Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-1454	7.2 (3.1)	Responsive Contact Form Builder & Lead Generation Plug…	themehunk	Lead Form Builder & Contact Form	2026-03-11T08:24:46.492Z	2026-03-11T08:24:46.492Z
CVE-2026-31844	8.7 (4.0) 8.8 (3.1)	Authenticated SQL Injection in Koha displayby paramete…	Koha Community	Koha	2026-03-11T06:34:14.869Z	2026-03-11T08:20:50.481Z
CVE-2025-60007	5.5 (3.1) 6.8 (4.0)	Junos OS: A specifically crafted 'show chassis' comman…	Juniper Networks	Junos OS	2026-01-15T20:16:22.617Z	2026-03-11T08:16:16.890Z
CVE-2024-14026	2 (4.0)	QTS, QuTS hero	QNAP Systems Inc.	QTS	2026-03-11T08:02:13.413Z	2026-03-11T08:07:06.833Z
CVE-2024-14025	0.1 (4.0)	Video Station	QNAP Systems Inc.	Video Station	2026-03-11T08:02:09.214Z	2026-03-11T08:06:46.753Z
CVE-2024-14024	0.1 (4.0)	Video Station	QNAP Systems Inc.	Video Station	2026-03-11T08:02:03.876Z	2026-03-11T08:06:31.121Z
CVE-2026-2917	5.4 (3.1)	Happy Addons for Elementor <= 3.21.0 - Insecure Direct…	thehappymonster	Happy Addons for Elementor	2026-03-11T07:36:25.496Z	2026-03-11T07:36:25.496Z
CVE-2026-3903	4.3 (3.1)	Modular Connector <= 2.5.1 - Cross-Site Request Forger…	modulards	Modular DS: Monitor, update, and backup multiple websites	2026-03-11T07:36:25.132Z	2026-03-11T07:36:25.132Z
CVE-2026-1708	7.5 (3.1)	Appointment Booking Calendar <= 1.6.9.27 - Unauthentic…	croixhaug	Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin	2026-03-11T07:36:24.758Z	2026-03-11T07:36:24.758Z
CVE-2026-2918	6.4 (3.1)	Happy Addons for Elementor <= 3.21.0 - Insecure Direct…	thehappymonster	Happy Addons for Elementor	2026-03-11T07:36:23.620Z	2026-03-11T07:36:23.620Z
CVE-2026-3825	5.1 (4.0) 6.1 (3.1)	WellChoose｜IFTOP - Reflected Cross-site Scripting	WellChoose	IFTOP	2026-03-11T06:35:25.378Z	2026-03-11T07:18:29.027Z
CVE-2026-3822	8.3 (4.0) 6.5 (3.1)	Taipower｜Taipower APP(Android) - Improper Certificate …	Taipower	Taipower APP	2026-03-09T03:38:35.449Z	2026-03-11T06:49:32.983Z
CVE-2026-3534	6.4 (3.1)	Astra <= 4.12.3 - Authenticated (Contributor+) Stored …	brainstormforce	Astra	2026-03-11T06:45:31.218Z	2026-03-11T06:45:31.218Z
CVE-2026-3826	9.3 (4.0) 9.8 (3.1)	WellChoose｜IFTOP - Local File Inclusion	WellChoose	IFTOP	2026-03-11T06:38:25.496Z	2026-03-11T06:38:25.496Z
CVE-2026-3824	5.1 (4.0) 6.1 (3.1)	WellChoose｜IFTOP - Open redirect	WellChoose	IFTOP	2026-03-11T06:31:53.599Z	2026-03-11T06:31:53.599Z
CVE-2026-2631	N/A	Datalogics Ecommerce Delivery < 2.6.60 - Unauthenticat…	Unknown	Datalogics Ecommerce Delivery	2026-03-11T06:00:11.163Z	2026-03-11T06:00:11.163Z
CVE-2026-2626	N/A	Divi Booster < 5.0.2 - Unauthenticated PHP Object Injection	Unknown	divi-booster	2026-03-11T06:00:10.837Z	2026-03-11T06:00:10.837Z
CVE-2026-2466	N/A	DukaPress <= 3.2.4 - Reflected XSS	Unknown	DukaPress	2026-03-11T06:00:10.465Z	2026-03-11T06:00:10.465Z
CVE-2026-1867	N/A	WP Front User Submit < 5.0.6 - Unauthenticated Sensiti…	Unknown	Guest posting / Frontend Posting / Front Editor	2026-03-11T06:00:09.091Z	2026-03-11T06:00:09.091Z
CVE-2026-1753	N/A	Gutena Forms < 1.6.1 - Contributor+ Arbitrary Limited …	Unknown	Gutena Forms	2026-03-11T06:00:03.165Z	2026-03-11T06:00:03.165Z
CVE-2026-3911	2.7 (3.1)	Org.keycloak.services.resources.admin.userresource: ke…	Red Hat	Red Hat Build of Keycloak	2026-03-11T05:36:43.743Z	2026-03-11T05:36:43.743Z
CVE-2026-2707	6.4 (3.1)	weForms <= 1.6.27 - Authenticated (Subscriber+) Stored…	boldgrid	weForms – Easy Drag & Drop Contact Form Builder For WordPress	2026-03-11T05:27:17.695Z	2026-03-11T05:27:17.695Z
CVE-2026-3222	7.5 (3.1)	WP Maps <= 4.9.1 - Unauthenticated SQL Injection via '…	flippercode	WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters	2026-03-11T05:27:17.281Z	2026-03-11T05:27:17.281Z
CVE-2026-2358	6.4 (3.1)	WP ULike <= 5.0.1 - Authenticated (Contributor+) Store…	alimir	WP ULike – Like & Dislike Buttons for Engagement and Feedback	2026-03-11T05:27:16.708Z	2026-03-11T05:27:16.708Z
CVE-2026-27842	9.8 (3.0) 9.3 (4.0)	Authentication bypass issue exists in MR-GM5L-S1 …	Micro Research Ltd.	MR-GM5L-S1	2026-03-11T05:25:34.834Z	2026-03-11T05:25:34.834Z
CVE-2026-24448	9.8 (3.0) 9.3 (4.0)	Use of hard-coded credentials issue exists in MR-…	Micro Research Ltd.	MR-GM5L-S1	2026-03-11T05:25:25.618Z	2026-03-11T05:25:25.618Z
CVE-2026-20892	7.2 (3.0) 8.6 (4.0)	Code injection vulnerability exists in MR-GM5L-S1…	Micro Research Ltd.	MR-GM5L-S1	2026-03-11T05:25:15.694Z	2026-03-11T05:25:15.694Z
CVE-2026-3315	5.8 (4.0)	Local Privilege Escalation Due to Writable Executable …	ASSA ABLOY	Visionline	2026-03-10T09:35:42.236Z	2026-03-11T05:13:30.886Z
CVE-2023-27573	9 (3.1)	netbox-docker before 2.5.0 has a superuser accoun…	netbox-community	netbox-docker	2026-03-11T00:00:00.000Z	2026-03-11T05:01:47.850Z
CVE-2026-3884	6.1 (3.1)	Versions of the package spin.js before 3.0.0 are …	n/a	spin.js	2026-03-11T05:00:09.279Z	2026-03-11T05:00:09.279Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-3903	4.3 (3.1)	Modular Connector <= 2.5.1 - Cross-Site Request Forger…	modulards	Modular DS: Monitor, update, and backup multiple websites	2026-03-11T07:36:25.132Z	2026-03-11T07:36:25.132Z
CVE-2026-3825	5.1 (4.0) 6.1 (3.1)	WellChoose｜IFTOP - Reflected Cross-site Scripting	WellChoose	IFTOP	2026-03-11T06:35:25.378Z	2026-03-11T07:18:29.027Z
CVE-2026-31844	8.7 (4.0) 8.8 (3.1)	Authenticated SQL Injection in Koha displayby paramete…	Koha Community	Koha	2026-03-11T06:34:14.869Z	2026-03-11T08:20:50.481Z
CVE-2026-2918	6.4 (3.1)	Happy Addons for Elementor <= 3.21.0 - Insecure Direct…	thehappymonster	Happy Addons for Elementor	2026-03-11T07:36:23.620Z	2026-03-11T07:36:23.620Z
CVE-2026-2917	5.4 (3.1)	Happy Addons for Elementor <= 3.21.0 - Insecure Direct…	thehappymonster	Happy Addons for Elementor	2026-03-11T07:36:25.496Z	2026-03-11T07:36:25.496Z
CVE-2026-1708	7.5 (3.1)	Appointment Booking Calendar <= 1.6.9.27 - Unauthentic…	croixhaug	Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin	2026-03-11T07:36:24.758Z	2026-03-11T07:36:24.758Z
CVE-2024-14026	2 (4.0)	QTS, QuTS hero	QNAP Systems Inc.	QTS	2026-03-11T08:02:13.413Z	2026-03-11T08:07:06.833Z
CVE-2024-14025	0.1 (4.0)	Video Station	QNAP Systems Inc.	Video Station	2026-03-11T08:02:09.214Z	2026-03-11T08:06:46.753Z
CVE-2024-14024	0.1 (4.0)	Video Station	QNAP Systems Inc.	Video Station	2026-03-11T08:02:03.876Z	2026-03-11T08:06:31.121Z
CVE-2026-3826	9.3 (4.0) 9.8 (3.1)	WellChoose｜IFTOP - Local File Inclusion	WellChoose	IFTOP	2026-03-11T06:38:25.496Z	2026-03-11T06:38:25.496Z
CVE-2026-3824	5.1 (4.0) 6.1 (3.1)	WellChoose｜IFTOP - Open redirect	WellChoose	IFTOP	2026-03-11T06:31:53.599Z	2026-03-11T06:31:53.599Z
CVE-2026-3822	8.3 (4.0) 6.5 (3.1)	Taipower｜Taipower APP(Android) - Improper Certificate …	Taipower	Taipower APP	2026-03-09T03:38:35.449Z	2026-03-11T06:49:32.983Z
CVE-2026-3534	6.4 (3.1)	Astra <= 4.12.3 - Authenticated (Contributor+) Stored …	brainstormforce	Astra	2026-03-11T06:45:31.218Z	2026-03-11T06:45:31.218Z
CVE-2026-3911	2.7 (3.1)	Org.keycloak.services.resources.admin.userresource: ke…	Red Hat	Red Hat Build of Keycloak	2026-03-11T05:36:43.743Z	2026-03-11T05:36:43.743Z
CVE-2026-3884	6.1 (3.1)	Versions of the package spin.js before 3.0.0 are …	n/a	spin.js	2026-03-11T05:00:09.279Z	2026-03-11T05:00:09.279Z
CVE-2026-3315	5.8 (4.0)	Local Privilege Escalation Due to Writable Executable …	ASSA ABLOY	Visionline	2026-03-10T09:35:42.236Z	2026-03-11T05:13:30.886Z
CVE-2026-3222	7.5 (3.1)	WP Maps <= 4.9.1 - Unauthenticated SQL Injection via '…	flippercode	WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters	2026-03-11T05:27:17.281Z	2026-03-11T05:27:17.281Z
CVE-2026-2707	6.4 (3.1)	weForms <= 1.6.27 - Authenticated (Subscriber+) Stored…	boldgrid	weForms – Easy Drag & Drop Contact Form Builder For WordPress	2026-03-11T05:27:17.695Z	2026-03-11T05:27:17.695Z
CVE-2026-2631	N/A	Datalogics Ecommerce Delivery < 2.6.60 - Unauthenticat…	Unknown	Datalogics Ecommerce Delivery	2026-03-11T06:00:11.163Z	2026-03-11T06:00:11.163Z
CVE-2026-2626	N/A	Divi Booster < 5.0.2 - Unauthenticated PHP Object Injection	Unknown	divi-booster	2026-03-11T06:00:10.837Z	2026-03-11T06:00:10.837Z
CVE-2026-2466	N/A	DukaPress <= 3.2.4 - Reflected XSS	Unknown	DukaPress	2026-03-11T06:00:10.465Z	2026-03-11T06:00:10.465Z
CVE-2026-2358	6.4 (3.1)	WP ULike <= 5.0.1 - Authenticated (Contributor+) Store…	alimir	WP ULike – Like & Dislike Buttons for Engagement and Feedback	2026-03-11T05:27:16.708Z	2026-03-11T05:27:16.708Z
CVE-2026-27842	9.8 (3.0) 9.3 (4.0)	Authentication bypass issue exists in MR-GM5L-S1 …	Micro Research Ltd.	MR-GM5L-S1	2026-03-11T05:25:34.834Z	2026-03-11T05:25:34.834Z
CVE-2026-24448	9.8 (3.0) 9.3 (4.0)	Use of hard-coded credentials issue exists in MR-…	Micro Research Ltd.	MR-GM5L-S1	2026-03-11T05:25:25.618Z	2026-03-11T05:25:25.618Z
CVE-2026-20892	7.2 (3.0) 8.6 (4.0)	Code injection vulnerability exists in MR-GM5L-S1…	Micro Research Ltd.	MR-GM5L-S1	2026-03-11T05:25:15.694Z	2026-03-11T05:25:15.694Z
CVE-2026-1867	N/A	WP Front User Submit < 5.0.6 - Unauthenticated Sensiti…	Unknown	Guest posting / Frontend Posting / Front Editor	2026-03-11T06:00:09.091Z	2026-03-11T06:00:09.091Z
CVE-2026-1753	N/A	Gutena Forms < 1.6.1 - Contributor+ Arbitrary Limited …	Unknown	Gutena Forms	2026-03-11T06:00:03.165Z	2026-03-11T06:00:03.165Z
CVE-2023-27573	9 (3.1)	netbox-docker before 2.5.0 has a superuser accoun…	netbox-community	netbox-docker	2026-03-11T00:00:00.000Z	2026-03-11T05:01:47.850Z
CVE-2026-2413	7.5 (3.1)	Ally – Web Accessibility & Usability <= 4.0.3 - Unauth…	elemntor	Ally – Web Accessibility & Usability	2026-03-11T04:25:46.393Z	2026-03-11T04:25:46.393Z
CVE-2026-29515	9.3 (4.0)	MiCode FileExplorer SwiFTP Server Authentication Bypass	MiCode	FileExplorer	2026-03-11T03:23:00.932Z	2026-03-11T04:18:52.023Z

ID	Description	Published	Updated
fkie_cve-2026-3911	A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulner…	2026-03-11T06:17:15.377	2026-03-11T06:17:15.377
fkie_cve-2026-3884	Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the s…	2026-03-11T06:17:15.183	2026-03-11T06:17:15.183
fkie_cve-2026-3315	Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assi…	2026-03-10T18:19:01.367	2026-03-11T06:17:14.993
fkie_cve-2026-3222	The WP Maps plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'location_…	2026-03-11T06:17:14.777	2026-03-11T06:17:14.777
fkie_cve-2026-2707	The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API entr…	2026-03-11T06:17:14.587	2026-03-11T06:17:14.587
fkie_cve-2026-2631	The Datalogics Ecommerce Delivery WordPress plugin before 2.6.60 exposes an unauthenticated REST e…	2026-03-11T06:17:14.467	2026-03-11T06:17:14.467
fkie_cve-2026-2626	The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one o…	2026-03-11T06:17:14.353	2026-03-11T06:17:14.353
fkie_cve-2026-2466	The DukaPress WordPress plugin through 3.2.4 does not sanitise and escape a parameter before output…	2026-03-11T06:17:14.240	2026-03-11T06:17:14.240
fkie_cve-2026-2358	The WP ULike plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `[wp_ulike_l…	2026-03-11T06:17:14.033	2026-03-11T06:17:14.033
fkie_cve-2026-27842	Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to byp…	2026-03-11T06:17:13.867	2026-03-11T06:17:13.867
fkie_cve-2026-24448	Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacke…	2026-03-11T06:17:13.697	2026-03-11T06:17:13.697
fkie_cve-2026-20892	Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with …	2026-03-11T06:17:13.510	2026-03-11T06:17:13.510
fkie_cve-2026-1867	The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a…	2026-03-11T06:17:13.397	2026-03-11T06:17:13.397
fkie_cve-2026-1753	The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could…	2026-03-11T06:17:13.273	2026-03-11T06:17:13.273
fkie_cve-2023-27573	netbox-docker before 2.5.0 has a superuser account with default credentials (admin password for the…	2026-03-11T06:17:11.933	2026-03-11T06:17:11.933
fkie_cve-2026-2413	The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via th…	2026-03-11T05:18:01.063	2026-03-11T05:18:01.063
fkie_cve-2026-29515	MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP serv…	2026-03-11T04:17:37.213	2026-03-11T05:18:00.287
fkie_cve-2026-28393	OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook tra…	2026-03-05T22:16:15.767	2026-03-11T05:17:59.770
fkie_cve-2025-13067	The Royal Addons for Elementor plugin for WordPress is vulnerable to arbitrary file upload in all v…	2026-03-11T05:17:46.027	2026-03-11T05:17:46.027
fkie_cve-2026-23817	A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthentic…	2026-03-11T04:17:35.810	2026-03-11T04:17:35.810
fkie_cve-2026-23816	A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remot…	2026-03-11T04:17:35.533	2026-03-11T04:17:35.533
fkie_cve-2026-23815	A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote…	2026-03-11T04:17:35.080	2026-03-11T04:17:35.080
fkie_cve-2026-23814	A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privile…	2026-03-11T04:17:34.883	2026-03-11T04:17:34.883
fkie_cve-2026-23813	A vulnerability has been identified in the web-based management interface of AOS-CX switches that c…	2026-03-11T04:17:34.677	2026-03-11T04:17:34.677
fkie_cve-2025-65791	ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application pass…	2026-02-18T16:22:29.093	2026-03-11T04:17:33.153
fkie_cve-2025-57176	On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before …	2025-09-15T17:15:35.220	2026-03-11T04:17:23.773
fkie_cve-2026-3453	The ProfilePress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all vers…	2026-03-11T03:15:56.227	2026-03-11T03:15:56.227
fkie_cve-2026-21361	Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earli…	2026-03-11T03:15:56.033	2026-03-11T03:15:56.033
fkie_cve-2026-21360	Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earli…	2026-03-11T03:15:55.867	2026-03-11T03:15:55.867
fkie_cve-2026-21359	Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earli…	2026-03-11T03:15:55.693	2026-03-11T03:15:55.693

ID	Severity	Description	Published	Updated
ghsa-xh32-c9wx-phrp	2.7 (3.1)	A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulner…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-w8vw-4787-pf8f		The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-vx3h-993f-h7v7	9.8 (3.1) 9.3 (4.0)	Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacke…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-vf6r-c2jr-9wjq	9.0 (3.1)	netbox-docker before 2.5.0 has a superuser account with default credentials (admin password for the…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-rr2c-x5q5-gjg8		The DukaPress WordPress plugin through 3.2.4 does not sanitise and escape a parameter before output…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-j4h3-864w-3w43	6.4 (3.1)	The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API entr…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-j3fj-mfxv-75x2		The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one o…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-h99f-r56h-cmrp	6.1 (3.1) 2.0 (4.0)	Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the s…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-h4gj-5gmp-5j93	8.8 (3.1)	The Royal Addons for Elementor plugin for WordPress is vulnerable to arbitrary file upload in all v…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-9v47-w2mq-8wv9		The Datalogics Ecommerce Delivery WordPress plugin before 2.6.60 exposes an unauthenticated REST e…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-8cjp-9cg5-vcjh	7.2 (3.1) 8.6 (4.0)	Code injection vulnerability exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker with …	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-83wr-6xhc-8r8r	7.5 (3.1)	The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via th…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-5ppv-gw49-frmx		The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-58hg-224j-wf29	6.4 (3.1)	The WP ULike plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `[wp_ulike_l…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-4pfw-7fxf-mmv5	7.5 (3.1)	The WP Maps plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'location_…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-2m33-h63p-wx98	9.8 (3.1) 9.3 (4.0)	Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to byp…	2026-03-11T06:31:41Z	2026-03-11T06:31:41Z
ghsa-wq63-qgc3-2p5r	6.5 (3.1)	A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthentic…	2026-03-11T06:31:40Z	2026-03-11T06:31:40Z
ghsa-9238-xf4h-w28w	9.3 (4.0)	MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP serv…	2026-03-11T06:31:40Z	2026-03-11T06:31:40Z
ghsa-7fqp-cc74-qjcw	8.8 (3.1)	A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privile…	2026-03-11T06:31:40Z	2026-03-11T06:31:40Z
ghsa-4jg3-r8r3-wpr3	7.2 (3.1)	A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remot…	2026-03-11T06:31:40Z	2026-03-11T06:31:40Z
ghsa-3h67-94ff-4pcq	7.2 (3.1)	A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote…	2026-03-11T06:31:40Z	2026-03-11T06:31:40Z
ghsa-37q7-686v-7f32	9.8 (3.1)	A vulnerability has been identified in the web-based management interface of AOS-CX switches that c…	2026-03-11T06:31:40Z	2026-03-11T06:31:40Z
ghsa-27hm-23w4-7mrj	4.3 (3.1)	The rfpiped service on TCP port 555 in Ceragon Networks / Siklu Communication EtherHaul series (801…	2025-09-15T18:31:06Z	2026-03-11T06:31:40Z
ghsa-2429-6423-p4jm	5.8 (4.0)	Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assi…	2026-03-10T18:31:22Z	2026-03-11T06:31:40Z
ghsa-mhg6-2q2v-9h2c	7.5 (3.1)	sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest	2026-03-11T00:24:42Z	2026-03-11T05:47:26Z
ghsa-fpvf-fvp5-996r	5.4 (3.1)	Umbraco Backoffice API Allows Unauthorized Modification of Domain Data	2026-03-11T00:24:53Z	2026-03-11T05:47:21Z
ghsa-fvcw-9w9r-pxc7	7.1 (3.1)	Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access	2026-03-11T00:24:05Z	2026-03-11T05:47:10Z
ghsa-7m6r-fhh7-r47c	6.0 (4.0)	Parse Server vulnerable to LDAP injection via unsanitized user input in DN and group filter construction	2026-03-11T00:23:21Z	2026-03-11T05:47:03Z
ghsa-hqmh-ppp3-xvm7	6.8 (4.0)	pypdf: manipulated stream length values can exhaust RAM	2026-03-11T00:14:02Z	2026-03-11T05:46:57Z
ghsa-7mp4-25j8-hp5q	8.2 (3.1)	Sylius has a Promotion Usage Limit Bypass via Race Condition	2026-03-11T00:13:29Z	2026-03-11T05:46:51Z

ID	Severity	Description	Package	Published	Updated
pysec-2024-85	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-03-03T16:29:37.848846Z
pysec-2024-84	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-03-03T16:29:37.756762Z
pysec-2024-83	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-03-03T16:29:37.662671Z
pysec-2024-82	8.8 (3.1)	Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB…	mindsdb	2024-09-12T13:15:00Z	2026-03-03T16:29:37.563380Z
pysec-2023-278	5.3 (3.1)	MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1…	mindsdb	2023-12-11T21:15:00Z	2026-03-03T16:29:37.448520Z
pysec-2023-121		A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a…	zstd	2023-03-31T20:15:00+00:00	2026-02-25T19:20:58+00:00
pysec-2026-1		A PyPI user account compromised by an attacker and was able to upload a malicious version…	dydx-v4-client		2026-01-28T21:09:02+00:00
pysec-2025-52		gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.	mlflow	2025-06-23T15:15:29Z	2025-12-05T13:25:55.146081Z
pysec-2020-220		A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll…	ansible	2020-10-05T14:15:00Z	2025-10-31T04:43:53.616247Z
pysec-2025-72		The `num2words` project was compromised via a phishing attack and two new versions were u…	num2words		2025-07-31T14:34:47+00:00
pysec-2025-71		Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas…	cadwyn	2025-07-21T21:15:25+00:00	2025-07-23T15:24:03.825615+00:00
pysec-2025-70	10.0 (3.1)	A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen…	langchain-community	2025-06-23T21:15:25+00:00	2025-07-16T21:23:40.211079+00:00
pysec-2024-259	9.8 (3.1)	In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m…	torch	2024-10-29T21:15:04+00:00	2025-07-16T03:09:57.748865+00:00
pysec-2024-258		In scrapy/scrapy, an issue was identified where the Authorization header is not removed d…	scrapy	2024-05-20T08:15:08+00:00	2025-07-15T17:37:50.051730+00:00
pysec-2025-69		In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem…	roundup	2025-07-13T20:15:25+00:00	2025-07-13T21:23:01.161315+00:00
pysec-2025-68	8.0 (3.1)	A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.449399+00:00
pysec-2025-67	9.8 (3.1)	A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.385619+00:00
pysec-2025-66		Improper privilege management in a REST interface allowed registered users to access unau…	streampipes	2025-03-03T11:15:11+00:00	2025-07-08T15:23:46.628375+00:00
pysec-2025-65		A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0…	llama-index	2025-07-07T13:15:28+00:00	2025-07-07T15:23:42.730681+00:00
pysec-2025-61		Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap …	pillow	2025-07-01T19:15:27Z	2025-07-07T14:12:46.226030Z
pysec-2025-64	9.8 (3.1)	A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0…	python-a2a	2025-06-17T07:15:18+00:00	2025-07-02T21:23:13.806273+00:00
pysec-2025-63		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe…	vllm	2025-03-19T16:15:32+00:00	2025-07-01T23:22:49.176005+00:00
pysec-2025-62		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal…	vllm	2025-02-07T20:15:34+00:00	2025-07-01T23:22:49.083695+00:00
pysec-2025-60		Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform…	apache-iotdb	2025-05-14T11:16:28+00:00	2025-07-01T21:22:47.232036+00:00
pysec-2025-59		Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack…	apache-iotdb	2025-05-14T11:15:47+00:00	2025-07-01T21:22:47.177405+00:00
pysec-2024-257	7.5 (3.1)	Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-03-22T23:15:07+00:00	2025-06-30T15:23:50.085549+00:00
pysec-2025-58	8.8 (3.1)	vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl…	vllm	2025-01-27T18:15:41+00:00	2025-06-27T21:22:36.583615+00:00
pysec-2025-57		A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent…	zenml	2025-03-20T10:15:48+00:00	2025-06-27T17:22:55.175431+00:00
pysec-2025-56	4.3 (3.1)	OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t…	octoprint	2025-04-22T18:15:59+00:00	2025-06-27T17:22:53.513680+00:00
pysec-2024-256		Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-12-03T16:15:24+00:00	2025-06-27T17:22:53.325430+00:00

ID	Description	Updated
gsd-2024-33884	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.534455Z
gsd-2024-33901	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.525896Z
gsd-2024-33887	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.503613Z
gsd-2024-33895	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.493081Z
gsd-2024-33894	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.488420Z
gsd-2024-33902	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.486429Z
gsd-2024-33888	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.468423Z
gsd-2024-33885	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.441746Z
gsd-2024-33891	Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th…	2024-04-29T05:02:07.412035Z
gsd-2024-33899	RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr…	2024-04-29T05:02:07.400574Z
gsd-2024-33889	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.392587Z
gsd-2024-33893	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.381761Z
gsd-2024-33892	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.378170Z
gsd-2024-33890	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.344384Z
gsd-2024-33896	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.313250Z
gsd-2024-33903	In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede…	2024-04-29T05:02:07.295775Z
gsd-2024-33900	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.290639Z
gsd-2024-33898	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287632Z
gsd-2024-33886	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287167Z
gsd-2024-33897	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.283756Z
gsd-2024-33883	The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa…	2024-04-29T05:02:07.271727Z
gsd-2024-4303	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.716348Z
gsd-2024-4300	E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo…	2024-04-29T05:02:05.715239Z
gsd-2024-4297	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo…	2024-04-29T05:02:05.700888Z
gsd-2024-4301	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.678292Z
gsd-2024-4296	The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock…	2024-04-29T05:02:05.621428Z
gsd-2024-4299	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc…	2024-04-29T05:02:05.606402Z
gsd-2024-4302	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.603637Z
gsd-2024-4298	The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit…	2024-04-29T05:02:05.598531Z
gsd-2024-33876	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.990196Z

ID	Description	Published	Updated
mal-2026-1339	Malicious code in anontest123 (PyPI)	2026-03-11T07:44:14Z	2026-03-11T07:44:14Z
mal-2026-1340	Malicious code in safetest123 (PyPI)	2026-03-11T07:43:06Z	2026-03-11T07:43:06Z
mal-2026-1335	Malicious code in tailwindcss-animate-framer (npm)	2026-03-11T06:26:49Z	2026-03-11T06:26:59Z
mal-2026-1338	Malicious code in vite-chunker (npm)	2026-03-11T06:26:49Z	2026-03-11T06:26:49Z
mal-2026-1336	Malicious code in tailwindcss-forms-bundler (npm)	2026-03-11T06:26:49Z	2026-03-11T06:26:49Z
mal-2026-1333	Malicious code in polygon-gamma-api (npm)	2026-03-11T06:26:49Z	2026-03-11T06:26:49Z
mal-2026-1328	Malicious code in gamma-api-provider (npm)	2026-03-11T06:26:49Z	2026-03-11T06:26:49Z
mal-2026-1332	Malicious code in mui-path-imports (npm)	2026-03-11T06:19:33Z	2026-03-11T06:19:33Z
mal-2026-1337	Malicious code in typescript-urql (npm)	2026-03-11T06:19:13Z	2026-03-11T06:19:14Z
mal-2026-1326	Malicious code in clean-order (npm)	2026-03-11T06:19:13Z	2026-03-11T06:19:14Z
mal-2026-1329	Malicious code in google-camelcase (npm)	2026-03-11T06:18:53Z	2026-03-11T06:18:53Z
mal-2026-1334	Malicious code in sort-export-all (npm)	2026-03-11T06:17:53Z	2026-03-11T06:18:03Z
mal-2026-1327	Malicious code in filter-imports (npm)	2026-03-11T06:17:33Z	2026-03-11T06:17:33Z
mal-2026-1330	Malicious code in import-zod (npm)	2026-03-11T06:15:22Z	2026-03-11T06:15:23Z
mal-2026-1331	Malicious code in llm-oracle (npm)	2026-03-11T05:58:11Z	2026-03-11T05:58:11Z
mal-2026-1325	Malicious code in synapseml-utils (PyPI)	2026-03-10T17:57:54Z	2026-03-10T17:57:54Z
mal-2026-1324	Malicious code in test-logsmodule-v-zisko (npm)	2026-03-10T17:00:26Z	2026-03-10T17:00:27Z
mal-2026-1323	Malicious code in bluelite-bot-manager (npm)	2026-03-10T17:00:26Z	2026-03-10T17:00:27Z
mal-2026-1234	Malicious code in uxproject11 (npm)	2026-02-25T05:20:29Z	2026-03-10T12:30:19Z
mal-2026-1233	Malicious code in projectrtert (npm)	2026-02-25T05:19:56Z	2026-03-10T12:30:18Z
mal-2026-1027	Malicious code in rtxbbtyols (npm)	2026-02-24T18:40:07Z	2026-03-10T12:30:18Z
mal-2026-1322	Malicious code in rtxnode-sass22 (npm)	2026-03-10T12:00:23Z	2026-03-10T12:00:24Z
mal-2026-1321	Malicious code in @openclaw-ai/openclawai (npm)	2026-03-10T09:32:02Z	2026-03-10T09:32:02Z
mal-2026-1318	Malicious code in @web-monorepo/fetchers (npm)	2026-03-10T08:31:27Z	2026-03-10T08:31:27Z
mal-2026-1317	Malicious code in @augmentor/experiences (npm)	2026-03-10T08:29:47Z	2026-03-10T08:29:47Z
mal-2026-1319	Malicious code in alinet-w (npm)	2026-03-10T08:29:15Z	2026-03-10T08:29:15Z
mal-2026-1320	Malicious code in chain-promised-await (npm)	2026-03-10T08:24:44Z	2026-03-10T08:24:44Z
mal-2026-1315	Malicious code in iron-signals (npm)	2026-03-10T01:04:15Z	2026-03-10T01:04:20Z
mal-2026-1313	Malicious code in iron-pages (npm)	2026-03-10T01:04:15Z	2026-03-10T01:04:20Z
mal-2026-1311	Malicious code in iron-menu-behavior (npm)	2026-03-10T01:04:15Z	2026-03-10T01:04:20Z

ID	Description	Published	Updated
3adr011525	ABB Automation Builder Gateway for Windows with insecure defaults	2026-02-24T00:30:00.000Z	2026-02-24T00:30:00.000Z
3adr011524	AC500 V3 Multiple vulnerabilities	2026-02-24T00:30:00.000Z	2026-02-24T00:30:00.000Z
sa25p007	B&R Automation Studio Update of SQLite version	2026-02-18T00:30:00.000Z	2026-02-18T00:30:00.000Z
sa26p001	PVI Insertion of Sensitive Information into Logfile	2026-01-29T00:30:00.000Z	2026-01-29T00:30:00.000Z
sa24p003	B&R PCs vulnerable to PixieFail attack	2026-01-29T00:30:00.000Z	2026-01-29T00:30:00.000Z
7paa013309	System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability	2024-06-05T00:30:00.000Z	2026-01-23T00:30:00.000Z
sa25p005	B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server	2026-01-19T00:30:00.000Z	2026-01-19T00:30:00.000Z
sa25p004	Automation Studio Insufficient Server Certificate Validation	2026-01-19T00:30:00.000Z	2026-01-19T00:30:00.000Z
9akk108472a1331	ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory	2026-01-16T00:30:00.000Z	2026-01-16T00:30:00.000Z
2crt000009	WebPro SNMP Card PowerValue Multiple Vulnerabilities	2026-01-07T00:30:00.000Z	2026-01-07T00:30:00.000Z
9akk108471a8107	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-09-16T00:30:00.000Z	2025-11-28T08:00:00.000Z
4hzm000603	ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC)	2025-11-27T00:30:00.000Z	2025-11-28T00:30:00.000Z
7paa022088	Edgenius Management Portal Authentication Bypass	2025-11-20T00:30:00.000Z	2025-11-20T00:30:00.000Z
2nga002813	PCM600 SharpZip library vulnerability	2025-11-03T00:30:00.000Z	2025-11-03T00:30:00.000Z
4tz00000006007	ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations	2025-10-20T00:30:00.000Z	2025-10-23T00:30:00.000Z
9akk108471a8948	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-10-20T00:30:00.000Z	2025-10-21T00:30:00.000Z
3kxg200000r4801	CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability	2025-04-16T00:30:00.000Z	2025-10-20T00:30:00.000Z
sa25p003	B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-14T00:30:00.000Z
4tz00000006008	LVS MConfig Insecure memory handling	2025-10-08T00:30:00.000Z	2025-10-08T00:30:00.000Z
sa25p002	B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7808	EIBPORT Reflected XSS	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7121	FLXeon Controllers Multiple vulnerabilities	2025-09-09T00:30:00.000Z	2025-09-18T00:30:00.000Z
9akk108471a4462	ELSB/BLBA ASPECT advisory several CVEs	2025-08-11T00:30:00.000Z	2025-09-04T00:30:00.000Z
9akk108471a3623	RMC - 100 Vulnerabilities in web UI (REST Interface)	2025-07-03T00:30:00.000Z	2025-08-18T00:30:00.000Z
2nga002743	ABB AbilityTM zenon Remote Transport Vulnerability	2025-08-12T00:30:00.000Z	2025-08-12T00:30:00.000Z
3adr011407	ABB Automation Builder Vulnerabilities in user management and access control	2025-04-30T00:00:00.000Z	2025-07-25T00:00:00.000Z
3adr011432	AC500 V2 Buffer overread on Modbus protocol	2025-07-23T00:30:00.000Z	2025-07-23T00:30:00.000Z
9akk108471a4556	Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode.	2025-07-21T00:30:00.000Z	2025-07-21T00:30:00.000Z
2crt000008	Lite Panel Pro Vulnerability in Session Management	2025-06-26T00:30:00.000Z	2025-06-26T00:30:00.000Z
9akk108470a8948	ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway.	2025-05-29T00:30:00.000Z	2025-06-05T00:30:00.000Z

ID	Description	Published	Updated
wid-sec-w-2026-0656	Microsoft Authenticator App: Schwachstelle ermöglicht Offenlegung von Informationen	2026-03-10T23:00:00.000+00:00	2026-03-10T23:00:00.000+00:00
wid-sec-w-2026-0655	Microsoft Azure Komponenten: Mehrere Schwachstellen	2026-03-10T23:00:00.000+00:00	2026-03-10T23:00:00.000+00:00
wid-sec-w-2026-0654	Siemens SICAM SIAPP SDK: Mehrere Schwachstellen	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0653	Zoom Rooms und Workplace: Mehrere Schwachstellen ermöglichen Privilegieneskalation	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0652	Siemens SIMATIC S7: Schwachstelle ermöglicht Cross-Site Scripting	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0651	Budibase: Mehrere Schwachstellen	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0650	Kubernetes (ingress-nginx): Schwachstelle ermöglicht Codeausführung	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0649	Linux Kernel: Schwachstelle ermöglicht Denial of Service	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0648	vllm: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0647	SAP Patchday März 2026: Mehrere Schwachstellen	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0646	VMware Workspace One: Schwachstelle ermöglicht Offenlegung von Informationen	2021-12-16T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0645	binutils: Mehrere Schwachstellen ermöglichen Denial of Service	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0644	Devolutions Server: Schwachstelle ermöglicht Privilegieneskalation	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0643	ImageMagick: Mehrere Schwachstellen	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0642	IBM Planning Analytics: Schwachstelle ermöglicht Offenlegung von Informationen	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0641	NATS Server: Mehrere Schwachstellen ermöglichen Denial of Service	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0640	CODESYS Installer: Schwachstelle ermöglicht Privilegieneskalation	2026-03-09T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0636	Apache Airflow: Schwachstelle ermöglicht Codeausführung	2026-03-08T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0615	Red Hat Enterprise Linux (nfs-utils): Schwachstelle ermöglicht Offenlegung von Informationen	2026-03-05T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0569	Google Android: Mehrere Schwachstellen	2026-03-02T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0548	Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2026-02-26T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0506	FreeBSD Project FreeBSD OS: Mehrere Schwachstellen	2026-02-24T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0499	ImageMagick: Mehrere Schwachstellen	2026-02-24T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0497	Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen	2026-02-24T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0484	ImageMagick: Mehrere Schwachstellen	2026-02-23T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0469	GIMP: Mehrere Schwachstellen ermöglichen Codeausführung	2026-02-19T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0443	Apache Tomcat und Tomcat Native: Mehrere Schwachstellen	2026-02-17T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0427	Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen	2026-02-16T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0409	PostgreSQL: Mehrere Schwachstellen	2026-02-12T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00
wid-sec-w-2026-0377	Ivanti Endpoint Manager: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2026-02-10T23:00:00.000+00:00	2026-03-09T23:00:00.000+00:00

ID	Description	Published	Updated
icsa-26-064-01	Delta Electronics CNCSoft-G2	2026-03-05T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
icsa-25-350-02	Johnson Controls PowerG, IQPanel and IQHub (Update A)	2025-12-16T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
icsa-25-343-01	Universal Boot Loader (U-Boot) (Update A)	2025-12-09T07:00:00.000000Z	2026-03-05T07:00:00.000000Z
va-25-297-01	IBM DOORS Next Generation multiple vulnerabilities	2025-10-22T18:45:47Z	2026-03-04T00:00:00Z
icsa-26-062-05	Labkotec LID-3300IP	2026-03-03T07:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-26-062-04	Portwell Engineering Toolkits	2026-03-03T07:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-26-062-03	Hitachi Energy RTU500 Product	2026-02-24T00:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-26-062-02	Hitachi Energy Relion REB500 Product	2026-02-24T00:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-25-023-02	Hitachi Energy RTU500 Series Product (Update B)	2024-04-30T00:00:00.000000Z	2026-03-03T07:00:00.000000Z
icsa-26-062-08	Everon OCPP Backends	2026-03-03T06:00:00.000000Z	2026-03-03T06:00:00.000000Z
icsa-26-062-07	ePower epower.ie	2026-03-03T06:00:00.000000Z	2026-03-03T06:00:00.000000Z
icsa-26-062-06	Mobiliti e-mobi.hu	2026-03-03T06:00:00.000000Z	2026-03-03T06:00:00.000000Z
icsa-26-057-10	Copeland XWEB and XWEB Pro	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-09	Yokogawa CENTUM VP R6, R7	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-08	Mobility46 mobility46.se	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-07	EV Energy ev.energy	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-06	SWITCH EV swtchenergy.com	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-05	Chargemap chargemap.com	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-04	EV2GO ev2go.io	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-03	CloudCharge cloudcharge.se	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-02	Pelco, Inc. Sarix Pro 3 Series IP Cameras	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-057-01	Johnson Controls, Inc. Frick Controls Quantum HD	2026-02-26T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-048-04	Honeywell HIB2PI and HDZ Series CCTV Cameras (Update A)	2026-02-17T07:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-25-133-02	Hitachi Energy Relion 670/650/SAM600-IO Series (Update C)	2023-11-28T00:00:00.000000Z	2026-02-26T07:00:00.000000Z
icsa-26-043-06	Siemens SINEC OS	2026-01-28T00:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-26-027-01	iba Systems ibaPDA	2026-01-27T07:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-25-226-15	Siemens SINEC OS	2025-08-12T00:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-25-226-07	Siemens Third-Party Components in SINEC OS	2025-08-12T00:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-25-203-04	Schneider Electric EcoStruxure Power Operation (Update A)	2025-07-22T06:00:00.000000Z	2026-02-25T07:00:00.000000Z
icsa-26-055-02	Schneider Electric EcoStruxure Building Operation Workstation	2026-02-10T08:00:00.000000Z	2026-02-24T07:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-sdwan-authbp-qwcx8d4v	Cisco Catalyst SD-WAN Vulnerabilities	2026-02-25T16:00:00+00:00	2026-03-05T00:06:17+00:00
cisco-sa-fmc-sql-inject-2enmtc8v	Cisco Secure Firewall Management Center Software SQL Injection Vulnerability	2024-10-23T16:00:00+00:00	2026-03-04T16:11:01+00:00
cisco-sa-asaftd-cmd-inj-zjv8wysm	Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability	2024-04-24T16:00:00+00:00	2026-03-04T16:10:59+00:00
cisco-sa-onprem-fmc-authbypass-5jpp45v2	Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-ftdfmc-dir-trav-wergjhwq	Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-ftd-tcp-dos-rhfqnwrg	Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-ftd-snort-bypass-rlggkzvf	Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-ftd-dnd-dos-bpecg7b7	Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-ftd-cmd-inj-mtzgzexf	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-fmc-sql-injection-2qh6ccjd	Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-fmc-rce-nkhnuljh	Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asaftd-vpn-m9sx6mbc	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asaftd-saml-lkttrwzp	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ospf-zh8phbsw	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asaftd-luainject-vescqgms	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ikev2-dos-ebuegdeg	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asaftd-desync-n5avzeqw	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-asa-ssh-keybypass-cr5xpusf	Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability	2026-03-04T16:00:00+00:00	2026-03-04T16:00:00+00:00
cisco-sa-sdwan-rpa-ehchtzk	Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability	2026-02-25T16:00:00+00:00	2026-03-03T00:38:56+00:00
cisco-sa-sd-wan-priv-e6e8tedf	Cisco SD-WAN Software Privilege Escalation Vulnerabilities	2022-09-28T16:00:00+00:00	2026-02-25T20:29:00+00:00
cisco-sa-ucsm-cmdinj-gvxlpesb	Cisco UCS Manager Software Command Injection Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-ucsm-afwae-mogufyln	Cisco UCS Manager Software Privilege Escalation Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-ucsfxosxss-7skve8zv	Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-ucsciv-wgytc78q	Cisco FXOS and UCS Manager Software Command Injection Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4	Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-dsnmp-cnn39uh	Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-nxos-cpdos-qlsv6pfd	Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3	Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw	Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability	2026-02-25T16:00:00+00:00	2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf	Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability	2026-02-04T16:00:00+00:00	2026-02-20T21:08:47+00:00

ID	Description	Published	Updated
msrc_cve-2026-23865	An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.	2026-03-02T00:00:00.000Z	2026-03-11T01:40:19.000Z
msrc_cve-2026-3713	pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow	2026-03-02T00:00:00.000Z	2026-03-11T01:03:59.000Z
msrc_cve-2026-27137	Incorrect enforcement of email constraints in crypto/x509	2026-03-02T00:00:00.000Z	2026-03-11T01:03:44.000Z
msrc_cve-2026-27138	Panic in name constraint checking for malformed certificates in crypto/x509	2026-03-02T00:00:00.000Z	2026-03-11T01:03:35.000Z
msrc_cve-2026-27142	URLs in meta content attribute actions are not escaped in html/template	2026-03-02T00:00:00.000Z	2026-03-11T01:03:28.000Z
msrc_cve-2025-69644	An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless output until manually interrupted. This issue affects versions prior to the upstream fix and allows a local attacker to cause excessive resource consumption by supplying a malicious input file.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:56.000Z
msrc_cve-2025-69651	GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. Later, process_got_section_contents() may attempt to free an invalid r_symbol pointer, triggering memory corruption checks in glibc and causing the program to terminate with SIGABRT. No evidence of further memory corruption or code execution was observed; the impact is limited to denial of service.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:49.000Z
msrc_cve-2025-69649	GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:41.000Z
msrc_cve-2025-69645	Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:32.000Z
msrc_cve-2025-69652	GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:25.000Z
msrc_cve-2025-69650	GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:17.000Z
msrc_cve-2025-69646	Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis.	2026-03-02T00:00:00.000Z	2026-03-11T01:02:09.000Z
msrc_cve-2026-29786	node-tar: Hardlink Path Traversal via Drive-Relative Linkpath	2026-03-02T00:00:00.000Z	2026-03-11T01:02:00.000Z
msrc_cve-2026-3494	MariaDB Server Audit Plugin Comment Handling Bypass	2026-03-02T00:00:00.000Z	2026-03-11T01:01:52.000Z
msrc_cve-2026-3731	libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds	2026-03-02T00:00:00.000Z	2026-03-11T01:01:46.000Z
msrc_cve-2024-14027	xattr: switch to CLASS(fd)	2026-03-02T00:00:00.000Z	2026-03-11T01:01:37.000Z
msrc_cve-2026-27139	FileInfo can escape from a Root in os	2026-03-02T00:00:00.000Z	2026-03-11T01:01:32.000Z
msrc_cve-2026-26018	CoreDNS Loop Detection Denial of Service Vulnerability	2026-03-02T00:00:00.000Z	2026-03-11T01:01:19.000Z
msrc_cve-2026-26017	CoreDNS ACL Bypass	2026-03-02T00:00:00.000Z	2026-03-11T01:01:14.000Z
msrc_cve-2026-26148	Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26144	Microsoft Excel Information Disclosure Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26141	Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26134	Microsoft Office Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26132	Windows Kernel Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26131	.NET Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26130	ASP.NET Core Denial of Service Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26128	Windows SMB Server Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26123	Microsoft Authenticator Information Disclosure Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26121	Azure IOT Explorer Spoofing Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
msrc_cve-2026-26118	Azure MCP Server Tools Elevation of Privilege Vulnerability	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z

ID	Description	Published	Updated
ncsc-2026-0085	Kwetsbaarheden verholpen in Microsoft Developer tools	2026-03-10T20:35:10.478398Z	2026-03-10T20:35:10.478398Z
ncsc-2026-0084	Kwetsbaarheden verholpen in Microsoft Office	2026-03-10T20:20:08.157658Z	2026-03-10T20:20:08.157658Z
ncsc-2026-0083	Kwetsbaarheid verholpen in Microsoft Authenticator app	2026-03-10T20:18:35.792755Z	2026-03-10T20:18:35.792755Z
ncsc-2026-0082	Kwetsbaarheden verholpen in Microsoft Azure	2026-03-10T20:15:41.528951Z	2026-03-10T20:15:41.528951Z
ncsc-2026-0081	Kwetsbaarheden verholpen in Microsoft SQL Server	2026-03-10T20:12:56.032261Z	2026-03-10T20:12:56.032261Z
ncsc-2026-0080	Kwetsbaarheden verholpen in Microsoft Windows	2026-03-10T20:07:55.976638Z	2026-03-10T20:07:55.976638Z
ncsc-2026-0059	Kwetsbaarheden verholpen in Ivanti Endpoint Manager	2026-02-11T08:16:27.583936Z	2026-03-10T14:20:48.176282Z
ncsc-2026-0079	Kwetsbaarheden verholpen in Siemens producten	2026-03-10T12:39:14.474522Z	2026-03-10T12:39:14.474522Z
ncsc-2026-0071	Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager	2026-02-25T17:11:09.013125Z	2026-03-06T12:07:02.595940Z
ncsc-2026-0078	Kwetsbaarheden verholpen in Kibana	2026-03-05T09:36:49.056247Z	2026-03-05T09:36:49.056247Z
ncsc-2026-0077	Kwetsbaarheden verholpen in Cisco Secure Firewall systemen	2026-03-05T09:05:21.646499Z	2026-03-05T09:05:21.646499Z
ncsc-2026-0076	Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center	2026-03-04T20:49:12.211658Z	2026-03-04T20:49:12.211658Z
ncsc-2026-0075	Kwetsbaarheid verholpen in n8n Automation Platform	2026-03-04T14:03:54.207583Z	2026-03-04T14:03:54.207583Z
ncsc-2026-0070	Kwetsbaarheden verholpen in VMware Aria Operations	2026-02-25T11:24:46.807867Z	2026-03-04T08:54:08.940512Z
ncsc-2026-0074	Kwetsbaarheden verholpen in Google Android en Samsung Mobile	2026-03-03T09:07:09.279353Z	2026-03-03T09:07:09.279353Z
ncsc-2026-0073	Kwetsbaarheid verholpen in Juniper Junos OS Evolved	2026-02-27T09:48:51.845864Z	2026-02-27T09:48:51.845864Z
ncsc-2026-0072	Kwetsbaarheden verholpen in GitLab	2026-02-27T07:15:18.318821Z	2026-02-27T07:15:18.318821Z
ncsc-2026-0069	Kwetsbaarheden verholpen in SolarWinds Serv-U	2026-02-25T10:39:38.154815Z	2026-02-25T10:39:38.154815Z
ncsc-2026-0068	Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform	2026-02-23T14:27:28.865278Z	2026-02-23T14:27:28.865278Z
ncsc-2026-0043	Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile	2026-01-29T19:15:04.575371Z	2026-02-20T14:47:02.047999Z
ncsc-2026-0067	Kwetsbaarheden verholpen in GitHub Enterprise Server	2026-02-20T10:13:39.540778Z	2026-02-20T10:13:39.540778Z
ncsc-2026-0066	Kwetsbaarheid verholpen in Google Chrome	2026-02-19T08:29:30.712590Z	2026-02-19T08:29:30.712590Z
ncsc-2026-0065	Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines	2026-02-18T13:18:23.815384Z	2026-02-18T13:18:23.815384Z
ncsc-2026-0064	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2026-02-13T13:35:03.870920Z	2026-02-13T13:35:03.870920Z
ncsc-2026-0063	Kwetsbaarheden verholpen in Apple macOS	2026-02-13T13:24:06.433550Z	2026-02-13T13:24:06.433550Z
ncsc-2026-0048	Kwetsbaarheid verholpen in BeyondTrust Remote Support	2026-02-09T10:27:57.867529Z	2026-02-13T12:54:32.614217Z
ncsc-2026-0062	Kwetsbaarheden verholpen in GitLab CE/EE	2026-02-11T11:45:05.986313Z	2026-02-11T11:45:05.986313Z
ncsc-2026-0061	Kwetsbaarheden verholpen in Fortinet FortiOS	2026-02-11T11:34:50.888067Z	2026-02-11T11:34:50.888067Z
ncsc-2026-0060	Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient	2026-02-11T11:34:36.684955Z	2026-02-11T11:34:36.684955Z
ncsc-2026-0058	Kwetsbaarheden verholpen in Microsoft Office	2026-02-10T19:11:42.825147Z	2026-02-10T19:11:42.825147Z

ID	Description	Published	Updated
nn-2025:18-01	Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0	2026-03-04T11:00:00.000Z	2026-03-04T11:00:00.000Z
nn-2025:17-01	HTML injection in Sensor Map in CMC before 25.6.0	2026-03-04T11:00:00.000Z	2026-03-04T11:00:00.000Z
nn-2025:16-01	HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0	2026-03-04T11:00:00.000Z	2026-03-04T11:00:00.000Z
nn-2025:15-01	Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:14-01	HTML injection in Asset List in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:13-01	Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:12-01	HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:11-01	Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0	2025-11-25T11:00:00.000Z	2025-11-26T11:00:00.000Z
nn-2025:9-01	Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:8-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:7-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:6-01	Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:5-01	Incorrect authorization for CLI in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:4-01	Client-side path traversal in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:10-01	Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:3-01	Incorrect authorization for traces request/download in CMC before 25.1.0	2025-08-26T11:00:00.000Z	2025-08-26T11:00:00.000Z
nn-2025:2-01	Privilege escalation in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2025:1-01	Authenticated RCE in update functionality in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2024:2-01	Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0	2024-09-11T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2024:1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:7-01	DoS via SAML configuration in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:6-01	Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:4-01	Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:3-01	Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:2-01	Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:15-01	Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-09-19T11:00:00.000Z

ID	Description	Published	Updated
opensuse-su-2026:10314-1	traefik2-2.11.40-1.1 on GA media	2026-03-09T00:00:00Z	2026-03-09T00:00:00Z
opensuse-su-2026:10313-1	rclone-1.73.2-1.1 on GA media	2026-03-09T00:00:00Z	2026-03-09T00:00:00Z
opensuse-su-2026:10312-1	python311-pymongo-4.16.0-1.1 on GA media	2026-03-09T00:00:00Z	2026-03-09T00:00:00Z
opensuse-su-2026:10311-1	corepack24-24.13.0-4.1 on GA media	2026-03-08T00:00:00Z	2026-03-08T00:00:00Z
opensuse-su-2026:10310-1	go1.25-1.25.8-1.1 on GA media	2026-03-08T00:00:00Z	2026-03-08T00:00:00Z
opensuse-su-2026:20332-1	Security update for chromium	2026-03-07T12:59:14Z	2026-03-07T12:59:14Z
opensuse-su-2026:10309-1	weblate-5.16.1-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10308-1	virtiofsd-1.13.2-2.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10307-1	tomcat11-11.0.18-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10306-1	tomcat10-10.1.52-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10305-1	tomcat-9.0.115-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10304-1	python311-nltk-3.9.3-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10303-1	libIex-3_4-33-3.4.6-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10302-1	kubeshark-cli-53.1.0-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10301-1	kernel-devel-longterm-6.18.16-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10300-1	jetty-annotations-9.4.58-3.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10299-1	go1.26-1.26.1-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10298-1	exiv2-0.28.8-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10297-1	coredns-1.14.2-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10296-1	chromedriver-145.0.7632.159-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:10295-1	NetworkManager-applet-strongswan-1.6.4-1.1 on GA media	2026-03-07T00:00:00Z	2026-03-07T00:00:00Z
opensuse-su-2026:20333-1	Security update for python-PyPDF2	2026-03-06T21:01:39Z	2026-03-06T21:01:39Z
opensuse-su-2026:20330-1	Security update for python-uv	2026-03-06T14:43:28Z	2026-03-06T14:43:28Z
opensuse-su-2026:20323-1	Security update for roundcubemail	2026-03-05T18:31:03Z	2026-03-05T18:31:03Z
opensuse-su-2026:20329-1	Security update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer	2026-03-05T18:13:13Z	2026-03-05T18:13:13Z
opensuse-su-2026:20322-1	Security update for python-joserfc	2026-03-05T14:32:35Z	2026-03-05T14:32:35Z
opensuse-su-2026:20327-1	Security update for helm	2026-03-05T14:27:21Z	2026-03-05T14:27:21Z
opensuse-su-2026:20326-1	Security update for virtiofsd	2026-03-05T14:23:19Z	2026-03-05T14:23:19Z
opensuse-su-2026:10294-1	telemetrygen-0.147.0-1.1 on GA media	2026-03-05T00:00:00Z	2026-03-05T00:00:00Z
opensuse-su-2026:10293-1	python311-joserfc-1.6.3-1.1 on GA media	2026-03-05T00:00:00Z	2026-03-05T00:00:00Z

ID	Description	Published	Updated
oxdc-adv-2025-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001	2025-10-31T00:00:00+00:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0003	OX App Suite Security Advisory OXAS-ADV-2025-0003	2025-09-24T00:00:00+02:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0002	OX App Suite Security Advisory OXAS-ADV-2025-0002	2025-08-12T00:00:00+02:00	2025-10-31T00:00:00+00:00
oxas-adv-2025-0001	OX App Suite Security Advisory OXAS-ADV-2025-0001	2025-01-27T00:00:00+01:00	2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxas-adv-2024-0005	OX App Suite Security Advisory OXAS-ADV-2024-0005	2024-07-08T00:00:00+02:00	2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001	2024-09-02T00:00:00+02:00	2024-09-06T00:00:00+00:00
oxas-adv-2024-0004	OX App Suite Security Advisory OXAS-ADV-2024-0004	2024-06-13T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0003	OX App Suite Security Advisory OXAS-ADV-2024-0003	2024-04-24T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0002	OX App Suite Security Advisory OXAS-ADV-2024-0002	2024-03-06T00:00:00+01:00	2024-05-06T00:00:00+00:00
oxas-adv-2024-0001	OX App Suite Security Advisory OXAS-ADV-2024-0001	2024-02-08T00:00:00+01:00	2024-04-25T00:00:00+00:00
oxas-adv-2023-0007	OX App Suite Security Advisory OXAS-ADV-2023-0007	2023-12-11T00:00:00+01:00	2024-02-16T00:00:00+00:00
oxas-adv-2023-0006	OX App Suite Security Advisory OXAS-ADV-2023-0006	2023-09-25T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0005	OX App Suite Security Advisory OXAS-ADV-2023-0005	2023-09-19T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0004	OX App Suite Security Advisory OXAS-ADV-2023-0004	2023-08-01T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0003	OX App Suite Security Advisory OXAS-ADV-2023-0003	2023-05-02T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0002	OX App Suite Security Advisory OXAS-ADV-2023-0002	2023-03-20T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0001	OX App Suite Security Advisory OXAS-ADV-2023-0001	2023-02-06T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0002	OX App Suite Security Advisory OXAS-ADV-2022-0002	2022-11-02T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0001	OX App Suite Security Advisory OXAS-ADV-2022-0001	2022-08-10T00:00:00+02:00	2024-01-22T00:00:00+00:00

ID	Description	Published	Updated
rhsa-2025:22275	Red Hat Security Advisory: OpenShift Container Platform 4.13.62 bug fix and security update	2025-12-05T13:28:34+00:00	2026-03-11T08:40:24+00:00
rhsa-2025:21824	Red Hat Security Advisory: OpenShift Container Platform 4.16.53 bug fix and security update	2025-11-27T11:08:51+00:00	2026-03-11T08:40:21+00:00
rhsa-2025:21795	Red Hat Security Advisory: OpenShift Container Platform 4.18.29 bug fix and security update	2025-11-27T04:24:21+00:00	2026-03-11T08:40:18+00:00
rhsa-2025:21702	Red Hat Security Advisory: podman security update	2025-11-18T15:34:16+00:00	2026-03-11T08:40:14+00:00
rhsa-2025:21634	Red Hat Security Advisory: buildah security update	2025-11-18T00:31:14+00:00	2026-03-11T08:40:11+00:00
rhsa-2025:21633	Red Hat Security Advisory: buildah security update	2025-11-18T00:16:49+00:00	2026-03-11T08:40:08+00:00
rhsa-2025:21328	Red Hat Security Advisory: OpenShift Container Platform 4.14.59 packages and security update	2025-11-20T07:57:21+00:00	2026-03-11T08:39:58+00:00
rhsa-2025:21232	Red Hat Security Advisory: container-tools:rhel8 security update	2025-11-13T10:51:18+00:00	2026-03-11T08:39:48+00:00
rhsa-2025:21220	Red Hat Security Advisory: podman security update	2025-11-13T09:10:41+00:00	2026-03-11T08:39:42+00:00
rhsa-2025:20957	Red Hat Security Advisory: runc security update	2025-11-11T15:07:24+00:00	2026-03-11T08:39:40+00:00
rhsa-2025:19927	Red Hat Security Advisory: runc security update	2025-11-07T18:11:41+00:00	2026-03-11T08:39:37+00:00
rhsa-2026:4215	Red Hat Security Advisory: Red Hat Quay 3.14.6	2026-03-10T15:34:38+00:00	2026-03-11T08:39:32+00:00
rhsa-2026:3108	Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.5	2026-02-23T17:24:11+00:00	2026-03-11T08:39:29+00:00
rhsa-2026:2900	Red Hat Security Advisory: Network Observability 1.11.0 for OpenShift	2026-02-18T08:39:41+00:00	2026-03-11T08:39:25+00:00
rhsa-2026:2737	Red Hat Security Advisory: Red Hat Ceph Storage	2026-02-16T12:56:05+00:00	2026-03-11T08:39:13+00:00
rhsa-2026:2711	Red Hat Security Advisory: Red Hat Ceph Storage 8.1 security and bug fix update	2026-02-16T10:49:01+00:00	2026-03-11T08:39:10+00:00
rhsa-2026:2572	Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.14.2 security update	2026-02-11T16:14:44+00:00	2026-03-11T08:39:07+00:00
rhsa-2026:2571	Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.2 security update	2026-02-11T15:58:30+00:00	2026-03-11T08:39:05+00:00
rhsa-2026:2568	Red Hat Security Advisory: RHACS 4.9.3 security and bug fix update	2026-02-11T15:09:41+00:00	2026-03-11T08:39:04+00:00
rhsa-2026:2456	Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release.	2026-02-10T17:06:01+00:00	2026-03-11T08:39:01+00:00
rhsa-2026:2351	Red Hat Security Advisory: VolSync v0.13 security fixes and container updates	2026-02-09T15:55:39+00:00	2026-03-11T08:38:58+00:00
rhsa-2026:2350	Red Hat Security Advisory: RHACS 4.9.3 security and bug fix update	2026-02-09T15:50:42+00:00	2026-03-11T08:38:53+00:00
rhsa-2026:2343	Red Hat Security Advisory: Red Hat OpenShift API for Data Protection	2026-02-09T14:20:06+00:00	2026-03-11T08:38:50+00:00
rhsa-2026:2129	Red Hat Security Advisory: OpenShift Container Platform 4.21.1 bug fix and security update	2026-02-10T09:39:14+00:00	2026-03-11T08:38:49+00:00
rhsa-2026:2082	Red Hat Security Advisory: OpenShift Container Platform 4.21.1 packages and security update	2026-02-10T11:30:56+00:00	2026-03-11T08:38:44+00:00
rhsa-2026:2071	Red Hat Security Advisory: OpenShift Container Platform 4.18.33 packages and security update	2026-02-11T04:55:25+00:00	2026-03-11T08:38:44+00:00
rhsa-2026:1942	Red Hat Security Advisory: Red Hat Quay 3.15.3	2026-02-04T15:43:51+00:00	2026-03-11T08:38:39+00:00
rhsa-2026:1838	Red Hat Security Advisory: image-builder security update	2026-02-05T16:02:26+00:00	2026-03-11T08:38:37+00:00
rhsa-2026:1837	Red Hat Security Advisory: osbuild-composer security update	2026-02-05T16:03:01+00:00	2026-03-11T08:38:34+00:00
rhsa-2026:1552	Red Hat Security Advisory: OpenShift Container Platform 4.19.23 bug fix and security update	2026-02-04T10:50:17+00:00	2026-03-11T08:38:20+00:00

ID	Description	Published	Updated
sevd-2026-069-06	Deserialization of Untrusted Data vulnerability on Multiple Products	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-069-05	Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-069-04	Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-069-03	Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-069-02	Improper Neutralization in Multiple Products	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-069-01	Improper Resource Shutdown or Release vulnerability in Multiple Products	2026-03-10T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-013-04	Multiple Vulnerabilities on EcoStruxure Power Build Rapsody	2026-01-13T08:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-013-01	Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx	2026-01-13T08:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2025-014-07	FlexNet Publisher Vulnerability	2025-01-14T07:00:00.000Z	2026-03-10T07:00:00.000Z
sevd-2026-041-02	Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation	2026-02-10T08:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2026-041-01	Improper Check for Unusual or Exceptional Conditions on Multiple Products	2026-02-10T08:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2025-343-01	EcoStruxure™ Foxboro DCS	2025-12-09T08:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2025-189-03	EcoStruxure™ Power Operation	2025-07-08T04:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2025-042-02	Improper Input Validation Vulnerability in Uni-Telway Driver	2025-02-11T05:00:00.000Z	2026-02-10T08:00:00.000Z
sevd-2026-013-03	Multiple Vulnerabilities on Zigbee Products	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2026-013-02	Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2025-014-06	RemoteConnect and SCADAPack™ x70 Utilities	2025-01-14T00:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2024-317-03	Modicon Controllers M340 / Momentum / MC80	2024-11-12T05:00:00.000Z	2026-01-13T08:00:00.000Z
sevd-2025-343-02	EcoStruxure™ Foxboro DCS Advisor	2025-12-09T08:00:00.000Z	2025-12-09T08:00:00.000Z
sevd-2025-252-01	Multiple Altivar Process Drives and Communication Modules	2025-09-09T04:00:00.000Z	2025-12-09T08:00:00.000Z
sevd-2023-192-04	CODESYS Runtime Vulnerabilities	2023-07-11T07:15:18.000Z	2025-12-09T08:00:00.000Z
sevd-2021-159-04	ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools	2021-06-08T04:36:25.000Z	2025-11-15T00:00:00.000Z
sevd-2022-284-03	ISaGRAF Workbench for SAGE RTU	2022-10-10T22:13:16.000Z	2025-11-14T06:30:00.000Z
sevd-2025-315-02	EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio	2025-11-11T08:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-315-01	PowerChute™ Serial Shutdown	2025-11-11T08:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-224-02	EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO)	2025-08-12T04:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-224-01	Saitel DR & Saitel DP Remote Terminal Unit	2025-08-12T04:00:00.000Z	2025-11-11T08:00:00.000Z
sevd-2025-287-01	EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server	2025-10-14T07:00:00.000Z	2025-10-14T07:00:00.000Z
sevd-2025-133-01	Modicon Controllers M241/M251/M258/LMC058	2025-05-13T04:00:00.000Z	2025-10-14T07:00:00.000Z
sevd-2024-345-03	Modicon M241 / M251 / M258 / LMC058	2024-12-10T05:00:00.000Z	2025-10-14T07:00:00.000Z

ID	Description	Published	Updated
sca-2026-0006	Vulnerabilities affecting SICK Lector85x and SICK Lector83x	2026-03-06T14:00:00.000Z	2026-03-06T14:00:00.000Z
sca-2026-0005	Vulnerabilities affecting SICK LMS1000 and SICK MRS1000	2026-02-27T14:00:00.000Z	2026-02-27T14:00:00.000Z
sca-2026-0004	Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products	2026-02-13T14:00:00.000Z	2026-02-13T14:00:00.000Z
sca-2026-0003	Vulnerability affecting SICK nanoScan3 and microScan3	2026-01-26T14:00:00.000Z	2026-01-26T14:00:00.000Z
sca-2026-0002	Vulnerabilities affecting SICK Incoming Goods Suite	2026-01-15T14:00:00.000Z	2026-01-22T19:00:00.000Z
sca-2026-0001	Vulnerabilities affecting SICK TDC-X401GL	2026-01-15T14:00:00.000Z	2026-01-15T14:00:00.000Z
sca-2025-0013	Vulnerabilities affecting SICK TLOC100-100	2025-10-27T14:00:00.000Z	2025-11-11T14:00:00.000Z
sca-2025-0014	CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC	2025-11-03T11:00:00.000Z	2025-11-03T14:00:00.000Z
sca-2025-0012	Sudo vulnerability affects SICK SID products	2025-10-27T11:00:00.000Z	2025-10-27T14:00:00.000Z
sca-2025-0011	Vulnerabilities affecting Endress+Hauser SSG-E210GC	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0010	Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0009	Vulnerabilities affecting SICK TDC-E210GC	2025-08-01T13:00:00.000Z	2025-08-01T13:00:00.000Z
sca-2025-0008	Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4	2025-07-03T13:00:00.000Z	2025-07-03T13:00:00.000Z
sca-2025-0007	Multiple vulnerabilities in SICK Field Analytics and SICK Media Server	2025-06-12T13:00:00.000Z	2025-06-12T13:00:00.000Z
sca-2025-0003	FreeRTOS Vulnerabilities have no impact on SICK Products	2025-02-28T00:00:00.000Z	2025-05-20T11:00:00.000Z
sca-2025-0006	Vulnerability affecting picoScan and multiScan	2025-04-28T13:00:00.000Z	2025-04-28T13:00:00.000Z
sca-2025-0005	Vulnerabilities in SICK Flexi Compact	2025-04-28T10:00:00.000Z	2025-04-28T10:00:00.000Z
sca-2025-0004	Critical vulnerabilities in SICK DL100-2xxxxxxx	2025-03-14T11:00:00.000Z	2025-03-14T11:00:00.000Z
sca-2025-0001	Multiple vulnerabilities in SICK MEAC300	2025-02-14T14:00:00.000Z	2025-02-21T14:00:00.000Z
sca-2025-0002	Vulnerability in SICK Lector8xx and SICK InspectorP8xx	2025-02-14T10:19:00.000Z	2025-02-14T10:19:00.000Z
sca-2024-0007	Vulnerability in SICK OLM	2024-12-31T00:00:00.000Z	2024-12-31T00:00:00.000Z
sca-2024-0006	Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx	2024-12-06T00:00:00.000Z	2024-12-06T00:00:00.000Z
sca-2024-0005	Vulnerability in SICK Incoming Goods Suite	2024-11-19T00:00:00.000Z	2024-11-19T00:00:00.000Z
sca-2024-0004	Third party vulnerabilities in SICK CDE-100	2024-11-07T12:00:00.000Z	2024-11-07T12:00:00.000Z
sca-2024-0003	Critical vulnerability in multiple SICK products	2024-10-17T13:00:00.000Z	2024-10-17T13:00:00.000Z
sca-2024-0002	Vulnerability in SICK MSC800	2024-09-11T23:00:00.000Z	2024-09-11T23:00:00.000Z
sca-2024-0001	Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics	2024-01-29T00:00:00.000Z	2024-01-29T00:00:00.000Z
sca-2023-0011	Vulnerability in multiple SICK Flexi Soft Gateways	2023-10-23T11:00:00.000Z	2023-10-23T11:00:00.000Z
sca-2023-0010	Vulnerabilities in SICK Application Processing Unit	2023-10-09T11:00:00.000Z	2023-10-09T11:00:00.000Z
sca-2023-0008	Vulnerability in SICK SIM1012	2023-09-29T13:00:00.000Z	2023-09-29T13:00:00.000Z

ID	Description	Published	Updated
ssa-975644	SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices	2026-03-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-903736	SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7	2026-03-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-868571	SSA-868571: Missing Server Certificate Validation in IAM Client	2025-12-09T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-770770	SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices	2025-02-11T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-710408	SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit	2025-12-09T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-535115	SSA-535115: Data Validation Vulnerability in NX Before V2512	2026-02-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-513708	SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices	2025-06-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-485750	SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800	2026-03-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-452276	SSA-452276: Stored Cross-Site Scripting Vulnerability in SIMATIC S7-1500	2026-03-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-430425	SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0	2024-10-08T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-282044	SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery	2025-08-12T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-212953	SSA-212953: Multiple Vulnerabilities in COMOS	2025-12-09T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-201595	SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager	2025-08-14T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-126399	SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers	2026-03-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-027652	SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives	2025-09-09T00:00:00.000Z	2026-03-10T00:00:00.000Z
ssa-613116	SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1	2025-08-12T00:00:00Z	2026-02-24T00:00:00Z
ssa-355557	SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2	2025-08-12T00:00:00Z	2026-02-24T00:00:00Z
ssa-089022	SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3	2026-01-28T00:00:00Z	2026-02-24T00:00:00Z
ssa-965753	SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-864900	SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices	2025-05-13T00:00:00Z	2026-02-10T00:00:00Z
ssa-783261	SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2	2012-12-12T00:00:00Z	2026-02-10T00:00:00Z
ssa-674753	SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices	2026-01-13T00:00:00Z	2026-02-10T00:00:00Z
ssa-625934	SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-599451	SSA-599451: Multiple Vulnerabilities in SiPass integrated	2025-10-14T00:00:00Z	2026-02-10T00:00:00Z
ssa-507364	SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-445819	SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-311973	SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC)	2026-02-10T00:00:00Z	2026-02-10T00:00:00Z
ssa-265688	SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1	2024-04-09T00:00:00Z	2026-02-10T00:00:00Z
ssa-216014	SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs	2025-03-11T00:00:00Z	2026-02-10T00:00:00Z

ID	Description	Published	Updated
suse-su-2026:0854-1	Security update for ImageMagick	2026-03-09T15:34:51Z	2026-03-09T15:34:51Z
suse-su-2026:0853-1	Security update for ImageMagick	2026-03-09T15:34:27Z	2026-03-09T15:34:27Z
suse-su-2026:0852-1	Security update for ImageMagick	2026-03-09T15:32:56Z	2026-03-09T15:32:56Z
suse-su-2026:0851-1	Security update for ImageMagick	2026-03-09T15:32:14Z	2026-03-09T15:32:14Z
suse-su-2026:0849-1	Security update for python-Flask	2026-03-09T10:13:40Z	2026-03-09T10:13:40Z
suse-su-2026:0848-1	Security update for valkey	2026-03-07T18:18:45Z	2026-03-07T18:18:45Z
suse-su-2026:0847-1	Security update for libsoup	2026-03-07T01:34:36Z	2026-03-07T01:34:36Z
suse-su-2026:0846-1	Security update for python-Markdown	2026-03-06T17:04:39Z	2026-03-06T17:04:39Z
suse-su-2026:0840-1	Security update for grpc	2026-03-06T11:36:18Z	2026-03-06T11:36:18Z
suse-su-2026:0838-1	Security update for python-tornado	2026-03-06T08:15:16Z	2026-03-06T08:15:16Z
suse-su-2026:0834-1	Security update for libsoup2	2026-03-05T20:00:24Z	2026-03-05T20:00:24Z
suse-su-2026:0833-1	Security update for libsoup	2026-03-05T19:55:51Z	2026-03-05T19:55:51Z
suse-su-2026:0832-1	Security update for qemu	2026-03-05T16:38:47Z	2026-03-05T16:38:47Z
suse-su-2026:0831-1	Security update for openvpn	2026-03-05T15:18:06Z	2026-03-05T15:18:06Z
suse-su-2026:0830-1	Security update for ocaml	2026-03-05T15:17:30Z	2026-03-05T15:17:30Z
suse-su-2026:0829-1	Security update for gnutls	2026-03-05T15:17:09Z	2026-03-05T15:17:09Z
suse-su-2026:0828-1	Security update for python-Authlib	2026-03-05T15:16:58Z	2026-03-05T15:16:58Z
suse-su-2026:0827-1	Security update for glibc-livepatches	2026-03-05T15:16:49Z	2026-03-05T15:16:49Z
suse-su-2026:0826-1	Security update for expat	2026-03-05T15:16:40Z	2026-03-05T15:16:40Z
suse-su-2026:0825-1	Security update for php-composer2	2026-03-05T15:16:16Z	2026-03-05T15:16:16Z
suse-su-2026:0824-1	Security update for openCryptoki	2026-03-05T15:16:07Z	2026-03-05T15:16:07Z
suse-su-2026:0821-1	Security update for python-Django	2026-03-05T11:43:12Z	2026-03-05T11:43:12Z
suse-su-2026:0819-1	Security update for virtiofsd	2026-03-05T10:49:51Z	2026-03-05T10:49:51Z
suse-su-2026:0817-1	Security update for wireshark	2026-03-05T09:51:15Z	2026-03-05T09:51:15Z
suse-su-2026:0816-1	Security update for virtiofsd	2026-03-05T09:50:59Z	2026-03-05T09:50:59Z
suse-su-2026:0814-1	Security update for mozilla-nss	2026-03-05T09:06:46Z	2026-03-05T09:06:46Z
suse-su-2026:0813-1	Security update for mozilla-nss	2026-03-05T08:34:14Z	2026-03-05T08:34:14Z
suse-su-2026:0812-1	Security update for MozillaFirefox	2026-03-05T08:31:43Z	2026-03-05T08:31:43Z
suse-su-2026:0811-1	Security update for libsoup2	2026-03-05T03:05:23Z	2026-03-05T03:05:23Z
suse-su-2026:20648-1	Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)	2026-03-04T20:07:36Z	2026-03-04T20:07:36Z

ID	Description	Published	Updated

ID	Description	Published	Updated
hsec-2024-0004	Hackage package and doc upload stored XSS vulnerability	2026-01-16T11:18:20Z	2026-01-16T11:18:20Z
hsec-2025-0007	cmark-gfm: resource exhaustion due to quadratic complexity in parser	2025-12-27T08:58:56Z	2025-12-27T08:58:56Z
hsec-2025-0006	Private key leak via inherited file descriptor	2025-11-17T02:22:38Z	2025-11-17T02:22:38Z
hsec-2025-0005	cabal-install dependency confusion	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2025-0004	Broken Path Sanitization in spacecookie Library	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2025-0003	Use after free in multithreaded lzma (.xz) decoder	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2025-0002	Double Public Key Signing Function Oracle Attack on Ed25519	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2025-0001	Subword division operations may produce incorrect results	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0009	Public key confusion in third-party blocks	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0008	Sign extension error in the PPC64le FFI	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0007	Sign extension error in the AArch64 NCG	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0006	fromIntegral: conversion error	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0003	process: command injection via argument list on Windows	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0002	out-of-bounds write when there are many bzip2 selectors	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2024-0001	Reflected XSS vulnerability in keter	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0015	cabal-install uses expired key policies	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0014	Arbitrary file write is possible when using PDF output or --extract-media with untrusted input	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0013	git-annex plaintext storage of embedded credentials on encrypted remotes	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0012	git-annex checksum exposure to encrypted special remotes	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0011	git-annex GPG decryption attack via compromised remote	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0010	git-annex private data exfiltration to compromised remote	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0009	git-annex command injection via malicious SSH hostname	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0008	Stored XSS in hledger-web	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0007	readFloat: memory exhaustion with large exponent	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0006	x509-validation does not enforce pathLenConstraint	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0005	tls-extra: certificate validation does not check Basic Constraints	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0004	xml-conduit unbounded entity expansion	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0003	code injection in xmonad-contrib	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0002	Improper Verification of Cryptographic Signature	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z
hsec-2023-0001	Hash flooding vulnerability in aeson	2025-11-14T14:45:34Z	2025-11-14T14:45:34Z

ID	Description	Published	Updated
osec-2026-01	Buffer Over-Read in OCaml Marshal Deserialization	2026-02-17T13:30:00Z	2026-02-27T09:30:00Z
osec-2026-02	ARP unbounded memory usage	2026-02-18T10:30:00Z	2026-02-18T10:30:00Z
osec-2022-01	Infinite loop in console output on xen	2022-12-07T00:00:00Z	2026-02-18T09:30:00Z
osec-2025-01	Albatross console out of memory	2025-08-15T00:18:22Z	2026-01-13T12:00:00Z
osec-2019-02	Grant unshare vulnerability in mirage-xen	2019-04-26T00:00:00Z	2026-01-13T12:00:00Z
osec-2019-01	Memory disclosure in mirage-net-xen	2019-03-21T00:00:00Z	2026-01-13T12:00:00Z
osec-2016-02	Memory disclosure in mirage-net-xen	2016-05-03T00:00:00Z	2026-01-13T12:00:00Z
osec-2023-01	Time of check time of use issue in opam's cache	2023-05-25T12:00:00Z	2026-01-09T12:00:00Z
osec-2016-01	Buffer overflow and information leak in OCaml < 4.03.0	2016-04-29T00:18:22Z	2026-01-01T12:00:00Z
osec-2018-01	An integer overflow in the `bigarray` serialization module leads to arbitrary code execution	2018-04-06T18:29:00Z	2025-12-16T12:00:00Z
osec-2017-01	Local privilege escalation issue with ocaml binaries	2017-06-23T15:19:47Z	2025-12-16T12:00:00Z

ID	Description	Published	Updated
osv-2024-679	Heap-buffer-overflow in readImage4v2	2024-07-25T00:14:34.485446Z	2026-03-08T14:18:45.577624Z
osv-2023-800	Heap-buffer-overflow in XCFImageFormat::loadTileRLE	2023-09-07T14:00:27.693270Z	2026-03-08T14:16:08.430525Z
osv-2023-55	Index-out-of-bounds in LibRaw::apply_tiff	2023-02-07T13:00:07.438565Z	2026-03-08T14:15:24.123209Z
osv-2022-1018	Index-out-of-bounds in LibRaw::kodak_radc_load_raw	2022-10-06T00:02:27.511658Z	2026-03-08T14:10:27.975536Z
osv-2021-972	UNKNOWN READ in void mc_chroma<unsigned short>	2021-07-13T00:00:16.631711Z	2026-03-08T14:10:26.939094Z
osv-2021-948	Use-of-uninitialized-value in residual_coding	2021-07-10T00:01:12.890029Z	2026-03-08T14:10:20.407968Z
osv-2021-735	Use-of-uninitialized-value in decode_CABAC_FL_bypass	2021-05-08T00:00:14.355747Z	2026-03-08T14:10:17.768174Z
osv-2021-586	Use-of-uninitialized-value in void intra_prediction_angular<unsigned short>	2021-03-31T00:01:03.787831Z	2026-03-08T14:10:13.373645Z
osv-2021-525	Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char>	2021-03-16T00:00:19.176877Z	2026-03-08T14:10:12.077710Z
osv-2020-876	Use-of-uninitialized-value in XCFImageFormat::mergeRGBToRGB	2020-07-14T22:13:55.541274Z	2026-03-08T14:09:40.994434Z
osv-2020-868	Use-of-uninitialized-value in fetchARGB32ToRGBA64PM_avx2	2020-07-14T22:13:50.828646Z	2026-03-08T14:09:39.894800Z
osv-2024-838	Bad-cast to RDKit::AtomRDKit::ROMol::initFromOther	2024-08-16T00:03:32.029853Z	2026-03-07T14:34:10.603763Z
osv-2025-62	UNKNOWN READ in RDKit::Dict::reset	2025-01-27T00:01:51.692636Z	2026-03-06T14:31:24.229549Z
osv-2023-133	Heap-buffer-overflow in H5L__extern_traverse	2023-03-02T13:02:08.499899Z	2026-03-05T15:50:03.549911Z
osv-2023-359	Heap-buffer-overflow in H5MM_memcpy	2023-05-01T14:02:33.841821Z	2026-03-05T15:30:27.737619Z
osv-2023-76	Heap-buffer-overflow in H5SM_delete	2023-02-18T13:00:50.471845Z	2026-03-05T15:16:28.198333Z
osv-2023-89	Heap-buffer-overflow in H5O__mtime_new_encode	2023-02-21T13:00:30.347876Z	2026-03-05T14:51:38.032364Z
osv-2023-430	Heap-buffer-overflow in H5MM_xstrdup	2023-05-26T14:00:26.078002Z	2026-03-05T14:50:31.048848Z
osv-2023-392	Negative-size-param in H5MM_memcpy	2023-05-13T14:00:26.093088Z	2026-03-05T14:50:14.844074Z
osv-2023-370	Heap-buffer-overflow in H5FS__sect_link	2023-05-06T14:01:04.165113Z	2026-03-05T14:50:11.421136Z
osv-2023-381	UNKNOWN READ in H5FL__blk_gc_list	2023-05-08T14:02:04.934252Z	2026-03-05T14:49:56.592245Z
osv-2023-216	Heap-buffer-overflow in H5G__node_cmp3	2023-03-23T13:00:48.081705Z	2026-03-05T14:49:35.416808Z
osv-2024-387	Heap-buffer-overflow in H5F_addr_encode	2024-04-30T00:13:39.184262Z	2026-03-05T14:41:50.404940Z
osv-2024-728	Negative-size-param in pdf_resize_resource_arrays	2024-08-08T00:09:33.935595Z	2026-03-05T14:38:34.171834Z
osv-2025-266	Heap-buffer-overflow in lj_buf_ruleb128	2025-04-08T00:17:06.279554Z	2026-03-05T14:36:27.176471Z
osv-2024-719	Heap-buffer-overflow in hevc_ref_pic_lists_modification	2024-08-07T00:05:22.699506Z	2026-03-05T14:35:24.195250Z
osv-2023-34	Heap-use-after-free in gc_trace	2023-01-29T13:00:17.773387Z	2026-03-05T14:33:25.047298Z
osv-2022-73	Heap-use-after-free in pdfi_cspace_free_callback	2022-01-22T00:00:41.413569Z	2026-03-05T14:32:30.429302Z
osv-2024-677	Segv on unknown address in gs_gc_reclaim	2024-07-25T00:06:43.762625Z	2026-03-05T14:30:40.209744Z
osv-2022-524	Heap-buffer-overflow in Ins_JROF	2022-07-01T00:01:43.353257Z	2026-03-05T14:30:32.759280Z

ID	Description	Published	Updated
rustsec-2026-0038	RustSec Advisory	2026-03-08T12:00:00Z	2026-03-11T06:21:51Z
rustsec-2026-0039	`chrono_anchor` was removed from crates.io due to malicious code	2026-03-10T12:00:00Z	2026-03-10T20:34:44Z
rustsec-2026-0037	Denial of service in Quinn endpoints	2026-03-09T12:00:00Z	2026-03-09T23:32:50Z
rustsec-2026-0035	Cache poisoning via insecure-by-default cache key	2026-03-04T12:00:00Z	2026-03-09T20:53:55Z
rustsec-2026-0034	HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing	2026-03-04T12:00:00Z	2026-03-09T20:53:55Z
rustsec-2026-0033	HTTP Request Smuggling via Premature Upgrade	2026-03-04T12:00:00Z	2026-03-09T20:53:55Z
rustsec-2026-0036	`time-sync` was removed from crates.io due to malicious code	2026-03-04T12:00:00Z	2026-03-06T06:03:13Z
rustsec-2026-0032	`dnp3times` was removed from crates.io due to malicious code	2026-03-04T12:00:00Z	2026-03-05T05:53:11Z
rustsec-2026-0031	`time_calibrators` was removed from crates.io due to malicious code	2026-03-03T12:00:00Z	2026-03-05T05:53:11Z
rustsec-2026-0030	`time_calibrator` was removed from crates.io due to malicious code	2026-03-03T12:00:00Z	2026-03-05T05:53:11Z
rustsec-2026-0019	`tracing-check` was removed from crates.io for malicious code	2026-02-24T12:00:00Z	2026-03-05T05:53:11Z
rustsec-2025-0140	Non-utf8 String can be created with `TimeBuf::as_str`	2025-12-29T12:00:00Z	2026-03-04T07:42:48Z
rustsec-2026-0029	Double-free and use-after-free for Hive	2026-02-26T12:00:00Z	2026-03-01T06:01:36Z
rustsec-2026-0028	`tracing_checks` was removed from crates.io for transitively including malicious code	2026-02-26T12:00:00Z	2026-02-26T21:11:05Z
rustsec-2026-0027	`tracings` was removed from crates.io for malicious code	2026-02-26T12:00:00Z	2026-02-26T21:11:05Z
rustsec-2025-0153	hexchat crate is unsound and unmaintained	2025-11-17T12:00:00Z	2026-02-26T06:11:28Z
rustsec-2026-0026	Unnecessary clamping of seed reduces seed entropy to 251 bits	2026-02-05T12:00:00Z	2026-02-25T17:22:43Z
rustsec-2026-0025	Panic in `libcrux-psq` on decryption of malformed AES-GCM ciphertext	2026-02-08T12:00:00Z	2026-02-25T17:22:43Z
rustsec-2026-0024	Incorrect X25519 clamping check rejects all secrets on import	2026-01-26T12:00:00Z	2026-02-25T17:22:43Z
rustsec-2026-0023	X25519 secret validation did not check buffer length or clamping	2026-01-26T12:00:00Z	2026-02-25T17:22:43Z
rustsec-2026-0022	Panic when dropping a `[Typed]Func::call_async` future	2026-02-24T12:00:00Z	2026-02-24T19:42:18Z
rustsec-2026-0021	Panic adding excessive fields to a `wasi:http/types.fields` instance	2026-02-24T12:00:00Z	2026-02-24T19:42:18Z
rustsec-2026-0020	Guest-controlled resource exhaustion in WASI implementations	2026-02-24T12:00:00Z	2026-02-24T19:42:18Z
rustsec-2026-0018	`rpc-check` was removed from crates.io for malicious code	2026-02-24T12:00:00Z	2026-02-24T16:32:13Z
rustsec-2026-0013	Type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature targeting Python 3.12 and up	2026-02-18T12:00:00Z	2026-02-23T07:15:28Z
rustsec-2026-0010	`polymarket-clients-sdk` was removed from crates.io for malicious code	2026-02-06T12:00:00Z	2026-02-23T07:15:28Z
rustsec-2025-0148	`finch-rust` was removed from crates.io for malicious code	2025-12-05T12:00:00Z	2026-02-23T07:15:28Z
rustsec-2025-0147	`evm-units` was removed from crates.io for malicious code	2025-12-03T12:00:00Z	2026-02-23T07:15:28Z
rustsec-2025-0146	`sha-rust` was removed from crates.io for malicious code	2025-12-05T12:00:00Z	2026-02-23T07:15:28Z
rustsec-2025-0145	`uniswap-utils` was removed from crates.io for malicious code	2025-12-03T12:00:00Z	2026-02-23T07:15:28Z

ID	Description	Published	Updated
bit-zookeeper-2026-24308	Apache ZooKeeper: Sensitive information disclosure in client configuration handling	2026-03-10T08:52:17.946Z	2026-03-10T09:11:39.609Z
bit-zookeeper-2026-24281	Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager	2026-03-10T08:52:16.699Z	2026-03-10T09:11:39.609Z
bit-maven-2021-26291	block repositories using http by default	2026-03-10T08:44:08.742Z	2026-03-10T09:11:39.609Z
bit-mariadb-2026-3494	MariaDB Server Audit Plugin Comment Handling Bypass	2026-03-10T08:46:18.025Z	2026-03-10T09:11:39.609Z
bit-golang-2026-27142	URLs in meta content attribute actions are not escaped in html/template	2026-03-10T08:44:16.859Z	2026-03-10T09:11:39.609Z
bit-golang-2026-27139	FileInfo can escape from a Root in os	2026-03-10T08:44:14.844Z	2026-03-10T09:11:39.609Z
bit-golang-2026-27138	Panic in name constraint checking for malformed certificates in crypto/x509	2026-03-10T08:44:12.992Z	2026-03-10T09:11:39.609Z
bit-golang-2026-27137	Incorrect enforcement of email constraints in crypto/x509	2026-03-10T08:44:11.145Z	2026-03-10T09:11:39.609Z
bit-golang-2026-25679	Incorrect parsing of IPv6 host literals in net/url	2026-03-10T08:44:09.300Z	2026-03-10T09:11:39.609Z
bit-ghost-2026-29784	Ghost: Incomplete CSRF protections around OTC use	2026-03-10T08:40:17.691Z	2026-03-10T09:11:39.609Z
bit-ghost-2026-29053	Ghost Vulnerable to Remote Code Execution via Malicious Themes	2026-03-07T08:42:59.400Z	2026-03-10T09:11:39.609Z
bit-ghost-2025-9862	Ghost 6.0.6 - SSRF via oEmbed Bookmark	2026-01-29T20:40:02.993Z	2026-03-09T12:11:07.851Z
bit-python-2026-2297	SourcelessFileLoader does not use io.open_code()	2026-03-06T08:50:18.397Z	2026-03-06T09:10:26.160Z
bit-moodle-2025-67847	Moodle: moodle: remote code execution via insufficient restore input validation	2026-03-06T08:50:20.446Z	2026-03-06T09:10:26.160Z
bit-moodle-2021-47857	Moodle 3.10.3 - 'label' Persistent Cross Site Scripting	2026-03-06T08:46:28.845Z	2026-03-06T09:10:26.160Z
bit-libpython-2026-2297	SourcelessFileLoader does not use io.open_code()	2026-03-06T08:43:26.501Z	2026-03-06T09:10:26.160Z
bit-django-2026-25674	Potential incorrect permissions on newly created file system objects	2026-03-06T08:38:51.644Z	2026-03-06T09:10:26.160Z
bit-django-2026-25673	Potential denial-of-service vulnerability in URLField via Unicode normalization on Windows	2026-03-06T08:38:49.880Z	2026-03-06T09:10:26.160Z
bit-activemq-2025-66168	Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated	2026-03-06T08:36:37.326Z	2026-03-06T09:10:26.160Z
bit-python-2026-0865	wsgiref.headers.Headers allows header newline injection	2026-01-26T14:50:04.789Z	2026-03-04T14:21:20.421Z
bit-python-2025-13837	Out-of-memory when loading Plist	2025-12-05T11:13:08.742Z	2026-03-04T14:21:20.421Z
bit-python-2025-11468	Folding email comments of unfoldable characters doesn't preserve parenthesis	2026-01-26T14:49:32.088Z	2026-03-04T14:21:20.421Z
bit-libpython-2026-0865	wsgiref.headers.Headers allows header newline injection	2026-01-26T14:43:33.890Z	2026-03-04T14:21:20.421Z
bit-libpython-2025-13837	Out-of-memory when loading Plist	2025-12-05T11:07:43.325Z	2026-03-04T14:21:20.421Z
bit-libpython-2025-11468	Folding email comments of unfoldable characters doesn't preserve parenthesis	2026-01-26T14:42:59.991Z	2026-03-04T14:21:20.421Z
bit-moodle-2024-48901	Moodle: idor when fetching report schedules	2024-11-21T07:13:17.796Z	2026-03-03T21:13:17.555Z
bit-moodle-2024-48898	Moodle: some users can delete audiences of other reports	2024-11-21T07:13:24.286Z	2026-03-03T21:13:17.555Z
bit-moodle-2024-48897	Moodle: idor in edit/delete rss feed	2024-11-21T07:13:31.891Z	2026-03-03T21:13:17.555Z
bit-moodle-2024-48896	Moodle: users' names returned in messaging error message	2024-11-21T07:13:38.787Z	2026-03-03T21:13:17.555Z
bit-discourse-2026-28227	Discourse Vulnerable to Unauthorized Topic Creation in Staff-Only Categories via Topic Timer publish_to_category	2026-03-03T13:29:32.408Z	2026-03-03T13:59:21.562Z

ID	Description	Published	Updated
cleanstart-2026-zv38826	Within HostnameError	2026-03-10T01:00:05.764793Z	2026-03-09T13:15:34Z
cleanstart-2026-qy24299	@octokit/endpoint turns REST API endpoints into generic request options	2026-03-07T00:39:47.646997Z	2026-03-06T13:08:41Z
cleanstart-2026-pp62083	OpenTelemetry-Go is the Go implementation of OpenTelemetry	2026-03-07T00:39:46.558367Z	2026-03-06T13:08:41Z
cleanstart-2026-gi57625	OpenTelemetry-Go is the Go implementation of OpenTelemetry	2026-03-07T00:39:46.578400Z	2026-03-06T13:08:41Z
cleanstart-2026-yp32652	Redis is an open source, in-memory database that persists on disk	2026-03-04T00:42:01.150900Z	2026-03-03T12:59:01Z
cleanstart-2026-xj84245	Rack is a modular Ruby web server interface	2026-03-04T00:43:02.364521Z	2026-03-03T12:59:01Z
cleanstart-2026-wy43835	PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access	2026-03-04T00:41:31.079681Z	2026-03-03T12:59:01Z
cleanstart-2026-vc01496	Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 0.8.4-r0	2026-03-04T00:39:30.734261Z	2026-03-03T12:59:01Z
cleanstart-2026-sm37781	Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic	2026-03-04T00:45:05.719125Z	2026-03-03T12:59:01Z
cleanstart-2026-na21773	GNU patch through 2	2026-03-04T00:42:01.122309Z	2026-03-03T12:59:01Z
cleanstart-2026-ew93264	Security fixes for GHSA-4cx2-fc23-5wg6, GHSA-6xw4-3v39-52mm, GHSA-72qj-48g4-5xgx, GHSA-mr3q-g2mv-mr4q, GHSA-p543-xpfm-54cp, GHSA-vc5p-v9hr-52mj, GHSA-vqg5-3255-v292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2	2026-03-04T00:39:32.590174Z	2026-03-03T12:59:01Z
cleanstart-2026-cq83284	Redis is an open source, in-memory database that persists on disk	2026-03-04T00:43:01.818359Z	2026-03-03T12:59:01Z
cleanstart-2026-bz70876	Redis is an open source, in-memory database that persists on disk	2026-03-04T00:42:00.996564Z	2026-03-03T12:59:01Z
cleanstart-2026-ay29369	Redis is an open source, in-memory database that persists on disk	2026-03-04T00:43:31.868035Z	2026-03-03T12:59:01Z
cleanstart-2026-mw73882	filippo	2026-03-03T00:39:03.237072Z	2026-03-02T17:13:50Z
cleanstart-2026-by85815	OpenTelemetry-Go is the Go implementation of OpenTelemetry	2026-03-03T00:39:03.275022Z	2026-03-02T17:13:50Z
cleanstart-2026-zn32454	When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers	2026-02-27T00:50:08.716833Z	2026-02-26T12:09:56Z
cleanstart-2026-zg64300	Within HostnameError	2026-02-27T01:05:11.090007Z	2026-02-26T12:09:56Z
cleanstart-2026-yw12690	go-git is a highly extensible git implementation library written in pure Go	2026-02-27T01:01:12.144914Z	2026-02-26T12:09:56Z
cleanstart-2026-xz04425	excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate	2026-02-27T00:43:38.553069Z	2026-02-26T12:09:56Z
cleanstart-2026-wp10148	Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate	2026-02-27T00:57:40.231450Z	2026-02-26T12:09:56Z
cleanstart-2026-qc30410	Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate	2026-02-27T01:01:12.325618Z	2026-02-26T12:09:56Z
cleanstart-2026-ny12442	node-tar is a full-featured Tar for Node	2026-02-27T00:41:38.733387Z	2026-02-26T12:09:56Z
cleanstart-2026-ls98939	go-git is a highly extensible git implementation library written in pure Go	2026-02-27T01:04:10.463954Z	2026-02-26T12:09:56Z
cleanstart-2026-jy06700	vulnerability has been identified in Node	2026-02-27T01:09:46.914639Z	2026-02-26T12:09:56Z
cleanstart-2026-id51598	Cancelling a query (e	2026-02-27T01:01:11.850782Z	2026-02-26T12:09:56Z
cleanstart-2026-hf45264	filippo	2026-02-27T01:03:40.135210Z	2026-02-26T12:09:56Z
cleanstart-2026-ff98917	go-git is a highly extensible git implementation library written in pure Go	2026-02-27T00:51:38.790691Z	2026-02-26T12:09:56Z
cleanstart-2026-er93728	go-git is a highly extensible git implementation library written in pure Go	2026-02-27T00:46:38.846728Z	2026-02-26T12:09:56Z
cleanstart-2026-dz05206	go-git is a highly extensible git implementation library written in pure Go	2026-02-27T01:00:40.158214Z	2026-02-26T12:09:56Z

ID	Published	Updated
drupal-contrib-2026-024	2026-03-04T17:59:51.000Z	2026-03-05T14:03:05.000Z
drupal-contrib-2026-027	2026-03-04T18:02:59.000Z	2026-03-04T18:02:59.000Z
drupal-contrib-2026-026	2026-03-04T18:02:14.000Z	2026-03-04T18:02:14.000Z
drupal-contrib-2026-025	2026-03-04T18:00:41.000Z	2026-03-04T18:00:41.000Z
drupal-contrib-2026-023	2026-03-04T17:58:55.000Z	2026-03-04T17:58:55.000Z
drupal-contrib-2026-022	2026-03-04T17:57:58.000Z	2026-03-04T17:57:58.000Z
drupal-contrib-2026-021	2026-03-04T17:56:18.000Z	2026-03-04T17:56:18.000Z
drupal-contrib-2026-020	2026-03-04T17:54:27.000Z	2026-03-04T17:54:27.000Z
drupal-contrib-2026-016	2026-02-25T18:49:59.000Z	2026-02-25T19:30:03.000Z
drupal-contrib-2026-015	2026-02-25T18:47:57.000Z	2026-02-25T19:07:00.000Z
drupal-contrib-2026-019	2026-02-25T18:51:43.000Z	2026-02-25T18:51:43.000Z
drupal-contrib-2026-018	2026-02-25T18:51:26.000Z	2026-02-25T18:51:26.000Z
drupal-contrib-2026-017	2026-02-25T18:51:01.000Z	2026-02-25T18:51:01.000Z
drupal-contrib-2026-014	2026-02-25T18:46:10.000Z	2026-02-25T18:46:10.000Z
drupal-contrib-2026-013	2026-02-25T18:45:13.000Z	2026-02-25T18:45:13.000Z
drupal-contrib-2026-012	2026-02-25T18:44:38.000Z	2026-02-25T18:44:38.000Z
drupal-contrib-2026-011	2026-02-25T18:43:32.000Z	2026-02-25T18:43:32.000Z
drupal-contrib-2026-010	2026-02-11T16:54:18.000Z	2026-02-25T17:17:46.000Z
drupal-contrib-2026-009	2026-02-11T16:53:32.000Z	2026-02-12T15:37:20.000Z
drupal-contrib-2026-008	2026-02-04T17:23:40.000Z	2026-02-04T17:23:40.000Z
drupal-contrib-2026-007	2026-01-28T17:29:32.000Z	2026-01-28T17:29:32.000Z
drupal-contrib-2026-006	2026-01-28T17:28:31.000Z	2026-01-28T17:28:31.000Z
drupal-contrib-2026-005	2026-01-14T17:57:31.000Z	2026-01-14T18:33:02.000Z
drupal-contrib-2026-004	2026-01-14T17:56:28.000Z	2026-01-14T17:56:28.000Z
drupal-contrib-2026-003	2026-01-14T17:55:41.000Z	2026-01-14T17:55:41.000Z
drupal-contrib-2026-002	2026-01-14T17:54:33.000Z	2026-01-14T17:54:33.000Z
drupal-contrib-2026-001	2026-01-14T17:53:33.000Z	2026-01-14T17:53:33.000Z
drupal-contrib-2025-126	2025-12-17T17:47:13.000Z	2025-12-17T17:47:13.000Z
drupal-contrib-2025-125	2025-12-10T17:53:01.000Z	2025-12-10T19:09:57.000Z
drupal-contrib-2025-119	2025-12-03T18:48:23.000Z	2025-12-03T19:05:53.000Z

ID	Description	Updated
ts-2026-001	TS-2026-001	2026-01-15T00:00
ts-2025-008	TS-2025-008	2025-11-19T00:00
ts-2025-007	TS-2025-007	2025-11-07T00:00
ts-2025-006	TS-2025-006	2025-10-28T00:00
ts-2025-005	TS-2025-005	2025-08-07T00:00
ts-2025-004	TS-2025-004	2025-05-27T00:00
ts-2025-003	TS-2025-003	2025-05-21T00:00
ts-2025-002	TS-2025-002	2025-05-15T00:00
ts-2025-001	TS-2025-001	2025-03-07T00:00
ts-2024-013	TS-2024-013	2024-12-04T00:00
ts-2024-012	TS-2024-012	2024-10-02T00:00
ts-2024-011	TS-2024-011	2024-07-22T00:00
ts-2024-010	TS-2024-010	2024-07-19T00:00
ts-2024-009	TS-2024-009	2024-06-27T00:00
ts-2024-008	TS-2024-008	2024-06-14T00:00
ts-2024-007	TS-2024-007	2024-06-12T00:00
ts-2024-006	TS-2024-006	2024-05-22T00:00
ts-2024-005	TS-2024-005	2024-05-08T00:00
ts-2024-004	TS-2024-004	2024-05-06T00:00
ts-2024-003	TS-2024-003	2024-04-23T00:00
ts-2024-002	TS-2024-002	2024-01-30T00:00
ts-2024-001	TS-2024-001	2024-01-08T00:00
ts-2023-009	TS-2023-009	2023-12-22T00:00
ts-2023-008	TS-2023-008	2023-11-01T00:00
ts-2023-007	TS-2023-007	2023-10-26T00:00
ts-2023-006	TS-2023-006	2023-08-22T00:00
ts-2023-005	TS-2023-005	2023-04-28T00:00
ts-2023-004	TS-2023-004	2023-04-04T00:00
ts-2023-003	TS-2023-003	2023-03-22T00:00
ts-2023-002	TS-2023-002	2023-01-24T00:00

ID	Description	Published	Updated
certfr-2026-ale-002	[MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN	2026-02-25T00:00:00.000000	2026-02-26T00:00:00.000000
certfr-2025-ale-014	[MàJ] Vulnérabilité dans React Server Components	2025-12-05T00:00:00.000000	2026-02-12T00:00:00.000000
certfr-2026-ale-001	[MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile	2026-01-30T00:00:00.000000	2026-02-03T00:00:00.000000
certfr-2025-ale-013	[MàJ] Multiples vulnérabilités dans Cisco ASA et FTD	2025-09-25T00:00:00.000000	2025-10-06T00:00:00.000000
certfr-2025-ale-012	Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-09-26T00:00:00.000000
certfr-2025-ale-010	[MàJ] Multiples vulnérabilités dans Microsoft SharePoint	2025-07-21T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-ale-011	Incidents de sécurité dans les pare-feux SonicWall	2025-08-05T00:00:00.000000	2025-08-18T00:00:00.000000
certfr-2025-ale-009	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-07-01T00:00:00.000000	2025-07-17T00:00:00.000000
certfr-2025-ale-004	Activités de post-exploitation dans Fortinet FortiGate	2025-04-11T00:00:00.000000	2025-08-07T00:00:00.000000
certfr-2025-ale-008	[MàJ] Vulnérabilité dans Roundcube	2025-06-05T00:00:00.000000	2025-07-21T00:00:00.000000
certfr-2025-ale-007	Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM)	2025-05-14T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-006	Vulnérabilité dans les produits Fortinet	2025-05-13T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-005	Vulnérabilité dans SAP NetWeaver	2025-04-28T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-003	[MàJ] Vulnérabilité dans les produits Ivanti	2025-04-04T00:00:00.000000	2025-04-11T00:00:00.000000
certfr-2025-ale-002	[MàJ] Vulnérabilité dans les produits Fortinet	2025-05-07T00:00:00.000000	2025-01-14T00:00:00.000000
certfr-2025-ale-001	[MàJ] Vulnérabilité dans les produits Ivanti	2025-01-09T00:00:00.000000	2025-04-01T00:00:00.000000
certfr-2024-ale-014	[MàJ] Multiples vulnérabilités dans Fortinet FortiManager	2024-10-30T00:00:00.000000	2024-10-23T00:00:00.000000
certfr-2024-ale-013	Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA)	2025-03-31T00:00:00.000000	2024-10-25T00:00:00.000000
certfr-2024-ale-015	[MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks	2024-11-15T00:00:00.000000	2024-11-18T00:00:00.000000
certfr-2024-ale-012	[MàJ] Vulnérabilités affectant OpenPrinting CUPS	2024-09-27T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-011	Vulnérabilité dans SonicWall	2024-09-10T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-010	Multiples vulnérabilités dans Roundcube	2024-08-09T00:00:00.000000	2024-10-07T00:00:00.000000
certfr-2024-ale-009	Vulnérabilité dans OpenSSH	2024-07-01T00:00:00.000000	2024-07-03T00:00:00.000000
certfr-2024-ale-008	[MàJ] Vulnérabilité dans les produits Check Point	2024-05-30T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-007	Multiples vulnérabilités dans les produits Cisco	2024-04-25T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-006	[MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect	2024-04-12T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-004	[MàJ] Vulnérabilité dans Fortinet FortiOS	2024-02-09T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-005	[MàJ] Vulnérabilité dans Microsoft Outlook	2024-02-15T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-003	[MàJ] Incident affectant les solutions AnyDesk	2024-02-05T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-001	[MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways	2024-01-11T00:00:00.000000	2024-04-15T00:00:00.000000

ID	Description	Published	Updated
certfr-2026-avi-0258	Vulnérabilité dans Microsoft CBL-Mariner	2026-03-10T00:00:00.000000	2026-03-10T00:00:00.000000
certfr-2026-avi-0257	Vulnérabilité dans Mozilla Focus	2026-03-10T00:00:00.000000	2026-03-10T00:00:00.000000
certfr-2026-avi-0256	Multiples vulnérabilités dans les produits SAP	2026-03-10T00:00:00.000000	2026-03-10T00:00:00.000000
certfr-2026-avi-0255	Multiples vulnérabilités dans les produits Siemens	2026-03-10T00:00:00.000000	2026-03-10T00:00:00.000000
certfr-2026-avi-0254	Multiples vulnérabilités dans les produits Schneider Electric	2026-03-10T00:00:00.000000	2026-03-10T00:00:00.000000
certfr-2026-avi-0253	Multiples vulnérabilités dans Microsoft Edge	2026-03-09T00:00:00.000000	2026-03-09T00:00:00.000000
certfr-2026-avi-0252	Multiples vulnérabilités dans les produits Moxa	2026-03-09T00:00:00.000000	2026-03-09T00:00:00.000000
certfr-2026-avi-0251	Multiples vulnérabilités dans Apache Zookeeper	2026-03-09T00:00:00.000000	2026-03-09T00:00:00.000000
certfr-2026-avi-0250	Vulnérabilité dans Apereo CAS	2026-03-09T00:00:00.000000	2026-03-09T00:00:00.000000
certfr-2026-avi-0249	Multiples vulnérabilités dans les produits IBM	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0248	Multiples vulnérabilités dans le noyau Linux de Red Hat	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0247	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0246	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0245	Vulnérabilité dans Zabbix	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0244	Vulnérabilité dans Nextcloud Flow	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0243	Vulnérabilité dans SPIP	2026-03-06T00:00:00.000000	2026-03-06T00:00:00.000000
certfr-2026-avi-0242	Multiples vulnérabilités dans les produits Cisco	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0241	Vulnérabilité dans ClamAV	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0240	Vulnérabilité dans CPython	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0239	Multiples vulnérabilités dans Google Chrome	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0238	Vulnérabilité dans NetApp ONTAP 9	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0237	Multiples vulnérabilités dans les produits Microsoft	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0236	Multiples vulnérabilités dans Traefik	2026-03-05T00:00:00.000000	2026-03-05T00:00:00.000000
certfr-2026-avi-0235	Multiples vulnérabilités dans HPE Aruba Networking AOS	2026-03-04T00:00:00.000000	2026-03-04T00:00:00.000000
certfr-2026-avi-0234	Vulnérabilité dans Tenable Nessus Manager	2026-03-04T00:00:00.000000	2026-03-04T00:00:00.000000
certfr-2026-avi-0233	Multiples vulnérabilités dans Google Pixel	2026-03-04T00:00:00.000000	2026-03-04T00:00:00.000000
certfr-2026-avi-0232	Multiples vulnérabilités dans les produits Microsoft	2026-03-03T00:00:00.000000	2026-03-03T00:00:00.000000
certfr-2026-avi-0231	Multiples vulnérabilités dans Google Android	2026-03-03T00:00:00.000000	2026-03-03T00:00:00.000000
certfr-2026-avi-0230	Multiples vulnérabilités dans Docker Desktop	2026-03-03T00:00:00.000000	2026-03-03T00:00:00.000000
certfr-2026-avi-0217	Multiples vulnérabilités dans SPIP	2026-02-26T00:00:00.000000	2026-03-03T00:00:00.000000

ID	Description	Published	Updated
jvndb-2026-000036	Improper file access permission settings in multiple Digital Arts products	2026-03-09T14:57+09:00	2026-03-09T16:23+09:00
jvndb-2026-000035	Installer for Qsee Client may insecurely load Dynamic Link Libraries	2026-03-09T14:57+09:00	2026-03-09T14:57+09:00
jvndb-2026-006102	Security issues in ESC/POS	2026-03-06T10:31+09:00	2026-03-06T10:31+09:00
jvndb-2026-000034	django-allauth vulnerable to open redirect	2026-03-05T12:36+09:00	2026-03-05T12:36+09:00
jvndb-2026-000033	EC-CUBE vulnerable to multi-factor authentication bypass	2026-03-05T12:36+09:00	2026-03-05T12:36+09:00
jvndb-2026-000032	Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC)	2026-03-04T12:20+09:00	2026-03-04T12:20+09:00
jvndb-2026-005746	Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026)	2026-03-04T10:40+09:00	2026-03-04T10:40+09:00
jvndb-2026-005744	Canon IJ Scan Utility registers Windows services with unquoted file paths	2026-03-04T10:40+09:00	2026-03-04T10:40+09:00
jvndb-2026-000030	IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization	2026-02-27T15:41+09:00	2026-03-03T10:06+09:00
jvndb-2026-005259	Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys)	2026-03-02T11:46+09:00	2026-03-02T11:46+09:00
jvndb-2026-000031	Improper file access permission settings in the installers for multiple Soliton Systems products	2026-02-27T15:41+09:00	2026-02-27T15:41+09:00
jvndb-2026-000029	Multiple vulnerabilities in the installer of FinalCode Client	2026-02-26T14:24+09:00	2026-02-26T14:24+09:00
jvndb-2026-004811	Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager	2026-02-26T11:02+09:00	2026-02-26T11:02+09:00
jvndb-2026-004810	Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager	2026-02-26T11:02+09:00	2026-02-26T11:02+09:00
jvndb-2026-000026	Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal	2026-02-25T15:14+09:00	2026-02-25T15:14+09:00
jvndb-2026-004359	Security information for Hitachi Disk Array Systems	2026-02-20T18:35+09:00	2026-02-20T18:35+09:00
jvndb-2026-000027	WordPress Plugin "Survey Maker" vulnerable to cross-site scripting	2026-02-20T12:32+09:00	2026-02-20T12:32+09:00
jvndb-2026-000028	Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries	2026-02-20T12:31+09:00	2026-02-20T12:31+09:00
jvndb-2026-003912	Vulnerability in Cosminexus HTTP Server and Hitachi Web Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003911	Vulnerability in Cosminexus HTTP Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003910	Multiple Vulnerabilities in Cosminexus HTTP Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003909	Multiple Vulnerabilities in Hitachi Command Suite products	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003908	Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003907	Multiple Vulnerabilities in JP1	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003906	Multiple Vulnerabilities in Cosminexus	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-003905	Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server	2026-02-17T20:46+09:00	2026-02-17T20:46+09:00
jvndb-2026-000025	Joomla! CMS vulnerable to cross-site scripting	2026-02-17T12:46+09:00	2026-02-17T12:46+09:00
jvndb-2026-000023	FileZen vulnerable to OS command injection	2026-02-13T16:51+09:00	2026-02-13T17:08+09:00
jvndb-2026-000024	Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries	2026-02-12T13:32+09:00	2026-02-12T13:32+09:00
jvndb-2026-000022	Oki Electric Industry products and OEM products register Windows services with unquoted file paths	2026-02-09T15:21+09:00	2026-02-09T15:21+09:00

ID	Description	Published	Updated
cnvd-2026-12897	Apache Traffic Server（ATS）环境问题漏洞	2025-05-08	2026-03-06
cnvd-2026-12778	Fiber安全特征问题漏洞	2026-03-04	2026-03-06
cnvd-2026-12777	FreeRDP缓冲区溢出漏洞（CNVD-2026-12777）	2026-03-06	2026-03-06
cnvd-2026-12776	Textream资源管理错误漏洞	2026-03-06	2026-03-06
cnvd-2026-12773	WordPress插件New User Approve信息泄露漏洞	2025-11-21	2026-03-06
cnvd-2026-12772	WordPress插件Uncanny Automator信息泄露漏洞	2025-11-25	2026-03-06
cnvd-2026-12770	WordPress插件Web Accessibility by accessiBe信息泄露漏洞	2026-03-02	2026-03-06
cnvd-2026-12769	WordPress插件Simple Ajax Chat信息泄露漏洞	2026-03-02	2026-03-06
cnvd-2026-12768	WordPress插件Context Blog信息泄露漏洞	2026-03-02	2026-03-06
cnvd-2026-12767	D-Link DWR-M960 formDdns文件缓冲区溢出漏洞	2026-03-02	2026-03-06
cnvd-2026-12766	Huawei EMUI和Huawei HarmonyOS通信模块地址读取漏洞	2026-02-11	2026-03-06
cnvd-2026-12765	Huawei EMUI和Huawei HarmonyOS AMS模块权限控制类漏洞	2026-02-11	2026-03-06
cnvd-2026-12764	Huawei HarmonyOS HDC模块缓冲区溢出漏洞	2026-02-11	2026-03-06
cnvd-2026-12763	Google Chrome缓冲区溢出漏洞（CNVD-2026-12763）	2026-03-02	2026-03-06
cnvd-2026-12697	Adobe Substance 3D Stager‌存在越界写入漏洞（CNVD-2026-12697）	2026-03-02	2026-03-05
cnvd-2026-12687	IBM PowerVM Hypervisor存在未明漏洞	2026-02-11	2026-03-05
cnvd-2026-12685	IBM Concert存在信息泄露漏洞	2026-02-11	2026-03-05
cnvd-2026-12684	Cisco NX-OS Software操作系统命令注入漏洞	2025-09-09	2026-03-05
cnvd-2026-12683	Cisco IOS XE Software跨站脚本漏洞	2025-09-28	2026-03-05
cnvd-2026-12682	Cisco IOS XE Software代码问题漏洞	2025-09-28	2026-03-05
cnvd-2026-12681	Cisco Unified Contact Center Express代码问题漏洞	2025-11-10	2026-03-05
cnvd-2026-12680	Cisco Unified Contact Center Express路径遍历漏洞	2025-11-10	2026-03-05
cnvd-2026-12679	Cisco Unified Contact Center Express代码问题漏洞	2025-11-10	2026-03-05
cnvd-2026-12678	Cisco Unified Contact Center Express代码问题漏洞	2025-11-10	2026-03-05
cnvd-2026-12677	Cisco Catalyst Center操作系统命令注入漏洞	2025-11-28	2026-03-05
cnvd-2026-12676	Cisco Catalyst Center跨站脚本漏洞	2025-11-28	2026-03-05
cnvd-2026-12675	Cisco Catalyst Center Virtual Appliance输入验证错误漏洞	2025-11-28	2026-03-05
cnvd-2026-12674	Cisco Identity Services Engine跨站脚本漏洞（CNVD-2026-12674）	2026-02-04	2026-03-05
cnvd-2026-12673	Cisco Meeting Management(CMM)代码问题漏洞	2026-02-06	2026-03-05
cnvd-2026-12672	IBM Cloud Pak for Business Automation存在XSS漏洞	2026-02-11	2026-03-05

ID	Description	Published	Updated
bdu:2026-01844	Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,…	16.02.2026	16.02.2026
bdu:2026-01843	Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб…	16.02.2026	16.02.2026
bdu:2026-01842	Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом …	16.02.2026	16.02.2026
bdu:2026-01841	Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю…	16.02.2026	16.02.2026
bdu:2026-01840	Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про…	16.02.2026	16.02.2026
bdu:2026-01839	Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин…	16.02.2026	16.02.2026
bdu:2026-01838	Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя…	16.02.2026	16.02.2026
bdu:2026-01837	Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая…	16.02.2026	16.02.2026
bdu:2026-01836	Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая…	16.02.2026	16.02.2026
bdu:2026-01835	Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80…	16.02.2026	16.02.2026
bdu:2026-01834	Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна…	16.02.2026	16.02.2026
bdu:2026-01833	Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi…	16.02.2026	16.02.2026
bdu:2026-01832	Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi…	16.02.2026	16.02.2026
bdu:2026-01831	Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi…	16.02.2026	16.02.2026
bdu:2026-01830	Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи…	16.02.2026	16.02.2026
bdu:2026-01829	Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока…	16.02.2026	16.02.2026
bdu:2026-01828	Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во…	16.02.2026	16.02.2026
bdu:2026-01827	Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н…	16.02.2026	16.02.2026
bdu:2026-01826	Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ…	16.02.2026	16.02.2026
bdu:2026-01825	Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ…	16.02.2026	16.02.2026
bdu:2026-01824	Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ…	16.02.2026	16.02.2026
bdu:2026-01823	Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво…	16.02.2026	16.02.2026
bdu:2026-01822	Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто…	16.02.2026	16.02.2026
bdu:2026-01821	Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво…	16.02.2026	16.02.2026
bdu:2026-01820	Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая …	16.02.2026	16.02.2026
bdu:2026-01819	Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS…	16.02.2026	16.02.2026
bdu:2026-01818	Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная …	16.02.2026	16.02.2026
bdu:2026-01817	Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная …	16.02.2026	16.02.2026
bdu:2026-01816	Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная …	16.02.2026	16.02.2026
bdu:2026-01815	Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не…	16.02.2026	16.02.2026

ID	Description	Updated
var-202603-1017	A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434…	2026-03-09T23:54:57.504000Z
var-202603-0913	This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte…	2026-03-09T23:53:52.758000Z
var-201507-0645	D-Link is an internationally renowned provider of network equipment and solutions, includ…	2026-03-09T23:53:36.828000Z
var-202509-3918	An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in th…	2026-03-09T23:52:25.566000Z
var-202603-0527	Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform…	2026-03-09T23:51:31.837000Z
var-202603-0907	This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte…	2026-03-09T23:51:31.712000Z
var-202603-0928	This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte…	2026-03-09T23:51:31.700000Z
var-201112-0097	Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a…	2026-03-09T23:50:50.963000Z
var-202603-0854	The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 a…	2026-03-09T23:50:02.265000Z
var-202603-0956	This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte…	2026-03-09T23:49:39.350000Z
var-201103-0371	SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d…	2026-03-09T23:49:06.528000Z
var-201807-0341	ABB Panel Builder 800 all versions has an improper input validation vulnerability which m…	2026-03-09T23:49:00.002000Z
var-202601-4617	FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, do…	2026-03-09T23:47:50.003000Z
var-202602-4602	A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manag…	2026-03-09T23:47:49.683000Z
var-202603-0595	The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 a…	2026-03-09T23:47:49.548000Z
var-201112-0173	The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, …	2026-03-09T23:47:43.188000Z
var-201809-0087	WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul…	2026-03-09T23:47:39.073000Z
var-202603-0936	This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte…	2026-03-09T23:47:24.755000Z
var-202602-4478	A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local atta…	2026-03-09T23:46:19.733000Z
var-200607-0396	Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b…	2026-03-09T23:46:10.855000Z
var-202603-0912	This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte…	2026-03-09T23:44:44.895000Z
var-201109-0089	Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used…	2026-03-09T23:43:52.032000Z
var-201112-0297	Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne…	2026-03-09T23:42:40.522000Z
var-202602-4354	A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote a…	2026-03-09T23:41:43.191000Z
var-202603-0926	This vulnerability allows network-adjacent attackers to bypass authentication on affected…	2026-03-09T23:41:42.948000Z
var-201805-1147	WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe…	2026-03-09T23:40:47.052000Z
var-202005-0008	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf…	2026-03-09T23:40:44.003000Z
var-202601-4765	FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, ex…	2026-03-09T23:40:28.326000Z
var-202602-3835	A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could all…	2026-03-09T23:40:28.093000Z
var-202602-3961	A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated,…	2026-03-09T23:40:28.074000Z

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1-2026-0019	6.4 (4.0)	Improper URL validation in MISP dashboard button widge…	misp	misp	2026-02-27T14:55:00.000Z	2026-02-27T15:44:29.998063Z
GCVE-1-2026-0018	6.5 (4.0)	Improper access control in MISP user contact form allo…	misp	misp	2026-02-27T13:25:32.632362Z	2026-02-27T13:25:32.632362Z
GCVE-1-2026-0017	7.2 (4.0)	Improper Neutralization of Raw HTML in MISP modules Ma…	misp	misp-modules	2026-02-27T13:10:24.641948Z	2026-02-27T13:10:24.641948Z
GCVE-1-2026-0016	7 (4.0)	Server-Side Request Forgery via Event Report Import Fr…	misp	misp	2026-02-27T10:56:32.745676Z	2026-02-27T10:56:32.745676Z
GCVE-1-2026-0015	7.2 (4.0)	Threat actors use FortiCloud SSO bypass to collect LDA…	fortinet	fortios	2026-02-09T09:09:00.000Z	2026-02-09T09:14:59.004089Z
GCVE-1-2026-0013	2.1 (4.0)	Flask Application Username Route Collision Allows Rese…	vulnerability-lookup	vulnerability-lookup	2026-02-04T19:27:00.000Z	2026-02-04T19:32:49.787763Z
GCVE-1-2026-0014	7.4 (4.0)	Missing Authorization Check Allows Unauthorized Modifi…	vulnerability-lookup	vulnerability-lookup	2026-02-04T19:32:14.341383Z	2026-02-04T19:32:14.341383Z
GCVE-1-2026-0012	2.1 (4.0)	Authentication Error Message Allows Email Address Enum…	vulnerability-lookup	vulnerability-lookup	2026-02-04T19:21:34.411344Z	2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011	8.7 (4.0)	Out-of-bounds memory write in the network packet …	EA Games	Command & Conquer: Generals	2026-01-29T14:37:00.000Z	2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010	9.3 (4.0)	Improper input validation in the file transfer ha…	EA Games	Command & Conquer: Generals	2026-01-29T14:33:18.822829Z	2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009	9.3 (4.0)	Stack-based buffer overflow in the multiplayer ne…	EA Games	Command & Conquer: Generals	2026-01-29T14:30:38.596928Z	2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008	10 (4.0)	gpg-agent stack buffer overflow in pkdecrypt using KEM	gnupg	gpg-agent	2026-01-28T13:48:12.350509Z	2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007	10 (4.0)	GNU InetUtils Security Advisory: remote authentication…	gnu	InetUtils	2026-01-20T20:57:00.000Z	2026-01-26T16:32:40.831364Z
GCVE-1-2026-0004	8.5 (4.0)	Authorization Bypass in Cerebrate IndividualsControlle…	cerebrate	cerebrate	2026-01-13T15:28:00.000Z	2026-01-13T15:38:37.744618Z
GCVE-1-2026-0005	8.5 (4.0)	Improper Access Control in Cerebrate Alignment Model A…	cerebrate	cerebrate	2026-01-13T15:31:00.000Z	2026-01-13T15:38:02.888546Z
GCVE-1-2026-0006	8.5 (4.0)	Improper Access Control in Cerebrate AuthKey and Encry…	cerebrate	cerebrate	2026-01-13T15:37:17.337254Z	2026-01-13T15:37:17.337254Z
GCVE-1-2026-0003	6.3 (4.0)	Stored/Reflected XSS via Unsanitized Parameters in URL…	misp	misp	2026-01-13T10:50:00.000Z	2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002	10 (4.0)	Heap-buffer-overflow in EXIF writer for extra IFD tags	ffmpeg	ffmpeg	2026-01-02T19:50:00.000Z	2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001	N/A	Bundle reference to gpg.fail	gnupg	gnupg	2026-01-02T10:20:00.000Z	2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041	6.4 (4.0)	[online services] Reflected Cross-Site Scripting (XSS)…	typo3	typo3	2025-12-19T14:25:00.000Z	2025-12-19T14:54:51.594645Z
GCVE-1-2025-0032	10 (4.0)	The default configuration of WatchGuard Firebox device…	watchguard	firebox	2025-12-03T16:25:00.000Z	2025-12-19T13:48:34.570799Z
GCVE-1-2025-0031	7.1 (4.0)	A cross-site scripting (XSS) vulnerability was identif…	misp	misp	2025-12-03T10:58:00.000Z	2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040	7.2 (4.0)	A cross-site scripting (XSS) vulnerability was id…	misp	misp	2025-12-13T08:44:32.378924Z	2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039	8.5 (4.0)	XSS Reintroduced in MISP Dashboard World Map Widget Du…	misp	misp	2025-12-10T14:33:52.856734Z	2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038	5 (4.0)	Reflected XSS in MISP Template Tag Removal and MISP Ad…	misp	misp	2025-12-10T14:10:00.000Z	2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037	7 (4.0)	Reflected XSS in MISP Dashboard Widgets via Unescaped …	misp	misp	2025-12-10T14:01:03.200804Z	2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036	8.3 (4.0)	A reflected cross-site scripting (XSS) vulnerability w…	misp	misp	2025-12-10T13:46:07.170083Z	2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035	8.3 (4.0)	Insufficient sanitization of bundle metadata (availabl…	CIRCL	vulnerability-lookup	2025-12-08T10:25:00.000Z	2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034	7 (4.0)	Missing CSRF protection on state-changing endpoints in…	CIRCL	vulnerability-lookup	2025-12-08T10:19:00.000Z	2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033	8.1 (4.0)	Vulnerability-lookup did not track or limit failed One…	CIRCL	vulnerability-lookup	2025-12-08T10:11:00.000Z	2025-12-08T12:12:53.235996Z

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011	9.1 (3.1)	HexStrike AI MCP Server Command Injection	0x4m4	HexStrike AI	2025-11-30T21:27:56.057Z	2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100	6.5 (3.1)	Abilis CPX Fallback Shell Connection Relay	Abilis	CPX	2025-11-04T00:23:23.924Z	2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010	7.3 (3.1)	Unitree Multiple Robotic Products Command Injection	Unitree	Go2	2025-09-26T06:53:49.585Z	2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001	4.3 (3.1)	Unauthenticated leak of sensitive information affectin…	Brother Industries, Ltd	HL-L8260CDN	2025-08-12T15:23:00.577Z	2025-08-15T05:53:23.017Z