Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-22610	8.5 (4.0)	Angular has XSS Vulnerability via Unsanitized SVG Scri…	angular	angular	2026-01-10T03:35:40.727Z	2026-01-10T03:35:40.727Z
CVE-2025-13457	7.5 (3.1)	WooCommerce Square <= 5.1.1 - Unauthenticated Insecure…	woocommerce	WooCommerce Square	2026-01-10T03:21:01.113Z	2026-01-10T03:21:01.113Z
CVE-2026-22589	7.5 (3.1)	Spree API has Unauthenticated IDOR - Guest Address	spree	spree	2026-01-10T03:17:58.494Z	2026-01-10T03:17:58.494Z
CVE-2025-61674	6.1 (3.1)	October CMS Vulnerable to Stored XSS via Editor and Br…	octobercms	october	2026-01-10T03:14:11.185Z	2026-01-10T03:14:11.185Z
CVE-2025-61676	6.1 (3.1)	October CMS Vulnerable to Stored XSS via Branding Styles	octobercms	october	2026-01-10T03:14:00.708Z	2026-01-10T03:14:00.708Z
CVE-2025-65091	10 (3.1)	XWiki Full Calendar Macro vulnerable to SQL injection …	xwiki-contrib	macro-fullcalendar	2026-01-10T03:06:16.775Z	2026-01-10T03:06:16.775Z
CVE-2025-65090	5.3 (3.1)	XWiki Full Calendar Macro vulnerable to data leak thro…	xwiki-contrib	macro-fullcalendar	2026-01-10T03:05:06.531Z	2026-01-10T03:06:03.471Z
CVE-2026-22597	5.1 (4.0)	Ghost has SSRF via External Media Inliner	TryGhost	Ghost	2026-01-10T02:57:36.898Z	2026-01-10T02:57:36.898Z
CVE-2026-22596	6.7 (3.1)	Ghost has SQL Injection in Members Activity Feed	TryGhost	Ghost	2026-01-10T02:57:19.792Z	2026-01-10T02:57:19.792Z
CVE-2026-22595	8.1 (3.1)	Ghost has Staff Token permission bypass	TryGhost	Ghost	2026-01-10T02:57:08.131Z	2026-01-10T02:57:08.131Z
CVE-2026-22594	8.1 (3.1)	Ghost has Staff 2FA bypass	TryGhost	Ghost	2026-01-10T02:56:47.226Z	2026-01-10T02:56:47.226Z
CVE-2026-22030	6.5 (3.1)	React Router has CSRF issue in Action/Server Action Re…	remix-run	react-router	2026-01-10T02:42:44.603Z	2026-01-10T02:42:44.603Z
CVE-2026-22029	8 (3.1)	React Router vulnerable to XSS via Open Redirects	remix-run	react-router	2026-01-10T02:42:32.736Z	2026-01-10T02:42:32.736Z
CVE-2026-21884	8.2 (3.1)	React Router SSR XSS in ScrollRestoration	remix-run	react-router	2026-01-10T02:41:44.944Z	2026-01-10T02:41:44.944Z
CVE-2025-61686	9.1 (3.1)	React Router has Path Traversal in File Session Storage	remix-run	react-router	2026-01-10T02:41:22.741Z	2026-01-10T02:41:22.741Z
CVE-2025-59057	7.6 (3.1)	React Router has XSS Vulnerability	remix-run	react-router	2026-01-10T02:40:25.142Z	2026-01-10T02:40:25.142Z
CVE-2025-68470	6.5 (3.1)	React Router has unexpected external redirect via untr…	remix-run	react-router	2026-01-10T02:39:41.078Z	2026-01-10T02:39:41.078Z
CVE-2026-22612	8.9 (4.0)	Fickling vulnerable to detection bypass due to "builti…	trailofbits	fickling	2026-01-10T01:35:25.197Z	2026-01-10T01:35:25.197Z
CVE-2026-22609	8.9 (4.0)	Fickling has Static Analysis Bypass via Incomplete Dan…	trailofbits	fickling	2026-01-10T01:35:18.152Z	2026-01-10T01:35:18.152Z
CVE-2026-22608	8.9 (4.0)	Fickling vulnerable to use of ctypes and pydoc gadget …	trailofbits	fickling	2026-01-10T01:35:11.291Z	2026-01-10T01:35:11.291Z
CVE-2026-22607	8.9 (4.0)	Fickling Blocklist Bypass: cProfile.run()	trailofbits	fickling	2026-01-10T01:35:04.920Z	2026-01-10T01:35:04.920Z
CVE-2026-22606	8.9 (4.0)	Fickling has a bypass via runpy.run_path() and runpy.r…	trailofbits	fickling	2026-01-10T01:35:00.797Z	2026-01-10T01:35:00.797Z
CVE-2026-22605	4.3 (3.1)	OpenProject is Vulnerable to Insecure Direct Object Re…	opf	openproject	2026-01-10T01:07:10.412Z	2026-01-10T01:07:10.412Z
CVE-2026-22604	6.9 (4.0)	OpenProject is vulnerable to user enumeration via the …	opf	openproject	2026-01-10T01:07:02.555Z	2026-01-10T01:07:02.555Z
CVE-2026-22603	6.9 (4.0)	OpenProject has no protection against brute-force atta…	opf	openproject	2026-01-10T01:06:28.742Z	2026-01-10T01:06:28.742Z
CVE-2026-22602	3.5 (3.1)	OpenProject is Vulnerable to User Enumeration via User ID	opf	openproject	2026-01-10T01:06:12.921Z	2026-01-10T01:06:12.921Z
CVE-2026-22601	8.6 (4.0)	OpenProject is Vulnerable to Code Execution in E-Mail …	opf	openproject	2026-01-10T01:06:05.430Z	2026-01-10T01:06:05.430Z
CVE-2026-22600	9.1 (3.1)	OpenProject is Vulnerable to Arbitrary File Read via I…	opf	openproject	2026-01-10T01:06:00.502Z	2026-01-10T01:06:00.502Z
CVE-2026-22697	7.5 (3.1)	CryptoLib Has Heap Buffer Overflow Vulnerability in KM…	nasa	CryptoLib	2026-01-10T00:31:11.045Z	2026-01-10T00:31:11.045Z
CVE-2026-22027	5.7 (4.0)	CryptoLib Vulnerable to Heap Buffer Overflow in MariaD…	nasa	CryptoLib	2026-01-10T00:24:58.903Z	2026-01-10T00:24:58.903Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-22597	5.1 (4.0)	Ghost has SSRF via External Media Inliner	TryGhost	Ghost	2026-01-10T02:57:36.898Z	2026-01-10T02:57:36.898Z
CVE-2026-22596	6.7 (3.1)	Ghost has SQL Injection in Members Activity Feed	TryGhost	Ghost	2026-01-10T02:57:19.792Z	2026-01-10T02:57:19.792Z
CVE-2026-22595	8.1 (3.1)	Ghost has Staff Token permission bypass	TryGhost	Ghost	2026-01-10T02:57:08.131Z	2026-01-10T02:57:08.131Z
CVE-2026-22594	8.1 (3.1)	Ghost has Staff 2FA bypass	TryGhost	Ghost	2026-01-10T02:56:47.226Z	2026-01-10T02:56:47.226Z
CVE-2026-22030	6.5 (3.1)	React Router has CSRF issue in Action/Server Action Re…	remix-run	react-router	2026-01-10T02:42:44.603Z	2026-01-10T02:42:44.603Z
CVE-2026-22029	8 (3.1)	React Router vulnerable to XSS via Open Redirects	remix-run	react-router	2026-01-10T02:42:32.736Z	2026-01-10T02:42:32.736Z
CVE-2026-21884	8.2 (3.1)	React Router SSR XSS in ScrollRestoration	remix-run	react-router	2026-01-10T02:41:44.944Z	2026-01-10T02:41:44.944Z
CVE-2025-68470	6.5 (3.1)	React Router has unexpected external redirect via untr…	remix-run	react-router	2026-01-10T02:39:41.078Z	2026-01-10T02:39:41.078Z
CVE-2025-61686	9.1 (3.1)	React Router has Path Traversal in File Session Storage	remix-run	react-router	2026-01-10T02:41:22.741Z	2026-01-10T02:41:22.741Z
CVE-2025-59057	7.6 (3.1)	React Router has XSS Vulnerability	remix-run	react-router	2026-01-10T02:40:25.142Z	2026-01-10T02:40:25.142Z
CVE-2026-22612	8.9 (4.0)	Fickling vulnerable to detection bypass due to "builti…	trailofbits	fickling	2026-01-10T01:35:25.197Z	2026-01-10T01:35:25.197Z
CVE-2026-22609	8.9 (4.0)	Fickling has Static Analysis Bypass via Incomplete Dan…	trailofbits	fickling	2026-01-10T01:35:18.152Z	2026-01-10T01:35:18.152Z
CVE-2026-22608	8.9 (4.0)	Fickling vulnerable to use of ctypes and pydoc gadget …	trailofbits	fickling	2026-01-10T01:35:11.291Z	2026-01-10T01:35:11.291Z
CVE-2026-22607	8.9 (4.0)	Fickling Blocklist Bypass: cProfile.run()	trailofbits	fickling	2026-01-10T01:35:04.920Z	2026-01-10T01:35:04.920Z
CVE-2026-22606	8.9 (4.0)	Fickling has a bypass via runpy.run_path() and runpy.r…	trailofbits	fickling	2026-01-10T01:35:00.797Z	2026-01-10T01:35:00.797Z
CVE-2026-22605	4.3 (3.1)	OpenProject is Vulnerable to Insecure Direct Object Re…	opf	openproject	2026-01-10T01:07:10.412Z	2026-01-10T01:07:10.412Z
CVE-2026-22604	6.9 (4.0)	OpenProject is vulnerable to user enumeration via the …	opf	openproject	2026-01-10T01:07:02.555Z	2026-01-10T01:07:02.555Z
CVE-2026-22603	6.9 (4.0)	OpenProject has no protection against brute-force atta…	opf	openproject	2026-01-10T01:06:28.742Z	2026-01-10T01:06:28.742Z
CVE-2026-22602	3.5 (3.1)	OpenProject is Vulnerable to User Enumeration via User ID	opf	openproject	2026-01-10T01:06:12.921Z	2026-01-10T01:06:12.921Z
CVE-2026-22601	8.6 (4.0)	OpenProject is Vulnerable to Code Execution in E-Mail …	opf	openproject	2026-01-10T01:06:05.430Z	2026-01-10T01:06:05.430Z
CVE-2026-22600	9.1 (3.1)	OpenProject is Vulnerable to Arbitrary File Read via I…	opf	openproject	2026-01-10T01:06:00.502Z	2026-01-10T01:06:00.502Z
CVE-2026-22697	7.5 (3.1)	CryptoLib Has Heap Buffer Overflow Vulnerability in KM…	nasa	CryptoLib	2026-01-10T00:31:11.045Z	2026-01-10T00:31:11.045Z
CVE-2026-22027	5.7 (4.0)	CryptoLib Vulnerable to Heap Buffer Overflow in MariaD…	nasa	CryptoLib	2026-01-10T00:24:58.903Z	2026-01-10T00:24:58.903Z
CVE-2026-22026	8.2 (4.0)	CryptoLib Unbounded Memory Allocation in KMC HTTP Resp…	nasa	CryptoLib	2026-01-10T00:22:35.480Z	2026-01-10T00:22:35.480Z
CVE-2026-22025	6.3 (4.0)	CryptoLib Memory Leak on HTTP Error Response in KMC Client	nasa	CryptoLib	2026-01-10T00:20:59.338Z	2026-01-10T00:20:59.338Z
CVE-2026-22024	6.3 (4.0)	CryptoLib Memory Leak in KMC Encrypt Function Leads to…	nasa	CryptoLib	2026-01-10T00:19:16.006Z	2026-01-10T00:19:16.006Z
CVE-2026-22023	8.2 (4.0)	CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt M…	nasa	CryptoLib	2026-01-10T00:17:03.148Z	2026-01-10T00:17:03.148Z
CVE-2026-21900	8.2 (4.0)	CryptoLib Has Out-of-Bounds Read in KMC Encrypt Metada…	nasa	CryptoLib	2026-01-10T00:14:33.782Z	2026-01-10T00:14:33.782Z
CVE-2026-21899	4.7 (3.1)	CryptoLib has an out-of-bounds read and crash vulnerab…	nasa	CryptoLib	2026-01-10T00:11:18.877Z	2026-01-10T00:11:18.877Z
CVE-2026-21898	8.2 (3.1)	CryptoLib Has Out-of-bounds Read in Crypto_AOS_Process…	nasa	CryptoLib	2026-01-10T00:10:29.925Z	2026-01-10T00:10:29.925Z

ID	Description	Published	Updated

ID	Severity	Description	Published	Updated
ghsa-hj59-mf6x-2j8w	9.8 (3.1) 8.9 (4.0)	A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. …	2026-01-10T00:30:31Z	2026-01-10T00:30:31Z
ghsa-f3vq-4x38-vg3x		A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe …	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-f2cj-whwv-wjfw		The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.…	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-crr3-w29j-c6x6	9.8 (3.1) 8.9 (4.0)	A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This …	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-9ccr-8mmh-vx6x	4.3 (3.1)	A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26…	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-8mvr-hqm9-fqrf	8.8 (3.1) 7.4 (4.0)	A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. …	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-7x99-8x99-xc54		Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on Mac…	2026-01-10T00:30:30Z	2026-01-10T00:30:31Z
ghsa-4wq3-r6vg-34q5	3.5 (3.1)	### Details On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-…	2026-01-10T00:30:30Z	2026-01-10T00:30:31Z
ghsa-29gc-r2qh-wc5v	4.3 (3.1)	A memory initialization issue was addressed with improved memory handling. This issue is fixed in t…	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-78p6-6878-8mj6	7.5 (3.1)	SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()	2026-01-09T22:35:35Z	2026-01-09T22:35:35Z
ghsa-h4rm-mm56-xf63	8.9 (4.0)	Fickling vulnerable to detection bypass due to "builtins" blindness	2026-01-09T22:29:02Z	2026-01-09T22:29:02Z
ghsa-w3g8-fp6j-wvqw	8.7 (4.0)	SM2-PKE has 32-bit Biased Nonce Vulnerability	2026-01-09T22:27:50Z	2026-01-09T22:27:50Z
ghsa-r8x9-f3r5-3x8j	6.5 (3.1)	Area9 Rhapsode 1.47.3 allows SQL Injection via multiple API endpoints accessible to authenticated u…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-mw8h-g64c-rxv4	6.5 (3.1)	A lack of rate limiting in the login page of shiori v1.7.4 and below allows attackers to bypass aut…	2026-01-09T21:31:35Z	2026-01-10T00:30:30Z
ghsa-j3jp-gmvh-ppvr	8.2 (3.1)	A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unau…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-88jg-rrgx-r8v9	6.5 (3.1)	SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancel_or…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-7xjv-wf6r-872r	7.8 (3.1) 8.4 (4.0)	Processing specially crafted workspace folder names could allow for arbitrary command injection in …	2026-01-09T21:31:35Z	2026-01-09T21:31:35Z
ghsa-7r2g-px2q-wrcx	6.5 (3.1)	In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename pa…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-2v8h-5826-r95p	6.5 (3.1)	A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary …	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-q5qq-mvfm-j35x	8.9 (4.0)	Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist	2026-01-09T21:12:00Z	2026-01-09T21:12:01Z
ghsa-5hvc-6wx8-mvv4	8.9 (4.0)	Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection	2026-01-09T21:05:13Z	2026-01-09T21:05:13Z
ghsa-p523-jq9w-64x9	8.9 (4.0)	Fickling Blocklist Bypass: cProfile.run()	2026-01-09T21:04:22Z	2026-01-09T21:04:22Z
ghsa-wfq2-52f7-7qvj	8.9 (4.0)	Fickling has a bypass via runpy.run_path() and runpy.run_module()	2026-01-09T20:52:40Z	2026-01-09T20:52:40Z
ghsa-wvpq-h33f-8rp6	6.1 (3.1)	October CMS Vulnerable to Stored XSS via Branding Styles	2026-01-09T20:12:24Z	2026-01-09T20:12:24Z
ghsa-585q-cm62-757j	2.0 (4.0)	mnl has segmentation fault and invalid memory read in `mnl::cb_run`	2026-01-09T19:53:23Z	2026-01-09T19:53:23Z
ghsa-4f6g-68pf-7vhv	2.7 (4.0)	pypdf has possible long runtimes for malformed startxref	2026-01-09T19:48:57Z	2026-01-09T19:48:57Z
ghsa-4xc4-762w-m6cg	2.7 (4.0)	pypdf has possible long runtimes for missing /Root object with large /Size values	2026-01-09T19:48:22Z	2026-01-09T19:48:22Z
ghsa-88q6-jcjg-hvmw	8.8 (4.0)	jose-swift has JWT Signature Verification Bypass via None Algorithm	2026-01-09T19:39:30Z	2026-01-09T19:39:30Z
ghsa-78h3-63c4-5fqc	9.9 (3.1)	WeKnora has Command Injection in MCP stdio test	2026-01-09T19:21:22Z	2026-01-09T19:21:22Z
ghsa-pcwc-3fw3-8cqv	8.1 (3.1)	WeKnora vulnerable to SQL Injection	2026-01-09T19:19:57Z	2026-01-09T19:19:57Z

ID	Severity	Description	Package	Published	Updated
pysec-2025-72		The `num2words` project was compromised via a phishing attack and two new versions were u…	num2words		2025-07-31T14:34:47+00:00
pysec-2025-71		Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas…	cadwyn	2025-07-21T21:15:25+00:00	2025-07-23T15:24:03.825615+00:00
pysec-2025-69		In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem…	roundup	2025-07-13T20:15:25+00:00	2025-07-13T21:23:01.161315+00:00
pysec-2025-65		A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0…	llama-index	2025-07-07T13:15:28+00:00	2025-07-07T15:23:42.730681+00:00
pysec-2025-61		Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap …	pillow	2025-07-01T19:15:27Z	2025-07-07T14:12:46.226030Z
pysec-2025-51		Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v…	apache-airflow-providers-snowflake	2025-06-24T08:15:24+00:00	2025-06-26T21:23:03.132527+00:00
pysec-2025-70	10.0 (3.1)	A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen…	langchain-community	2025-06-23T21:15:25+00:00	2025-07-16T21:23:40.211079+00:00
pysec-2025-52		gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.	mlflow	2025-06-23T15:15:29Z	2025-12-05T13:25:55.146081Z
pysec-2025-68	8.0 (3.1)	A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.449399+00:00
pysec-2025-67	9.8 (3.1)	A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.385619+00:00
pysec-2025-64	9.8 (3.1)	A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0…	python-a2a	2025-06-17T07:15:18+00:00	2025-07-02T21:23:13.806273+00:00
pysec-2025-47		An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2…	django	2025-06-05T03:15:25+00:00	2025-06-05T05:23:28.296596+00:00
pysec-2025-44		django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod…	django-helpdesk	2025-05-31T01:15:19+00:00	2025-05-31T03:09:35.357757+00:00
pysec-2025-55		vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u…	vllm	2025-05-30T19:15:30+00:00	2025-06-26T21:23:06.407481+00:00
pysec-2025-54		vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8…	vllm	2025-05-30T19:15:30+00:00	2025-06-26T21:23:06.319321+00:00
pysec-2025-50		vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp…	vllm	2025-05-30T18:15:32+00:00	2025-06-19T03:02:28.572160+00:00
pysec-2025-53		vLLM is an inference and serving engine for large language models (LLMs). Prior to versio…	vllm	2025-05-29T17:15:21+00:00	2025-06-26T21:23:06.231251+00:00
pysec-2025-43		vLLM is an inference and serving engine for large language models (LLMs). In versions sta…	vllm	2025-05-29T17:15:21+00:00	2025-05-29T19:21:01.611587+00:00
pysec-2025-46	5.5 (3.1)	A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri…	pypickle	2025-05-26T08:15:19+00:00	2025-06-03T17:36:58.579358+00:00
pysec-2025-45	7.8 (3.1)	A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.…	pypickle	2025-05-26T07:15:26+00:00	2025-06-03T17:36:58.528116+00:00
pysec-2025-40	7.5 (3.1)	A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`…	transformers	2025-05-19T12:15:19+00:00	2025-05-21T19:22:10.801823+00:00
pysec-2025-49	8.8 (3.1)	setuptools is a package that allows users to download, build, install, upgrade, and unins…	setuptools	2025-05-17T16:15:19+00:00	2025-06-12T22:23:11.115559+00:00
pysec-2025-39		motionEye is an online interface for the software motion, a video surveillance program wi…	motioneye	2025-05-14T16:15:29+00:00	2025-05-14T17:22:51.050788+00:00
pysec-2025-60		Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform…	apache-iotdb	2025-05-14T11:16:28+00:00	2025-07-01T21:22:47.232036+00:00
pysec-2025-59		Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack…	apache-iotdb	2025-05-14T11:15:47+00:00	2025-07-01T21:22:47.177405+00:00
pysec-2025-38		OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im…	ironic	2025-05-08T17:16:01Z	2025-05-13T04:24:03.083929Z
pysec-2025-37		An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2…	django	2025-05-08T04:17:18+00:00	2025-05-08T05:23:16.210893+00:00
pysec-2025-42	9.8 (3.1)	vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver…	vllm	2025-04-30T01:15:51+00:00	2025-05-28T21:23:12.396609+00:00
pysec-2025-34		The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_…	picklescan	2025-04-24T01:15:49+00:00	2025-04-24T03:08:15.436691+00:00
pysec-2025-56	4.3 (3.1)	OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t…	octoprint	2025-04-22T18:15:59+00:00	2025-06-27T17:22:53.513680+00:00

ID	Description	Type

ID	Description	Updated

ID	Description	Published	Updated
mal-2026-179	Malicious code in n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz (npm)	2026-01-09T03:04:08Z	2026-01-09T03:04:08Z
mal-2026-178	Malicious code in n8n-nodes-hfgjf-irtuinvcm-lasdqewriit (npm)	2026-01-09T03:04:08Z	2026-01-09T03:04:08Z
mal-2026-177	Malicious code in n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (npm)	2026-01-09T03:04:08Z	2026-01-09T03:04:08Z
mal-2026-187	Malicious code in yunxohang7 (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:26Z
mal-2026-186	Malicious code in yunxohang6 (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:26Z
mal-2026-185	Malicious code in yunxohang5 (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:26Z
mal-2026-184	Malicious code in yunxohang4 (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:26Z
mal-2026-183	Malicious code in yunxohang11 (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:32Z
mal-2026-182	Malicious code in yunxohang10 (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:27Z
mal-2026-180	Malicious code in shreddit.styles (npm)	2026-01-09T03:03:26Z	2026-01-09T03:03:32Z
mal-2026-174	Malicious code in dotenv-intended (npm)	2026-01-09T02:55:20Z	2026-01-09T02:55:20Z
mal-2026-172	Malicious code in chai-tests-async (npm)	2026-01-09T02:55:20Z	2026-01-09T02:55:21Z
mal-2026-175	Malicious code in jwtdapp (npm)	2026-01-09T02:54:20Z	2026-01-09T02:54:54Z
mal-2026-181	Malicious code in smintio-portals-component-sdk (npm)	2026-01-09T02:54:15Z	2026-01-09T02:54:54Z
mal-2026-176	Malicious code in mixpanel-lib (npm)	2026-01-09T02:54:15Z	2026-01-09T02:54:54Z
mal-2026-173	Malicious code in cng-web-lib (npm)	2026-01-09T02:54:15Z	2026-01-09T02:54:54Z
mal-2026-171	Malicious code in amdocs-core (npm)	2026-01-09T02:54:15Z	2026-01-09T02:54:54Z
mal-2026-170	Malicious code in secguest-react-lib (npm)	2026-01-09T02:08:01Z	2026-01-09T02:08:01Z
mal-2026-169	Malicious code in secguest-lib (npm)	2026-01-09T02:08:01Z	2026-01-09T02:08:01Z
mal-2026-168	Malicious code in @zuora-marketing/linting (npm)	2026-01-08T15:40:55Z	2026-01-08T18:47:03Z
mal-2026-167	Malicious code in icon-service (npm)	2026-01-08T14:55:56Z	2026-01-08T14:55:56Z
mal-2026-165	Malicious code in @kyriba/mf-kit (npm)	2026-01-08T14:55:40Z	2026-01-08T14:55:40Z
mal-2026-166	Malicious code in @kyriba/ui-workspace (npm)	2026-01-08T14:47:39Z	2026-01-08T14:47:39Z
mal-2026-164	Malicious code in @kyriba/data-frontend (npm)	2026-01-08T14:35:48Z	2026-01-08T15:10:45Z
mal-2026-163	Malicious code in do-not-install-this-package-002 (PyPI)	2026-01-08T13:35:59Z	2026-01-08T18:11:09Z
mal-2026-162	Malicious code in btcli-security (PyPI)	2026-01-08T10:55:10Z	2026-01-08T10:55:10Z
mal-2026-159	Malicious code in chai-min (npm)	2026-01-08T06:11:43Z	2026-01-08T09:13:13Z
mal-2026-161	Malicious code in jsonify-setting (npm)	2026-01-08T05:55:12Z	2026-01-08T09:13:15Z
mal-2026-160	Malicious code in json-mappings (npm)	2026-01-08T05:55:12Z	2026-01-08T09:13:15Z
mal-2026-155	Malicious code in shaktihacker2026 (npm)	2026-01-08T05:20:19Z	2026-01-08T09:13:17Z

ID	Description	Published	Updated
wid-sec-w-2026-0047	CoreDNS: Schwachstelle ermöglicht Denial of Service	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0044	libtasn1: Schwachstelle ermöglicht Denial of Service	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0043	Trend Micro Apex Central: Mehrere Schwachstellen	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0040	n8n: Mehrere Schwachstellen	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0036	OpenLDAP: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0033	Greenshot: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0032	Microsoft GitHub Enterprise Server: Schwachstelle ermöglicht Darstellen falscher Informationen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0031	Coolify: Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0030	cURL: Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0029	QNAP Qfiling: Schwachstelle ermöglicht Offenlegung von Informationen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0028	Joomla: Mehrere Schwachstellen ermöglichen Cross-Site Scripting	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0027	Dell Secure Connect Gateway: Schwachstelle ermöglicht Privilegieneskalation	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0026	HCL BigFix: Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0025	n8n: Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0024	D-LINK Router: Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0023	Microsoft GitHub Enterprise Server: Schwachstelle ermöglicht Cross-Site Scripting	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0022	Ubiquiti UniFi Building Bridge und Device Bridge: Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0021	Red Hat Enterprise Linux (npm expr-eval): Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0020	Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff	2026-01-06T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0019	Red Hat Enterprise Linux (Quarkus): Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0018	MailPit: Schwachstelle ermöglicht Offenlegung von Informationen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0017	Veeam Backup & Replication: Mehrere Schwachstellen	2026-01-05T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0016	n8n: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes	2026-01-05T23:00:00.000+00:00	2026-01-05T23:00:00.000+00:00
wid-sec-w-2026-0015	Samsung Android: Mehrere Schwachstellen	2026-01-05T23:00:00.000+00:00	2026-01-05T23:00:00.000+00:00
wid-sec-w-2026-0014	Ubiquiti UniFi Protect: Mehrere Schwachstellen	2026-01-05T23:00:00.000+00:00	2026-01-05T23:00:00.000+00:00
wid-sec-w-2026-0013	Google Android: Schwachstelle ermöglicht Codeausführung	2026-01-05T23:00:00.000+00:00	2026-01-05T23:00:00.000+00:00
wid-sec-w-2026-0011	QNAP NAS: Mehrere Schwachstellen	2026-01-04T23:00:00.000+00:00	2026-01-04T23:00:00.000+00:00
wid-sec-w-2026-0010	Samsung Exynos: Mehrere Schwachstellen	2026-01-04T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0009	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2026-01-04T23:00:00.000+00:00	2026-01-05T23:00:00.000+00:00
wid-sec-w-2026-0008	Red Hat Enterprise Linux: Mehrere Schwachstellen	2026-01-04T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00

ID	Description	Published	Updated
ncsc-2026-0004	Kwetsbaarheden verholpen in Trend Micro Apex Central	2026-01-09T11:14:58.910197Z	2026-01-09T11:14:58.910197Z
ncsc-2026-0003	Kwetsbaarheden verholpen in GitLab	2026-01-09T11:11:48.308357Z	2026-01-09T11:11:48.308357Z
ncsc-2026-0002	Kwetsbaarheid verholpen in n8n	2026-01-08T12:34:29.315681Z	2026-01-08T12:34:29.315681Z
ncsc-2026-0001	Kwetsbaarheden verholpen in Hanwha camera systemen	2026-01-08T12:28:21.446188Z	2026-01-08T12:28:21.446188Z
ncsc-2025-0405	Kwetsbaarheid verholpen in Roundcube Webmail	2025-12-31T14:29:26.821576Z	2025-12-31T14:29:26.821576Z
ncsc-2025-0404	Kwetsbaarheid verholpen in SmarterMail	2025-12-31T14:19:01.847364Z	2025-12-31T14:19:01.847364Z
ncsc-2025-0403	Kwetsbaarheden verholpen in QNAP besturingssystemen	2025-12-29T09:17:28.385450Z	2025-12-29T09:17:28.385450Z
ncsc-2025-0402	Kwetsbaarheid verholpen in MongoDB	2025-12-27T11:38:11.514349Z	2025-12-27T11:38:11.514349Z
ncsc-2025-0401	Kwetsbaarheden verholpen in Foxit PDF Reader	2025-12-24T09:14:56.590353Z	2025-12-24T09:14:56.590353Z
ncsc-2025-0400	Kwetsbaarheid verholpen in WatchGuard Firebox	2025-12-19T11:16:01.438518Z	2025-12-19T11:16:01.438518Z
ncsc-2025-0399	Kwetsbaarheid verholpen in HPE OneView Software	2025-12-18T18:38:20.794784Z	2025-12-24T11:29:46.123674Z
ncsc-2025-0398	Kwetsbaarheid in Cisco AsyncOS	2025-12-17T19:47:00.346651Z	2025-12-17T19:47:00.346651Z
ncsc-2025-0397	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2025-12-15T09:08:39.804149Z	2025-12-15T09:08:39.804149Z
ncsc-2025-0396	Kwetsbaarheden verholpen in Apple macOS	2025-12-15T09:06:36.450655Z	2025-12-15T09:06:36.450655Z
ncsc-2025-0395	Kwetsbaarheden verholpen in SAP Software	2025-12-12T09:29:08.429888Z	2025-12-12T09:29:08.429888Z
ncsc-2025-0394	Kwetsbaarheden verholpen in React Server Components	2025-12-12T09:04:19.324080Z	2025-12-12T10:46:34.688189Z
ncsc-2025-0393	Kwetsbaarheid verholpen in GeoServer	2025-12-12T08:12:18.831044Z	2025-12-12T09:02:27.681292Z
ncsc-2025-0392	Kwetsbaarheid verholpen in Barracuda Service Center	2025-12-11T13:53:23.819008Z	2025-12-11T13:53:23.819008Z
ncsc-2025-0391	Kwetsbaarheden verholpen in Ivanti Endpoint Manager	2025-12-11T13:51:55.178462Z	2025-12-11T13:51:55.178462Z
ncsc-2025-0390	Kwetsbaarheden verholpen in GitLab CE/EE	2025-12-11T09:22:54.841848Z	2025-12-11T09:22:54.841848Z
ncsc-2025-0389	Kwetsbaarheden verholpen in Adobe Experience Manager	2025-12-10T14:59:57.911864Z	2025-12-10T14:59:57.911864Z
ncsc-2025-0388	Kwetsbaarheden verholpen in Adobe Acrobat Reader	2025-12-10T13:35:58.314547Z	2025-12-10T13:35:58.314547Z
ncsc-2025-0387	Kwetsbaarheden verholpen in Adobe ColdFusion	2025-12-10T13:34:08.908897Z	2025-12-10T13:34:08.908897Z
ncsc-2025-0386	Kwetsbaarheden verholpen in Fortinet producten	2025-12-10T09:51:34.918202Z	2025-12-16T10:33:05.061241Z
ncsc-2025-0385	Kwetsbaarheden verholpen in Microsoft Exchange	2025-12-09T18:42:32.332749Z	2025-12-09T18:42:32.332749Z
ncsc-2025-0384	Kwetsbaarheden verholpen in Microsoft Office	2025-12-09T18:40:33.839342Z	2025-12-09T18:40:33.839342Z
ncsc-2025-0383	Kwetsbaarheden verholpen in Microsoft Windows	2025-12-09T18:39:18.152251Z	2025-12-09T18:39:18.152251Z
ncsc-2025-0382	Kwetsbaarheden verholpen in Siemens producten	2025-12-09T13:15:05.391966Z	2025-12-09T13:15:05.391966Z
ncsc-2025-0381	Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform	2025-12-08T08:23:21.965599Z	2025-12-08T08:23:21.965599Z
ncsc-2025-0380	Kwetsbaarheden verholpen in React Server Components	2025-12-03T20:11:57.728117Z	2025-12-05T12:13:36.590522Z

ID	Description	Published	Updated
tssa-2025-00001	Project CSAF document	2025-10-06T11:54:52.856Z	2025-10-06T11:54:52.856Z

ID	Description	Published	Updated
ssa-512988	SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
ssa-915282	SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-912274	SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-882673	SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-868571	SSA-868571: Missing Server Certificate Validation in IAM Client	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-763474	SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-734261	SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-710408	SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-626856	SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-471761	SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-420375	SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP)	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-416652	SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-356310	SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-212953	SSA-212953: Multiple Vulnerabilities in COMOS	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-202008	SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-241605	SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258	2025-11-17T00:00:00Z	2025-11-17T00:00:00Z
ssa-190588	SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget	2025-11-17T00:00:00Z	2025-11-17T00:00:00Z
ssa-682326	SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-522291	SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-514895	SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-365596	SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-339694	SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-267056	SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-201498	SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11	2025-11-11T00:00:00Z	2025-11-11T00:00:00Z
ssa-599451	SSA-599451: Multiple Vulnerabilities in SiPass integrated Before V3.0	2025-10-14T00:00:00Z	2025-10-14T00:00:00Z
ssa-541582	SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge	2025-10-14T00:00:00Z	2025-10-14T00:00:00Z
ssa-486936	SSA-486936: Authentication Vulnerability in SIMATIC ET 200SP Communication Processors	2025-10-14T00:00:00Z	2025-10-14T00:00:00Z
ssa-365200	SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products	2025-10-14T00:00:00Z	2025-10-14T00:00:00Z
ssa-318832	SSA-318832: SQL Injection Vulnerability in SINEC NMS	2025-10-14T00:00:00Z	2025-10-14T00:00:00Z
ssa-062309	SSA-062309: Information Disclosure Vulnerability in TeleControl Server Basic V3.1	2025-10-14T00:00:00Z	2025-10-14T00:00:00Z

ID	Description	Published	Updated
rhsa-2026:0268	Red Hat Security Advisory: postgresql security update	2026-01-08T02:42:08+00:00	2026-01-08T03:41:20+00:00
rhsa-2026:0270	Red Hat Security Advisory: postgresql:13 security update	2026-01-08T01:03:12+00:00	2026-01-08T03:41:20+00:00
rhsa-2026:0271	Red Hat Security Advisory: kernel security update	2026-01-08T00:47:42+00:00	2026-01-08T03:41:46+00:00
rhsa-2026:0265	Red Hat Security Advisory: postgresql:13 security update	2026-01-08T00:35:37+00:00	2026-01-08T03:41:19+00:00
rhsa-2026:0263	Red Hat Security Advisory: postgresql security update	2026-01-08T00:18:42+00:00	2026-01-08T03:41:18+00:00
rhsa-2026:0261	Red Hat Security Advisory: Red Hat Developer Hub 1.7.4 release.	2026-01-07T18:34:52+00:00	2026-01-08T03:27:52+00:00
rhsa-2026:0251	Red Hat Security Advisory: libpng security update	2026-01-07T16:09:27+00:00	2026-01-08T03:29:24+00:00
rhsa-2026:0247	Red Hat Security Advisory: mariadb:10.11 security update	2026-01-07T15:09:41+00:00	2026-01-08T03:27:46+00:00
rhsa-2026:0250	Red Hat Security Advisory: gimp:2.8 security update	2026-01-07T15:08:46+00:00	2026-01-08T03:27:48+00:00
rhsa-2026:0246	Red Hat Security Advisory: grafana security update	2026-01-07T14:46:41+00:00	2026-01-08T03:27:46+00:00
rhsa-2026:0245	Red Hat Security Advisory: grafana security update	2026-01-07T14:45:51+00:00	2026-01-08T03:27:46+00:00
rhsa-2026:0243	Red Hat Security Advisory: grafana security update	2026-01-07T14:43:26+00:00	2026-01-08T03:27:44+00:00
rhsa-2026:0244	Red Hat Security Advisory: grafana security update	2026-01-07T14:38:56+00:00	2026-01-08T03:27:46+00:00
rhsa-2026:0241	Red Hat Security Advisory: libpng security update	2026-01-07T14:21:46+00:00	2026-01-08T03:27:44+00:00
rhsa-2026:0238	Red Hat Security Advisory: libpng security update	2026-01-07T13:43:11+00:00	2026-01-08T03:27:42+00:00
rhsa-2026:0237	Red Hat Security Advisory: libpng security update	2026-01-07T13:29:16+00:00	2026-01-08T03:41:00+00:00
rhsa-2026:0233	Red Hat Security Advisory: mariadb:10.5 security update	2026-01-07T13:18:51+00:00	2026-01-08T03:27:40+00:00
rhsa-2026:0232	Red Hat Security Advisory: mariadb:10.11 security update	2026-01-07T13:18:43+00:00	2026-01-08T03:27:39+00:00
rhsa-2026:0234	Red Hat Security Advisory: libpng security update	2026-01-07T13:03:31+00:00	2026-01-08T03:27:42+00:00
rhsa-2026:0210	Red Hat Security Advisory: libpng security update	2026-01-07T13:02:56+00:00	2026-01-08T03:27:38+00:00
rhsa-2026:0211	Red Hat Security Advisory: libpng security update	2026-01-07T12:57:50+00:00	2026-01-08T03:40:53+00:00
rhsa-2026:0226	Red Hat Security Advisory: osbuild-composer security update	2026-01-07T12:46:50+00:00	2026-01-08T03:40:58+00:00
rhsa-2026:0225	Red Hat Security Advisory: mariadb:10.3 security update	2026-01-07T11:52:55+00:00	2026-01-08T03:40:57+00:00
rhsa-2026:0227	Red Hat Security Advisory: osbuild-composer security update	2026-01-07T11:32:40+00:00	2026-01-08T03:40:59+00:00
rhsa-2026:0216	Red Hat Security Advisory: libpng security update	2026-01-07T11:23:35+00:00	2026-01-08T03:40:56+00:00
rhsa-2026:0224	Red Hat Security Advisory: git-lfs security update	2026-01-07T10:20:45+00:00	2026-01-08T03:40:56+00:00
rhsa-2026:0212	Red Hat Security Advisory: libpng security update	2026-01-07T09:24:35+00:00	2026-01-08T03:40:54+00:00
rhsa-2025:23113	Red Hat Security Advisory: OpenShift Container Platform 4.15.60 bug fix and security update	2026-01-07T07:16:55+00:00	2026-01-08T03:40:51+00:00
rhsa-2026:0204	Red Hat Security Advisory: git-lfs security update	2026-01-07T05:45:24+00:00	2026-01-08T03:29:24+00:00
rhsa-2026:0203	Red Hat Security Advisory: git-lfs security update	2026-01-07T05:31:09+00:00	2026-01-08T03:29:24+00:00

ID	Description	Published	Updated
va-26-008-01	OPEXUS eCASE	2026-01-08T16:36:15Z	2026-01-08T16:36:15Z
va-26-008-03	Ideagen DevonWay stored XSS	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
va-26-008-02	OPEXUS eComplaint and eCasePortal IDOR	2026-01-07T16:35:11Z	2026-01-07T16:35:11Z
icsa-26-006-01	Columbia Weather Systems MicroServer	2026-01-06T07:00:00.000000Z	2026-01-06T07:00:00.000000Z
icsma-25-364-01	WHILL Model C2 Electric Wheelchairs and Model F Power Chairs	2025-12-30T07:00:00.000000Z	2025-12-30T07:00:00.000000Z
icsa-25-352-08	Axis Communications Camera Station Pro, Camera Station, and Device Manager	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-07	Rockwell Automation Micro820, Micro850, Micro870	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-06	Advantech WebAccess/SCADA	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-04	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-03	National Instruments LabView	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-01	Inductive Automation Ignition	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
va-25-352-01	BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities	2025-12-18T00:00:00Z	2025-12-18T00:00:00Z
icsa-25-350-04	Mitsubishi Electric GT Designer3	2025-12-16T07:00:00.000000Z	2025-12-16T07:00:00.000000Z
icsa-25-350-03	Hitachi Energy AFS, AFR and AFF Series	2025-12-16T07:00:00.000000Z	2025-12-16T07:00:00.000000Z
icsa-25-350-02	Johnson Controls PowerG, IQPanel and IQHub	2025-12-16T07:00:00.000000Z	2025-12-16T07:00:00.000000Z
icsa-25-350-01	Güralp Systems Fortimus Series, Minimus Series, and Certimus Series	2025-12-16T07:00:00.000000Z	2025-12-16T07:00:00.000000Z
va-25-345-01	CISA Software Acquisition Guide Supplier Response Web Tool XSS	2025-12-12T20:27:47Z	2025-12-12T20:27:47Z
icsma-25-345-02	Varex Imaging Panoramic Dental Imaging Software	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsma-25-345-01	Grassroots DICOM (GDCM)	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-10	OpenPLC_V3	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-03	AzeoTech DAQFactory (Update A)	2025-12-11T07:00:00.000000Z	2025-12-30T07:00:00.000000Z
icsa-25-345-02	Johnson Controls iSTAR Ultra	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-01	Johnson Controls iSTAR	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
va-25-343-01	Windscribe for Linux 'changeMTU' local privilege escalation	2025-12-10T16:46:41Z	2025-12-10T16:46:41Z
icsa-25-352-02	Schneider Electric EcoStruxure Foxboro DCS Advisor	2025-12-09T08:00:00.000000Z	2025-12-18T18:23:06.311869Z
icsa-25-343-01	Universal Boot Loader (U-Boot)	2025-12-09T07:00:00.000000Z	2025-12-09T07:00:00.000000Z
icsa-25-343-03	Multiple India-based CCTV Cameras**	2025-12-09T05:00:00.000000Z	2025-12-09T05:00:00.000000Z
icsa-26-008-01	Hitachi Energy Asset Suite	2025-12-09T00:00:00.000000Z	2026-01-07T21:26:16.381953Z
icsa-25-352-05	Siemens Interniche IP-Stack	2025-12-09T00:00:00.000000Z	2025-12-18T18:13:59.515670Z
icsa-25-345-09	Siemens Gridscale X Prepay	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-ise-xxe-jwsbsdkt	Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability	2026-01-07T16:00:00+00:00	2026-01-07T16:00:00+00:00
cisco-sa-sma-attack-n9bf4	Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager	2025-12-17T16:00:00+00:00	2025-12-17T16:00:00+00:00
cisco-sa-react-flight-tyw32ddb	Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025	2025-12-04T16:00:00+00:00	2025-12-17T22:37:17+00:00
cisco-sa-privesc-catc-ryjreelu	Cisco Catalyst Center Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59	Cisco Catalyst Center Cross-Site Scripting Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt	Cisco Catalyst Center REST API Command Injection Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux	Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je	Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-ise-radsupress-dos-8yf3jthh	Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability	2025-11-05T16:00:00+00:00	2025-11-05T16:00:00+00:00
cisco-sa-ise-multiple-vulns-o9beswjh	Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities	2025-11-05T16:00:00+00:00	2025-12-04T14:23:54+00:00
cisco-sa-cc-unauth-rce-qen8h7mq	Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-13T12:48:42+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn	Multiple Cisco Contact Center Products Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-18T14:49:09+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh	Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-roomos-inf-disc-qggsbxam	Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-phone-dos-fpyjlv7a	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-cv-xss-rwrakaj9	Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities	2025-10-01T16:00:00+00:00	2025-10-01T16:00:00+00:00
cisco-sa-cucm-stored-xss-fnj66yly	Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability	2025-10-01T16:00:00+00:00	2025-10-01T16:00:00+00:00
cisco-sa-http-code-exec-wmfp3h3o	Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:51+00:00
cisco-sa-asaftd-webvpn-z5xp8eub	Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:54+00:00
cisco-sa-asaftd-webvpn-yrootuw	Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:55+00:00
cisco-sa-webui-xss-vwydgjou	Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability	2025-09-24T16:00:00+00:00	2025-09-26T16:35:50+00:00
cisco-sa-snmpwred-x3mjyf5m	Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-snmp-x4lphte	Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability	2025-09-24T16:00:00+00:00	2025-10-06T18:27:02+00:00
cisco-sa-secboot-uqfd8avc	Cisco IOS XE Software Secure Boot Bypass Vulnerabilities	2025-09-24T16:00:00+00:00	2025-10-15T15:57:29+00:00
cisco-sa-nbar-dos-lavwtmet	Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-iosxe-arg-inject-eyddbh4e	Cisco IOS XE Software CLI Argument Injection Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-ios-xe-cmd-inject-rpjm8bgl	Cisco IOS XE Software HTTP API Command Injection Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-ios-invalid-url-dos-nvxszf6u	Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-ios-cli-eb7cz6yo	Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-defaultacl-psjk9nvf	Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00

ID	Description	Published	Updated
sca-2025-0014	CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC	2025-11-03T11:00:00.000Z	2025-11-03T14:00:00.000Z
sca-2025-0013	Vulnerabilities affecting SICK TLOC100-100	2025-10-27T14:00:00.000Z	2025-11-11T14:00:00.000Z
sca-2025-0012	Sudo vulnerability affects SICK SID products	2025-10-27T11:00:00.000Z	2025-10-27T14:00:00.000Z
sca-2025-0011	Vulnerabilities affecting Endress+Hauser SSG-E210GC	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0010	Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0009	Vulnerabilities affecting SICK TDC-E210GC	2025-08-01T13:00:00.000Z	2025-08-01T13:00:00.000Z
sca-2025-0008	Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4	2025-07-03T13:00:00.000Z	2025-07-03T13:00:00.000Z
sca-2025-0007	Multiple vulnerabilities in SICK Field Analytics and SICK Media Server	2025-06-12T13:00:00.000Z	2025-06-12T13:00:00.000Z
sca-2025-0006	Vulnerability affecting picoScan and multiScan	2025-04-28T13:00:00.000Z	2025-04-28T13:00:00.000Z
sca-2025-0005	Vulnerabilities in SICK Flexi Compact	2025-04-28T10:00:00.000Z	2025-04-28T10:00:00.000Z
sca-2025-0004	Critical vulnerabilities in SICK DL100-2xxxxxxx	2025-03-14T11:00:00.000Z	2025-03-14T11:00:00.000Z
sca-2025-0003	FreeRTOS Vulnerabilities have no impact on SICK Products	2025-02-28T00:00:00.000Z	2025-05-20T11:00:00.000Z
sca-2025-0001	Multiple vulnerabilities in SICK MEAC300	2025-02-14T14:00:00.000Z	2025-02-21T14:00:00.000Z
sca-2025-0002	Vulnerability in SICK Lector8xx and SICK InspectorP8xx	2025-02-14T10:19:00.000Z	2025-02-14T10:19:00.000Z
sca-2024-0007	Vulnerability in SICK OLM	2024-12-31T00:00:00.000Z	2024-12-31T00:00:00.000Z
sca-2024-0006	Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx	2024-12-06T00:00:00.000Z	2024-12-06T00:00:00.000Z
sca-2024-0005	Vulnerability in SICK Incoming Goods Suite	2024-11-19T00:00:00.000Z	2024-11-19T00:00:00.000Z
sca-2024-0004	Third party vulnerabilities in SICK CDE-100	2024-11-07T12:00:00.000Z	2024-11-07T12:00:00.000Z
sca-2024-0003	Critical vulnerability in multiple SICK products	2024-10-17T13:00:00.000Z	2024-10-17T13:00:00.000Z
sca-2024-0002	Vulnerability in SICK MSC800	2024-09-11T23:00:00.000Z	2024-09-11T23:00:00.000Z
sca-2024-0001	Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics	2024-01-29T00:00:00.000Z	2024-01-29T00:00:00.000Z
sca-2023-0011	Vulnerability in multiple SICK Flexi Soft Gateways	2023-10-23T11:00:00.000Z	2023-10-23T11:00:00.000Z
sca-2023-0010	Vulnerabilities in SICK Application Processing Unit	2023-10-09T11:00:00.000Z	2023-10-09T11:00:00.000Z
sca-2023-0008	Vulnerability in SICK SIM1012	2023-09-29T13:00:00.000Z	2023-09-29T13:00:00.000Z
sca-2023-0009	Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products	2023-09-29T10:00:00.000Z	2023-09-29T10:00:00.000Z
sca-2023-0007	Vulnerabilities in SICK LMS5xx	2023-08-25T11:00:00.000Z	2023-08-25T11:00:00.000Z
sca-2023-0006	Vulnerabilities in SICK ICR890-4	2023-07-10T13:00:00.000Z	2023-07-10T13:00:00.000Z
sca-2023-0005	Vulnerabilities in SICK EventCam App	2023-06-19T11:00:00.000Z	2023-06-19T11:00:00.000Z
sca-2023-0004	Vulnerabilities in SICK FTMg	2023-05-11T13:00:00.000Z	2023-05-11T13:00:00.000Z
sca-2023-0003	Vulnerability in SICK Flexi Soft and Flexi Classic Gateways	2023-05-03T13:00:00.000Z	2023-05-03T13:00:00.000Z

ID	Description	Published	Updated
nn-2025:15-01	Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:14-01	HTML injection in Asset List in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:13-01	Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:12-01	HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:11-01	Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0	2025-11-25T11:00:00.000Z	2025-11-26T11:00:00.000Z
nn-2025:9-01	Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:8-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:7-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:6-01	Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:5-01	Incorrect authorization for CLI in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:4-01	Client-side path traversal in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:10-01	Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:3-01	Incorrect authorization for traces request/download in CMC before 25.1.0	2025-08-26T11:00:00.000Z	2025-08-26T11:00:00.000Z
nn-2025:2-01	Privilege escalation in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2025:1-01	Authenticated RCE in update functionality in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2024:2-01	Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0	2024-09-11T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:16-01	Path traversal via 'zip slip' in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:15-01	Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:14-01	Unsafe temporary data privileges on Unix systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:13-01	Missing authentication for local web interface in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2024:1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:11-01	SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:10-01	DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:7-01	DoS via SAML configuration in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:6-01	Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:5-01	Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-05-20T11:00:00.000Z

ID	Description	Published	Updated
oxdc-adv-2025-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001	2025-10-31T00:00:00+00:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0003	OX App Suite Security Advisory OXAS-ADV-2025-0003	2025-09-24T00:00:00+02:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0002	OX App Suite Security Advisory OXAS-ADV-2025-0002	2025-08-12T00:00:00+02:00	2025-10-31T00:00:00+00:00
oxas-adv-2025-0001	OX App Suite Security Advisory OXAS-ADV-2025-0001	2025-01-27T00:00:00+01:00	2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxdc-adv-2024-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001	2024-09-02T00:00:00+02:00	2024-09-06T00:00:00+00:00
oxas-adv-2024-0005	OX App Suite Security Advisory OXAS-ADV-2024-0005	2024-07-08T00:00:00+02:00	2024-09-09T00:00:00+00:00
oxas-adv-2024-0004	OX App Suite Security Advisory OXAS-ADV-2024-0004	2024-06-13T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0003	OX App Suite Security Advisory OXAS-ADV-2024-0003	2024-04-24T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0002	OX App Suite Security Advisory OXAS-ADV-2024-0002	2024-03-06T00:00:00+01:00	2024-05-06T00:00:00+00:00
oxas-adv-2024-0001	OX App Suite Security Advisory OXAS-ADV-2024-0001	2024-02-08T00:00:00+01:00	2024-04-25T00:00:00+00:00
oxas-adv-2023-0007	OX App Suite Security Advisory OXAS-ADV-2023-0007	2023-12-11T00:00:00+01:00	2024-02-16T00:00:00+00:00
oxas-adv-2023-0006	OX App Suite Security Advisory OXAS-ADV-2023-0006	2023-09-25T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0005	OX App Suite Security Advisory OXAS-ADV-2023-0005	2023-09-19T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0004	OX App Suite Security Advisory OXAS-ADV-2023-0004	2023-08-01T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0003	OX App Suite Security Advisory OXAS-ADV-2023-0003	2023-05-02T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0002	OX App Suite Security Advisory OXAS-ADV-2023-0002	2023-03-20T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0001	OX App Suite Security Advisory OXAS-ADV-2023-0001	2023-02-06T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0002	OX App Suite Security Advisory OXAS-ADV-2022-0002	2022-11-02T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0001	OX App Suite Security Advisory OXAS-ADV-2022-0001	2022-08-10T00:00:00+02:00	2024-01-22T00:00:00+00:00

ID	Description	Published	Updated
msrc_cve-2026-21444	libtpms returns wrong initialization vector when certain symmetric ciphers are used	2026-01-02T00:00:00.000Z	2026-01-07T01:01:25.000Z
msrc_cve-2025-68766	irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()	2026-01-02T00:00:00.000Z	2026-01-08T01:40:49.000Z
msrc_cve-2025-68765	mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()	2026-01-02T00:00:00.000Z	2026-01-06T01:01:27.000Z
msrc_cve-2025-68764	NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags	2026-01-02T00:00:00.000Z	2026-01-06T01:01:16.000Z
msrc_cve-2025-68763	crypto: starfive - Correctly handle return of sg_nents_for_len	2026-01-02T00:00:00.000Z	2026-01-06T01:01:48.000Z
msrc_cve-2025-68759	wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()	2026-01-02T00:00:00.000Z	2026-01-06T01:01:38.000Z
msrc_cve-2025-68758	backlight: led-bl: Add devlink to supplier LEDs	2026-01-02T00:00:00.000Z	2026-01-06T01:01:59.000Z
msrc_cve-2025-68757	drm/vgem-fence: Fix potential deadlock on release	2026-01-02T00:00:00.000Z	2026-01-06T01:01:54.000Z
msrc_cve-2025-68756	block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock	2026-01-02T00:00:00.000Z	2026-01-06T01:02:04.000Z
msrc_cve-2025-68755	staging: most: remove broken i2c driver	2026-01-02T00:00:00.000Z	2026-01-06T01:01:22.000Z
msrc_cve-2025-68753	ALSA: firewire-motu: add bounds check in put_user loop for DSP events	2026-01-02T00:00:00.000Z	2026-01-08T01:40:44.000Z
msrc_cve-2025-65046	Microsoft Edge (Chromium-based) Spoofing Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-65041	Microsoft Partner Center Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-65037	Azure Container Apps Remote Code Execution Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-64680	Windows DWM Core Library Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-23T08:00:00.000Z
msrc_cve-2025-64679	Windows DWM Core Library Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64678	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64677	Office Out-of-Box Experience Spoofing Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-64676	Microsoft Purview eDiscovery Remote Code Execution Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-64675	Azure Cosmos DB Spoofing Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-64673	Windows Storage VSP Driver Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64672	Microsoft SharePoint Server Spoofing Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64671	GitHub Copilot for Jetbrains Remote Code Execution Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64670	Windows DirectX Information Disclosure Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64669	Windows Admin Center Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-11T08:00:00.000Z
msrc_cve-2025-64667	Microsoft Exchange Server Spoofing Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64666	Microsoft Exchange Server Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64663	Custom Question Answering Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-18T08:00:00.000Z
msrc_cve-2025-64661	Windows Shell Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
msrc_cve-2025-64658	Windows File Explorer Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z

ID	Description	Published	Updated
2crt000009	WebPro SNMP Card PowerValue Multiple Vulnerabilities	2026-01-07T00:30:00.000Z	2026-01-07T00:30:00.000Z
4hzm000603	ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC)	2025-11-27T00:30:00.000Z	2025-11-28T00:30:00.000Z
7paa022088	Edgenius Management Portal Authentication Bypass	2025-11-20T00:30:00.000Z	2025-11-20T00:30:00.000Z
2nga002813	PCM600 SharpZip library vulnerability	2025-11-03T00:30:00.000Z	2025-11-03T00:30:00.000Z
9akk108471a8948	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-10-20T00:30:00.000Z	2025-10-21T00:30:00.000Z
4tz00000006007	ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations	2025-10-20T00:30:00.000Z	2025-10-23T00:30:00.000Z
4tz00000006008	LVS MConfig Insecure memory handling	2025-10-08T00:30:00.000Z	2025-10-08T00:30:00.000Z
sa25p003	B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-14T00:30:00.000Z
sa25p002	B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7808	EIBPORT Reflected XSS	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a8107	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-09-16T00:30:00.000Z	2025-11-28T08:00:00.000Z
9akk108471a7121	FLXeon Controllers Multiple vulnerabilities	2025-09-09T00:30:00.000Z	2025-09-18T00:30:00.000Z
2nga002743	ABB AbilityTM zenon Remote Transport Vulnerability	2025-08-12T00:30:00.000Z	2025-08-12T00:30:00.000Z
9akk108471a4462	ELSB/BLBA ASPECT advisory several CVEs	2025-08-11T00:30:00.000Z	2025-09-04T00:30:00.000Z
3adr011432	AC500 V2 Buffer overread on Modbus protocol	2025-07-23T00:30:00.000Z	2025-07-23T00:30:00.000Z
9akk108471a4556	Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode.	2025-07-21T00:30:00.000Z	2025-07-21T00:30:00.000Z
9akk108471a3623	RMC - 100 Vulnerabilities in web UI (REST Interface)	2025-07-03T00:30:00.000Z	2025-08-18T00:30:00.000Z
2crt000008	Lite Panel Pro Vulnerability in Session Management	2025-06-26T00:30:00.000Z	2025-06-26T00:30:00.000Z
9akk108471a1621	EIBPORT Session Management Fail	2025-06-02T00:30:00.000Z	2025-06-04T00:30:00.000Z
9akk108470a8948	ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway.	2025-05-29T00:30:00.000Z	2025-06-05T00:30:00.000Z
9akk108471a0021	ELSB/BLBA ASPECT advisory several CVEs	2025-05-22T00:30:00.000Z	2025-05-23T10:30:00.000Z
2crt000006	ANC – ABB Network Card Multiple vulnerabilities in ANC	2025-04-30T00:30:00.000Z	2025-04-30T00:30:00.000Z
3adr011407	ABB Automation Builder Vulnerabilities in user management and access control	2025-04-30T00:00:00.000Z	2025-07-25T00:00:00.000Z
2crt000007	Ekip Com IEC61850 Vulnerability in 3rd Party Library	2025-04-29T00:30:00.000Z	2025-04-29T00:30:00.000Z
3kxg200000r4801	CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability	2025-04-16T00:30:00.000Z	2025-10-20T00:30:00.000Z
9akk108470a9989	ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities	2025-04-10T08:30:00.000Z	2025-04-10T08:30:00.000Z
2nga002579	ABB Arctic communication solution ARM600 Vulnerabilities	2025-04-07T10:30:00.000Z	2025-04-07T10:30:00.000Z
2nga002427	ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities	2025-04-07T10:30:00.000Z	2025-04-07T10:30:00.000Z
9akk108470a9494	Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities	2025-03-26T00:30:00.000Z	2025-03-27T00:30:00.000Z
9akk108470a9491	ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities	2025-03-26T00:30:00.000Z	2025-03-27T00:30:00.000Z

ID	Description	Updated
var-201507-0645	D-Link is an internationally renowned provider of network equipment and solutions, includ…	2025-12-23T00:12:08.164000Z
var-201011-0225	Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent …	2025-12-23T00:11:40.995000Z
var-201109-0089	Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used…	2025-12-23T00:10:18.602000Z
var-201112-0173	The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, …	2025-12-23T00:05:56.162000Z
var-201103-0371	SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d…	2025-12-23T00:04:00.173000Z
var-201807-0341	ABB Panel Builder 800 all versions has an improper input validation vulnerability which m…	2025-12-23T00:03:51.024000Z
var-200702-0378	Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 …	2025-12-23T00:03:37.932000Z
var-201805-1147	WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe…	2025-12-23T00:01:35.037000Z
var-200607-0396	Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b…	2025-12-23T00:00:47.326000Z
var-201208-0222	Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r…	2025-12-23T00:00:27.061000Z
var-202001-0832	A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic…	2025-12-23T00:00:23.174000Z
var-202001-0833	A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo…	2025-12-23T00:00:23.098000Z
var-201702-0423	An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft…	2025-12-22T23:59:50.708000Z
var-201109-0081	Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in S…	2025-12-22T23:57:06.902000Z
var-201112-0097	Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a…	2025-12-22T23:57:03.107000Z
var-201904-0181	Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow…	2025-12-22T23:55:40.719000Z
var-202407-0233	Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data …	2025-12-22T23:55:32.693000Z
var-200202-0006	Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause…	2025-12-22T23:55:29.383000Z
var-201407-0233	Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote atta…	2025-12-22T23:54:37.672000Z
var-201806-1058	Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo…	2025-12-22T23:54:32.706000Z
var-201810-0396	Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili…	2025-12-22T23:54:32.435000Z
var-201402-0026	Buffer overflow in the process_ra function in the router advertisement daemon (radvd) bef…	2025-12-22T23:52:50.537000Z
var-201402-0028	The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni…	2025-12-22T23:52:50.479000Z
var-201402-0027	The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re…	2025-12-22T23:52:50.408000Z
var-201803-1810	A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial …	2025-12-22T23:52:40.263000Z
var-201906-1029	In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne…	2025-12-22T23:52:37.978000Z
var-201908-0863	Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE…	2025-12-22T23:52:37.116000Z
var-202005-0008	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf…	2025-12-22T23:52:36.251000Z
var-200512-0643	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe…	2025-12-22T23:51:40.221000Z
var-200512-0297	Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit…	2025-12-22T23:51:40.129000Z

ID	Description	Published	Updated
jvndb-2026-000003	RICOH Streamline NX vulnerable to improper authorization	2026-01-09T18:17+09:00	2026-01-09T18:17+09:00
jvndb-2026-000004	The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries	2026-01-08T13:47+09:00	2026-01-08T13:47+09:00
jvndb-2026-000001	Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2	2026-01-07T14:19+09:00	2026-01-07T14:19+09:00
jvndb-2026-000002	Multiple vulnerabilities in multiple Sharp Display Solutions Projectors	2026-01-07T14:10+09:00	2026-01-07T14:10+09:00
jvndb-2026-001001	Authentication bypass vulnerability in OpenBlocks series	2026-01-07T10:46+09:00	2026-01-07T10:46+09:00
jvndb-2025-022878	Media Player MP-01 vulnerable to Missing Authentication for Critical Function	2025-12-24T11:10+09:00	2025-12-24T11:10+09:00
jvndb-2025-022400	Ruijie Networks AP180 Series vulnerable to OS command injection	2025-12-19T12:33+09:00	2025-12-19T12:33+09:00
jvndb-2025-000118	GROWI vulnerable to cross-site request forgery	2025-12-17T13:04+09:00	2025-12-17T13:04+09:00
jvndb-2025-022062	Multiple vulnerabilities in CHOCO TEI WATCHER mini	2025-12-17T11:28+09:00	2025-12-17T11:28+09:00
jvndb-2025-000117	SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow	2025-12-16T15:31+09:00	2025-12-23T11:57+09:00
jvndb-2025-000115	QND vulnerable to privilege escalation	2025-12-11T14:33+09:00	2025-12-11T14:33+09:00
jvndb-2025-021305	Android App "Brother iPrint&Scan" improper use of an external cache directory	2025-12-09T17:25+09:00	2025-12-09T17:25+09:00
jvndb-2025-000114	ELECOM Clone for Windows registers a Windows service with an unquoted file path	2025-12-09T17:16+09:00	2025-12-09T17:16+09:00
jvndb-2025-000113	Multiple vulnerabilities in GroupSession	2025-12-08T17:48+09:00	2025-12-11T11:30+09:00
jvndb-2025-000116	GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths	2025-12-08T14:06+09:00	2025-12-08T14:06+09:00
jvndb-2025-000094	Multiple vulnerabilities in ABB Terra AC Wallbox	2025-12-05T14:12+09:00	2025-12-05T14:12+09:00
jvndb-2025-000112	Installer of INZONE Hub may insecurely load Dynamic Link Libraries	2025-11-28T13:36+09:00	2025-11-28T13:36+09:00
jvndb-2025-000111	SwitchBot Smart Video Doorbell vulnerable to active debug code	2025-11-26T14:35+09:00	2025-11-26T14:35+09:00
jvndb-2025-000110	Multiple vulnerabilities in Security Point (Windows) of MaLion	2025-11-25T17:17+09:00	2025-11-25T17:17+09:00
jvndb-2025-000109	Multiple vulnerabilities in SNC-CX600W	2025-11-25T14:59+09:00	2025-11-25T14:59+09:00
jvndb-2025-000108	"FOD" App uses hard-coded cryptographic keys	2025-11-25T14:15+09:00	2025-11-25T14:15+09:00
jvndb-2025-000106	Multiple vulnerabilities in LogStare Collector	2025-11-21T16:27+09:00	2025-11-21T16:27+09:00
jvndb-2025-019621	EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts	2025-11-21T15:31+09:00	2025-12-24T10:54+09:00
jvndb-2025-000107	Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries	2025-11-19T16:22+09:00	2025-11-19T16:22+09:00
jvndb-2025-000097	"Dejira" App for iOS vulnerable to improper server certificate verification	2025-11-17T14:09+09:00	2025-11-17T14:09+09:00
jvndb-2025-000105	NCP-HG100 vulnerable to OS command injection	2025-11-14T15:26+09:00	2025-11-14T15:26+09:00
jvndb-2025-000104	Multiple vulnerabilities in GNU Libmicrohttpd	2025-11-10T15:07+09:00	2025-11-10T15:07+09:00
jvndb-2025-000103	Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series"	2025-11-07T15:39+09:00	2025-11-07T15:39+09:00
jvndb-2025-000102	CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection	2025-11-07T14:55+09:00	2025-11-07T14:55+09:00
jvndb-2025-000101	GROWI vulnerable to stored cross-site scripting	2025-11-06T13:45+09:00	2025-11-06T13:45+09:00

ID	Description	Updated

ID	Description	Published	Updated
suse-su-2026:0073-1	Security update for ImageMagick	2026-01-08T13:22:41Z	2026-01-08T13:22:41Z
suse-su-2026:0072-1	Security update for ImageMagick	2026-01-08T13:22:28Z	2026-01-08T13:22:28Z
suse-su-2026:0071-1	Security update for php8	2026-01-08T13:22:08Z	2026-01-08T13:22:08Z
suse-su-2026:0070-1	Security update for qemu	2026-01-08T13:21:59Z	2026-01-08T13:21:59Z
suse-su-2026:0069-1	Security update for rsync	2026-01-08T13:21:48Z	2026-01-08T13:21:48Z
suse-su-2026:0068-1	Security update for libvirt	2026-01-08T12:22:40Z	2026-01-08T12:22:40Z
suse-su-2026:0067-1	Security update for podman	2026-01-08T12:22:16Z	2026-01-08T12:22:16Z
suse-su-2026:0066-1	Security update for curl	2026-01-08T12:21:35Z	2026-01-08T12:21:35Z
suse-su-2026:0063-1	Security update for libpcap	2026-01-08T09:36:26Z	2026-01-08T09:36:26Z
suse-su-2026:0062-1	Security update for libpcap	2026-01-08T09:36:12Z	2026-01-08T09:36:12Z
suse-su-2026:0061-1	Security update for ImageMagick	2026-01-07T18:33:22Z	2026-01-07T18:33:22Z
suse-su-2026:0060-1	Security update for capstone	2026-01-07T16:02:47Z	2026-01-07T16:02:47Z
suse-su-2026:0059-1	Security update for ImageMagick	2026-01-07T16:01:56Z	2026-01-07T16:01:56Z
suse-su-2026:0042-1	Security update for usbmuxd	2026-01-06T10:34:56Z	2026-01-06T10:34:56Z
suse-su-2026:0041-1	Security update for rsync	2026-01-06T10:33:33Z	2026-01-06T10:33:33Z
suse-su-2026:0039-1	Security update for qemu	2026-01-06T10:31:23Z	2026-01-06T10:31:23Z
suse-su-2026:0036-1	Security update for libpcap	2026-01-06T10:22:41Z	2026-01-06T10:22:41Z
suse-su-2026:0034-1	Security update for the Linux Kernel	2026-01-05T19:29:28Z	2026-01-05T19:29:28Z
suse-su-2026:0033-1	Security update for the Linux Kernel	2026-01-05T19:26:53Z	2026-01-05T19:26:53Z
suse-su-2026:0032-1	Security update for the Linux Kernel	2026-01-05T19:24:53Z	2026-01-05T19:24:53Z
suse-su-2026:0029-1	Security update for the Linux Kernel	2026-01-05T12:59:48Z	2026-01-05T12:59:48Z
suse-su-2026:0028-1	Security update for alloy	2026-01-05T12:53:11Z	2026-01-05T12:53:11Z
suse-su-2026:0027-1	Security update for python3	2026-01-05T12:47:16Z	2026-01-05T12:47:16Z
suse-su-2026:0025-1	Security update for python312	2026-01-05T12:11:09Z	2026-01-05T12:11:09Z
suse-su-2026:0024-1	Security update for python313	2026-01-05T12:10:23Z	2026-01-05T12:10:23Z
suse-su-2026:0023-1	Security update for erlang26	2026-01-05T12:06:04Z	2026-01-05T12:06:04Z
suse-su-2026:0022-1	Security update for qemu	2026-01-05T11:18:23Z	2026-01-05T11:18:23Z
suse-su-2026:0021-1	Security update for webkit2gtk3	2026-01-05T11:12:33Z	2026-01-05T11:12:33Z
suse-su-2026:0020-1	Security update for apache2	2026-01-05T11:08:42Z	2026-01-05T11:08:42Z
suse-su-2026:0019-1	Security update for apache2	2026-01-05T11:08:00Z	2026-01-05T11:08:00Z

ID	Description	Published	Updated
opensuse-su-2026:10020-1	traefik-3.6.6-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10019-1	gdk-pixbuf-loader-libheif-1.21.1-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10018-1	gimp-3.0.6-4.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10017-1	curl-8.18.0-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10016-1	chromedriver-143.0.7499.192-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10011-1	python314-3.14.2-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10010-1	python311-filelock-3.20.2-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10009-1	log4j-2.20.0-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10008-1	gpsd-3.27.3-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10007-1	c-ares-devel-1.34.6-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10006-1	dcmtk-3.7.0-1.1 on GA media	2026-01-05T00:00:00Z	2026-01-05T00:00:00Z
opensuse-su-2026:10005-1	python312-Django6-6.0-1.1 on GA media	2026-01-03T00:00:00Z	2026-01-03T00:00:00Z
opensuse-su-2026:10004-1	fluidsynth-2.5.2-1.1 on GA media	2026-01-03T00:00:00Z	2026-01-03T00:00:00Z
opensuse-su-2026:20001-1	Security update for sssd	2026-01-02T16:58:16Z	2026-01-02T16:58:16Z
opensuse-su-2026:20002-1	Security update for MozillaThunderbird	2026-01-02T12:14:18Z	2026-01-02T12:14:18Z
opensuse-su-2026:10003-1	python311-marshmallow-3.26.2-1.1 on GA media	2026-01-02T00:00:00Z	2026-01-02T00:00:00Z
opensuse-su-2026:10002-1	libmatio-devel-1.5.29-1.1 on GA media	2026-01-01T00:00:00Z	2026-01-01T00:00:00Z
opensuse-su-2026:10001-1	dirmngr-2.5.16-1.1 on GA media	2026-01-01T00:00:00Z	2026-01-01T00:00:00Z
opensuse-su-2026:10000-1	gnu-recutils-1.9-3.1 on GA media	2026-01-01T00:00:00Z	2026-01-01T00:00:00Z
opensuse-su-2025:15854-1	kepler-0.11.3-1.1 on GA media	2025-12-31T00:00:00Z	2025-12-31T00:00:00Z
opensuse-su-2025:20130-1	Security update for bash-git-prompt	2025-12-30T17:08:26Z	2025-12-30T17:08:26Z
opensuse-su-2025:20121-1	Security update for redis	2025-12-30T17:05:45Z	2025-12-30T17:05:45Z
opensuse-su-2025:20155-1	Security update for exim	2025-12-30T17:02:44Z	2025-12-30T17:02:44Z
opensuse-su-2025:20128-1	Security update for shadowsocks-v2ray-plugin, v2ray-core	2025-12-30T17:02:04Z	2025-12-30T17:02:04Z
opensuse-su-2025:20097-1	Security update for helmfile	2025-12-30T17:00:02Z	2025-12-30T17:00:02Z
opensuse-su-2025:20178-1	Security update for chromium	2025-12-30T16:56:53Z	2025-12-30T16:56:53Z
opensuse-su-2025:15853-1	weblate-5.14.3-2.1 on GA media	2025-12-30T00:00:00Z	2025-12-30T00:00:00Z
opensuse-su-2025:15852-1	trivy-0.68.2-1.1 on GA media	2025-12-29T00:00:00Z	2025-12-29T00:00:00Z
opensuse-su-2025:15851-1	python313-3.13.11-1.1 on GA media	2025-12-29T00:00:00Z	2025-12-29T00:00:00Z
opensuse-su-2025:15850-1	python312-3.12.12-4.1 on GA media	2025-12-29T00:00:00Z	2025-12-29T00:00:00Z

ID	Description	Published	Updated
cnvd-2026-00112	WordPress Real 3D FlipBook plugin跨站脚本漏洞	2025-12-30	2026-01-04
cnvd-2026-00111	WordPress User Submitted Posts plugin开放重定向漏洞	2025-12-30	2026-01-04
cnvd-2026-00110	WordPress Docket Cache plugin文件包含漏洞	2025-12-30	2026-01-04
cnvd-2026-00109	WordPress Diza plugin文件包含漏洞	2025-12-30	2026-01-04
cnvd-2026-00108	WordPress Chakra test plugin缺少授权漏洞	2025-12-30	2026-01-04
cnvd-2026-00107	WordPress Brave plugin缺少授权漏洞	2025-12-30	2026-01-04
cnvd-2026-00106	WordPress Brands for WooCommerce Plugin SQL注入漏洞	2025-12-30	2026-01-04
cnvd-2026-00105	WordPress Bold Timeline Lite plugin跨站脚本漏洞	2025-12-30	2026-01-04
cnvd-2026-00104	WordPress AutomatorWP plugin SQL注入漏洞	2025-12-30	2026-01-04
cnvd-2026-00103	WordPress Astra Widgets plugin跨站脚本漏洞	2025-12-30	2026-01-04
cnvd-2026-00012	Microsoft Azure Cosmos DB欺骗漏洞	2025-12-25	2026-01-04
cnvd-2026-00011	Microsoft Azure Cognitive Service for Language权限提升漏洞	2025-12-25	2026-01-04
cnvd-2026-00010	Microsoft Edge (Chromium-based)欺骗漏洞（CNVD-2026-00010）	2025-12-25	2026-01-04
cnvd-2026-00009	WordPress插件MasterStudy LMS Pro信息泄露漏洞	2025-12-25	2026-01-04
cnvd-2026-00008	WordPress插件Follow My Blog Post息泄露漏洞	2025-12-25	2026-01-04
cnvd-2026-00007	Apache StreamPark安全绕过漏洞	2025-12-25	2026-01-04
cnvd-2026-00006	Apache Fineract信息泄露漏洞（CNVD-2026-00006）	2025-12-25	2026-01-04
cnvd-2026-00005	Apache Fineract信息泄露漏洞	2025-12-25	2026-01-04
cnvd-2026-00004	Apache Fineract安全绕过漏洞	2025-12-25	2026-01-04
cnvd-2026-00003	Apache Airflow信息泄露漏洞（CNVD-2026-00003）	2025-12-25	2026-01-04
cnvd-2026-00002	WordPress插件myCred信息泄露漏洞	2025-12-25	2026-01-04
cnvd-2026-00001	WordPress插件Appointment Booking Calendar信息泄露漏洞	2025-12-25	2026-01-04
cnvd-2025-31388	Apache StreamPark弱算法漏洞	2025-12-25	2025-12-25
cnvd-2025-31387	Apache HugeGraph-Server反序列化漏洞	2025-12-25	2025-12-25
cnvd-2025-31336	WordPress Hide Email Address plugin跨站脚本漏洞	2025-12-22	2025-12-24
cnvd-2025-31335	WordPress HelloLeads CRM Form Shortcode plugin缺少授权漏洞	2025-12-22	2025-12-24
cnvd-2025-31334	WordPress Header Footer Script Adder plugin跨站脚本漏洞	2025-12-22	2025-12-25
cnvd-2025-31333	WordPress Grider for Elementor plugin缺少授权漏洞	2025-12-22	2025-12-25
cnvd-2025-31332	WordPress GPXpress plugin跨站脚本漏洞	2025-12-22	2025-12-25
cnvd-2025-31331	WordPress FX Currency Converter plugin跨站脚本漏洞	2025-12-22	2025-12-25

ID	Description	Published	Updated
certfr-2026-avi-0022	Multiples vulnérabilités dans les produits Microsoft	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0021	Vulnérabilité dans Microsoft Edge	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0020	Multiples vulnérabilités dans les produits IBM	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0019	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0018	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0017	Multiples vulnérabilités dans le noyau Linux de Red Hat	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0016	Vulnérabilité dans les produits Moxa	2026-01-09T00:00:00.000000	2026-01-09T00:00:00.000000
certfr-2026-avi-0015	Multiples vulnérabilités dans les produits Centreon	2026-01-08T00:00:00.000000	2026-01-08T00:00:00.000000
certfr-2026-avi-0014	Multiples vulnérabilités dans GitLab	2026-01-08T00:00:00.000000	2026-01-08T00:00:00.000000
certfr-2026-avi-0013	Vulnérabilité dans Tenable Nessus Agent	2026-01-08T00:00:00.000000	2026-01-08T00:00:00.000000
certfr-2026-avi-0012	Multiples vulnérabilités dans Trend Micro Apex Central	2026-01-08T00:00:00.000000	2026-01-08T00:00:00.000000
certfr-2026-avi-0011	Vulnérabilité dans Google Android	2026-01-08T00:00:00.000000	2026-01-08T00:00:00.000000
certfr-2026-avi-0010	Multiples vulnérabilités dans Curl	2026-01-07T00:00:00.000000	2026-01-07T00:00:00.000000
certfr-2026-avi-0009	Vulnérabilité dans Google Chrome	2026-01-07T00:00:00.000000	2026-01-07T00:00:00.000000
certfr-2026-avi-0008	Multiples vulnérabilités dans Joomla!	2026-01-07T00:00:00.000000	2026-01-07T00:00:00.000000
certfr-2026-avi-0007	Vulnérabilité dans Stormshield Network Security	2026-01-06T00:00:00.000000	2026-01-06T00:00:00.000000
certfr-2026-avi-0006	Multiples vulnérabilités dans Veeam Backup & Replication	2026-01-06T00:00:00.000000	2026-01-06T00:00:00.000000
certfr-2026-avi-0005	Multiples vulnérabilités dans Centreon Open Tickets	2026-01-06T00:00:00.000000	2026-01-06T00:00:00.000000
certfr-2026-avi-0004	Vulnérabilité dans MariaDB	2026-01-05T00:00:00.000000	2026-01-05T00:00:00.000000
certfr-2026-avi-0003	Multiples vulnérabilités dans les produits Qnap	2026-01-05T00:00:00.000000	2026-01-05T00:00:00.000000
certfr-2026-avi-0002	Multiples vulnérabilités dans les produits IBM	2026-01-02T00:00:00.000000	2026-01-02T00:00:00.000000
certfr-2026-avi-0001	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-01-02T00:00:00.000000	2026-01-02T00:00:00.000000
certfr-2025-avi-1142	Multiples vulnérabilités dans Moxa NPort	2025-12-31T00:00:00.000000	2025-12-31T00:00:00.000000
certfr-2025-avi-1141	Multiples vulnérabilités dans le noyau Linux de Red Hat	2025-12-26T00:00:00.000000	2025-12-26T00:00:00.000000
certfr-2025-avi-1140	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-12-26T00:00:00.000000	2025-12-26T00:00:00.000000
certfr-2025-avi-1139	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-12-26T00:00:00.000000	2025-12-26T00:00:00.000000
certfr-2025-avi-1138	Multiples vulnérabilités dans VMware Tanzu Platform	2025-12-26T00:00:00.000000	2025-12-26T00:00:00.000000
certfr-2025-avi-1137	Multiples vulnérabilités dans les produits IBM	2025-12-26T00:00:00.000000	2025-12-26T00:00:00.000000
certfr-2025-avi-1136	Multiples vulnérabilités dans le noyau Linux de Debian LTS	2025-12-19T00:00:00.000000	2025-12-19T00:00:00.000000
certfr-2025-avi-1135	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-12-19T00:00:00.000000	2025-12-19T00:00:00.000000

ID	Description	Published	Updated
certfr-2025-ale-014	[MàJ] Vulnérabilité dans React Server Components	2025-12-05T00:00:00.000000	2025-12-08T00:00:00.000000
certfr-2025-ale-013	[MàJ] Multiples vulnérabilités dans Cisco ASA et FTD	2025-09-25T00:00:00.000000	2025-10-06T00:00:00.000000
certfr-2025-ale-012	Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-09-26T00:00:00.000000
certfr-2025-ale-011	Incidents de sécurité dans les pare-feux SonicWall	2025-08-05T00:00:00.000000	2025-08-18T00:00:00.000000
certfr-2025-ale-010	[MàJ] Multiples vulnérabilités dans Microsoft SharePoint	2025-07-21T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-ale-009	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-07-01T00:00:00.000000	2025-07-17T00:00:00.000000
certfr-2025-ale-008	[MàJ] Vulnérabilité dans Roundcube	2025-06-05T00:00:00.000000	2025-07-21T00:00:00.000000
certfr-2025-ale-007	Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM)	2025-05-14T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-006	Vulnérabilité dans les produits Fortinet	2025-05-13T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-002	[MàJ] Vulnérabilité dans les produits Fortinet	2025-05-07T00:00:00.000000	2025-01-14T00:00:00.000000
certfr-2025-ale-005	Vulnérabilité dans SAP NetWeaver	2025-04-28T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-004	Activités de post-exploitation dans Fortinet FortiGate	2025-04-11T00:00:00.000000	2025-08-07T00:00:00.000000
certfr-2025-ale-003	[MàJ] Vulnérabilité dans les produits Ivanti	2025-04-04T00:00:00.000000	2025-04-11T00:00:00.000000
certfr-2024-ale-013	Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA)	2025-03-31T00:00:00.000000	2024-10-25T00:00:00.000000
certfr-2025-ale-001	[MàJ] Vulnérabilité dans les produits Ivanti	2025-01-09T00:00:00.000000	2025-04-01T00:00:00.000000
certfr-2024-ale-015	[MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks	2024-11-15T00:00:00.000000	2024-11-18T00:00:00.000000
certfr-2024-ale-014	[MàJ] Multiples vulnérabilités dans Fortinet FortiManager	2024-10-30T00:00:00.000000	2024-10-23T00:00:00.000000
certfr-2024-ale-012	[MàJ] Vulnérabilités affectant OpenPrinting CUPS	2024-09-27T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-011	Vulnérabilité dans SonicWall	2024-09-10T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-010	Multiples vulnérabilités dans Roundcube	2024-08-09T00:00:00.000000	2024-10-07T00:00:00.000000
certfr-2024-ale-009	Vulnérabilité dans OpenSSH	2024-07-01T00:00:00.000000	2024-07-03T00:00:00.000000
certfr-2024-ale-008	[MàJ] Vulnérabilité dans les produits Check Point	2024-05-30T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-007	Multiples vulnérabilités dans les produits Cisco	2024-04-25T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-006	[MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect	2024-04-12T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-005	[MàJ] Vulnérabilité dans Microsoft Outlook	2024-02-15T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-004	[MàJ] Vulnérabilité dans Fortinet FortiOS	2024-02-09T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-003	[MàJ] Incident affectant les solutions AnyDesk	2024-02-05T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-002	[MàJ] Multiples Vulnérabilités dans GitLab	2024-01-12T00:00:00.000000	2024-02-22T00:00:00.000000
certfr-2024-ale-001	[MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways	2024-01-11T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2023-ale-013	Vulnérabilité dans Apache Struts 2	2023-12-13T00:00:00.000000	2024-02-16T00:00:00.000000

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1-2026-0002	10 (4.0)	Heap-buffer-overflow in EXIF writer for extra IFD tags	ffmpeg	ffmpeg	2026-01-02T19:50:00.000Z	2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001	N/A	Bundle reference to gpg.fail	gnupg	gnupg	2026-01-02T10:20:00.000Z	2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041	6.4 (4.0)	[online services] Reflected Cross-Site Scripting (XSS)…	typo3	typo3	2025-12-19T14:25:00.000Z	2025-12-19T14:54:51.594645Z
GCVE-1-2025-0040	7.2 (4.0)	A cross-site scripting (XSS) vulnerability was id…	misp	misp	2025-12-13T08:44:32.378924Z	2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039	8.5 (4.0)	XSS Reintroduced in MISP Dashboard World Map Widget Du…	misp	misp	2025-12-10T14:33:52.856734Z	2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038	5 (4.0)	Reflected XSS in MISP Template Tag Removal and MISP Ad…	misp	misp	2025-12-10T14:10:00.000Z	2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037	7 (4.0)	Reflected XSS in MISP Dashboard Widgets via Unescaped …	misp	misp	2025-12-10T14:01:03.200804Z	2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036	8.3 (4.0)	A reflected cross-site scripting (XSS) vulnerability w…	misp	misp	2025-12-10T13:46:07.170083Z	2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035	8.3 (4.0)	Insufficient sanitization of bundle metadata (availabl…	CIRCL	vulnerability-lookup	2025-12-08T10:25:00.000Z	2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034	7 (4.0)	Missing CSRF protection on state-changing endpoints in…	CIRCL	vulnerability-lookup	2025-12-08T10:19:00.000Z	2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033	8.1 (4.0)	Vulnerability-lookup did not track or limit failed One…	CIRCL	vulnerability-lookup	2025-12-08T10:11:00.000Z	2025-12-08T12:12:53.235996Z
GCVE-1-2025-0032	10 (4.0)	The default configuration of WatchGuard Firebox device…	watchguard	firebox	2025-12-03T16:25:00.000Z	2025-12-19T13:48:34.570799Z
GCVE-1-2025-0031	7.1 (4.0)	A cross-site scripting (XSS) vulnerability was identif…	misp	misp	2025-12-03T10:58:00.000Z	2025-12-16T09:36:09.594750Z
GCVE-1-2025-0030	6.2 (4.0)	A cross-site scripting (XSS) vulnerability in the MISP…	misp	misp	2025-12-03T10:53:00.000Z	2025-12-03T10:58:55.845341Z
GCVE-1-2025-0029	6.3 (4.0)	Reflected cross-site scripting (XSS) vulnerabilities i…	misp	misp	2025-11-27T12:41:00.000Z	2025-11-27T12:48:51.085860Z
GCVE-1-2025-0028	8.5 (4.0)	Information leakage vulnerability in the MISP Feed con…	misp	misp	2025-11-27T07:23:00.000Z	2025-12-02T08:51:35.429494Z
GCVE-1-2025-0027	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-27T07:17:00.000Z	2025-12-02T08:51:04.323899Z
GCVE-1-2025-0026	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:35:00.000Z	2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:27:00.000Z	2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024	9.4 (4.0)	cross-site scripting (XSS) vulnerability in the MISP s…	misp	misp	2025-11-26T16:14:00.000Z	2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023	9.4 (4.0)	XSS in MISP server comparison tool	misp	misp	2025-11-26T16:10:00.000Z	2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022	9.4 (4.0)	Clarified setting's impact on download_attachments_on_load	misp	misp	2025-11-26T16:04:00.000Z	2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021	9.4 (4.0)	XSS in MISP ReST client in HTML view	misp	misp	2025-11-26T15:55:00.000Z	2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020	9.4 (4.0)	cross-site scripting (XSS) in Galaxy element JSON view	misp	misp	2025-11-26T15:49:00.000Z	2025-12-02T08:47:41.151429Z
GCVE-1-2025-0019	4 (4.0)	Path traversal vulnerability in EventReport for site-admin	misp	misp	2025-11-26T14:47:00.000Z	2025-11-28T07:27:42.721350Z
GCVE-1-2025-0018	9.4 (4.0)	HTML injection issue was identified in Lookyloo’s web …	lookyloo	lookyloo	2025-11-18T15:33:00.000Z	2025-11-18T20:39:45.579295Z
GCVE-1-2025-0017	9.4 (4.0)	Privilege escalation in Cerebrate allows an authentica…	cerebrate	cerebrate	2025-11-12T08:15:00.000Z	2025-11-28T07:22:08.205835Z
GCVE-1-2025-0016	6 (4.0)	Local file inclusion in [ImportFromUrl() URL hand…	misp	misp	2025-11-04T09:20:00.000Z	2025-11-04T09:56:38.383646Z

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011	9.1 (3.1)	HexStrike AI MCP Server Command Injection	0x4m4	HexStrike AI	2025-11-30T21:27:56.057Z	2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100	6.5 (3.1)	Abilis CPX Fallback Shell Connection Relay	Abilis	CPX	2025-11-04T00:23:23.924Z	2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010	7.3 (3.1)	Unitree Multiple Robotic Products Command Injection	Unitree	Go2	2025-09-26T06:53:49.585Z	2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001	4.3 (3.1)	Unauthenticated leak of sensitive information affectin…	Brother Industries, Ltd	HL-L8260CDN	2025-08-12T15:23:00.577Z	2025-08-15T05:53:23.017Z