy (PyPI)	2025-10-24T21:59:02Z	2026-04-16T15:42:11Z
mal-2025-191630	Malicious code in hexdecli (PyPI)	2025-10-25T16:03:26Z	2026-04-16T15:42:11Z
mal-2026-2661	Malicious code in vip-landing (npm)	2026-04-14T11:47:12Z	2026-04-16T15:42:10Z
mal-2026-2660	Malicious code in use-feature-flags-plugin (npm)	2026-04-14T11:47:12Z	2026-04-16T15:42:10Z
mal-2026-2659	Malicious code in ui-utils-udhay-alerts (npm)	2026-04-14T11:47:49Z	2026-04-16T15:42:10Z
mal-2026-2251	Malicious code in testtestsharp (npm)	2026-03-27T03:07:31Z	2026-04-16T15:42:10Z
mal-2026-2250	Malicious code in test1sharp (npm)	2026-03-27T03:07:31Z	2026-04-16T15:42:10Z
mal-2026-2196	Malicious code in tailwind-compile (npm)	2026-03-25T14:20:59Z	2026-04-16T15:42:10Z
mal-2026-1973	Malicious code in woltpickerapp (npm)	2026-03-20T04:48:44Z	2026-04-16T15:42:10Z
mal-2026-1968	Malicious code in safe-json-parsex (npm)	2026-03-20T04:41:13Z	2026-04-16T15:42:10Z
mal-2026-1926	Malicious code in tokenshower (npm)	2026-03-19T15:16:36Z	2026-04-16T15:42:10Z
mal-2026-1839	Malicious code in react-state-optimizer-core (npm)	2026-03-18T13:07:12Z	2026-04-16T15:42:10Z
mal-2026-1836	Malicious code in react-performance-suite (npm)	2026-03-18T13:07:05Z	2026-04-16T15:42:10Z
mal-2026-1835	Malicious code in react-fast-utilsa (npm)	2026-03-18T13:06:09Z	2026-04-16T15:42:10Z
mal-2026-1405	Malicious code in whatsapp-fastdesk-utils-drzak (npm)	2026-03-13T06:47:06Z	2026-04-16T15:42:10Z
mal-2026-1404	Malicious code in whatsapp-core-auth-drzak (npm)	2026-03-13T06:47:07Z	2026-04-16T15:42:10Z
mal-2026-1403	Malicious code in tradepmr-fusion-core-drzak (npm)	2026-03-13T06:47:06Z	2026-04-16T15:42:10Z
mal-2026-1402	Malicious code in tradepmr-api-utils-drzak (npm)	2026-03-13T06:47:06Z	2026-04-16T15:42:10Z
mal-2026-1374	Malicious code in spectral-corsair-my-backdoor (npm)	2026-03-12T18:09:11Z	2026-04-16T15:42:10Z
mal-2025-5063	Malicious code in universal-media-player (npm)	2025-06-13T01:40:04Z	2026-04-16T15:42:10Z
mal-2025-5060	Malicious code in sitewidesearch-client (npm)	2025-06-13T00:55:54Z	2026-04-16T15:42:10Z
mal-2025-5058	Malicious code in secure-lib (npm)	2025-06-13T02:06:14Z	2026-04-16T15:42:10Z
mal-2025-5051	Malicious code in react-expiry-date (npm)	2025-06-13T01:31:54Z	2026-04-16T15:42:10Z
mal-2025-34723	Malicious code in terminalcolor256 (npm)	2025-08-14T18:52:04Z	2026-04-16T15:42:10Z
mal-2025-2895	Malicious code in shopmacher-mollie-application (npm)	2025-03-28T12:58:40Z	2026-04-16T15:42:10Z
mal-2024-9888	Malicious code in typescript-operations (npm)	2024-10-16T13:26:54Z	2026-04-16T15:42:10Z

ID	Description	Published	Updated

ID	Description	Published	Updated
wid-sec-w-2025-1350	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-06-17T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0861	Linux Kernel: Mehrere Schwachstellen	2025-04-21T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0844	Linux Kernel: Mehrere Schwachstellen	2025-04-16T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0837	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-04-15T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0545	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-11T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0499	Linux Kernel: Mehrere Schwachstellen	2025-03-06T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0453	Linux Kernel: Mehrere Schwachstellen	2025-02-26T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3762	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-12-29T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3575	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-12-02T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3251	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-10-21T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3134	Linux Kernel: Mehrere Schwachstellen	2024-10-09T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3050	Linux Kernel: Mehrere Schwachstellen	2024-09-29T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-2173	Linux Kernel: Mehrere Schwachstellen	2024-09-17T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-1721	Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-07-28T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-1451	Linux Kernel: Mehrere Schwachstellen	2024-06-25T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-1259	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifischen Angriff	2024-05-30T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-0585	Grafana: Schwachstelle ermöglicht Privilegieneskalation	2024-03-07T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-0219	libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service	2024-01-25T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2023-3004	libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service	2023-11-26T23:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2022-0463	NGINX: Schwachstelle ermöglicht Denial of Service	2021-05-25T22:00:00.000+00:00	2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0879	Linux Kernel: Mehrere Schwachstellen	2026-03-25T23:00:00.000+00:00	2026-04-08T22:00:00.000+00:00
wid-sec-w-2026-0982	OpenBSD: Schwachstelle ermöglicht nicht spezifizierten Angriff	2026-04-06T22:00:00.000+00:00	2026-04-07T22:00:00.000+00:00
wid-sec-w-2026-0937	Google Chrome und Microsoft Edge: Mehrere Schwachstellen	2026-03-31T22:00:00.000+00:00	2026-04-06T22:00:00.000+00:00
wid-sec-w-2025-2310	F5 BIG-IP und F5OS: Mehrere Schwachstellen	2025-10-15T22:00:00.000+00:00	2026-03-31T22:00:00.000+00:00
wid-sec-w-2026-0909	Tinyproxy: Schwachstelle ermöglicht Denial of Service	2026-03-29T22:00:00.000+00:00	2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0904	vim: Schwachstelle ermöglicht Codeausführung	2026-03-29T22:00:00.000+00:00	2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0892	WatchGuard Firebox: Mehrere Schwachstellen	2026-03-26T23:00:00.000+00:00	2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0891	Dovecot: Mehrere Schwachstellen	2026-03-26T23:00:00.000+00:00	2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0880	FreeRDP: Mehrere Schwachstellen	2026-03-25T23:00:00.000+00:00	2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0864	OpenBao: Mehrere Schwachstellen	2026-03-25T23:00:00.000+00:00	2026-03-30T22:00:00.000+00:00

ID	Description	Published	Updated
icsa-26-071-06	Inductive Automation Ignition Software	2026-03-12T06:00:00.000000Z	2026-03-13T06:00:00.000000Z
icsa-26-071-05	Siemens Heliox EV Chargers	2026-03-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-071-04	Siemens SIMATIC	2026-03-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-071-03	Siemens SIDIS Prime	2026-03-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-071-02	Siemens RUGGEDCOM APE1808 Devices	2026-03-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-071-01	Trane Tracer SC, Tracer SC+, and Tracer Concierge	2026-03-12T06:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-048-04	Honeywell HIB2PI CCTV Camera (Update B)	2026-02-17T07:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-043-08	Siemens NX	2026-02-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-043-03	Siemens COMOS	2025-12-09T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-345-05	Siemens Advanced Licensing (SALT) Toolkit	2025-12-09T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-345-04	Siemens IAM Client	2025-12-09T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-254-03	Siemens SINAMICS Drives	2025-09-09T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-231-02	Siemens Mendix SAML Module	2025-08-14T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-226-22	Siemens Web Installer	2025-08-12T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-162-05	Siemens SIMATIC S7-1500 CPU Family	2025-06-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-162-02	Siemens RUGGEDCOM APE1808	2025-06-10T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-25-044-06	Siemens RUGGEDCOM APE1808	2025-02-11T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-24-284-06	Siemens SINEC Security Monitor	2024-10-08T00:00:00.000000Z	2026-03-12T06:00:00.000000Z
icsa-26-069-03	Honeywell IQ4x BMS Controller	2026-03-10T06:00:00.000000Z	2026-03-10T06:00:00.000000Z
icsa-26-069-02	Lantronix EDS3000PS and EDS5000	2026-03-10T06:00:00.000000Z	2026-03-10T06:00:00.000000Z
icsa-26-069-01	Apeman Cameras	2026-03-10T06:00:00.000000Z	2026-03-10T06:00:00.000000Z
icsa-26-069-04	Ceragon Siklu MultiHaul and EtherHaul Series	2026-03-10T05:00:00.000000Z	2026-03-10T05:00:00.000000Z
icsa-26-064-01	Delta Electronics CNCSoft-G2	2026-03-05T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
icsa-25-350-02	Johnson Controls PowerG, IQPanel and IQHub (Update A)	2025-12-16T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
icsa-25-343-01	Universal Boot Loader (U-Boot) (Update A)	2025-12-09T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
icsa-22-020-01	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric HMI SCADA (Update B)	2022-01-20T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
va-25-297-01	IBM DOORS Next Generation multiple vulnerabilities	2025-10-22T18:45:47Z	2026-03-04T00:00:00Z
icsa-26-062-05	Labkotec LID-3300IP	2026-03-03T07:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-26-062-04	Portwell Engineering Toolkits	2026-03-03T07:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-26-062-03	Hitachi Energy RTU500 Product	2026-02-24T00:00:00.000000Z	2026-03-03T07:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-ucsciv-wgytc78q	Cisco FXOS and UCS Manager Software Command Injection Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4	Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-dsnmp-cnn39uh	Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-cpdos-qlsv6pfd	Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3	Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw	Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf	Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability	2026-02-04T16:00:00+00:00	2026-02-20T21:08:47+00:00
cisco-sa-voice-rce-morhqy4b	Cisco Unified Communications Products Remote Code Execution Vulnerability	2026-01-21T16:00:00+00:00	2026-02-13T15:21:01+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh	Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities	2025-10-15T16:00:00+00:00	2026-02-12T18:38:13+00:00
cisco-sa-tce-roomos-dos-9v9jrc2q	Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability	2026-02-04T16:00:00+00:00	2026-02-12T17:37:39+00:00
cisco-sa-snort3-dcerpc-vulns-j9hnf4th	Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities	2026-01-07T16:00:00+00:00	2026-02-10T20:42:07+00:00
cisco-sa-pi-xss-byevkcd	Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability	2026-02-04T16:00:00+00:00	2026-02-04T16:00:00+00:00
cisco-sa-epnm-pi-redirect-6sx82dn	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability	2026-02-04T16:00:00+00:00	2026-02-04T16:00:00+00:00
cisco-sa-cmm-file-up-ky47n8kk	Cisco Meeting Management Arbitrary File Upload Vulnerability	2026-02-04T16:00:00+00:00	2026-02-04T16:00:00+00:00
cisco-sa-ucce-pcce-xss-2jvyg3ud	Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities	2026-01-21T16:00:00+00:00	2026-01-21T16:00:00+00:00
cisco-sa-intersight-privesc-p6tbm6jk	Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability	2026-01-21T16:00:00+00:00	2026-01-21T16:00:00+00:00
cisco-sa-iec6400-pem5uq7v	Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability	2026-01-21T16:00:00+00:00	2026-01-21T16:00:00+00:00
cisco-sa-sma-attack-n9bf4	Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager	2025-12-17T16:00:00+00:00	2026-01-15T16:01:43+00:00
cisco-sa-ise-xss-9tdh2kx	Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-ise-xss-964cdxw5	Cisco Identity Services Engine Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-epnm-pi-stored-xss-gekx8ywk	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-ise-xxe-jwsbsdkt	Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability	2026-01-07T16:00:00+00:00	2026-01-07T16:00:00+00:00
cisco-sa-react-flight-tyw32ddb	Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025	2025-12-04T16:00:00+00:00	2025-12-17T22:37:17+00:00
cisco-sa-ise-multiple-vulns-o9beswjh	Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities	2025-11-05T16:00:00+00:00	2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn	Multiple Cisco Contact Center Products Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-18T14:49:09+00:00
cisco-sa-privesc-catc-ryjreelu	Cisco Catalyst Center Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59	Cisco Catalyst Center Cross-Site Scripting Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt	Cisco Catalyst Center REST API Command Injection Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux	Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je	Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00

ID	Description	Published	Updated
msrc_cve-2026-33896	Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)	2026-03-02T00:00:00.000Z	2026-04-15T01:39:04.000Z
msrc_cve-2026-33895	Forge has signature forgery in Ed25519 due to missing S > L check	2026-03-02T00:00:00.000Z	2026-04-15T01:38:56.000Z
msrc_cve-2025-1220	Null byte termination in hostnames	2025-07-02T00:00:00.000Z	2026-04-15T01:38:32.000Z
msrc_cve-2026-1519	Excessive NSEC3 iterations cause high CPU load during insecure delegation validation	2026-03-02T00:00:00.000Z	2026-04-15T01:38:23.000Z
msrc_cve-2026-33636	LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64	2026-03-02T00:00:00.000Z	2026-04-15T01:38:17.000Z
msrc_cve-2026-33416	LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`	2026-03-02T00:00:00.000Z	2026-04-15T01:38:06.000Z
msrc_cve-2025-30258	In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."	2025-03-02T00:00:00.000Z	2026-04-15T01:37:50.000Z
msrc_cve-2025-62718	Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF	2026-04-02T00:00:00.000Z	2026-04-15T01:05:34.000Z
msrc_cve-2026-40175	Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain	2026-04-02T00:00:00.000Z	2026-04-15T01:05:29.000Z
msrc_cve-2026-34480	Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters	2026-04-02T00:00:00.000Z	2026-04-15T01:05:23.000Z
msrc_cve-2026-34479	Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters	2026-04-02T00:00:00.000Z	2026-04-15T01:05:18.000Z
msrc_cve-2026-34481	Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout	2026-04-02T00:00:00.000Z	2026-04-15T01:05:12.000Z
msrc_cve-2026-1502	HTTP client proxy tunnel headers not validated for CR/LF	2026-04-02T00:00:00.000Z	2026-04-15T01:04:59.000Z
msrc_cve-2026-5446	wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse	2026-04-02T00:00:00.000Z	2026-04-15T01:04:48.000Z
msrc_cve-2026-5392	wolfSSL heap OOB read in PKCS7 SignedData streaming	2026-04-02T00:00:00.000Z	2026-04-15T01:04:39.000Z
msrc_cve-2026-5263	URI nameConstraints not enforced in ConfirmNameConstraints()	2026-04-02T00:00:00.000Z	2026-04-15T01:04:31.000Z
msrc_cve-2026-5460	Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3	2026-04-02T00:00:00.000Z	2026-04-15T01:04:23.000Z
msrc_cve-2026-5772	MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation	2026-04-02T00:00:00.000Z	2026-04-15T01:04:15.000Z
msrc_cve-2026-5447	Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier	2026-04-02T00:00:00.000Z	2026-04-15T01:04:06.000Z
msrc_cve-2026-5778	Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path.	2026-04-02T00:00:00.000Z	2026-04-15T01:03:58.000Z
msrc_cve-2026-5188	Integer underflow in X.509 SAN parsing in wolfSSL	2026-04-02T00:00:00.000Z	2026-04-15T01:03:50.000Z
msrc_cve-2026-5295	Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID	2026-04-02T00:00:00.000Z	2026-04-15T01:03:41.000Z
msrc_cve-2026-5264	DTLS 1.3 ACK heap buffer overflow	2026-04-02T00:00:00.000Z	2026-04-15T01:03:33.000Z
msrc_cve-2026-5503	out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName	2026-04-02T00:00:00.000Z	2026-04-15T01:03:24.000Z
msrc_cve-2026-5479	wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag	2026-04-02T00:00:00.000Z	2026-04-15T01:03:16.000Z
msrc_cve-2026-5477	Prefix-substitution forgery via integer overflow in wolfCrypt CMAC	2026-04-02T00:00:00.000Z	2026-04-15T01:03:08.000Z
msrc_cve-2026-5448	1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore	2026-04-02T00:00:00.000Z	2026-04-15T01:02:59.000Z
msrc_cve-2026-5507	Session Cache Restore — Arbitrary Free via Deserialized Pointer	2026-04-02T00:00:00.000Z	2026-04-15T01:02:51.000Z
msrc_cve-2026-5501	Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates	2026-04-02T00:00:00.000Z	2026-04-15T01:02:42.000Z
msrc_cve-2026-5194	wolfSSL ECDSA Certificate Verification	2026-04-02T00:00:00.000Z	2026-04-15T01:02:34.000Z

ID	Description	Published	Updated
ncsc-2026-0043	Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile	2026-01-29T19:15:04.575371Z	2026-02-20T14:47:02.047999Z
ncsc-2026-0067	Kwetsbaarheden verholpen in GitHub Enterprise Server	2026-02-20T10:13:39.540778Z	2026-02-20T10:13:39.540778Z
ncsc-2026-0066	Kwetsbaarheid verholpen in Google Chrome	2026-02-19T08:29:30.712590Z	2026-02-19T08:29:30.712590Z
ncsc-2026-0065	Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines	2026-02-18T13:18:23.815384Z	2026-02-18T13:18:23.815384Z
ncsc-2026-0064	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2026-02-13T13:35:03.870920Z	2026-02-13T13:35:03.870920Z
ncsc-2026-0063	Kwetsbaarheden verholpen in Apple macOS	2026-02-13T13:24:06.433550Z	2026-02-13T13:24:06.433550Z
ncsc-2026-0048	Kwetsbaarheid verholpen in BeyondTrust Remote Support	2026-02-09T10:27:57.867529Z	2026-02-13T12:54:32.614217Z
ncsc-2026-0062	Kwetsbaarheden verholpen in GitLab CE/EE	2026-02-11T11:45:05.986313Z	2026-02-11T11:45:05.986313Z
ncsc-2026-0061	Kwetsbaarheden verholpen in Fortinet FortiOS	2026-02-11T11:34:50.888067Z	2026-02-11T11:34:50.888067Z
ncsc-2026-0060	Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient	2026-02-11T11:34:36.684955Z	2026-02-11T11:34:36.684955Z
ncsc-2026-0058	Kwetsbaarheden verholpen in Microsoft Office	2026-02-10T19:11:42.825147Z	2026-02-10T19:11:42.825147Z
ncsc-2026-0057	Kwetsbaarheden verholpen in Microsoft Azure	2026-02-10T19:08:27.878305Z	2026-02-10T19:08:27.878305Z
ncsc-2026-0056	Kwetsbaarheden verholpen in Microsoft Developer Tools	2026-02-10T19:07:16.028511Z	2026-02-10T19:07:16.028511Z
ncsc-2026-0055	Kwetsbaarheid verholpen in Microsoft SQL Server	2026-02-10T19:05:45.729972Z	2026-02-10T19:05:45.729972Z
ncsc-2026-0054	Kwetsbaarheid verholpen in Microsoft Exchange	2026-02-10T19:04:51.366294Z	2026-02-10T19:04:51.366294Z
ncsc-2026-0053	Kwetsbaarheden verholpen in Microsoft Windows	2026-02-10T19:01:45.561771Z	2026-02-10T19:01:45.561771Z
ncsc-2026-0052	Kwetsbaarheden verholpen in SAP producten	2026-02-10T12:28:40.531069Z	2026-02-10T12:28:40.531069Z
ncsc-2026-0051	Kwetsbaarheden verholpen in Siemens producten	2026-02-10T12:27:40.637581Z	2026-02-10T12:27:40.637581Z
ncsc-2026-0050	Kwetsbaarheid verholpen in PEAR	2026-02-09T10:41:43.856342Z	2026-02-09T10:41:43.856342Z
ncsc-2026-0049	Kwetsbaarheden verholpen in n8n	2026-02-09T10:39:40.792744Z	2026-02-09T10:39:40.792744Z
ncsc-2026-0046	Kwetsbaarheden verholpen in Samsung mobile	2026-02-09T07:48:28.751473Z	2026-02-09T07:48:28.751473Z
ncsc-2026-0040	Kwetsbaarheid verholpen in SmarterTools SmarterMail	2026-01-27T10:51:39.476320Z	2026-02-06T09:25:57.008166Z
ncsc-2026-0045	Kwetsbaarheid verholpen in Cisco Meeting Management	2026-02-06T09:22:16.831778Z	2026-02-06T09:22:16.831778Z
ncsc-2026-0044	Kwetsbaarheid verholpen in Cisco TelePresence Collaboration Endpoint	2026-02-06T09:20:11.629058Z	2026-02-06T09:20:11.629058Z
ncsc-2026-0042	Kwetsbaarheden verholpen in SolarWinds Web Help Desk	2026-01-28T16:37:21.114054Z	2026-02-02T09:47:54.857445Z
ncsc-2025-0386	Kwetsbaarheden verholpen in Fortinet producten	2025-12-10T09:51:34.918202Z	2026-01-28T15:46:10.814803Z
ncsc-2026-0041	Kwetsbaarheid verholpen in Fortinet producten	2026-01-28T09:32:41.752905Z	2026-01-28T09:32:41.752905Z
ncsc-2026-0039	ZeroDay kwetsbaarheid verholpen in Microsoft Office	2026-01-27T07:27:52.867415Z	2026-01-27T07:27:52.867415Z
ncsc-2026-0038	Kwetsbaarheid verholpen in BIND 9	2026-01-23T08:54:43.506215Z	2026-01-23T08:54:43.506215Z
ncsc-2026-0037	Kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition	2026-01-22T12:35:30.505659Z	2026-01-22T12:35:30.505659Z

ID	Description	Published	Updated

ID	Description	Published	Updated
opensuse-su-2026:10449-1	gsl-2.8-5.1 on GA media	2026-03-28T00:00:00Z	2026-03-28T00:00:00Z
opensuse-su-2026:10448-1	bind-9.20.21-1.1 on GA media	2026-03-28T00:00:00Z	2026-03-28T00:00:00Z
opensuse-su-2026:10447-1	MozillaThunderbird-140.9.0-1.1 on GA media	2026-03-28T00:00:00Z	2026-03-28T00:00:00Z
opensuse-su-2026:10446-1	ImageMagick-7.1.2.18-1.1 on GA media	2026-03-28T00:00:00Z	2026-03-28T00:00:00Z
opensuse-su-2026:10441-1	strongswan-6.0.5-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10440-1	jupyter-nbclassic-1.3.3-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10439-1	plexus-utils-4.0.2-2.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10438-1	openbao-2.5.2-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10437-1	libnghttp2-14-1.68.1-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10436-1	freeipmi-1.6.17-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10435-1	cpp-httplib-devel-0.38.0-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10434-1	chromedriver-146.0.7680.164-1.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10433-1	LibVNCServer-devel-0.9.15-2.1 on GA media	2026-03-26T00:00:00Z	2026-03-26T00:00:00Z
opensuse-su-2026:10419-1	rclone-1.73.3-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10418-1	python311-jsonpath-ng-1.8.0-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10417-1	python311-deepdiff-8.6.2-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10416-1	python313-PyMuPDF-1.27.2.2-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10415-1	glances-common-4.5.2-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10414-1	perl-Crypt-URandom-0.550.0-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10413-1	firefox-esr-140.9.0-1.1 on GA media	2026-03-24T00:00:00Z	2026-03-24T00:00:00Z
opensuse-su-2026:10406-1	lemon-3.51.3-1.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10405-1	python314-3.14.3-3.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10404-1	python310-3.10.20-2.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10403-1	python311-pypdf-6.9.1-1.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10402-1	python311-PyPDF2-2.11.1-8.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10401-1	freeciv-3.2.4-1.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10400-1	chromedriver-146.0.7680.153-2.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10399-1	GraphicsMagick-1.3.46-4.1 on GA media	2026-03-22T00:00:00Z	2026-03-22T00:00:00Z
opensuse-su-2026:10398-1	python311-3.11.15-3.1 on GA media	2026-03-20T00:00:00Z	2026-03-20T00:00:00Z
opensuse-su-2026:10397-1	python311-PyJWT-2.12.1-1.1 on GA media	2026-03-20T00:00:00Z	2026-03-20T00:00:00Z

ID	Description	Published	Updated

ID	Description	Published	Updated
rhsa-2025:11673	Red Hat Security Advisory: OpenShift Container Platform 4.19.6 bug fix and security update	2025-07-29T07:05:14+00:00	2026-04-14T09:55:54+00:00
rhsa-2025:10699	Red Hat Security Advisory: libxml2 security update	2025-07-09T12:18:48+00:00	2026-04-14T09:55:54+00:00
rhsa-2025:11580	Red Hat Security Advisory: libxml2 security update	2025-07-23T05:06:37+00:00	2026-04-14T09:55:53+00:00
rhsa-2025:10698	Red Hat Security Advisory: libxml2 security update	2025-07-09T12:04:08+00:00	2026-04-14T09:55:51+00:00
rhsa-2025:10630	Red Hat Security Advisory: libxml2 security update	2025-07-08T21:17:21+00:00	2026-04-14T09:55:50+00:00
rhsa-2017:1201	Red Hat Security Advisory: thunderbird security update	2017-05-08T06:45:45+00:00	2026-04-14T09:55:49+00:00
rhsa-2017:1106	Red Hat Security Advisory: firefox security update	2017-04-21T00:49:25+00:00	2026-04-14T09:55:48+00:00
rhsa-2017:1104	Red Hat Security Advisory: firefox security update	2017-04-20T08:21:32+00:00	2026-04-14T09:55:48+00:00
rhsa-2026:5665	Red Hat Security Advisory: Red Hat Quay 3.10.19	2026-03-24T18:02:58+00:00	2026-04-14T09:52:41+00:00
rhsa-2026:7314	Red Hat Security Advisory: Red Hat Quay 3.14.7	2026-04-09T13:39:27+00:00	2026-04-14T09:52:37+00:00
rhsa-2026:4942	Red Hat Security Advisory: Red Hat Quay 3.12.15	2026-03-18T16:21:15+00:00	2026-04-14T09:52:36+00:00
rhsa-2026:7942	Red Hat Security Advisory: HawtIO 4.3.1 for Red Hat build of Apache Camel 4 Release and security update.	2026-04-13T21:59:31+00:00	2026-04-14T09:46:57+00:00
rhsa-2026:7854	Red Hat Security Advisory: podman security update	2026-04-13T12:51:03+00:00	2026-04-14T09:46:57+00:00
rhsa-2026:7052	Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.14	2026-04-08T12:26:52+00:00	2026-04-14T09:46:57+00:00
rhsa-2026:7676	Red Hat Security Advisory: rhc security update	2026-04-13T02:21:56+00:00	2026-04-14T09:46:56+00:00
rhsa-2026:6568	Red Hat Security Advisory: Red Hat Quay 3.15.4	2026-04-03T22:07:28+00:00	2026-04-14T09:46:56+00:00
rhsa-2026:5636	Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update	2026-03-24T14:23:47+00:00	2026-04-14T09:46:56+00:00
rhsa-2026:6435	Red Hat Security Advisory: mariadb:10.11 security update	2026-04-02T10:59:43+00:00	2026-04-14T09:46:55+00:00
rhsa-2026:6428	Red Hat Security Advisory: Network Observability 1.11.1 for OpenShift	2026-04-02T07:50:38+00:00	2026-04-14T09:46:55+00:00
rhsa-2026:6226	Red Hat Security Advisory: Multicluster Global Hub 1.6.2 security update	2026-03-31T02:53:32+00:00	2026-04-14T09:46:55+00:00
rhsa-2026:6192	Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.0 Release.	2026-03-30T15:41:48+00:00	2026-04-14T09:46:55+00:00
rhsa-2026:6184	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.19 security, enhancement & bug fix update	2026-03-30T13:41:49+00:00	2026-04-14T09:46:54+00:00
rhsa-2026:5968	Red Hat Security Advisory: Satellite 6.18.4 Async Update	2026-03-26T19:47:53+00:00	2026-04-14T09:46:53+00:00
rhsa-2026:5866	Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update	2026-04-01T09:29:07+00:00	2026-04-14T09:46:53+00:00
rhsa-2026:5853	Red Hat Security Advisory: osbuild-composer security update	2026-03-26T01:05:19+00:00	2026-04-14T09:46:53+00:00
rhsa-2026:5852	Red Hat Security Advisory: osbuild-composer security update	2026-03-26T00:58:34+00:00	2026-04-14T09:46:53+00:00
rhsa-2026:5851	Red Hat Security Advisory: DevWorkspace Operator 0.40.0 release.	2026-03-25T23:56:41+00:00	2026-04-14T09:46:52+00:00
rhsa-2026:5807	Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI	2026-03-25T12:32:51+00:00	2026-04-14T09:46:52+00:00
rhsa-2026:5645	Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1	2026-03-24T15:38:55+00:00	2026-04-14T09:46:51+00:00
rhsa-2026:5544	Red Hat Security Advisory: osbuild-composer security update	2026-03-24T06:55:51+00:00	2026-04-14T09:46:51+00:00

ID	Description	Published	Updated
sevd-2025-014-09	EcoStruxure™ Power Build Rapsody	2025-01-14T00:00:00.000Z	2025-05-13T04:00:00.000Z
sevd-2024-282-05	EcoStruxure™ Power Monitoring Expert (PME)	2024-10-08T04:00:00.000Z	2025-05-13T04:00:00.000Z
sevd-2025-098-02	Trio™ Q Licensed Data Radios	2025-04-08T04:00:00.000Z	2025-04-08T04:00:00.000Z
sevd-2025-014-01	Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC	2025-01-14T05:00:00.000Z	2025-04-08T04:00:00.000Z
sevd-2025-070-03	WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large	2025-03-11T04:00:00.000Z	2025-03-11T04:00:00.000Z
sevd-2025-070-02	EPAS-UI & EcoSUI	2025-03-11T04:00:00.000Z	2025-03-11T04:00:00.000Z
sevd-2025-070-01	EcoStruxure™ Panel Server	2025-03-11T04:00:00.000Z	2025-03-11T04:00:00.000Z
sevd-2025-042-04	Enerlin'X IFE and eIFE	2025-02-11T06:00:00.000Z	2025-02-11T06:00:00.000Z
sevd-2025-042-03	EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform	2025-02-11T06:00:00.000Z	2025-02-11T06:00:00.000Z
sevd-2025-042-01	ASCO 5310 / 5350 Remote Annunciator	2025-02-11T06:00:00.000Z	2025-02-11T06:00:00.000Z
sevd-2025-014-08	Power Logic HDPM6000 High-Density Metering System	2025-01-14T00:00:00.000Z	2025-01-14T00:00:00.000Z
sevd-2025-014-04	Web Designer for Modicon Communication Modules	2025-01-14T00:00:00.000Z	2025-01-14T00:00:00.000Z
sevd-2024-345-02	Harmony HMI and Pro-face HMI products	2024-12-10T00:00:00.000Z	2024-12-10T00:00:00.000Z
sevd-2024-345-01	PowerChute Serial Shutdown	2024-12-10T00:00:00.000Z	2024-12-10T00:00:00.000Z
sevd-2024-317-04	EcoStruxure™ IT Gateway	2024-11-12T00:00:00.000Z	2024-11-12T00:00:00.000Z
sevd-2024-317-01	PowerLogic PM5300 Series	2024-11-12T00:00:00.000Z	2024-11-12T00:00:00.000Z
sevd-2021-159-02	PowerLogic PM5500 and PowerLogic PM8ECC	2021-06-08T00:00:00.000Z	2024-11-12T00:00:00.000Z
sevd-2024-282-08	EcoStruxure EV Charging Expert	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-282-07	System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-282-06	Zelio Soft 2	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-282-04	EVlink Home Smart and Schneider Charge	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-282-03	Easergy Studio	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-282-02	Harmony iPC – HMIBSC IIoT Edge Box Core	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-282-01	Data Center Expert	2024-10-08T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2022-102-02	Modicon M340 Controller and Communication Modules	2022-04-12T00:00:00.000Z	2024-10-08T00:00:00.000Z
sevd-2024-254-02	EcoStruxure™ Power Monitoring Expert and EcoStruxure™ Power Operation or EcoStruxure™ Power SCADA Operation with Advanced Reporting and Dashboards	2024-09-10T00:00:00.000Z	2024-09-10T00:00:00.000Z
sevd-2024-163-02	PowerLogic P5	2024-06-11T00:00:00.000Z	2024-09-10T00:00:00.000Z
sevd-2023-073-01	EcoStruxure™ Power Monitoring Expert	2023-03-14T00:00:00.000Z	2024-09-10T00:00:00.000Z
sevd-2023-192-02	EcoStruxure™ OPC UA Server Expert	2023-07-11T07:01:56.000Z	2024-08-13T07:00:00.000Z
sevd-2024-226-02	EcoStruxure™ Machine SCADA Expert / BLUE Open Studio	2024-08-13T00:00:00.000Z	2024-08-13T00:00:00.000Z

ID	Description	Published	Updated
sca-2020-0002	Vulnerabilities in SICK Package Analytics	2020-08-07T10:00:00.000Z	2020-07-28T10:00:00.000Z
sca-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
sca-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
sca-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z

ID	Description	Published	Updated
ssa-365200	SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products	2025-10-14T00:00:00Z	2026-01-13T00:00:00Z
ssa-364175	SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1	2024-07-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-192617	SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-014678	SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-001536	SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-512988	SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
ssa-915282	SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-882673	SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-800126	SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-763474	SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-734261	SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-723487	SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products	2024-07-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-693808	SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms	2025-08-12T00:00:00Z	2025-12-09T00:00:00Z
ssa-673996	SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products	2024-09-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-626856	SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-493396	SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms	2025-08-12T00:00:00Z	2025-12-09T00:00:00Z
ssa-471761	SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-420375	SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP)	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-416652	SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-392859	SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-356310	SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-202008	SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-241605	SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258	2025-11-17T00:00:00Z	2025-11-17T00:00:00Z
ssa-190588	SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget	2025-11-17T00:00:00Z	2025-11-17T00:00:00Z
ssa-794185	SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products	2025-05-13T00:00:00Z	2025-11-11T00:00:00Z
ssa-750499	SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices	2024-07-09T00:00:00Z	2025-11-11T00:00:00Z
ssa-711309	SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products	2023-09-12T00:00:00Z	2025-11-11T00:00:00Z
ssa-687955	SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5	2025-02-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-682326	SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-631336	SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6	2022-06-14T00:00:00Z	2025-11-11T00:00:00Z

ID	Description	Published	Updated
suse-su-2026:1324-1	Security update for clamav	2026-04-14T13:15:31Z	2026-04-14T13:15:31Z
suse-su-2026:1323-1	Security update for libpng16	2026-04-14T13:11:55Z	2026-04-14T13:11:55Z
suse-su-2026:1322-1	Security update for MozillaFirefox	2026-04-14T12:42:11Z	2026-04-14T12:42:11Z
suse-su-2026:1321-1	Security update for go1.25	2026-04-14T12:40:53Z	2026-04-14T12:40:53Z
suse-su-2026:1320-1	Security update for go1.26	2026-04-14T12:39:43Z	2026-04-14T12:39:43Z
suse-su-2026:21111-1	Security update for cockpit-subscriptions	2026-04-14T12:16:29Z	2026-04-14T12:16:29Z
suse-su-2026:1314-1	Security update for ignition	2026-04-14T11:07:12Z	2026-04-14T11:07:12Z
suse-su-2026:1313-1	Security update for freerdp2	2026-04-14T10:47:31Z	2026-04-14T10:47:31Z
suse-su-2026:1312-1	Security update for bind	2026-04-14T10:46:32Z	2026-04-14T10:46:32Z
suse-su-2026:1311-1	Security update for libpng16	2026-04-14T10:44:51Z	2026-04-14T10:44:51Z
suse-su-2026:1310-1	Security update for libssh	2026-04-14T10:42:14Z	2026-04-14T10:42:14Z
suse-su-2026:1309-1	Security update for sudo	2026-04-14T10:39:38Z	2026-04-14T10:39:38Z
suse-su-2026:1308-1	Security update for sudo	2026-04-14T10:38:01Z	2026-04-14T10:38:01Z
suse-su-2026:1307-1	Security update for strongswan	2026-04-14T10:35:42Z	2026-04-14T10:35:42Z
suse-su-2026:1305-1	Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)	2026-04-13T18:34:02Z	2026-04-13T18:34:02Z
suse-su-2026:1304-1	Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5)	2026-04-13T16:04:42Z	2026-04-13T16:04:42Z
suse-su-2026:1303-1	Security update for tigervnc	2026-04-13T16:02:59Z	2026-04-13T16:02:59Z
suse-su-2026:1302-1	Security update for tigervnc	2026-04-13T16:02:16Z	2026-04-13T16:02:16Z
suse-su-2026:1301-1	Security update for tigervnc	2026-04-13T16:01:23Z	2026-04-13T16:01:23Z
suse-su-2026:1300-1	Security update for GraphicsMagick	2026-04-13T15:58:01Z	2026-04-13T15:58:01Z
suse-su-2026:1299-1	Security update for nodejs24	2026-04-13T15:54:45Z	2026-04-13T15:54:45Z
suse-su-2026:21107-1	Security update for openssl-3	2026-04-13T15:48:01Z	2026-04-13T15:48:01Z
suse-su-2026:1298-1	Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5)	2026-04-13T15:04:44Z	2026-04-13T15:04:44Z
suse-su-2026:21106-1	Security update for cockpit	2026-04-13T14:11:34Z	2026-04-13T14:11:34Z
suse-su-2026:1297-1	Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)	2026-04-13T12:42:14Z	2026-04-13T12:42:14Z
suse-su-2026:1296-1	Security update for python39	2026-04-13T12:32:48Z	2026-04-13T12:32:48Z
suse-su-2026:21104-1	Security update for python313	2026-04-13T09:49:38Z	2026-04-13T09:49:38Z
suse-su-2026:1294-1	Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5)	2026-04-13T09:04:33Z	2026-04-13T09:04:33Z
suse-su-2026:21102-1	Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)	2026-04-13T09:00:51Z	2026-04-13T09:00:51Z
suse-su-2026:1293-1	Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)	2026-04-13T08:35:44Z	2026-04-13T08:35:44Z

ID	Description	Published	Updated
alsa-2025:3388	Important: python-jinja2 security update	2025-03-31T00:00:00Z	2026-04-09T18:19:12Z
alsa-2025:4048	Moderate: xmlrpc-c security update	2025-04-22T00:00:00Z	2026-04-09T18:11:53Z
alsa-2025:4049	Moderate: libtasn1 security update	2025-04-22T00:00:00Z	2026-04-09T18:00:49Z
alsa-2025:8254	Important: pcs security update	2025-05-28T00:00:00Z	2026-04-09T17:52:37Z
alsa-2025:4063	Moderate: ruby:3.1 security update	2025-04-22T00:00:00Z	2026-04-09T17:45:54Z
alsa-2025:11047	Moderate: pcs security update	2025-07-15T00:00:00Z	2026-04-09T15:41:47Z
alsa-2025:12527	Moderate: virt:rhel and virt-devel:rhel security update	2025-08-04T00:00:00Z	2026-04-09T15:30:58Z
alsa-2026:6750	Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update	2026-04-07T00:00:00Z	2026-04-09T12:29:46Z
alsa-2026:6949	Important: go-toolset:rhel8 security update	2026-04-08T00:00:00Z	2026-04-09T12:17:43Z
alsa-2026:6915	Important: vim security update	2026-04-07T00:00:00Z	2026-04-09T11:41:21Z
alsa-2026:6906	Important: nginx security update	2026-04-07T00:00:00Z	2026-04-09T11:12:05Z
alsa-2026:6918	Important: freerdp security update	2026-04-07T00:00:00Z	2026-04-09T10:20:55Z
alsa-2026:6391	Moderate: mysql:8.4 security update	2026-04-01T00:00:00Z	2026-04-09T10:00:41Z
alsa-2026:6435	Moderate: mariadb:10.11 security update	2026-04-02T00:00:00Z	2026-04-09T09:01:32Z
alsa-2026:6463	Important: openssh security update	2026-04-02T00:00:00Z	2026-04-09T08:50:06Z
alsa-2026:6462	Important: openssh security update	2026-04-02T00:00:00Z	2026-04-09T08:39:22Z
alsa-2026:6461	Important: openssh security update	2026-04-02T00:00:00Z	2026-04-09T08:28:49Z
alsa-2026:7080	Important: nodejs22 security update	2026-04-08T00:00:00Z	2026-04-09T02:15:49Z
alsa-2026:7081	Moderate: libtiff security update	2026-04-08T00:00:00Z	2026-04-09T02:00:14Z
alsa-2026:6628	Important: fontforge security update	2026-04-06T00:00:00Z	2026-04-08T23:11:48Z
alsa-2026:6631	Important: fontforge security update	2026-04-06T00:00:00Z	2026-04-08T20:50:37Z
alsa-2026:6572	Moderate: kernel-rt security update	2026-04-06T00:00:00Z	2026-04-06T09:38:16Z
alsa-2026:6571	Moderate: kernel security update	2026-04-06T00:00:00Z	2026-04-06T09:27:57Z
alsa-2026:6621	Moderate: crun security update	2026-04-06T00:00:00Z	2026-04-06T08:42:59Z
alsa-2026:6622	Moderate: crun security update	2026-04-06T00:00:00Z	2026-04-06T08:36:15Z
alsa-2026:6300	Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update	2026-03-31T00:00:00Z	2026-04-03T17:13:38Z
alsa-2026:6436	Moderate: rsync security update	2026-04-02T00:00:00Z	2026-04-03T12:29:15Z
alsa-2026:6439	Important: libpng15 security update	2026-04-02T00:00:00Z	2026-04-03T12:19:53Z
alsa-2026:6445	Important: libpng12 security update	2026-04-02T00:00:00Z	2026-04-03T12:13:28Z
alsa-2026:6470	Important: perl-YAML-Syck security update	2026-04-02T00:00:00Z	2026-04-03T12:07:59Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
osv-2024-696	Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr	2024-07-31T00:03:10.056663Z	2026-03-30T14:18:48.684167Z
osv-2024-400	Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr	2024-05-02T00:03:16.309384Z	2026-03-30T14:18:22.305458Z
osv-2024-641	Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr	2024-07-14T00:06:37.034414Z	2026-03-30T14:18:20.625772Z
osv-2024-278	Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr	2024-04-19T00:12:11.684954Z	2026-03-30T14:17:53.191446Z
osv-2022-776	Heap-buffer-overflow in do_job	2022-08-24T00:00:48.440951Z	2026-03-28T14:13:55.545096Z
osv-2025-312	Heap-buffer-overflow in ZSTD_decompressMultiFrame	2025-05-02T00:14:14.459388Z	2026-03-27T14:26:26.446866Z
osv-2023-606	Heap-buffer-overflow in ZSTD_decompressMultiFrame	2023-07-23T14:01:02.159160Z	2026-03-27T14:21:24.837066Z
osv-2023-319	Heap-buffer-overflow in ZSTD_decompressSequencesLong_bmi2	2023-04-16T14:01:58.406534Z	2026-03-27T14:20:54.241339Z
osv-2022-675	Heap-buffer-overflow in void RDKit::ParseV3000AtomProps<std::__1::vector<std::__1::basic_string_view<cha	2022-08-06T00:00:51.363676Z	2026-03-27T14:20:04.040838Z
osv-2021-1672	Heap-buffer-overflow in blosc_d	2021-12-12T00:01:29.747137Z	2026-03-27T14:18:17.523662Z
osv-2022-1288	Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*>	2024-11-04T00:16:22.516312Z	2026-03-27T14:17:53.064285Z
osv-2023-1350	Heap-buffer-overflow in inflate	2023-12-23T00:12:38.562149Z	2026-03-27T14:16:43.884162Z
osv-2022-1134	Heap-buffer-overflow in ndlz8_decompress	2022-11-04T00:02:11.463429Z	2026-03-27T14:15:56.573716Z
osv-2021-1070	Heap-buffer-overflow in ZSTD_decompressBlock_internal	2021-07-29T00:01:10.187569Z	2026-03-27T14:15:27.197578Z
osv-2026-461	UNKNOWN READ in XRef::constructObjectEntry	2026-03-26T00:17:47.551046Z	2026-03-26T00:17:47.551361Z
osv-2026-455	UNKNOWN READ in mkv::matroska_segment_c::TrackInit	2026-03-25T00:20:51.448743Z	2026-03-25T00:20:51.449185Z
osv-2023-216	Heap-buffer-overflow in H5G__node_cmp3	2023-03-23T13:00:48.081705Z	2026-03-24T16:17:49.377032Z
osv-2023-76	Heap-buffer-overflow in H5SM_delete	2023-02-18T13:00:50.471845Z	2026-03-24T15:56:21.323480Z
osv-2023-359	Heap-buffer-overflow in H5MM_memcpy	2023-05-01T14:02:33.841821Z	2026-03-24T15:52:15.056909Z
osv-2023-392	Negative-size-param in H5MM_memcpy	2023-05-13T14:00:26.093088Z	2026-03-24T15:13:27.688997Z
osv-2023-370	Heap-buffer-overflow in H5FS__sect_link	2023-05-06T14:01:04.165113Z	2026-03-24T15:11:55.539963Z
osv-2024-387	Heap-buffer-overflow in H5F_addr_encode	2024-04-30T00:13:39.184262Z	2026-03-24T15:11:37.246096Z
osv-2023-381	UNKNOWN READ in H5FL__blk_gc_list	2023-05-08T14:02:04.934252Z	2026-03-24T15:11:28.111319Z
osv-2023-133	Heap-buffer-overflow in H5L__extern_traverse	2023-03-02T13:02:08.499899Z	2026-03-24T15:07:47.335644Z
osv-2023-89	Heap-buffer-overflow in H5O__mtime_new_encode	2023-02-21T13:00:30.347876Z	2026-03-24T14:48:44.199364Z
osv-2023-430	Heap-buffer-overflow in H5MM_xstrdup	2023-05-26T14:00:26.078002Z	2026-03-24T14:48:04.919113Z
osv-2026-437	Heap-use-after-free in tf::Executor::_invoke	2026-03-23T00:02:28.277984Z	2026-03-23T14:25:41.819255Z
osv-2025-169	Stack-buffer-overflow in utf8_in2	2025-02-27T00:07:08.029075Z	2026-03-21T14:18:54.197384Z
osv-2023-1328	Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames	2023-12-18T00:13:09.643640Z	2026-03-18T19:49:20.841276Z
osv-2024-728	Negative-size-param in pdf_resize_resource_arrays	2024-08-08T00:09:33.935595Z	2026-03-18T14:32:58.071449Z

ID	Description	Published	Updated
rustsec-2026-0049	CRLs not considered authoritative by Distribution Point due to faulty matching logic	2026-03-20T12:00:00Z	2026-03-24T08:22:29Z
rustsec-2026-0072	Missing Check for All-Zero X25519 Shared Secret	2026-02-04T12:00:00Z	2026-03-24T08:16:07Z
rustsec-2026-0071	Nonce Reuse in HPKE Context	2026-02-05T12:00:00Z	2026-03-24T08:16:07Z
rustsec-2026-0070	Panic When Opening or Sealing on Export-Only Context	2026-02-11T12:00:00Z	2026-03-24T08:16:07Z
rustsec-2026-0069	Incorrect Length Encoding on KDF Export	2026-02-11T12:00:00Z	2026-03-24T08:16:07Z
rustsec-2026-0068	tar-rs incorrectly ignores PAX size headers if header size is nonzero	2026-03-19T12:00:00Z	2026-03-23T09:31:59Z
rustsec-2026-0067	`unpack_in` can chmod arbitrary directories by following symlinks	2026-03-19T12:00:00Z	2026-03-23T09:31:59Z
rustsec-2026-0066	Insufficient validation of PAX extensions during extraction	2026-03-17T12:00:00Z	2026-03-23T09:31:59Z
rustsec-2026-0047	PKCS7_verify Signature Validation Bypass in AWS-LC	2026-03-02T12:00:00Z	2026-03-21T06:45:35Z
rustsec-2026-0046	PKCS7_verify Certificate Chain Validation Bypass in AWS-LC	2026-03-02T12:00:00Z	2026-03-21T06:45:35Z
rustsec-2026-0045	Timing Side-Channel in AES-CCM Tag Verification in AWS-LC	2026-03-02T12:00:00Z	2026-03-21T06:45:35Z
rustsec-2026-0043	Timing Side-Channel in AES-CCM Tag Verification in AWS-LC	2026-03-02T12:00:00Z	2026-03-21T06:45:35Z
rustsec-2026-0065	`tokio-signal` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0064	`tokio-udp` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0063	`tokio-executor` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0062	`tokio-compat` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0061	`tokio-fs` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0060	`tokio-timer` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0059	`tokio-tcp` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0058	`tokio-io` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0057	`tokio-reactor` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0056	`tokio-codec` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0055	`tokio-process` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0054	`tokio-current-thread` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0053	`tokio-tls` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0052	`tokio-sync` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0051	`tokio-threadpool` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0050	`tokio-uds` is unmaintained	2026-03-20T12:00:00Z	2026-03-20T22:26:59Z
rustsec-2026-0048	CRL Distribution Point Scope Check Logic Error in AWS-LC	2026-03-19T12:00:00Z	2026-03-20T17:11:58Z
rustsec-2026-0044	AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN	2026-03-19T12:00:00Z	2026-03-20T17:11:58Z

ID	Description	Published	Updated
bit-authentik-2023-48228	OAuth2: PKCE can be fully circumvented	2026-04-16T23:36:07.745Z	2026-04-17T00:10:47.507Z
bit-authentik-2023-46249	authentik potential installation takeover when default admin user is deleted	2026-04-16T23:36:06.215Z	2026-04-17T00:10:47.507Z
bit-authentik-2023-39522	Username enumeration attack in goauthentik	2026-04-16T23:36:04.816Z	2026-04-17T00:10:47.507Z
bit-authentik-2023-36456	Authentik lacks Proxy IP headers validation	2026-04-16T23:36:03.215Z	2026-04-17T00:10:47.507Z
bit-authentik-2023-26481	Insufficient user check in FlowTokens by Email stage	2026-04-16T23:36:01.864Z	2026-04-17T00:10:47.507Z
bit-authentik-2022-46172	authentik allows existing authenticated users to create arbitrary accounts	2026-04-16T23:36:00.542Z	2026-04-17T00:10:47.507Z
bit-authentik-2022-46145	authentik vulnerable to unauthorized user creation and potential account takeover	2026-04-16T23:35:59.036Z	2026-04-17T00:10:47.507Z
bit-authentik-2022-23555	authentik vulnerable to Improper Authentication via invitation URL token reuse	2026-04-16T23:35:57.484Z	2026-04-17T00:10:47.507Z
bit-apisix-2026-31924	Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP	2026-04-16T23:36:06.924Z	2026-04-17T00:10:47.507Z
bit-apisix-2026-31923	Apache APISIX: Openid-connect `tls_verify` field is disabled by default	2026-04-16T23:36:05.480Z	2026-04-17T00:10:47.507Z
bit-airflow-2026-33858	Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API	2026-04-16T23:38:09.491Z	2026-04-17T00:10:47.507Z
bit-airflow-2025-66236	Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI	2026-04-16T23:37:55.116Z	2026-04-17T00:10:47.507Z
bit-activemq-2026-39304	Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM	2026-04-16T23:36:26.790Z	2026-04-17T00:10:47.507Z
bit-wiremock-2023-41329	Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio	2026-04-13T16:00:00.480Z	2026-04-13T16:23:32.396Z
bit-wiremock-2023-41327	Controlled SSRF through URL in the WireMock	2026-04-13T15:59:58.176Z	2026-04-13T16:23:32.396Z
bit-tomcat-2026-29146	Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default	2026-04-13T16:01:34.700Z	2026-04-13T16:23:32.396Z
bit-nifi-2024-45477	Apache NiFi: Improper Neutralization of Input in Parameter Description	2026-04-13T14:17:18.796Z	2026-04-13T14:44:23.860Z
bit-wiremock-2023-50069		2026-04-13T11:50:15.583Z	2026-04-13T12:09:46.643Z
bit-tomcat-2026-34500	Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled	2026-04-13T10:20:02.205Z	2026-04-13T10:42:00.723Z
bit-tomcat-2026-34487	Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token	2026-04-13T10:20:00.791Z	2026-04-13T10:42:00.723Z
bit-tomcat-2026-34483	Apache Tomcat: Incomplete escaping of JSON access logs	2026-04-13T10:19:58.030Z	2026-04-13T10:42:00.723Z
bit-tomcat-2026-29145	Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled	2026-04-13T10:19:53.698Z	2026-04-13T10:42:00.723Z
bit-tomcat-2026-25854	Apache Tomcat: Occasionally open redirect	2026-04-13T10:19:50.972Z	2026-04-13T10:42:00.723Z
bit-tomcat-2026-24880	Apache Tomcat: Request smuggling via invalid chunk extension	2026-04-13T10:19:49.629Z	2026-04-13T10:42:00.723Z
bit-mongodb-2026-4148	ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators	2026-04-13T10:13:07.402Z	2026-04-13T10:42:00.723Z
bit-mongodb-2026-4147	Stack memory disclosure in filemd5 command	2026-04-13T10:13:04.983Z	2026-04-13T10:42:00.723Z
bit-minio-2026-39414	MinIO affected a DoS via Unbounded Memory Allocation in S3 Select CSV Parsing	2026-04-13T10:10:51.384Z	2026-04-13T10:42:00.723Z
bit-tomcat-2026-34486	Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor	2026-04-13T05:53:08.595Z	2026-04-13T06:11:47.324Z
bit-tomcat-2026-32990	Apache Tomcat: Fix for CVE-2025-66614 is incomplete	2026-04-13T05:53:05.369Z	2026-04-13T06:11:47.324Z
bit-tomcat-2026-29129	Apache Tomcat: TLS cipher order is not preserved	2026-04-13T05:53:00.617Z	2026-04-13T06:11:47.324Z

ID	Description	Published	Updated
cleanstart-2026-ot38160	url	2026-04-09T00:55:38.018075Z	2026-04-08T07:36:24Z
cleanstart-2026-ba09462	OpenTelemetry-Go is the Go implementation of OpenTelemetry	2026-04-09T00:57:38.077873Z	2026-04-08T07:00:07Z
cleanstart-2026-mw52739	Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6	2026-04-09T00:59:39.080550Z	2026-04-08T06:46:14Z
cleanstart-2026-ki25096	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0	2026-04-09T00:59:38.592849Z	2026-04-08T06:46:14Z
cleanstart-2026-ij23041	In libexpat before 2	2026-04-09T01:01:38.269615Z	2026-04-08T06:46:14Z
cleanstart-2026-gy86690	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4	2026-04-09T00:57:57.606656Z	2026-04-08T06:46:14Z
cleanstart-2026-pd43534	In libexpat before 2	2026-04-08T00:39:47.879615Z	2026-04-07T05:54:38Z
cleanstart-2026-mp09743	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0	2026-04-08T00:37:59.326932Z	2026-04-07T05:54:38Z
cleanstart-2026-bb02574	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4	2026-04-08T00:37:58.971684Z	2026-04-07T05:54:38Z
cleanstart-2026-af52025	In libexpat before 2	2026-04-08T00:39:48.013620Z	2026-04-07T05:54:38Z
cleanstart-2026-hx94762	attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing	2026-04-07T00:45:34.962189Z	2026-04-06T13:01:42Z
cleanstart-2026-gg94489	go-retryablehttp prior to 0	2026-04-07T00:41:33.578433Z	2026-04-06T13:01:42Z
cleanstart-2026-fu47971	protojson	2026-04-07T00:47:07.546790Z	2026-04-06T13:01:42Z
cleanstart-2026-ej93145	attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames	2026-04-07T00:44:04.086276Z	2026-04-06T13:01:42Z
cleanstart-2026-bk17545	attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing	2026-04-07T00:38:33.362093Z	2026-04-06T13:01:42Z
cleanstart-2026-aj47488	When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11	2026-04-07T00:40:03.631106Z	2026-04-06T13:01:42Z
cleanstart-2026-fe32006	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0	2026-04-07T00:41:34.518345Z	2026-04-06T06:37:58Z
cleanstart-2026-dp59378	In libexpat before 2	2026-04-07T00:42:33.537935Z	2026-04-06T06:37:58Z
cleanstart-2026-ob18608	Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6	2026-04-06T06:19:25.639311Z	2026-04-06T04:56:02Z
cleanstart-2026-kf75900	In libexpat before 2	2026-04-06T06:20:25.150640Z	2026-04-06T04:56:02Z
cleanstart-2026-jl41223	In libexpat before 2	2026-04-06T06:19:55.229801Z	2026-04-06T04:56:02Z
cleanstart-2026-jg79570	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0	2026-04-06T06:19:24.747052Z	2026-04-06T04:56:02Z
cleanstart-2026-dz75075	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4	2026-04-06T06:19:24.775093Z	2026-04-06T04:56:02Z
cleanstart-2026-nu19941	Security fixes for ghsa-72hv-8253-57qq applied in versions: 5.19.3-r1	2026-04-06T02:44:20.354882Z	2026-04-03T13:09:27Z
cleanstart-2026-kt07616	Security fixes for CVE-2026-22735, CVE-2026-22737 applied in versions: 6.2.3-r0	2026-04-06T02:44:27.120329Z	2026-04-03T13:09:27Z
cleanstart-2026-kt25851	Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r1	2026-04-06T02:44:54.790204Z	2026-04-03T08:04:33Z
cleanstart-2026-dq17669	Security fixes for CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.1-r1	2026-04-06T02:45:34.659600Z	2026-04-03T07:13:53Z
cleanstart-2026-ml41879	Security fixes for CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.0-r0, 1.14.0-r1, 1.14.1-r0	2026-04-06T02:45:36.057138Z	2026-04-03T07:11:16Z
cleanstart-2026-nd57973	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0	2026-04-06T02:45:57.693609Z	2026-04-03T07:10:19Z
cleanstart-2026-lr09759	Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4	2026-04-06T02:46:06.138686Z	2026-04-03T07:10:19Z

ID	Published	Updated
drupal-contrib-2025-102	2025-08-27T17:20:11.000Z	2025-08-27T17:20:11.000Z
drupal-contrib-2025-099	2025-08-27T17:19:24.000Z	2025-08-27T17:19:24.000Z
drupal-contrib-2025-098	2025-08-27T17:19:14.000Z	2025-08-27T17:19:14.000Z
drupal-contrib-2025-096	2025-08-13T17:33:24.000Z	2025-08-13T20:10:05.000Z
drupal-contrib-2025-095	2025-08-06T16:50:43.000Z	2025-08-06T16:50:43.000Z
drupal-contrib-2025-094	2025-07-30T16:31:23.000Z	2025-07-30T16:31:23.000Z
drupal-contrib-2025-093	2025-07-30T16:30:44.000Z	2025-07-30T16:30:44.000Z
drupal-contrib-2025-092	2025-07-23T17:10:19.000Z	2025-07-23T17:10:19.000Z
drupal-contrib-2025-091	2025-07-16T16:46:49.000Z	2025-07-17T14:42:36.000Z
drupal-contrib-2025-090	2025-07-16T16:46:26.000Z	2025-07-16T16:46:26.000Z
drupal-contrib-2025-089	2025-07-16T16:46:08.000Z	2025-07-16T16:46:08.000Z
drupal-contrib-2025-087	2025-07-09T16:37:27.000Z	2025-07-09T16:37:27.000Z
drupal-contrib-2025-086	2025-07-02T17:37:13.000Z	2025-07-02T17:37:13.000Z
drupal-contrib-2025-085	2025-07-02T17:37:03.000Z	2025-07-02T17:37:03.000Z
drupal-contrib-2025-081	2025-06-25T18:42:06.000Z	2025-06-26T18:17:29.000Z
drupal-contrib-2025-084	2025-06-25T18:43:00.000Z	2025-06-25T18:43:00.000Z
drupal-contrib-2025-083	2025-06-25T18:42:38.000Z	2025-06-25T18:42:38.000Z
drupal-contrib-2025-082	2025-06-25T18:42:17.000Z	2025-06-25T18:42:17.000Z
drupal-contrib-2025-080	2025-06-25T18:41:56.000Z	2025-06-25T18:41:56.000Z
drupal-contrib-2025-079	2025-06-25T18:41:34.000Z	2025-06-25T18:41:34.000Z
drupal-contrib-2025-078	2025-06-25T18:41:20.000Z	2025-06-25T18:41:20.000Z
drupal-contrib-2025-077	2025-06-25T18:41:06.000Z	2025-06-25T18:41:06.000Z
drupal-contrib-2025-001	2025-01-08T17:22:11.000Z	2025-06-19T22:05:09.000Z
drupal-contrib-2025-004	2025-01-22T16:50:12.000Z	2025-05-29T18:26:44.000Z
drupal-contrib-2025-034	2025-04-16T16:24:49.000Z	2025-05-29T18:24:01.000Z
drupal-contrib-2025-041	2025-04-23T16:58:39.000Z	2025-05-29T18:23:44.000Z
drupal-contrib-2025-048	2025-05-07T17:06:26.000Z	2025-05-29T18:20:11.000Z
drupal-contrib-2025-049	2025-05-07T17:06:36.000Z	2025-05-29T18:20:00.000Z
drupal-contrib-2025-050	2025-05-07T17:06:52.000Z	2025-05-29T18:19:50.000Z
drupal-contrib-2025-051	2025-05-07T17:07:03.000Z	2025-05-29T18:19:36.000Z

ID	Description	Updated

ID	Description	Published	Updated
certfr-2022-ale-001	[MaJ] Vulnérabilité dans Microsoft Windows	2022-01-12T00:00:00.000000	2022-05-04T00:00:00.000000
certfr-2021-ale-022	[MaJ] Vulnérabilité dans Apache Log4j	2021-12-10T00:00:00.000000	2022-05-04T00:00:00.000000
certfr-2021-ale-021	Vulnérabilité dans Microsoft Exchange	2021-11-10T00:00:00.000000	2022-05-04T00:00:00.000000
certfr-2021-ale-019	[MaJ] Vulnérabilité dans Microsoft Windows	2021-09-08T00:00:00.000000	2022-05-04T00:00:00.000000
certfr-2021-ale-017	Multiples vulnérabilités dans Microsoft Exchange	2021-08-27T00:00:00.000000	2022-05-04T00:00:00.000000
certfr-2021-ale-020	[Maj] Multiples vulnérabilités dans Microsoft Azure Open Management Infrastructure	2021-09-17T00:00:00.000000	2022-01-05T00:00:00.000000
certfr-2021-ale-018	Vulnérabilité dans Atlassian Confluence Server et Data Center	2021-09-06T00:00:00.000000	2022-01-05T00:00:00.000000
certfr-2021-ale-014	[MaJ] Multiples vulnérabilités dans Microsoft Windows	2021-07-02T00:00:00.000000	2022-01-05T00:00:00.000000
certfr-2021-ale-015	Multiples vulnérabilités dans SolarWinds Serv-U	2021-07-13T00:00:00.000000	2021-10-19T00:00:00.000000
certfr-2021-ale-012	Multiples vulnérabilités dans Microsoft Windows	2021-06-09T00:00:00.000000	2021-10-19T00:00:00.000000
certfr-2021-ale-011	Vulnérabilité dans VMware vCenter Server	2021-06-07T00:00:00.000000	2021-10-19T00:00:00.000000
certfr-2021-ale-016	Vulnérabilité dans SonicWall	2021-07-15T00:00:00.000000	2021-08-19T00:00:00.000000
certfr-2021-ale-004	[MàJ] Multiples vulnérabilités dans Microsoft Exchange Server	2021-03-03T00:00:00.000000	2021-07-16T00:00:00.000000
certfr-2021-ale-013	[MaJ] Vulnérabilité dans Microsoft Windows	2021-06-30T00:00:00.000000	2021-07-02T00:00:00.000000
certfr-2021-ale-010	Vulnérabilité dans Adobe Acrobat et Acrobat Reader	2021-05-12T00:00:00.000000	2021-06-29T00:00:00.000000
certfr-2021-ale-007	[MàJ] Vulnérabilité dans Pulse Connect Secure	2021-04-20T00:00:00.000000	2021-06-21T00:00:00.000000
certfr-2021-ale-009	[MàJ] Vulnérabilité dans Microsoft Windows	2021-05-12T00:00:00.000000	2021-06-10T00:00:00.000000
certfr-2021-ale-008	Multiples vulnérabilités dans Exim	2021-05-05T00:00:00.000000	2021-06-10T00:00:00.000000
certfr-2021-ale-005	Multiples vulnérabilités dans Microsoft DNS server	2021-03-12T00:00:00.000000	2021-05-12T00:00:00.000000
certfr-2021-ale-003	[MàJ] Vulnérabilité dans VMware vCenter Server	2021-02-25T00:00:00.000000	2021-05-12T00:00:00.000000
certfr-2021-ale-001	\|MàJ] Vulnérabilité dans SonicWall SMA100	2021-02-02T00:00:00.000000	2021-05-12T00:00:00.000000
certfr-2021-ale-006	[MàJ] Vulnérabilité dans F5 BIG-IP	2021-03-22T00:00:00.000000	2021-04-15T00:00:00.000000
certfr-2020-ale-026	[MaJ] Présence de code malveillant dans SolarWinds Orion	2020-12-14T00:00:00.000000	2021-04-15T00:00:00.000000
certfr-2021-ale-002	[MàJ] Vulnérabilité dans Google Chrome et Microsoft Edge	2021-02-05T00:00:00.000000	2021-03-11T00:00:00.000000
certfr-2020-ale-021	Vulnérabilité dans Samba	2020-09-18T00:00:00.000000	2021-03-11T00:00:00.000000
certfr-2020-ale-020	[MàJ] Vulnérabilité dans Microsoft Netlogon	2020-09-15T00:00:00.000000	2021-03-11T00:00:00.000000
certfr-2020-ale-019	Recrudescence d'activité Emotet en France	2020-09-07T00:00:00.000000	2021-02-09T00:00:00.000000
certfr-2020-ale-025	Vulnérabilité dans Fortinet FortiOS SSL-VPN	2020-11-27T00:00:00.000000	2021-02-08T00:00:00.000000
certfr-2020-ale-024	[MaJ] Vulnérabilité dans les produits VMware	2020-11-24T00:00:00.000000	2020-12-17T00:00:00.000000
certfr-2020-ale-022	[MàJ] Vulnérabilité dans Oracle Weblogic	2020-10-30T00:00:00.000000	2020-12-17T00:00:00.000000

ID	Description	Published	Updated
certfr-2026-avi-0398	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0397	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0396	Multiples vulnérabilités dans le noyau Linux de Red Hat	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0395	Multiples vulnérabilités dans les produits IBM	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0394	Multiples vulnérabilités dans VMware Tanzu	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0393	Vulnérabilité dans Synology Mail Station	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0392	Multiples vulnérabilités dans Microsoft Edge	2026-04-03T00:00:00.000000	2026-04-03T00:00:00.000000
certfr-2026-avi-0391	Multiples vulnérabilités dans OpenSSH	2026-04-02T00:00:00.000000	2026-04-02T00:00:00.000000
certfr-2026-avi-0390	Multiples vulnérabilités dans Belden NetModule Router Software	2026-04-02T00:00:00.000000	2026-04-02T00:00:00.000000
certfr-2026-avi-0389	Vulnérabilité dans Microsoft Azure Linux	2026-04-02T00:00:00.000000	2026-04-02T00:00:00.000000
certfr-2026-avi-0388	Multiples vulnérabilités dans les produits Cisco	2026-04-02T00:00:00.000000	2026-04-02T00:00:00.000000
certfr-2026-avi-0387	Multiples vulnérabilités dans les produits Netgate	2026-04-02T00:00:00.000000	2026-04-02T00:00:00.000000
certfr-2026-avi-0386	Multiples vulnérabilités dans les produits Microsoft	2026-04-01T00:00:00.000000	2026-04-01T00:00:00.000000
certfr-2026-avi-0385	Multiples vulnérabilités dans Google Chrome	2026-04-01T00:00:00.000000	2026-04-01T00:00:00.000000
certfr-2026-avi-0384	Multiples vulnérabilités dans Joomla!	2026-04-01T00:00:00.000000	2026-04-01T00:00:00.000000
certfr-2026-avi-0383	Multiples vulnérabilités dans Sonicwall Email Security	2026-04-01T00:00:00.000000	2026-04-01T00:00:00.000000
certfr-2026-avi-0382	Multiples vulnérabilités dans les produits FoxIT	2026-03-31T00:00:00.000000	2026-03-31T00:00:00.000000
certfr-2026-avi-0381	Multiples vulnérabilités dans les produits Microsoft	2026-03-31T00:00:00.000000	2026-03-31T00:00:00.000000
certfr-2026-avi-0380	Multiples vulnérabilités dans Microsoft Edge	2026-03-31T00:00:00.000000	2026-03-31T00:00:00.000000
certfr-2026-avi-0379	Vulnérabilité dans Elastic OpenTelemetry Java	2026-03-31T00:00:00.000000	2026-03-31T00:00:00.000000
certfr-2026-avi-0378	Vulnérabilité dans Symantec Data Loss Prevention (DLP)	2026-03-31T00:00:00.000000	2026-03-31T00:00:00.000000
certfr-2026-avi-0377	Multiples vulnérabilités dans Papercut	2026-03-31T00:00:00.000000	2026-03-31T00:00:00.000000
certfr-2026-avi-0376	Multiples vulnérabilités dans les produits Microsoft	2026-03-30T00:00:00.000000	2026-03-30T00:00:00.000000
certfr-2026-avi-0375	Multiples vulnérabilités dans Microsoft Edge	2026-03-30T00:00:00.000000	2026-03-30T00:00:00.000000
certfr-2026-avi-0374	Vulnérabilité dans Docker Desktop	2026-03-30T00:00:00.000000	2026-03-30T00:00:00.000000
certfr-2026-avi-0372	Multiples vulnérabilités dans les produits IBM	2026-03-27T00:00:00.000000	2026-03-27T00:00:00.000000
certfr-2026-avi-0371	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2026-03-27T00:00:00.000000	2026-03-27T00:00:00.000000
certfr-2026-avi-0370	Multiples vulnérabilités dans le noyau Linux de Red Hat	2026-03-27T00:00:00.000000	2026-03-27T00:00:00.000000
certfr-2026-avi-0369	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-03-27T00:00:00.000000	2026-03-27T00:00:00.000000
certfr-2026-avi-0368	Vulnérabilité dans les produits Microsoft	2026-03-27T00:00:00.000000	2026-03-27T00:00:00.000000

ID	Description	Published	Updated
jvndb-2026-003905	Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-000025	Joomla! CMS vulnerable to cross-site scripting	2026-02-17T12:46+09:00	2026-02-17T12:46+09:00
jvndb-2026-000023	FileZen vulnerable to OS command injection	2026-02-13T16:51+09:00	2026-02-13T17:08+09:00
jvndb-2026-000024	Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries	2026-02-12T13:32+09:00	2026-02-12T13:32+09:00
jvndb-2026-000022	Oki Electric Industry products and OEM products register Windows services with unquoted file paths	2026-02-09T15:21+09:00	2026-02-09T15:21+09:00
jvndb-2026-000021	web2py vulnerable to open redirect	2026-02-05T15:01+09:00	2026-02-05T15:01+09:00
jvndb-2026-000017	Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows	2026-02-03T14:57+09:00	2026-02-05T14:41+09:00
jvndb-2026-000020	Multiple vulnerabilities in Movable Type	2026-02-04T16:15+09:00	2026-02-04T16:15+09:00
jvndb-2026-000016	Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries	2026-02-03T14:57+09:00	2026-02-04T12:39+09:00
jvndb-2024-002831	ELECOM wireless LAN routers vulnerable to OS command injection	2024-02-22T08:15+09:00	2026-02-04T12:02+09:00
jvndb-2025-000041	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-06-24T14:50+09:00	2026-02-03T15:35+09:00
jvndb-2024-000078	Multiple vulnerabilities in ELECOM wireless LAN routers	2024-07-30T15:34+09:00	2026-02-03T15:35+09:00
jvndb-2026-000019	Multiple vulnerabilities in ELECOM wireless LAN products	2026-02-03T14:57+09:00	2026-02-03T14:57+09:00
jvndb-2026-000015	Sonatype Nexus Repository vulnerable to server-side request forgery	2026-02-02T15:18+09:00	2026-02-02T15:18+09:00
jvndb-2026-000014	OS command injection in raspap-webgui	2026-02-02T15:18+09:00	2026-02-02T15:18+09:00
jvndb-2026-000013	Multiple Microsoft Office products vulnerable to untrusted search path	2026-02-02T15:18+09:00	2026-02-02T15:18+09:00
jvndb-2026-000012	Multiple vulnerabilities in Cybozu Garoon	2026-02-02T15:18+09:00	2026-02-02T15:18+09:00
jvndb-2026-000018	Undocumented "TelnetEnable" functionality of End of Service NETGEAR products	2026-01-30T14:23+09:00	2026-01-30T14:23+09:00
jvndb-2026-002119	Multiple vulnerabilities in BROTHER MFPs (multifunction printers)	2026-01-30T11:26+09:00	2026-01-30T11:26+09:00
jvndb-2026-002030	Multiple Vulnerabilities in Cosminexus	2026-01-29T10:32+09:00	2026-01-29T10:32+09:00
jvndb-2026-001972	Archer MR600 vulnerable to OS command injection	2026-01-28T10:41+09:00	2026-01-28T10:41+09:00
jvndb-2026-000011	beat-access for Windows may insecurely load Dynamic Link Libraries	2026-01-27T18:22+09:00	2026-01-27T18:22+09:00
jvndb-2026-001732	Multiple Brother software installers may insecurely load Dynamic Link Libraries	2026-01-26T16:04+09:00	2026-01-26T16:04+09:00
jvndb-2026-000010	Command injection vulnerability in ASUS routers	2026-01-23T15:22+09:00	2026-01-23T15:22+09:00
jvndb-2026-001663	"iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization	2026-01-23T11:29+09:00	2026-01-23T11:29+09:00
jvndb-2026-001662	Multiple vulnerabilities in Trend Micro Apex Central (January 2026)	2026-01-23T11:29+09:00	2026-01-23T11:29+09:00
jvndb-2026-000009	Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries	2026-01-21T15:17+09:00	2026-01-21T15:17+09:00
jvndb-2026-000008	Ruijie Networks AP180 series vulnerable to OS command injection	2026-01-21T15:17+09:00	2026-01-21T15:17+09:00
jvndb-2026-001582	Security information for Hitachi Disk Array Systems	2026-01-21T12:11+09:00	2026-01-21T12:11+09:00
jvndb-2026-001578	ETERNUS SF vulnerable to insertion of sensitive information into maintenance data	2026-01-20T20:00+09:00	2026-01-20T20:00+09:00

ID	Description	Published	Updated
cnvd-2026-16678	TOTOLINK A3600R setNoticeCfg函数命令注入漏洞	2026-04-09	2026-04-09
cnvd-2026-16638	Oracle MySQL存在未明漏洞（CNVD-2026-16638）	2026-01-30	2026-04-09
cnvd-2026-16631	Oracle MySQL存在未明漏洞（CNVD-2026-16631）	2026-01-30	2026-04-09
cnvd-2026-16630	Oracle MySQL存在未明漏洞（CNVD-2026-16630）	2026-01-30	2026-04-09
cnvd-2026-16629	Oracle MySQL存在未明漏洞（CNVD-2026-16629）	2026-01-30	2026-04-09
cnvd-2026-16628	Oracle MySQL存在未明漏洞（CNVD-2026-16628）	2026-01-30	2026-04-09
cnvd-2026-16627	Oracle MySQL存在未明漏洞（CNVD-2026-16627）	2026-01-30	2026-04-09
cnvd-2026-16624	OpenClaw访问控制错误漏洞（CNVD-2026-16624）	2026-04-08	2026-04-09
cnvd-2026-16623	OpenClaw访问控制错误漏洞（CNVD-2026-16623）	2026-04-08	2026-04-09
cnvd-2026-16622	OpenClaw授权问题漏洞（CNVD-2026-16622）	2026-04-08	2026-04-09
cnvd-2026-16621	OpenClaw授权问题漏洞（CNVD-2026-16621）	2026-04-08	2026-04-09
cnvd-2026-16617	ImageMagick缓冲区溢出漏洞（CNVD-2026-16617）	2026-03-19	2026-04-09
cnvd-2026-16601	Mozilla Firefox安全绕过漏洞（CNVD-2026-16601）	2026-03-16	2026-04-09
cnvd-2026-16600	ImageMagick整数溢出漏洞（CNVD-2026-16600）	2026-03-16	2026-04-09
cnvd-2026-16599	Adobe Substance3D Painter越界读取漏洞（CNVD-2026-16599）	2026-03-16	2026-04-09
cnvd-2026-16598	Adobe Substance3D Painter越界读取漏洞（CNVD-2026-16598）	2026-03-16	2026-04-09
cnvd-2026-16597	OliveTin路径遍历漏洞	2026-03-16	2026-04-09
cnvd-2026-16596	iccDEV缓冲区溢出漏洞	2026-03-16	2026-04-09
cnvd-2026-16595	Adobe Commerce输入验证错误漏洞（CNVD-2026-16595）	2026-03-17	2026-04-09
cnvd-2026-16594	Adobe Commerce路径遍历漏洞（CNVD-2026-16594）	2026-03-17	2026-04-09
cnvd-2026-16593	Adobe Commerce开放重定向漏洞	2026-03-17	2026-04-09
cnvd-2026-16592	Adobe Commerce服务端请求伪造漏洞	2026-03-17	2026-04-09
cnvd-2026-16590	Totolink A3300R命令注入漏洞	2026-04-08	2026-04-09
cnvd-2026-16589	NVIDIA Delegated Licensing Service授权问题漏洞	2026-03-04	2026-04-09
cnvd-2026-16588	Adobe Commerce输入验证错误漏洞（CNVD-2026-16588）	2026-03-17	2026-04-09
cnvd-2026-16587	Adobe Commerce跨站脚本漏洞（CNVD-2026-16587）	2026-03-17	2026-04-09
cnvd-2026-16586	Adobe Commerce跨站脚本漏洞（CNVD-2026-16586）	2026-03-17	2026-04-09
cnvd-2026-16585	Adobe Commerce跨站脚本漏洞（CNVD-2026-16585）	2026-03-17	2026-04-09
cnvd-2026-16584	Adobe Commerce跨站脚本漏洞（CNVD-2026-16584）	2026-03-17	2026-04-09
cnvd-2026-16583	Adobe Commerce跨站脚本漏洞（CNVD-2026-16583）	2026-03-17	2026-04-09

ID	Description	Published	Updated
bdu:2025-15829	Уязвимость системы управления базами данных MySQL и MariaDB, связанная с раскрытием инфор…	15.12.2025	16.02.2026
bdu:2025-15825	Уязвимость компонентов mm ядра операционной системы Linux, позволяющая нарушителю получит…	15.12.2025	16.02.2026
bdu:2025-15824	Уязвимость компонента hugetlb.c ядра операционной системы Linux, позволяющая нарушителю п…	15.12.2025	16.02.2026
bdu:2025-15822	Уязвимость ядра операционной системы Linux, связанная с неправильной проверкой возвращаем…	15.12.2025	16.02.2026
bdu:2025-15821	Уязвимость компонента drm/sched ядра операционной системы Linux, позволяющая нарушителю в…	15.12.2025	16.02.2026
bdu:2025-15820	Уязвимость компонента pinctrl-msm ядра операционной системы Linux, позволяющая нарушителю…	15.12.2025	16.02.2026
bdu:2025-15816	Уязвимость компонента smb ядра операционной системы Linux, позволяющая нарушителю нарушит…	15.12.2025	16.02.2026
bdu:2025-15815	Уязвимость ядра операционной системы Linux, связанная с чтением за допустимыми границами …	15.12.2025	16.02.2026
bdu:2025-15814	Уязвимость ядра операционной системы Linux, связанная с чтением за границами буфера данны…	15.12.2025	16.02.2026
bdu:2025-15811	Уязвимость компонента xusb ядра операционной системы Linux, позволяющая нарушителю вызват…	15.12.2025	16.02.2026
bdu:2025-15810	Уязвимость ядра операционной системы Linux, связанная с одновременным выполнением с испол…	15.12.2025	16.02.2026
bdu:2025-15809	Уязвимость компонента appletalk ядра операционной системы Linux, позволяющая нарушителю н…	15.12.2025	16.02.2026
bdu:2025-15808	Уязвимость компонента drm/tegra ядра операционной системы Linux, позволяющая нарушителю в…	15.12.2025	16.02.2026
bdu:2025-15806	Уязвимость компонента atm ядра операционной системы Linux, позволяющая нарушителю вызвать…	15.12.2025	16.02.2026
bdu:2025-15804	Уязвимость компонента mcast ядра операционной системы Linux, позволяющая нарушителю вызва…	15.12.2025	16.02.2026
bdu:2025-15803	Уязвимость компонентов tmptcp ядра операционной системы Linux, позволяющая нарушителю пол…	15.12.2025	16.02.2026
bdu:2025-15802	Уязвимость компонента perf/core ядра операционной системы Linux, позволяющая нарушителю в…	15.12.2025	16.02.2026
bdu:2025-15800	Уязвимость компонента mm/vmalloc.c ядра операционной системы Linux, позволяющая нарушител…	15.12.2025	16.02.2026
bdu:2025-15799	Уязвимость модуля powerpc/eeh ядра операционной системы Linux, позволяющая нарушителю выз…	15.12.2025	16.02.2026
bdu:2025-15798	Уязвимость компонента crypto ядра операционной системы Linux, позволяющая нарушителю вызв…	15.12.2025	16.02.2026
bdu:2025-15797	Уязвимость компонента xilinx ядра операционной системы Linux, позволяющая нарушителю вызв…	15.12.2025	16.02.2026
bdu:2025-15796	Уязвимость компонента iwlwifi ядра операционной системы Linux, позволяющая нарушителю выз…	15.12.2025	16.02.2026
bdu:2025-15795	Уязвимость ядра операционной системы Linux, связанная с ошибками разыменования указателя,…	15.12.2025	16.02.2026
bdu:2025-15794	Уязвимость компонента dtpm_cpu ядра операционной системы Linux, позволяющая нарушителю вы…	15.12.2025	16.02.2026
bdu:2025-15793	Уязвимость компонента fbtft ядра операционной системы Linux, позволяющая нарушителю вызва…	15.12.2025	16.02.2026
bdu:2025-15792	Уязвимость компонента net/tls ядра операционной системы Linux, позволяющая нарушителю выз…	15.12.2025	16.02.2026
bdu:2025-15791	Уязвимость компонента net/packet/af_packet.c ядра операционной системы Linux, позволяющая…	15.12.2025	16.02.2026
bdu:2025-15790	Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать…	15.12.2025	16.02.2026
bdu:2025-15789	Уязвимость компонента pnv_php операционной системы Linux, позволяющая нарушителю вызвать …	15.12.2025	16.02.2026
bdu:2025-15788	Уязвимость компонента pnv_php ядра операционной системы Linux, позволяющая нарушителю выз…	15.12.2025	16.02.2026

ID	Description	Updated
var-202112-1782	Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not pro…	2026-04-10T23:35:45.033000Z
var-202003-1779	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between seriali…	2026-04-10T23:35:44.701000Z
var-201007-0948	Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 thro…	2026-04-10T23:35:43.785000Z
var-202102-0068	Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before …	2026-04-10T23:35:43.590000Z
var-201903-0423	A memory corruption issue was addressed with improved memory handling. This issue is fixe…	2026-04-10T23:35:09.270000Z
var-201404-0592	The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly h…	2026-04-10T23:34:59.841000Z
var-201410-1418	The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeter…	2026-04-10T23:34:59.740000Z
var-200810-0141	Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for c…	2026-04-10T23:34:59.011000Z
var-201006-1253	WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari…	2026-04-10T23:34:53.625000Z
var-200809-0193	Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine…	2026-04-10T23:34:22.491000Z
var-201410-1217	Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in c…	2026-04-10T23:34:07.569000Z
var-201806-1470	An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS bef…	2026-04-10T23:34:04.094000Z
var-201912-1844	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2026-04-10T23:34:03.130000Z
var-201710-1433	Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a deni…	2026-04-10T23:34:02.101000Z
var-201908-0260	Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, poten…	2026-04-10T23:34:01.956000Z
var-202004-2199	In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containi…	2026-04-10T23:34:01.350000Z
var-202209-0773	The issue was addressed with improved memory handling. This issue is fixed in macOS Monte…	2026-04-10T23:33:59.696000Z
var-202105-1451	An issue was discovered in Linux: KVM through Improper handling of VM_IO\|VM_PFNMAP vmas i…	2026-04-10T23:33:59.314000Z
var-201912-0597	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2026-04-10T23:33:58.659000Z
var-201806-1436	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari be…	2026-04-10T23:33:58.495000Z
var-200810-0144	Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 a…	2026-04-10T23:33:23.023000Z
var-201910-1646	By design, BIND is intended to limit the number of TCP clients that can be connected at a…	2026-04-10T23:32:51.564000Z
var-200809-0176	sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, an…	2026-04-10T23:32:51.513000Z
var-201711-0476	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari be…	2026-04-10T23:32:44.188000Z
var-201506-0038	Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to exe…	2026-04-10T23:32:30.204000Z
var-201912-0545	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2026-04-10T23:31:27.957000Z
var-202008-1238	In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.…	2026-04-10T23:30:57.138000Z
var-201109-0200	Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers…	2026-04-10T23:30:56.602000Z
var-200704-0226	Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properl…	2026-04-10T23:30:53.630000Z
var-202404-0120	Faulty input validation in the core of Apache allows malicious or exploitable backend/con…	2026-04-10T23:30:53.560000Z

ID	Description	Published	Updated

ID	Description	Published	Updated
vde-2024-067	Phoenix Contact: Multiple Vulnerabilities in PLCnext Engineer	2024-10-08T12:00:00.000Z	2025-05-14T13:00:14.000Z
vde-2024-052	Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.	2024-09-10T10:00:00.000Z	2025-05-14T13:00:14.000Z
vde-2024-051	Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH	2024-09-10T10:00:00.000Z	2025-05-14T13:00:14.000Z
vde-2023-010	PHOENIX CONTACT: FL MGUARD affected by two vulnerabilities	2023-06-13T06:00:00.000Z	2025-05-14T13:00:14.000Z
vde-2022-001	PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment	2022-01-25T08:05:00.000Z	2025-05-14T13:00:14.000Z
vde-2021-019	PHOENIX CONTACT: Security Advisory for ILC1x1 Industrial controllers	2021-06-23T12:16:00.000Z	2025-05-14T13:00:14.000Z
vde-2019-003	PHOENIX CONTACT: Multiple Vulnerabilities in MEVIEW3	2019-03-05T10:35:00.000Z	2025-05-14T13:00:14.000Z
vde-2017-006	PHOENIX CONTACT: FL SWITCH 3xxx/4xxx/48xx series web-service authentication bypass	2018-01-10T09:36:00.000Z	2025-05-14T13:00:14.000Z
vde-2025-029	Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers	2025-05-13T09:00:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-036	PHOENIX CONTACT: Products utilizing WIBU SYSTEMS CodeMeter components in versions prior to V7.21a	2021-08-04T07:56:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-029	PHOENIX CONTACT: DoS for PLCnext Control devices in versions <2021.0.5 LTS	2021-08-04T07:58:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-025	PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products	2021-06-23T12:19:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-024	PHOENIX CONTACT: Security Advisory for PLCNext, SMARTRTU AXC, CHARX control modular and EEM-SB37x	2021-05-04T08:17:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-023	PHOENIX CONTACT: Security Advisory for FL SWITCH SMCS series	2021-06-23T12:17:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-022	PHOENIX CONTACT: Security Advisory for FL COMSERVER UNI	2021-06-23T12:16:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-021	PHOENIX CONTACT: Security Advisory for AXL F BK and IL BK products	2021-06-23T12:15:00.000Z	2025-05-14T12:28:19.000Z
vde-2021-020	PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite	2021-06-23T11:10:00.000Z	2025-05-14T12:28:19.000Z
vde-2020-047	PHOENIX CONTACT: BTP Touch Panels uncontrolled resource consumption	2020-12-02T09:00:00.000Z	2025-05-14T12:28:19.000Z
vde-2020-046	PHOENIX CONTACT: mGuard <8.8.3 products missing initialization of resource	2020-12-17T09:01:00.000Z	2025-05-14T12:28:19.000Z
vde-2020-025	PHOENIX CONTACT: Improper path sanitation on import of project files in PLCnext Engineer	2020-07-21T09:38:00.000Z	2025-05-14T12:28:19.000Z
vde-2020-023	PHOENIX CONTACT: Two Vulnerabilities in Automation Worx Suite	2020-07-01T08:25:00.000Z	2025-05-14T12:28:19.000Z
vde-2020-003	PHOENIX CONTACT: TC Router and TC Cloud Client multiple vulnerabilities	2020-03-05T15:58:00.000Z	2025-05-14T12:28:19.000Z
vde-2019-016	PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite	2019-10-15T06:17:00.000Z	2025-05-14T12:28:19.000Z
vde-2019-014	PHOENIX CONTACT: Multiple Vulnerabilities in Automation Worx Software Suite	2019-06-19T12:41:00.000Z	2025-05-14T12:28:19.000Z
vde-2019-007	PHOENIX CONTACT: command injection on RAD-80211-XD(/HP-BUS)	2019-03-25T11:45:00.000Z	2025-05-14T12:28:19.000Z
vde-2019-006	PHOENIX CONTACT: unauthorized access to WEB-UI on FL NAT SMx	2019-03-25T11:40:00.000Z	2025-05-14T12:28:19.000Z
vde-2018-004	Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Command Injection	2018-05-16T05:35:00.000Z	2025-05-14T12:28:19.000Z
vde-2018-001	PHOENIX CONTACT: Advisory for mGuard products	2018-01-30T09:00:00.000Z	2025-05-14T12:28:19.000Z
vde-2017-004	PHOENIX CONTACT: FL COMSERVER cross-site scripting (XSS) vulnerability	2017-12-05T08:50:00.000Z	2025-05-14T12:28:19.000Z
vde-2017-003	PHOENIX CONTACT: WLAN enabled devices utilising WPA2 encryption	2017-11-09T16:20:00.000Z	2025-05-14T12:28:19.000Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
vde-2023-015	WAGO: Improper privilege management in web-based management	2023-11-20T07:00:00.000Z	2023-11-20T07:00:00.000Z
vde-2022-040	WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime	2022-10-17T08:00:00.000Z	2023-09-22T12:39:00.000Z
vde-2023-014	WAGO: Bluetooth LE vulnerability in WLAN-ETHERNET-Gateway	2023-07-31T07:00:00.000Z	2023-07-31T07:00:00.000Z
vde-2023-005	WAGO: Series 750-3x/-8x prone to MODBUS server DoS	2023-06-25T06:00:00.000Z	2023-06-25T06:00:00.000Z
vde-2022-060	WAGO: Multiple vulnerabilities in web-based management of multiple products	2023-02-27T11:00:00.000Z	2023-02-27T11:00:00.000Z
vde-2022-055	WAGO: Exposure of configuration interface in unmanaged switches	2023-02-16T13:43:00.000Z	2023-02-16T13:43:00.000Z
vde-2022-054	WAGO: Unauthenticated Configuration Export in web-based management in multiple devices	2023-01-12T07:52:00.000Z	2023-01-12T07:52:00.000Z
vde-2022-042	WAGO: Multiple products - Loss of MAC-Address-Filtering after reboot	2022-10-17T08:00:00.000Z	2022-10-17T08:00:00.000Z
vde-2022-047	WAGO: FTP-Server - Denial-of-Service	2022-10-12T08:00:00.000Z	2022-10-12T08:00:00.000Z
vde-2022-035	WAGO: Multiple product series affected by multiple CODESYS vulnerabilities	2022-08-17T08:00:00.000Z	2022-08-17T08:00:00.000Z
vde-2022-031	WAGO: Multiple Products Series affected by multiple CODESYS vulnerabilities	2022-08-17T08:00:00.000Z	2022-08-17T08:00:00.000Z
vde-2022-004	WAGO: Web-Based Management Cross-Site Scripting	2022-03-09T07:00:00.000Z	2022-03-09T07:00:00.000Z
vde-2021-050	WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack.	2021-11-16T11:02:00.000Z	2021-11-16T11:02:00.000Z
vde-2020-048	M&M Software (WAGO): Deserialisation of untrusted data in fdtContainer	2021-01-14T14:57:00.000Z	2021-01-14T14:57:00.000Z
vde-2020-015	WAGO: Web Based Management - Code Execution Vulnerability	2020-06-10T08:00:00.000Z	2020-06-10T08:00:00.000Z
vde-2020-010	WAGO: Cloud Connectivity Remote Code Execution Vulnerability	2020-03-09T09:25:00.000Z	2020-03-09T09:25:00.000Z
vde-2020-007	WAGO: Web-Based Management Denial of Service	2020-03-09T09:10:00.000Z	2020-03-09T09:10:00.000Z
vde-2019-022	WAGO: Multiple Vulnerabilities in I/O-Check Service in Multiple Devices	2019-12-16T09:00:00.000Z	2019-12-16T09:00:00.000Z
vde-2019-013	WAGO: Multiple Vulnerabilities in industrial managed switches	2019-06-12T10:25:00.000Z	2019-06-12T10:25:00.000Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated