Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-30266
7.8 (3.1)
Insecure Permissions vulnerability in DeepCool De… n/a
 n/a
 2026-04-20T00:00:00.000Z 2026-04-23T13:40:34.695Z
CVE-2026-39440
9.9 (3.1)
WordPress FunnelFormsPro plugin <= 3.8.1 - Remote Code… Funnelforms LLC
 FunnelFormsPro
 2026-04-23T12:11:41.992Z 2026-04-23T13:39:41.336Z
CVE-2026-41455
6.3 (4.0)
8.5 (3.1)
WeKan < 8.35 SSRF via Webhook URL wekan
 wekan
 2026-04-22T21:09:30.241Z 2026-04-23T13:36:27.828Z
CVE-2026-5756
7.5 (3.1)
Unauthenticated Configuration File Modification Vulner… Data Recognition Corporation
 Central Office Services - Content Hosting Component
 2026-04-14T17:51:53.628Z 2026-04-23T13:33:37.216Z
CVE-2026-41564
7.5 (3.1)
CryptX versions before 0.088 for Perl do not reseed th… MIK
 CryptX
 2026-04-23T07:29:26.340Z 2026-04-23T13:05:22.853Z
CVE-2026-4512
3.5 (3.1)
WP reCaptcha by WebDesignBy < 2.0 – Admin+ Stored XSS Unknown
 reCaptcha by WebDesignBy
 2026-04-23T06:00:09.102Z 2026-04-23T13:02:47.866Z
CVE-2026-22199
8.7 (4.0)
7.5 (3.1)
Voltronic Power SNMP Web Pro 1.1 Path Traversal via up… Voltronic Power
 SNMP Web Pro
 2026-03-13T01:18:06.507Z 2026-04-23T13:02:10.267Z
CVE-2026-34062
5.3 (3.1)
Nimiq has Allocation of Resources Without Limits or Th… nimiq
 network-libp2p
 2026-04-22T19:23:36.838Z 2026-04-23T12:57:42.075Z
CVE-2026-1726
4.8 (3.1)
Multiple Vulnerabilities in IBM Guardium Key Lifecycle… IBM
 Guardium Key Lifecycle Manager
 2026-04-22T23:42:05.901Z 2026-04-23T12:57:25.129Z
CVE-2026-34066
5.3 (3.1)
nimiq-blockchain: Peer-triggerable panic during history sync nimiq
 nimiq-blockchain
 2026-04-22T19:47:49.249Z 2026-04-23T12:57:06.467Z
CVE-2026-34068
6.8 (3.1)
nimiq-transaction: UpdateValidator transactions allows… nimiq
 nimiq-transaction
 2026-04-22T19:55:08.219Z 2026-04-23T12:56:27.980Z
CVE-2026-41166
7 (3.1)
OpenRemote has Improper Access Control via updateUserR… openremote
 openremote
 2026-04-22T20:31:29.234Z 2026-04-23T12:55:20.758Z
CVE-2026-41454
8.7 (4.0)
8.3 (3.1)
WeKan < 8.35 Missing Authorization via Integration REST API wekan
 wekan
 2026-04-22T21:08:38.616Z 2026-04-23T12:54:36.663Z
CVE-2026-41171
7.3 (4.0)
SSRF via Jint Scripting Engine HTTP Functions Due to M… Squidex
 squidex
 2026-04-22T21:16:14.013Z 2026-04-23T12:54:01.682Z
CVE-2026-41172
7.3 (4.0)
Squidex vulnerable to Server-Side Request Forgery (SSR… Squidex
 squidex
 2026-04-22T21:22:55.727Z 2026-04-23T12:52:16.717Z
CVE-2026-2951
5.4 (3.1)
Gutentor – Gutenberg Blocks – Page Builder for Gutenbe… gutentor
 Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor
 2026-04-23T02:25:21.258Z 2026-04-23T12:51:56.328Z
CVE-2026-4918
5.5 (3.1)
IBM Guardium Data Protection is affected by multiple v… IBM
 Guardium Data Protection
 2026-04-22T23:26:38.626Z 2026-04-23T12:50:59.052Z
CVE-2026-1274
4.9 (3.1)
IBM Guardium Data Protection is affected by multiple v… IBM
 Guardium Data Protection
 2026-04-22T23:30:59.128Z 2026-04-23T12:50:23.904Z
CVE-2026-5926
6.5 (3.1)
Security vulnerabilities have been found in IBM Verify… IBM
 Verify Identity Access Container
 2026-04-22T23:38:46.689Z 2026-04-23T12:49:52.484Z
CVE-2026-6878
6.3 (4.0)
5.6 (3.1)
5.6 (3.0)
ByteDance verl grader.py math_equal sandbox ByteDance
 verl
 2026-04-23T00:00:20.300Z 2026-04-23T12:49:00.762Z
CVE-2025-66286
4.7 (3.1)
Webkitgtk: authorization bypass through webpage::send-… Red Hat
 Red Hat Enterprise Linux 6
 2026-04-23T12:33:50.184Z 2026-04-23T12:48:57.468Z
CVE-2026-33825
7.8 (3.1)
Microsoft Defender Elevation of Privilege Vulnerability Microsoft
 Microsoft Defender Antimalware Platform
 2026-04-14T16:57:49.361Z 2026-04-23T12:41:44.667Z
CVE-2026-3259
7.1 (4.0)
Sensitive Data Disclosure in BigQuery via Materialized… Google Cloud
 BigQuery
 2026-04-23T08:35:04.149Z 2026-04-23T12:34:29.906Z
CVE-2025-13763
5.7 (3.1)
Libopensc: opensc: multiple uses of uninitialized variable OpenSC
 OpenSC
 2026-04-23T12:27:41.820Z 2026-04-23T12:33:39.857Z
CVE-2026-41197
9.3 (4.0)
Brillig: Heap corruption in foreign call results with … noir-lang
 noir
 2026-04-23T00:35:37.842Z 2026-04-23T12:32:59.952Z
CVE-2026-41211
8.4 (4.0)
`vite-plus/binding` has path traversal `downloadPackag… voidzero-dev
 vite-plus
 2026-04-23T00:56:15.568Z 2026-04-23T12:32:17.823Z
CVE-2026-3844
9.8 (3.1)
Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File… cloudways
 Breeze Cache
 2026-04-23T02:25:21.927Z 2026-04-23T12:31:46.631Z
CVE-2026-41229
9.1 (3.1)
Froxlor has a PHP Code Injection via Unescaped Single … froxlor
 froxlor
 2026-04-23T03:44:25.617Z 2026-04-23T12:31:15.671Z
CVE-2026-3960
5.9 (3.0)
Remote Code Execution in h2oai/h2o-3 h2oai
 h2oai/h2o-3
 2026-04-23T08:47:48.618Z 2026-04-23T12:29:32.439Z
CVE-2026-41233
5.4 (3.1)
Froxlor has a Reseller Domain Quota Bypass via Unvalid… froxlor
 froxlor
 2026-04-23T04:00:19.011Z 2026-04-23T12:26:22.883Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-6878
6.3 (4.0)
5.6 (3.1)
5.6 (3.0)
ByteDance verl grader.py math_equal sandbox ByteDance
 verl
 2026-04-23T00:00:20.300Z 2026-04-23T12:49:00.762Z
CVE-2026-6874
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
ericc-ch copilot-api Header token dns rebinding ericc-ch
 copilot-api
 2026-04-22T23:30:14.104Z 2026-04-22T23:30:14.104Z
CVE-2026-5464
7.2 (3.1)
ExactMetrics <= 9.1.2 - Authenticated (Editor+) Arbitr… smub
 ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)
 2026-04-23T08:28:25.836Z 2026-04-23T08:28:25.836Z
CVE-2026-39440
9.9 (3.1)
WordPress FunnelFormsPro plugin <= 3.8.1 - Remote Code… Funnelforms LLC
 FunnelFormsPro
 2026-04-23T12:11:41.992Z 2026-04-23T13:39:41.336Z
CVE-2026-3844
9.8 (3.1)
Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File… cloudways
 Breeze Cache
 2026-04-23T02:25:21.927Z 2026-04-23T12:31:46.631Z
CVE-2026-3361
6.4 (3.1)
WP Store Locator <= 2.2.261 - Authenticated (Contribut… tijmensmit
 WP Store Locator
 2026-04-23T03:26:36.668Z 2026-04-23T03:26:36.668Z
CVE-2026-2951
5.4 (3.1)
Gutentor – Gutenberg Blocks – Page Builder for Gutenbe… gutentor
 Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor
 2026-04-23T02:25:21.258Z 2026-04-23T12:51:56.328Z
CVE-2026-28040
6.5 (3.1)
WordPress Taxi Booking Manager for WooCommerce plugin … Magepeople inc.
 Taxi Booking Manager for WooCommerce
 2026-04-23T11:00:04.172Z 2026-04-23T12:03:49.853Z
CVE-2026-1923
6.4 (3.1)
Social Rocket – Social Sharing Plugin <= 1.3.4.2 - Aut… socialrocket
 Social Rocket – Social Sharing Plugin
 2026-04-23T01:24:32.284Z 2026-04-23T01:24:32.284Z
CVE-2025-62110
6.5 (3.1)
WordPress Rescue Shortcodes plugin <= 3.3 - Cross Site… Rescue Themes
 Rescue Shortcodes
 2026-04-23T11:05:07.792Z 2026-04-23T11:05:07.792Z
CVE-2025-62104
4.3 (3.1)
WordPress ACF Galerie 4 plugin <= 1.4.2 - Broken Acces… Navneil Naicker
 ACF Galerie 4
 2026-04-23T11:02:06.201Z 2026-04-23T11:56:35.860Z
CVE-2026-22733
8.2 (3.1)
Authentication Bypass under Actuator CloudFoundry endpoints Spring
 Spring Security
 2026-03-19T23:29:10.098Z 2026-03-20T14:45:18.731Z
CVE-2026-33021
7.3 (3.1)
libsixel: Use-after-free in sixel_encoder_encode_bytes() saitoha
 libsixel
 2026-04-14T21:57:22.817Z 2026-04-16T13:54:36.177Z
CVE-2026-22735
2.6 (3.1)
Server Sent Event stream corruption Spring
 Spring Foundation
 2026-03-19T23:37:35.587Z 2026-03-20T14:44:48.043Z
CVE-2026-22737
5.9 (3.1)
Spring Framework Improper Path Limitation with Script … Spring
 Spring Framework
 2026-03-19T23:53:59.918Z 2026-03-20T14:43:50.722Z
CVE-2026-33146
4.3 (3.1)
Docmost's Public Share Search Exposes Metadata of Rest… docmost
 docmost
 2026-04-14T21:36:53.562Z 2026-04-15T14:28:08.044Z
CVE-2026-6066
7.1 (3.1)
Unencrypted Client‑Server Communication in ConnectWise… ConnectWise
 Automate
 2026-04-20T15:26:31.843Z 2026-04-20T16:13:06.767Z
CVE-2026-33193
4.6 (3.1)
Docmost vulnerable to stored XSS via MIME type spoofing docmost
 docmost
 2026-04-14T21:39:45.500Z 2026-04-16T13:51:42.724Z
CVE-2025-14362
7.3 (3.1)
GoAnywhere MFT SFTP Service Login Vulnerable to Brute … Fortra
 GoAnywhere MFT
 2026-04-21T14:14:08.492Z 2026-04-21T19:33:35.079Z
CVE-2026-5756
7.5 (3.1)
Unauthenticated Configuration File Modification Vulner… Data Recognition Corporation
 Central Office Services - Content Hosting Component
 2026-04-14T17:51:53.628Z 2026-04-23T13:33:37.216Z
CVE-2026-41564
7.5 (3.1)
CryptX versions before 0.088 for Perl do not reseed th… MIK
 CryptX
 2026-04-23T07:29:26.340Z 2026-04-23T13:05:22.853Z
CVE-2026-30266
7.8 (3.1)
Insecure Permissions vulnerability in DeepCool De… n/a
 n/a
 2026-04-20T00:00:00.000Z 2026-04-23T13:40:34.695Z
CVE-2026-34454
3.5 (3.1)
OAuth2 Proxy: Session cookie not cleared when renderin… oauth2-proxy
 oauth2-proxy
 2026-04-14T22:10:37.901Z 2026-04-15T13:30:10.300Z
CVE-2026-34457
9.1 (3.1)
OAuth2 Proxy: Health Check User-Agent Matching Bypasse… oauth2-proxy
 oauth2-proxy
 2026-04-14T22:14:38.937Z 2026-04-15T17:43:30.711Z
CVE-2025-1241
5.8 (3.1)
Encryption vulnerable to brute-force decryption in GoA… Fortra
 GoAnywhere MFT
 2026-04-21T14:10:09.505Z 2026-04-21T19:33:03.005Z
CVE-2026-25058
7.5 (3.1)
Vexa's unauthenticated internal transcript endpoint ex… Vexa-ai
 vexa
 2026-04-20T16:03:06.639Z 2026-04-20T16:12:27.988Z
CVE-2026-25883
5.8 (3.1)
Vexa Webhook Feature has a SSRF Vulnerability Vexa-ai
 vexa
 2026-04-20T16:04:36.584Z 2026-04-20T16:36:21.221Z
CVE-2026-35032
8.6 (4.0)
Jellyfin: Potential SSRF + Arbitrary file read via Liv… jellyfin
 jellyfin
 2026-04-14T22:25:35.729Z 2026-04-15T20:02:29.887Z
CVE-2026-35033
9.3 (4.0)
Jellyfin: Potential SSRF + Arbitrary file read via str… jellyfin
 jellyfin
 2026-04-14T22:28:47.558Z 2026-04-15T13:36:26.787Z
CVE-2026-0971
4.3 (3.1)
GoAnywhere MFT SAML Sessions do not redirect to logout… Fortra
 GoAnywhere MFT
 2026-04-21T14:14:23.423Z 2026-04-21T19:26:58.470Z
ID Description Published Updated
fkie_cve-2026-0971 An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAM… 2026-04-21T15:16:35.717 2026-04-23T14:00:26.143
fkie_cve-2026-26944 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 throug… 2026-04-20T16:16:42.223 2026-04-23T13:59:32.053
fkie_cve-2026-39971 Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending func… 2026-04-15T04:17:39.763 2026-04-23T13:59:19.810
fkie_cve-2026-39963 Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipity_setCo… 2026-04-15T04:17:39.580 2026-04-23T13:58:30.313
fkie_cve-2024-46786 In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie… 2024-09-18T08:15:05.783 2026-04-23T13:54:40.653
fkie_cve-2024-46746 In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data… 2024-09-18T08:15:03.730 2026-04-23T13:54:03.507
fkie_cve-2026-40104 XWiki Platform is a generic wiki platform offering runtime services for applications built on top o… 2026-04-15T04:17:47.953 2026-04-23T13:52:54.183
fkie_cve-2026-40105 XWiki Platform is a generic wiki platform offering runtime services for applications built on top o… 2026-04-15T04:17:48.137 2026-04-23T13:52:12.417
fkie_cve-2024-36898 In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialis… 2024-05-30T16:15:13.423 2026-04-23T13:51:28.450
fkie_cve-2023-53673 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call dis… 2025-10-07T16:15:51.247 2026-04-23T13:50:34.347
fkie_cve-2024-58087 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from ses… 2025-03-12T08:15:11.810 2026-04-23T13:48:41.590
fkie_cve-2026-0972 HTML injection is possible in system generated emails in Fortra's GoAnywhere MFT prior to 7.10.0. … 2026-04-21T15:16:35.830 2026-04-23T13:47:39.003
fkie_cve-2026-40896 OpenProject is open-source, web-based project management software. Prior to version 17.3.0, a user … 2026-04-20T16:16:48.567 2026-04-23T13:45:17.563
fkie_cve-2026-1089 User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7.10.0 allows attackers to … 2026-04-21T15:16:35.943 2026-04-23T13:45:13.360
fkie_cve-2026-33626 LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior… 2026-04-20T21:16:35.097 2026-04-23T13:39:54.420
fkie_cve-2026-41245 Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulner… 2026-04-20T16:16:49.113 2026-04-23T13:35:45.617
fkie_cve-2025-69627 Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementat… 2026-04-13T16:16:24.867 2026-04-23T13:33:42.983
fkie_cve-2026-5926 IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 1… 2026-04-23T00:16:46.743 2026-04-23T13:16:13.467
fkie_cve-2026-4512 The reCaptcha by WebDesignBy WordPress plugin before 2.0 does not sanitize or escape the Site Key s… 2026-04-23T07:16:41.933 2026-04-23T13:16:13.147
fkie_cve-2026-41233 Froxlor is open source server administration software. Prior to version 2.3.6, in `Domains.add()`, … 2026-04-23T05:16:05.477 2026-04-23T13:16:12.973
fkie_cve-2026-41229 Froxlor is open source server administration software. Prior to version 2.3.6, `PhpHelper::parseArr… 2026-04-23T04:16:19.563 2026-04-23T13:16:12.873
fkie_cve-2026-41211 Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `downloa… 2026-04-23T02:16:18.860 2026-04-23T13:16:12.763
fkie_cve-2026-41172 Squidex is an open source headless content management system and content management hub. Prior to v… 2026-04-22T22:16:31.690 2026-04-23T13:16:12.580
fkie_cve-2026-41171 Squidex is an open source headless content management system and content management hub. Versions p… 2026-04-22T22:16:31.543 2026-04-23T13:16:12.470
fkie_cve-2026-41166 OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `… 2026-04-22T21:17:09.167 2026-04-23T13:16:12.343
fkie_cve-2026-39440 Improper Control of Generation of Code ('Code Injection') vulnerability in Funnelforms LLC FunnelFo… 2026-04-23T13:16:11.893 2026-04-23T13:16:11.893
fkie_cve-2026-22199 Voltronic Power SNMP Web Pro version 1.1 contains a pre-authentication path traversal vulnerability… 2026-03-13T19:54:09.933 2026-04-23T13:16:11.417
fkie_cve-2026-1726 IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 2026-04-23T00:16:44.920 2026-04-23T13:16:11.260
fkie_cve-2025-66286 An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform… 2026-04-23T13:16:11.007 2026-04-23T13:16:11.007
fkie_cve-2025-13763 Multiple uses of uninitialized variables were found in libopensc that may lead to information discl… 2026-04-23T13:16:09.697 2026-04-23T13:16:09.697
ID Severity Description Published Updated
ghsa-7w6x-pfmg-76xx
In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-aft… 2026-04-23T12:31:34Z 2026-04-23T12:31:35Z
ghsa-wx6x-8rvm-6rmr
7.2 (3.1)
The ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) plugin for WordP… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-qxgc-wc3f-24c9
9.8 (3.1)
9.3 (4.0)
Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a Authentication B… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-qmcv-hh7c-3m56
5.9 (3.1)
A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-m76h-rrc9-vvgj
9.8 (3.1)
9.3 (4.0)
Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a SQL Injection vu… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-hp4v-mqpf-9mwh
5.3 (3.1)
Missing Authorization vulnerability in NitroPack NitroPack nitropack allows Exploiting Incorrectly … 2026-04-08T09:31:34Z 2026-04-23T12:31:34Z
ghsa-g3wg-j2ff-prcp
7.1 (4.0)
A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized Vi… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-cr8r-qr27-mm7q
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-8q42-qfhf-592h
In the Linux kernel, the following vulnerability has been resolved: ipv4: nexthop: allocate skb dy… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-595f-wpcr-x297
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-4m3v-5p6w-fv99
9.8 (3.1)
9.3 (4.0)
Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File … 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-42m2-x7rv-fg34
7.5 (3.1)
8.7 (4.0)
The LabOne Web Server, backing the LabOne User Interface, contains insufficient input validation in… 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-3p5v-c45v-mqqc
4.3 (3.1)
Missing Authorization vulnerability in Navneil Naicker ACF Galerie 4 allows Exploiting Incorrectly … 2026-04-23T12:31:34Z 2026-04-23T12:31:34Z
ghsa-vjmw-64m9-xqq5
7.5 (3.1)
8.7 (4.0)
GROWI provided by GROWI, Inc. is vulnerable to a regular expression denial of service (ReDoS) via a… 2026-04-23T09:32:57Z 2026-04-23T09:32:57Z
ghsa-gq9g-w427-pc6x
The reCaptcha by WebDesignBy WordPress plugin before 2.0 does not sanitize or escape the Site Key s… 2026-04-23T09:32:57Z 2026-04-23T09:32:57Z
ghsa-fjqg-327f-q6hw
The HT Mega Addons for Elementor WordPress plugin before 3.0.7 contains an unauthenticated AJAX ac… 2026-04-23T09:32:57Z 2026-04-23T09:32:57Z
ghsa-xrqh-48jh-pjv2
7.5 (3.1)
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifical… 2026-03-13T21:31:51Z 2026-04-23T09:32:56Z
ghsa-j3m8-qm5j-mgwc
7.3 (3.1)
7.0 (4.0)
IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loadin… 2026-04-23T09:32:56Z 2026-04-23T09:32:56Z
ghsa-hhv5-qpmh-pc66
EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder … 2026-04-23T09:32:56Z 2026-04-23T09:32:56Z
ghsa-c75f-55f6-f63q
7.5 (3.1)
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archiv… 2026-03-19T15:31:21Z 2026-04-23T09:32:56Z
ghsa-2vwv-vqpv-v8vc
9.8 (3.1)
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the … 2026-03-30T09:31:29Z 2026-04-23T09:32:56Z
ghsa-wrv8-79m2-qg24
6.7 (3.1)
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via cra… 2026-04-23T06:30:22Z 2026-04-23T06:30:22Z
ghsa-qmq6-f8pr-cx5x
3.2 (3.1)
uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID v… 2026-04-23T06:30:22Z 2026-04-23T06:30:22Z
ghsa-p88x-88cf-mv94
5.4 (3.1)
Successful exploitation of the stored cross-site scripting (XSS) vulnerability could allow an attac… 2026-04-23T06:30:22Z 2026-04-23T06:30:22Z
ghsa-p6p5-j5xg-r643
6.4 (3.1)
The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wps… 2026-04-23T06:30:22Z 2026-04-23T06:30:22Z
ghsa-g347-f6xx-g55w
4.7 (3.1)
5.1 (4.0)
CMS ALAYA provided by KANATA Limited contains an SQL injection vulnerability. Information stored in… 2026-04-23T06:30:22Z 2026-04-23T06:30:22Z
ghsa-78pv-qq8x-94px
4.0 (3.1)
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check … 2026-04-23T06:30:22Z 2026-04-23T06:30:22Z
ghsa-c529-q7mw-hq6j
9.8 (3.1)
The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file t… 2026-04-23T04:00:22Z 2026-04-23T04:00:23Z
ghsa-vrq9-2rh7-jjg5
5.4 (3.1)
The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnera… 2026-04-23T04:00:22Z 2026-04-23T04:00:22Z
ghsa-2x2c-w34j-v42x
6.4 (3.1)
The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site S… 2026-04-23T04:00:22Z 2026-04-23T04:00:22Z
ID Severity Description Package Published Updated
pysec-2024-85
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-04-23T07:43:20.598639Z
pysec-2024-84
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-04-23T07:43:20.526718Z
pysec-2024-83
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-04-23T07:43:20.456202Z
pysec-2024-82
8.8 (3.1)
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… mindsdb 2024-09-12T13:15:00Z 2026-04-23T07:43:20.386659Z
pysec-2023-278
5.3 (3.1)
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… mindsdb 2023-12-11T21:15:00Z 2026-04-23T07:43:20.300009Z
pysec-2026-3
After an API token exposure from an exploited Trivy dependency, two new releases of `teln… telnyx 2026-03-27T14:53:14Z
pysec-2026-2
After an API Token exposure from an exploited Trivy dependency, two new releases of `lite… litellm 2026-03-24T15:35:32Z
pysec-2023-121
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… zstd 2023-03-31T20:15:00+00:00 2026-02-25T19:20:58+00:00
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious version… dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2020-220
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… ansible 2020-10-05T14:15:00Z 2025-10-31T04:43:53.616247Z
pysec-2025-72
The `num2words` project was compromised via a phishing attack and two new versions were u… num2words 2025-07-31T14:34:47+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2024-259
9.8 (3.1)
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… torch 2024-10-29T21:15:04+00:00 2025-07-16T03:09:57.748865+00:00
pysec-2024-258
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… scrapy 2024-05-20T08:15:08+00:00 2025-07-15T17:37:50.051730+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2024-257
7.5 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-03-22T23:15:07+00:00 2025-06-30T15:23:50.085549+00:00
pysec-2025-58
8.8 (3.1)
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… vllm 2025-01-27T18:15:41+00:00 2025-06-27T21:22:36.583615+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
ID Description Updated
gsd-2024-33903 In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… 2024-04-29T05:02:07.295775Z
gsd-2024-33902 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.486429Z
gsd-2024-33901 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.525896Z
gsd-2024-33900 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.290639Z
gsd-2024-33899 RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… 2024-04-29T05:02:07.400574Z
gsd-2024-33898 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287632Z
gsd-2024-33897 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.283756Z
gsd-2024-33896 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.313250Z
gsd-2024-33895 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.493081Z
gsd-2024-33894 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.488420Z
gsd-2024-33893 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.381761Z
gsd-2024-33892 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.378170Z
gsd-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… 2024-04-29T05:02:07.412035Z
gsd-2024-33890 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.344384Z
gsd-2024-33889 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.392587Z
gsd-2024-33888 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.468423Z
gsd-2024-33887 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.503613Z
gsd-2024-33886 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287167Z
gsd-2024-33885 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.441746Z
gsd-2024-33884 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.534455Z
gsd-2024-33883 The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… 2024-04-29T05:02:07.271727Z
gsd-2024-4303 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.716348Z
gsd-2024-4302 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.603637Z
gsd-2024-4301 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.678292Z
gsd-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… 2024-04-29T05:02:05.715239Z
gsd-2024-4299 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… 2024-04-29T05:02:05.606402Z
gsd-2024-4298 The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… 2024-04-29T05:02:05.598531Z
gsd-2024-4297 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… 2024-04-29T05:02:05.700888Z
gsd-2024-4296 The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… 2024-04-29T05:02:05.621428Z
gsd-2024-33882 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.803998Z
ID Description Published Updated
mal-2026-3016 Malicious code in amazon-q-developer-streaming-client (npm) 2026-04-23T13:35:47Z 2026-04-23T13:35:47Z
mal-2026-2895 Malicious code in chai-as-optimized (npm) 2026-04-16T20:36:13Z 2026-04-23T12:40:28Z
mal-2026-3015 Malicious code in lyroxcoder (PyPI) 2026-04-23T10:40:59Z 2026-04-23T10:40:59Z
mal-2026-3000 Malicious code in xinference (PyPI) 2026-04-22T22:06:22Z 2026-04-23T09:40:40Z
mal-2026-2256 Malicious code in shenxun162938 (npm) 2026-03-27T09:40:39Z 2026-04-23T05:15:51Z
mal-2026-2238 Malicious code in spr-i18n-labels (npm) 2026-03-26T16:40:45Z 2026-04-23T05:15:51Z
mal-2026-3008 Malicious code in json-spacer (npm) 2026-04-23T04:42:45Z 2026-04-23T04:42:46Z
mal-2026-3007 Malicious code in json-dec (npm) 2026-04-23T04:42:45Z 2026-04-23T04:42:46Z
mal-2026-3006 Malicious code in changelog-utils-structured-logger (npm) 2026-04-23T04:24:15Z 2026-04-23T04:24:16Z
mal-2026-3005 Malicious code in changelog-cli-logger (npm) 2026-04-23T04:24:15Z 2026-04-23T04:24:15Z
mal-2026-3004 Malicious code in @nklkas/hyperliquid (npm) 2026-04-23T04:24:15Z 2026-04-23T04:24:15Z
mal-2026-3013 Malicious code in undicy-http (npm) 2026-04-23T03:59:27Z 2026-04-23T03:59:28Z
mal-2026-3010 Malicious code in separadordeinfocc (npm) 2026-04-23T03:59:27Z 2026-04-23T03:59:28Z
mal-2026-3014 Malicious code in vime-azl (npm) 2026-04-23T03:56:24Z 2026-04-23T03:56:24Z
mal-2026-3011 Malicious code in ts-bing (npm) 2026-04-23T03:56:24Z 2026-04-23T03:56:24Z
mal-2026-3009 Malicious code in rollup-plugin-polyfill-route (npm) 2026-04-23T03:54:10Z 2026-04-23T03:54:10Z
mal-2026-3003 Malicious code in @amsterdam-local/forms-component-library (npm) 2026-04-23T03:52:34Z 2026-04-23T03:52:41Z
mal-2026-3012 Malicious code in ts-moduler (npm) 2026-04-23T03:49:53Z 2026-04-23T03:50:00Z
mal-2026-3002 Malicious code in lyrox (PyPI) 2026-04-23T00:22:16Z 2026-04-23T00:22:16Z
mal-2024-11746 Malicious code in voto3 (PyPI) 2024-07-26T16:53:30Z 2026-04-22T23:24:15Z
mal-2026-3001 Malicious code in process-support (PyPI) 2026-04-22T23:13:14Z 2026-04-22T23:13:14Z
mal-2025-47788 Malicious code in noonutil (PyPI) 2025-08-20T15:39:33Z 2026-04-22T22:50:05Z
mal-2025-41675 Malicious code in flask-tdg-cyber (PyPI) 2025-08-11T15:54:48Z 2026-04-22T22:50:05Z
mal-2025-191916 Malicious code in unicore (PyPI) 2025-09-07T21:01:23Z 2026-04-22T22:50:05Z
mal-2024-12351 Malicious code in spy-ai (PyPI) 2024-10-02T09:16:00Z 2026-04-22T22:50:05Z
mal-2024-11519 Malicious code in aiopbotocore (PyPI) 2024-07-26T16:53:30Z 2026-04-22T22:50:05Z
mal-2025-47799 Malicious code in python-ledgercommon (PyPI) 2025-08-21T14:59:29Z 2026-04-22T21:23:32Z
mal-2025-47746 Malicious code in awesome-tools-collection (PyPI) 2025-09-03T15:52:43Z 2026-04-22T21:23:32Z
mal-2025-47745 Malicious code in anrok (PyPI) 2025-08-23T17:56:40Z 2026-04-22T21:23:32Z
mal-2025-192962 Malicious code in rippling-cli (PyPI) 2025-12-30T09:52:01Z 2026-04-22T21:23:32Z
ID Description Published Updated
7paa020125 Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850 communication stack 2026-04-13T00:30:00.000Z 2026-04-13T00:30:00.000Z
7paa017341 PostgreSQL vulnerabilities in ABB Ability™ Symphony® Plus Engineering 2026-04-13T00:30:00.000Z 2026-04-13T00:30:00.000Z
7paa023732 System 800xA affected by 3rd party component vulnerabilities 2026-03-31T00:30:00.000Z 2026-03-31T00:30:00.000Z
4hzm000604 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) 2026-03-26T00:30:00.000Z 2026-03-26T00:30:00.000Z
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ​​PVI​ ​​Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ​B&R PCs vulnerable to PixieFail attack​ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-1233 PackageKit: Schwachstelle ermöglicht Privilegieneskalation 2026-04-21T22:00:00.000+00:00 2026-04-22T22:00:00.000+00:00
wid-sec-w-2026-1145 Flowise: Mehrere Schwachstellen 2026-04-15T22:00:00.000+00:00 2026-04-21T22:00:00.000+00:00
wid-sec-w-2026-1084 BigBlueButton: Mehrere Schwachstellen 2026-04-13T22:00:00.000+00:00 2026-04-21T22:00:00.000+00:00
wid-sec-w-2026-1081 MinIO: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen 2026-04-13T22:00:00.000+00:00 2026-04-21T22:00:00.000+00:00
wid-sec-w-2026-1161 OpenClaw: Mehrere Schwachstellen 2026-04-16T22:00:00.000+00:00 2026-04-20T22:00:00.000+00:00
wid-sec-w-2026-0948 OpenClaw: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-20T22:00:00.000+00:00
wid-sec-w-2026-1118 Dell PowerProtect Data Domain OS: Mehrere Schwachstellen 2026-04-14T22:00:00.000+00:00 2026-04-19T22:00:00.000+00:00
wid-sec-w-2026-1144 GIMP: Mehrere Schwachstellen 2026-04-15T22:00:00.000+00:00 2026-04-16T22:00:00.000+00:00
wid-sec-w-2026-0991 Apache ActiveMQ, Client, Broker und Web: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-15T22:00:00.000+00:00
wid-sec-w-2026-0915 Kyocera Drucker: Mehrere Schwachstellen 2026-03-30T22:00:00.000+00:00 2026-04-15T22:00:00.000+00:00
wid-sec-w-2026-1054 Apache log4net: Schwachstelle ermöglicht Manipulation von Dateien 2026-04-12T22:00:00.000+00:00 2026-04-14T22:00:00.000+00:00
wid-sec-w-2026-0950 Linux Kernel: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-14T22:00:00.000+00:00
wid-sec-w-2026-1068 Adobe Acrobat und Acrobat Reader: Mehrere Schwachstellen 2020-08-11T22:00:00.000+00:00 2026-04-13T22:00:00.000+00:00
wid-sec-w-2025-2564 Microsoft Windows und Windows Server: Mehrere Schwachstellen 2025-11-11T23:00:00.000+00:00 2026-04-13T22:00:00.000+00:00
wid-sec-w-2023-2890 Microsoft Windows: Mehrere Schwachstellen 2023-11-14T23:00:00.000+00:00 2026-04-13T22:00:00.000+00:00
wid-sec-w-2023-0368 Microsoft Exchange: Mehrere Schwachstellen ermöglichen Codeausführung 2023-02-14T23:00:00.000+00:00 2026-04-13T22:00:00.000+00:00
wid-sec-w-2026-1047 Adobe Acrobat Reader: Schwachstelle ermöglicht Offenlegung von Informationen und Codeausführung 2026-04-09T22:00:00.000+00:00 2026-04-12T22:00:00.000+00:00
wid-sec-w-2026-0884 OpenClaw: Mehrere Schwachstellen 2026-03-26T23:00:00.000+00:00 2026-04-12T22:00:00.000+00:00
wid-sec-w-2026-0856 OpenClaw: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-12T22:00:00.000+00:00
wid-sec-w-2026-0542 OpenClaw: Mehrere Schwachstellen 2026-02-25T23:00:00.000+00:00 2026-04-12T22:00:00.000+00:00
wid-sec-w-2026-0472 OpenClaw: Mehrere Schwachstellen 2026-02-22T23:00:00.000+00:00 2026-04-12T22:00:00.000+00:00
wid-sec-w-2026-1036 OpenCTI: Schwachstelle ermöglicht Codeausführung 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1027 LangChain: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1023 libpng: Schwachstelle ermöglicht Offenlegung von Informationen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1022 Juniper Patchday April 2026: Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1020 Intel Prozessoren (Pentium Silver Series, Celeron J Series, und Celeron N series): Schwachstelle ermöglicht Privilegieneskalation 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1012 SonicWall SMA1000 : Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1006 Golang Go: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1002 Django: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0997 Mozilla Firefox und Thunderbird: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
ID Description Published Updated
icsa-26-111-12 SenseLive X3050 2026-04-21T06:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-11 Siemens Industrial Edge Management 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-10 Silex Technology SD-330AC and AMC Manager 2026-04-21T06:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-09 Siemens SINEC NMS 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-08 Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC) 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-07 Siemens SCALANCE 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-06 Zero Motorcycles Firmware 2026-04-21T06:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-04 Siemens Analytics Toolkit 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-03 Siemens SINEC NMS 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-02 Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-01 Siemens TPM 2.0 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-05 Hardy Barth Salia EV Charge Controller 2026-04-21T05:00:00.000000Z 2026-04-21T05:00:00.000000Z
icsa-26-106-04 AVEVA Pipeline Simulation 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-106-03 Anviz Multiple Products 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-106-02 Horner Automation Cscape and XL4, XL7 PLC 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-106-01 Delta Electronics ASDA-Soft 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-085-02 OC Messaging and Custom Messaging Gateway 2026-03-26T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-043-01 Siemens SINEC NMS 2026-02-10T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-015-07 Siemens RUGGEDCOM APE1808 Devices 2026-01-13T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-25-226-18 Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER 2025-08-12T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-25-135-15 Siemens Mendix OIDC SSO 2025-05-13T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-25-072-11 Siemens SIMATIC IPC Family, ITP1000, and Field PGs 2025-03-11T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-23-080-04 Siemens RADIUS Client of SIPROTEC 5 Devices 2023-03-14T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-22-349-09 Siemens Products affected by OpenSSL 3.0 2022-12-13T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-22-286-11 Siemens SCALANCE and RUGGEDCOM Products 2022-10-11T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-22-223-07 Siemens SCALANCE 2022-08-09T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-22-167-14 Siemens OpenSSL Affected Industrial Products 2022-06-14T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-21-194-03 Siemens PROFINET Devices 2021-07-13T00:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-21-075-02 GE UR Family (Update A) 2021-03-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-099-02 GPL Odorizers GPL750 2026-04-09T06:00:00.000000Z 2026-04-09T06:00:00.000000Z
ID Description Published Updated
cisco-sa-cimc-xss-a2tkgvab Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities 2026-04-01T16:00:00+00:00 2026-04-22T18:05:52+00:00
cisco-sa-cimc-cmd-inj-3hkn3bvt Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities 2026-04-01T16:00:00+00:00 2026-04-22T18:01:40+00:00
cisco-sa-sdwan-authbp-qwcx8d4v Cisco Catalyst SD-WAN Vulnerabilities 2026-02-25T16:00:00+00:00 2026-04-22T15:10:56+00:00
cisco-sa-webex-cui-cert-8jszyhwl Cisco Webex Services Certificate Validation Vulnerability 2026-04-15T16:00:00+00:00 2026-04-16T18:52:15+00:00
cisco-sa-wsa-auth-bypass-6yzktqhd Cisco Secure Web Appliance Authentication Bypass Vulnerability 2026-04-15T16:00:00+00:00 2026-04-16T13:14:04+00:00
cisco-sa-webexcc-xss-wex5nuna Cisco Webex Contact Center Cross-Site Scripting Vulnerability 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-unity-vulns-n2ejsbbw Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-unity-file-download-rmkevwpx Cisco Unity Connection Arbitrary File Download Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-te-agentfilewrite-tquw3smu Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-isexss-bs8cte7u Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-ise-rce-traversal-8byndvrz Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-ise-rce-4fverepv Cisco Identity Services Engine Remote Code Execution Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-ise-cmd-inj-5wsjcyjb Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-iosxe-mntc-dos-lzweqcyq Cisco IOS XE Software Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-04-02T19:43:54+00:00
cisco-sa-ssm-cli-execution-chucwunr Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-ndi-afw-rjurc5dz Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-ssrf-naen4o7r Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-cbid-5yqkoshu Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-epnm-improp-auth-muwfwuu3 Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cssm-priv-esc-xranouo8 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cimc-auth-bypass-agg2bxtn Cisco Integrated Management Controller Authentication Bypass Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-ndfc-cmdinj-uvyzrkfr Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability 2024-10-02T16:00:00+00:00 2026-03-31T18:47:53+00:00
cisco-sa-xe-secureboot-bypass-b6uyxysz Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-wlc-dos-hnx5kgom Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-vmanage-xss-zqkhp9w9 Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-scp-dos-duadxtcg Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-xss-lpgkzwtj Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-crlf-nvgktkjz Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe_infodis-6j847ueb Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-tls-dos-tvgldezl Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-5160 CVE-2026-5160 2026-04-02T00:00:00.000Z 2026-04-23T01:38:56.000Z
msrc_cve-2026-32288 Unbounded allocation for old GNU sparse in archive/tar 2026-04-02T00:00:00.000Z 2026-04-23T01:38:24.000Z
msrc_cve-2026-39882 OpenTelemetry-Go OTLP HTTP exporters read unbounded HTTP response bodies 2026-04-02T00:00:00.000Z 2026-04-23T01:37:50.000Z
msrc_cve-2026-33750 brace-expansion: Zero-step sequence causes process hang and memory exhaustion 2026-03-02T00:00:00.000Z 2026-04-23T01:37:20.000Z
msrc_cve-2026-41445 KissFFT Integer Overflow Heap Buffer Overflow via kiss_fftndr_alloc() 2026-04-02T00:00:00.000Z 2026-04-23T01:11:28.000Z
msrc_cve-2026-27820 zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption 2026-04-02T00:00:00.000Z 2026-04-23T01:11:19.000Z
msrc_cve-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL 2026-04-02T00:00:00.000Z 2026-04-23T01:11:14.000Z
msrc_cve-2026-6409 Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input 2026-04-02T00:00:00.000Z 2026-04-23T01:11:06.000Z
msrc_cve-2026-28808 ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch) 2026-04-02T00:00:00.000Z 2026-04-23T01:10:24.000Z
msrc_cve-2026-6507 Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing 2026-04-02T00:00:00.000Z 2026-04-23T01:10:16.000Z
msrc_cve-2026-31521 module: Fix kernel panic when a symbol st_shndx is out of bounds 2026-04-02T00:00:00.000Z 2026-04-23T01:10:06.000Z
msrc_cve-2026-31493 RDMA/efa: Fix use of completion ctx after free 2026-04-02T00:00:00.000Z 2026-04-23T01:10:00.000Z
msrc_cve-2026-31473 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex 2026-04-02T00:00:00.000Z 2026-04-23T01:09:55.000Z
msrc_cve-2026-31450 ext4: publish jinode after initialization 2026-04-02T00:00:00.000Z 2026-04-23T01:09:49.000Z
msrc_cve-2026-31494 net: macb: use the current queue number for stats 2026-04-02T00:00:00.000Z 2026-04-23T01:09:44.000Z
msrc_cve-2026-31512 Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() 2026-04-02T00:00:00.000Z 2026-04-23T01:09:38.000Z
msrc_cve-2026-31492 RDMA/irdma: Initialize free_qp completion before using it 2026-04-02T00:00:00.000Z 2026-04-23T01:09:33.000Z
msrc_cve-2026-31467 erofs: add GFP_NOIO in the bio completion if needed 2026-04-02T00:00:00.000Z 2026-04-23T01:09:27.000Z
msrc_cve-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN 2026-04-02T00:00:00.000Z 2026-04-23T01:09:22.000Z
msrc_cve-2026-31453 xfs: avoid dereferencing log items after push callbacks 2026-04-02T00:00:00.000Z 2026-04-23T01:09:17.000Z
msrc_cve-2026-31498 Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop 2026-04-02T00:00:00.000Z 2026-04-23T01:09:11.000Z
msrc_cve-2026-31503 udp: Fix wildcard bind conflict check when using hash2 2026-04-02T00:00:00.000Z 2026-04-23T01:09:06.000Z
msrc_cve-2026-31480 tracing: Fix potential deadlock in cpu hotplug with osnoise 2026-04-02T00:00:00.000Z 2026-04-23T01:09:00.000Z
msrc_cve-2026-31528 perf: Make sure to use pmu_ctx->pmu for groups 2026-04-02T00:00:00.000Z 2026-04-23T01:08:55.000Z
msrc_cve-2026-31530 cxl/port: Fix use after free of parent_port in cxl_detach_ep() 2026-04-02T00:00:00.000Z 2026-04-23T01:08:49.000Z
msrc_cve-2026-31451 ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio 2026-04-02T00:00:00.000Z 2026-04-23T01:08:44.000Z
msrc_cve-2026-31509 nfc: nci: fix circular locking dependency in nci_close_device 2026-04-02T00:00:00.000Z 2026-04-23T01:08:38.000Z
msrc_cve-2026-31477 ksmbd: fix memory leaks and NULL deref in smb2_lock() 2026-04-02T00:00:00.000Z 2026-04-23T01:08:32.000Z
msrc_cve-2026-31478 ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() 2026-04-02T00:00:00.000Z 2026-04-23T01:08:27.000Z
msrc_cve-2026-31522 HID: magicmouse: avoid memory leak in magicmouse_report_fixup() 2026-04-02T00:00:00.000Z 2026-04-23T01:08:21.000Z
ID Description Published Updated
ncsc-2026-0128 Kwetsbaarheden verholpen in GitLab EE en CE 2026-04-23T11:21:11.080481Z 2026-04-23T11:21:11.080481Z
ncsc-2026-0127 Kwetsbaarheden verholpen in Oracle PeopleSoft 2026-04-22T14:10:36.199130Z 2026-04-22T14:10:36.199130Z
ncsc-2026-0126 Kwetsbaarheden verholpen in Oracle E-Business Suite 2026-04-22T12:56:26.266249Z 2026-04-22T12:56:26.266249Z
ncsc-2026-0125 Kwetsbaarheden verholpen in Oracle Enterprise Manager 2026-04-22T12:46:17.624971Z 2026-04-22T12:46:17.624971Z
ncsc-2026-0124 Kwetsbaarheden verholpen in Oracle Identity Manager Connector 2026-04-22T11:33:45.816246Z 2026-04-22T11:33:45.816246Z
ncsc-2026-0123 Kwetsbaarheid verholpen in ASP.NET Core van Microsoft 2026-04-22T09:40:27.334869Z 2026-04-22T09:40:27.334869Z
ncsc-2026-0122 Kwetsbaarheid verholpen in Cisco Webex Services 2026-04-17T08:37:31.398143Z 2026-04-17T08:37:31.398143Z
ncsc-2026-0121 Kwetsbaarheden verholpen in Fortinet FortiSandbox 2026-04-15T12:23:16.801183Z 2026-04-15T12:23:16.801183Z
ncsc-2026-0120 Kwetsbaarheden verholpen in Fortinet FortiAnalyzer en FortiManager 2026-04-15T12:20:38.675602Z 2026-04-15T12:20:38.675602Z
ncsc-2026-0115 Kwetsbaarheid verholpen in Microsoft Defender 2026-04-14T19:19:48.691858Z 2026-04-15T08:54:16.881135Z
ncsc-2026-0119 Kwetsbaarheden verholpen in Microsoft Windows 2026-04-15T08:53:38.926894Z 2026-04-15T08:53:38.926894Z
ncsc-2026-0118 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-04-14T19:24:22.610160Z 2026-04-14T19:24:22.610160Z
ncsc-2026-0117 Kwetsbaarheden verholpen in Microsoft Azure 2026-04-14T19:23:30.733725Z 2026-04-14T19:23:30.733725Z
ncsc-2026-0116 Kwetsbaarheden verholpen in Microsoft Office 2026-04-14T19:20:56.343558Z 2026-04-14T19:20:56.343558Z
ncsc-2026-0114 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-04-14T19:18:58.666745Z 2026-04-14T19:18:58.666745Z
ncsc-2026-0113 Kwetsbaarheden verholpen in SAP-producten 2026-04-14T12:55:40.388960Z 2026-04-14T12:55:40.388960Z
ncsc-2026-0112 Kwetsbaarheden verholpen in Siemens producten 2026-04-14T11:37:21.682429Z 2026-04-14T11:37:21.682429Z
ncsc-2026-0111 Kwetsbaarheid verholpen in Adobe Acrobat 2026-04-12T08:42:18.844193Z 2026-04-13T09:38:04.129352Z
ncsc-2026-0110 Kwetsbaarheid verholpen in Cisco Smart Software Manager On-Prem 2026-04-10T14:28:58.703642Z 2026-04-10T14:28:58.703642Z
ncsc-2026-0007 Kwetsbaarheden verholpen in Microsoft Windows 2026-01-13T19:16:30.720079Z 2026-04-10T12:53:42.521564Z
ncsc-2026-0109 Kwetsbaarheden verholpen in Synology SSL VPN Client 2026-04-10T12:11:00.859799Z 2026-04-10T12:11:00.859799Z
ncsc-2026-0108 Kwetsbaarheid verholpen in Juniper Networks Junos OS Evolved 2026-04-10T12:06:13.479822Z 2026-04-10T12:06:13.479822Z
ncsc-2026-0107 Kwetsbaarheid verholpen in FortiClient EMS van Fortinet 2026-04-04T13:49:19.002116Z 2026-04-04T13:49:19.002116Z
ncsc-2026-0106 Kwetsbaarheden verholpen in Cisco Integrated Management Controller 2026-04-03T10:34:46.145536Z 2026-04-03T10:34:46.145536Z
ncsc-2026-0105 Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights 2026-04-03T08:20:48.187725Z 2026-04-03T08:20:48.187725Z
ncsc-2026-0047 Kwetsbaarheid verholpen in Fortinet FortiClient EMS 2026-02-09T10:16:18.048622Z 2026-03-30T11:36:22.656910Z
ncsc-2025-0319 Kwetsbaarheden verholpen in F5 Networks BIG-IP, F5OS en NGINX App Protect WAF 2025-10-15T15:21:14.871532Z 2026-03-27T18:09:03.259108Z
ncsc-2026-0104 Kwetsbaarheden verholpen in Cisco IOS XE Software 2026-03-26T09:50:03.269095Z 2026-03-26T09:50:03.269095Z
ncsc-2026-0103 Kwetsbaarheden verholpen in GitLab 2026-03-26T09:48:10.874427Z 2026-03-26T09:48:10.874427Z
ncsc-2026-0102 Kwetsbaarheden verholpen in Apple macOS 2026-03-25T14:15:56.073353Z 2026-03-25T14:15:56.073353Z
ID Description Published Updated
nn-2026:2-01 Stored Cross-Site Scripting (XSS) in Assets and Nodes in Guardian/CMC before 26.0.0 2026-04-15T11:00:00.000Z 2026-04-15T11:00:00.000Z
nn-2026:1-01 Incorrect authorization for Threat Intelligence in Guardian/CMC before 26.0.0 2026-04-15T11:00:00.000Z 2026-04-15T11:00:00.000Z
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10604-1 ruby4.0-rubygem-rack-session-2.1.2-1.1 on GA media 2026-04-22T00:00:00Z 2026-04-22T00:00:00Z
opensuse-su-2026:10603-1 jupyter-nbconvert-7.17.1-1.1 on GA media 2026-04-22T00:00:00Z 2026-04-22T00:00:00Z
opensuse-su-2026:10602-1 glances-common-4.5.4-1.1 on GA media 2026-04-22T00:00:00Z 2026-04-22T00:00:00Z
opensuse-su-2026:10601-1 grafana-11.6.14+security01-1.1 on GA media 2026-04-22T00:00:00Z 2026-04-22T00:00:00Z
opensuse-su-2026:10600-1 csync2-2.0+git.1600444747.83b3644-3.1 on GA media 2026-04-22T00:00:00Z 2026-04-22T00:00:00Z
opensuse-su-2026:10599-1 cacti-1.2.30+git306.82d5aef5-1.1 on GA media 2026-04-22T00:00:00Z 2026-04-22T00:00:00Z
opensuse-su-2026:20595-1 Security update for tomcat11 2026-04-21T11:43:18Z 2026-04-21T11:43:18Z
opensuse-su-2026:20593-1 Security update for libpng16 2026-04-21T09:59:18Z 2026-04-21T09:59:18Z
opensuse-su-2026:20591-1 Security update for GraphicsMagick 2026-04-21T09:49:40Z 2026-04-21T09:49:40Z
opensuse-su-2026:20592-1 Security update for ghostscript 2026-04-21T09:49:39Z 2026-04-21T09:49:39Z
opensuse-su-2026:20598-1 Security update for python-PyPDF2 2026-04-21T09:43:19Z 2026-04-21T09:43:19Z
opensuse-su-2026:20590-1 Security update for gnome-remote-desktop 2026-04-21T09:37:03Z 2026-04-21T09:37:03Z
opensuse-su-2026:10584-1 rclone-1.73.5-1.1 on GA media 2026-04-20T00:00:00Z 2026-04-20T00:00:00Z
opensuse-su-2026:10583-1 python311-pypdf-6.10.2-1.1 on GA media 2026-04-20T00:00:00Z 2026-04-20T00:00:00Z
opensuse-su-2026:10582-1 python311-PyPDF2-2.11.1-9.1 on GA media 2026-04-20T00:00:00Z 2026-04-20T00:00:00Z
opensuse-su-2026:10581-1 haproxy-3.3.6+git91.af5637e93-1.1 on GA media 2026-04-20T00:00:00Z 2026-04-20T00:00:00Z
opensuse-su-2026:10578-1 tempo-cli-2.10.4-1.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10577-1 skopeo-1.22.1-1.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10576-1 python311-jwcrypto-1.5.7-2.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10575-1 python311-Pillow-12.2.0-2.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10574-1 jetty-annotations-9.4.58-4.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10573-1 cpp-httplib-devel-0.42.0-1.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10572-1 chromedriver-147.0.7727.101-1.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10571-1 bouncycastle-1.84-1.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10570-1 aardvark-dns-1.17.1-1.1 on GA media 2026-04-18T00:00:00Z 2026-04-18T00:00:00Z
opensuse-su-2026:10567-1 python311-Django-5.2.13-1.1 on GA media 2026-04-16T00:00:00Z 2026-04-16T00:00:00Z
opensuse-su-2026:10566-1 liblog4cxx-devel-1.7.0-2.1 on GA media 2026-04-16T00:00:00Z 2026-04-16T00:00:00Z
opensuse-su-2026:10565-1 libraw-devel-0.22.1-1.1 on GA media 2026-04-16T00:00:00Z 2026-04-16T00:00:00Z
opensuse-su-2026:10564-1 libpng16-16-1.6.57-1.1 on GA media 2026-04-16T00:00:00Z 2026-04-16T00:00:00Z
opensuse-su-2026:10563-1 leancrypto-devel-1.7.2-1.1 on GA media 2026-04-16T00:00:00Z 2026-04-16T00:00:00Z
ID Description Published Updated
oxdc-adv-2026-0001 OX Dovecot Security Advisory OXDC-ADV-2026-0001 2026-03-27T00:00:00+00:00 2026-03-27T00:00:00+00:00
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2026:9832 Red Hat Security Advisory: Insights proxy Container Image 2026-04-22T17:32:43+00:00 2026-04-23T06:09:34+00:00
rhsa-2026:9874 Red Hat Security Advisory: nodejs:20 security update 2026-04-22T21:54:54+00:00 2026-04-23T06:09:32+00:00
rhsa-2026:9872 Red Hat Security Advisory: DevWorkspace Operator 0.40.1 release. 2026-04-22T21:03:38+00:00 2026-04-23T06:09:32+00:00
rhsa-2026:9745 Red Hat Security Advisory: python3 security update 2026-04-22T15:41:14+00:00 2026-04-23T06:09:32+00:00
rhsa-2026:9742 Red Hat Security Advisory: Red Hat Developer Hub 1.8.6 release. 2026-04-22T14:56:38+00:00 2026-04-23T06:09:32+00:00
rhsa-2026:9732 Red Hat Security Advisory: openssh security update 2026-04-22T15:08:16+00:00 2026-04-23T06:09:31+00:00
rhsa-2026:9711 Red Hat Security Advisory: nodejs:20 security update 2026-04-22T14:07:14+00:00 2026-04-23T06:09:31+00:00
rhsa-2026:9705 Red Hat Security Advisory: python3.11 security update 2026-04-22T14:06:14+00:00 2026-04-23T06:09:31+00:00
rhsa-2026:9108 Red Hat Security Advisory: gvisor-tap-vsock security update 2026-04-20T19:56:47+00:00 2026-04-23T06:09:31+00:00
rhsa-2026:9695 Red Hat Security Advisory: rhc security update 2026-04-22T11:44:28+00:00 2026-04-23T06:09:30+00:00
rhsa-2026:9621 Red Hat Security Advisory: python3 security update 2026-04-22T07:12:32+00:00 2026-04-23T06:09:30+00:00
rhsa-2026:9614 Red Hat Security Advisory: python security update 2026-04-22T07:09:02+00:00 2026-04-23T06:09:30+00:00
rhsa-2026:9592 Red Hat Security Advisory: libarchive security update 2026-04-22T06:02:52+00:00 2026-04-23T06:09:30+00:00
rhsa-2026:9591 Red Hat Security Advisory: python3.11 security update 2026-04-22T06:09:17+00:00 2026-04-23T06:09:30+00:00
rhsa-2026:9461 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.3.2 2026-04-21T17:38:07+00:00 2026-04-23T06:09:29+00:00
rhsa-2026:9453 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.4 2026-04-21T17:29:36+00:00 2026-04-23T06:09:29+00:00
rhsa-2026:9448 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.7 2026-04-21T17:23:46+00:00 2026-04-23T06:09:29+00:00
rhsa-2026:9440 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.10 2026-04-21T17:12:20+00:00 2026-04-23T06:09:29+00:00
rhsa-2026:9439 Red Hat Security Advisory: git-lfs security update 2026-04-21T17:53:20+00:00 2026-04-23T06:09:29+00:00
rhsa-2026:9436 Red Hat Security Advisory: git-lfs security update 2026-04-21T17:09:01+00:00 2026-04-23T06:09:28+00:00
rhsa-2026:9435 Red Hat Security Advisory: git-lfs security update 2026-04-21T17:12:00+00:00 2026-04-23T06:09:28+00:00
rhsa-2026:9434 Red Hat Security Advisory: git-lfs security update 2026-04-21T17:19:55+00:00 2026-04-23T06:09:28+00:00
rhsa-2026:9415 Red Hat Security Advisory: openssh security update 2026-04-21T17:19:55+00:00 2026-04-23T06:09:28+00:00
rhsa-2026:9387 Red Hat Security Advisory: python3 security update 2026-04-21T15:37:50+00:00 2026-04-23T06:09:27+00:00
rhsa-2026:9386 Red Hat Security Advisory: python3 security update 2026-04-21T16:29:40+00:00 2026-04-23T06:09:27+00:00
rhsa-2026:9385 Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.9.2 release 2026-04-21T15:08:38+00:00 2026-04-23T06:09:27+00:00
rhsa-2026:9354 Red Hat Security Advisory: python3.9 security update 2026-04-21T15:36:00+00:00 2026-04-23T06:09:27+00:00
rhsa-2026:9289 Red Hat Security Advisory: python3 security update 2026-04-21T14:31:25+00:00 2026-04-23T06:09:27+00:00
rhsa-2026:9262 Red Hat Security Advisory: python3.9 security update 2026-04-21T12:05:49+00:00 2026-04-23T06:09:26+00:00
rhsa-2026:9261 Red Hat Security Advisory: python3.9 security update 2026-04-21T11:42:29+00:00 2026-04-23T06:09:26+00:00
ID Description Published Updated
sevd-2026-104-03 Use of Hard-coded Credentials vulnerability on Easergy MiCOM Px40 Series 2026-04-14T07:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2026-104-02 Third-Party vulnerability on Modicon Networking Managed Switches 2026-04-14T07:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2026-104-01 Multiple Vulnerabilities on PowerChute™ Serial Shutdown 2026-04-14T07:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2025-224-05 Modicon M340 Controller and Communication Modules 2025-08-12T04:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2025-014-05 Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules 2025-01-14T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2024-317-02 Modicon Controllers M340 / Momentum / MC80 & EcoStruxure™ Control Expert 2024-11-12T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2024-163-01 Modicon M340, Modbus/TCP Ethernet Modicon M340 module, and Modbus/TCP Ethernet Modicon M340 FactoryCast module 2024-06-11T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2024-044-01 EcoStruxure™ Control Expert, EcoStruxure™ Process Expert and Modicon M340, M580 and M580 Safety PLCs 2024-02-13T12:41:43.000Z 2026-04-14T07:00:00.000Z
sevd-2023-010-06 EcoStruxure™ Control Expert, EcoStruxure™ Process Expert and Modicon M340, M580 and M580 CPU Safety 2023-01-10T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2019-134-11 Multiple Vulnerabilities in Modicon Controller Products 2019-05-14T16:48:40.000Z 2026-04-14T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-343-01 EcoStruxure™ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-03 EcoStruxure™ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-343-02 EcoStruxure™ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
ID Description Published Updated
sca-2026-0007 Sudo vulnerability affects Endress+Hauser MCS200HW 2026-04-21T13:00:00.000Z 2026-04-21T13:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2026-04-17T11:00:00.000Z
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
SCA-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
ID Description Published Updated
ssa-981622 SSA-981622: Improper Certificate Validation Vulnerability in Siemens Analytics Toolkit 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-913875 SSA-913875: Frame Aggregation and Fragmentation Vulnerabilities in 802.11 2021-07-13T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-827968 SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices 2026-01-13T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-801704 SSA-801704: Authentication Bypass Vulnerability in SINEC NMS 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-741509 SSA-741509: Privilege Escalation Vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary Before V5.8 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-726834 SSA-726834: Denial of Service Vulnerability in the RADIUS Client of SIPROTEC 5 Devices 2023-03-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-726617 SSA-726617: Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module 2025-05-13T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-712929 SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products 2022-06-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-710008 SSA-710008: Multiple Web Vulnerabilities in SCALANCE Products 2022-08-09T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-628843 SSA-628843: Out of Bound Read Vulnerability in TPM 2.0 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-609469 SSA-609469: Authorization Bypass Vulnerability in Industrial Edge Management 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-605717 SSA-605717: Authorization Bypass Vulnerability in SINEC NMS Before V4.0 SP3 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-599968 SSA-599968: Denial of Service Vulnerability in Profinet Devices 2021-07-13T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-552702 SSA-552702: Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products 2022-10-11T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-408105 SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products 2022-12-13T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-244969 SSA-244969: OpenSSL Vulnerability in Industrial Products 2022-02-08T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-225816 SSA-225816: Memory Corruption Vulnerability in RUGGEDCOM CROSSBOW Station Access Controller Before V5.8 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-216014 SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs 2025-03-11T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-186293 SSA-186293: XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER 2025-08-12T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-019200 SSA-019200: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices Before V6.6.0 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-246443 SSA-246443: Multiple Vulnerabilities in SICAM 8 Products 2026-03-26T00:00:00.000Z 2026-03-26T00:00:00.000Z
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-770770 SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices 2025-02-11T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-513708 SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ID Description Published Updated
suse-su-2026:1550-1 Security update for openssl-1_1 2026-04-22T09:41:29Z 2026-04-22T09:41:29Z
suse-su-2026:1549-1 Security update for openssl-1_1 2026-04-22T09:40:58Z 2026-04-22T09:40:58Z
suse-su-2026:1548-1 Security update for kea 2026-04-22T09:40:51Z 2026-04-22T09:40:51Z
suse-su-2026:1541-1 Security update for flatpak 2026-04-22T07:22:36Z 2026-04-22T07:22:36Z
suse-su-2026:1540-1 Security update for podman 2026-04-22T07:22:18Z 2026-04-22T07:22:18Z
suse-su-2026:1539-1 Security update for gdk-pixbuf 2026-04-22T07:20:51Z 2026-04-22T07:20:51Z
suse-su-2026:1537-1 Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) 2026-04-21T23:07:10Z 2026-04-21T23:07:10Z
suse-su-2026:1535-1 Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5) 2026-04-21T14:34:30Z 2026-04-21T14:34:30Z
suse-su-2026:1532-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7) 2026-04-21T12:04:58Z 2026-04-21T12:04:58Z
suse-su-2026:1531-1 Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6) 2026-04-21T12:04:49Z 2026-04-21T12:04:49Z
suse-su-2026:1530-1 Security update for python311 2026-04-21T11:04:58Z 2026-04-21T11:04:58Z
suse-su-2026:1527-1 Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6) 2026-04-21T10:04:36Z 2026-04-21T10:04:36Z
suse-su-2026:21239-1 Security update for libpng16 2026-04-21T10:01:03Z 2026-04-21T10:01:03Z
suse-su-2026:1525-1 Security update 5.1.3 for Multi-Linux Manager Salt Bundle 2026-04-21T09:26:32Z 2026-04-21T09:26:32Z
suse-su-2026:1524-1 Security update 5.1.3 for Multi-Linux Manager Client Tools 2026-04-21T09:26:09Z 2026-04-21T09:26:09Z
suse-su-2026:1523-1 Security update 5.1.3 for Multi-Linux Manager Salt Bundle 2026-04-21T09:25:43Z 2026-04-21T09:25:43Z
suse-su-2026:1521-1 Security update 5.1.3 for Multi-Linux Manager Client Tools 2026-04-21T09:25:11Z 2026-04-21T09:25:11Z
suse-su-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools 2026-04-21T09:24:49Z 2026-04-21T09:24:49Z
suse-su-2026:1519-1 Security update 5.1.3 for Multi-Linux Manager Client Tools 2026-04-21T09:24:29Z 2026-04-21T09:24:29Z
suse-su-2026:1513-1 Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise 15 SP6) 2026-04-21T08:04:22Z 2026-04-21T08:04:22Z
suse-su-2026:1511-1 Security update for flatpak 2026-04-21T06:28:50Z 2026-04-21T06:28:50Z
suse-su-2026:1510-1 Security update for ncurses 2026-04-21T06:28:16Z 2026-04-21T06:28:16Z
suse-su-2026:1509-1 Security update for nodejs22 2026-04-21T06:27:53Z 2026-04-21T06:27:53Z
suse-su-2026:1508-1 Security update for podman 2026-04-21T06:27:08Z 2026-04-21T06:27:08Z
suse-su-2026:1505-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6) 2026-04-20T22:36:36Z 2026-04-20T22:36:36Z
suse-su-2026:1504-1 Security update for GraphicsMagick 2026-04-20T16:18:41Z 2026-04-20T16:18:41Z
suse-su-2026:1503-1 Security update for python 2026-04-20T16:17:54Z 2026-04-20T16:17:54Z
suse-su-2026:1501-1 Security update for glibc-livepatches 2026-04-20T16:16:50Z 2026-04-20T16:16:50Z
suse-su-2026:1500-1 Security update for libpng15 2026-04-20T16:16:39Z 2026-04-20T16:16:39Z
suse-su-2026:1499-1 Security update for ncurses 2026-04-20T16:16:27Z 2026-04-20T16:16:27Z
ID Description Published Updated
alsa-2026:9135 Important: kernel-rt security update 2026-04-20T00:00:00Z 2026-04-21T08:48:27Z
alsa-2026:9131 Important: kernel security update 2026-04-20T00:00:00Z 2026-04-21T08:45:35Z
alsa-2026:8945 Important: freerdp security update 2026-04-20T00:00:00Z 2026-04-20T12:43:14Z
alsa-2026:8468 Important: .NET 8.0 security update 2026-04-16T00:00:00Z 2026-04-20T08:45:13Z
alsa-2026:8473 Important: .NET 10.0 security update 2026-04-16T00:00:00Z 2026-04-20T08:43:11Z
alsa-2026:8475 Important: .NET 9.0 security update 2026-04-16T00:00:00Z 2026-04-20T08:40:30Z
alsa-2026:8534 Important: libarchive security update 2026-04-16T00:00:00Z 2026-04-20T08:36:26Z
alsa-2026:8840 Important: go-rpm-macros security update 2026-04-20T00:00:00Z 2026-04-20T08:35:06Z
alsa-2026:8841 Important: go-rpm-macros security update 2026-04-20T00:00:00Z 2026-04-20T08:33:18Z
alsa-2026:8842 Important: delve security update 2026-04-20T00:00:00Z 2026-04-20T08:31:59Z
alsa-2026:8888 Important: openexr security update 2026-04-20T00:00:00Z 2026-04-20T08:30:11Z
alsa-2026:8858 Important: giflib security update 2026-04-20T00:00:00Z 2026-04-20T08:28:56Z
alsa-2026:8457 Important: freerdp security update 2026-04-16T00:00:00Z 2026-04-17T12:08:37Z
alsa-2026:8459 Important: thunderbird security update 2026-04-16T00:00:00Z 2026-04-17T12:06:47Z
alsa-2026:8469 Important: .NET 8.0 security update 2026-04-16T00:00:00Z 2026-04-17T11:12:30Z
alsa-2026:8510 Important: libarchive security update 2026-04-16T00:00:00Z 2026-04-17T11:10:09Z
alsa-2026:8458 Important: freerdp security update 2026-04-16T00:00:00Z 2026-04-17T09:35:48Z
alsa-2026:8470 Important: .NET 8.0 security update 2026-04-16T00:00:00Z 2026-04-17T09:34:29Z
alsa-2026:8472 Important: .NET 9.0 security update 2026-04-16T00:00:00Z 2026-04-17T09:30:19Z
alsa-2026:8492 Important: libarchive security update 2026-04-16T00:00:00Z 2026-04-17T09:27:24Z
alsa-2026:8339 Important: nodejs:20 security update 2026-04-15T00:00:00Z 2026-04-16T10:12:34Z
alsa-2026:8093 Moderate: pcs security update 2026-04-14T00:00:00Z 2026-04-16T10:10:22Z
alsa-2026:8312 Important: bind security update 2026-04-15T00:00:00Z 2026-04-16T10:09:13Z
alsa-2026:8317 Important: squid:4 security update 2026-04-15T00:00:00Z 2026-04-16T10:06:56Z
alsa-2026:8352 Important: bind security update 2026-04-15T00:00:00Z 2026-04-16T10:03:27Z
alsa-2026:8052 Important: firefox security update 2026-04-14T00:00:00Z 2026-04-15T13:12:54Z
alsa-2026:8259 Important: vim security update 2026-04-15T00:00:00Z 2026-04-15T10:37:43Z
alsa-2026:8096 Moderate: perl:5.32 security update 2026-04-14T00:00:00Z 2026-04-15T10:32:31Z
alsa-2026:7915 Important: bind9.18 security update 2026-04-13T00:00:00Z 2026-04-15T08:47:47Z
alsa-2026:7123 Important: nodejs:22 security update 2026-04-08T00:00:00Z 2026-04-15T08:45:14Z
ID Description Published Updated
hsec-2026-0006 Cabal deletes project source files during configure 2026-04-08T14:23:27Z 2026-04-08T14:23:27Z
hsec-2026-0004 Hackage package metadata stored XSS vulnerability 2026-03-28T16:05:12Z 2026-03-28T16:05:12Z
hsec-2026-0002 Hackage CSRF vulnerability 2026-03-28T16:04:58Z 2026-03-28T16:04:58Z
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-03 opam install sandbox escape 2026-04-15T22:00:00Z 2026-04-16T21:00:00Z
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
ID Description Published Updated
osv-2023-390 Heap-buffer-overflow in sdhci_write 2023-05-12T14:00:08.854823Z 2026-04-22T14:35:41.637005Z
osv-2022-581 Heap-buffer-overflow in megasas_map_sgl 2022-07-14T00:00:45.644503Z 2026-04-22T14:35:33.317656Z
osv-2021-820 UNKNOWN READ in virtio_gpu_disable_scanout 2021-06-02T00:00:31.619765Z 2026-04-22T14:32:37.244679Z
osv-2024-914 UNKNOWN READ in boost::re_detail_500::basic_regex_formatter<std::__1::ostream_iterator<char, cha 2024-08-16T00:08:20.277708Z 2026-04-22T14:19:19.643856Z
osv-2024-112 Stack-overflow in boost::read_graphviz_detail::parser::parse_subgraph 2024-02-16T00:05:47.896843Z 2026-04-22T14:15:49.542103Z
osv-2022-312 Heap-buffer-overflow in dhcp_reply 2022-04-07T00:00:40.457052Z 2026-04-22T14:08:42.726114Z
osv-2026-611 Heap-buffer-overflow in ParseOpaqueMetadata 2026-04-22T00:09:09.767586Z 2026-04-22T00:09:09.767978Z
osv-2026-610 Memcpy-param-overlap in htx_replace_blk_value 2026-04-22T00:07:53.902461Z 2026-04-22T00:07:53.902743Z
osv-2026-608 Stack-buffer-overflow in is_http 2026-04-22T00:04:16.715949Z 2026-04-22T00:04:16.716488Z
osv-2024-719 Heap-buffer-overflow in hevc_ref_pic_lists_modification 2024-08-07T00:05:22.699506Z 2026-04-21T14:21:22.256358Z
osv-2024-664 Heap-buffer-overflow in gf_dash_group_get_template 2024-07-18T00:13:55.576218Z 2026-04-21T14:20:24.483114Z
osv-2024-659 Index-out-of-bounds in gf_vvc_parse_nalu_bs 2024-07-18T00:01:18.765548Z 2026-04-21T14:20:20.228578Z
osv-2024-695 Stack-buffer-overflow in gf_vvc_parse_nalu_bs 2024-07-31T00:02:35.217594Z 2026-04-21T14:09:12.462576Z
osv-2026-603 UNKNOWN READ in <wasmtime::runtime::func::Func>::call_unchecked_raw::< 2026-04-21T00:05:37.586369Z 2026-04-21T00:05:37.586785Z
osv-2025-1059 Security exception in com.google.re2j.Machine.add 2026-01-18T00:02:23.827422Z 2026-04-20T14:15:42.315180Z
osv-2022-1235 Heap-buffer-overflow in _rrparse 2022-12-04T13:00:30.303410Z 2026-04-20T14:10:48.152964Z
osv-2022-652 Use-of-uninitialized-value in udiv 2022-07-29T00:02:04.321859Z 2026-04-20T14:10:26.566278Z
osv-2022-599 Use-of-uninitialized-value in mrb_bint_as_int 2022-07-20T00:00:11.865502Z 2026-04-20T14:10:24.129976Z
osv-2022-679 Heap-buffer-overflow in udiv 2022-08-07T00:01:59.645310Z 2026-04-20T14:06:31.342885Z
osv-2022-126 Heap-buffer-overflow in md_analyze_inlines 2022-02-07T00:00:05.720107Z 2026-04-20T14:05:37.342162Z
osv-2026-595 UNKNOWN WRITE in std::__1::istreambuf_iterator<char, std::__1::char_traits<char>> std::__1::num_g 2026-04-20T00:05:53.121612Z 2026-04-20T00:05:53.121886Z
osv-2026-589 Heap-double-free in coap_new_oscore_conf 2026-04-19T00:09:04.852781Z 2026-04-19T00:09:04.853106Z
osv-2022-360 Invalid-free in igl::MshLoader::~MshLoader 2022-04-20T00:01:28.065887Z 2026-04-18T14:16:11.274912Z
osv-2026-582 Use-of-uninitialized-value in H5S_select_hyperslab 2026-04-17T00:06:23.619732Z 2026-04-17T00:06:23.620035Z
osv-2024-698 Heap-use-after-free in xmlCharEncCloseFunc 2024-07-31T00:12:19.254629Z 2026-04-16T14:30:06.495743Z
osv-2021-777 Heap-use-after-free in xmlAddNextSibling 2021-05-20T00:00:30.166614Z 2026-04-16T14:20:10.040296Z
osv-2022-834 Heap-use-after-free in mk_event_timeout_destroy 2022-09-04T00:00:31.605787Z 2026-04-15T14:19:29.667112Z
osv-2022-1277 Heap-use-after-free in mk_event_timeout_destroy 2023-06-26T14:01:01.876870Z 2026-04-15T14:15:42.438884Z
osv-2022-150 Heap-buffer-overflow in coap_split_uri_sub 2022-02-14T00:00:50.308933Z 2026-04-14T14:11:39.559701Z
osv-2023-35 Heap-buffer-overflow in parse_classes_64 2023-01-29T13:01:45.762871Z 2026-04-13T14:21:54.947682Z
ID Description Published Updated
rustsec-2026-0106 Record cache accepts AUTHORITY section NS from sibling zone via parent-pool zone-context elevation 2026-04-22T12:00:00Z 2026-04-22T19:53:31Z
rustsec-2026-0105 core2 is unmaintained, all versions yanked 2026-04-14T12:00:00Z 2026-04-22T13:15:38Z
rustsec-2026-0104 Reachable panic in certificate revocation list parsing 2026-04-22T12:00:00Z 2026-04-22T08:56:10Z
rustsec-2026-0103 Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics 2026-04-14T12:00:00Z 2026-04-21T07:33:14Z
rustsec-2026-0097 Rand is unsound with a custom logger using `rand::rng()` 2026-04-09T12:00:00Z 2026-04-17T15:55:25Z
rustsec-2026-0102 `microsoftsystem64` was removed from crates.io for malicious code 2026-04-13T12:00:00Z 2026-04-15T21:38:09Z
rustsec-2026-0101 `safe-agent-rs` was removed from crates.io for being affiliated with malicious code 2026-04-13T12:00:00Z 2026-04-15T21:38:09Z
rustsec-2026-0100 `pretty-changelog-logger` was removed from crates.io for malicious code 2026-04-13T12:00:00Z 2026-04-15T21:38:09Z
rustsec-2026-0099 Name constraints were accepted for certificates asserting a wildcard name 2026-04-14T12:00:00Z 2026-04-15T09:57:12Z
rustsec-2026-0098 Name constraints for URI names were incorrectly accepted 2026-04-14T12:00:00Z 2026-04-15T07:36:20Z
rustsec-2025-0161 libsecp256k1 is unmaintained 2025-01-14T12:00:00Z 2026-04-14T11:24:03Z
rustsec-2026-0096 Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0095 Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0094 Improperly masked return value from `table.grow` with Winch compiler backend 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0093 Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0092 Panic when transcoding misaligned component model UTF-16 strings 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0091 Out-of-bounds write or crash when transcoding component model strings 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0090 Use-after-free bug after cloning `wasmtime::Linker` 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0089 Host panic when Winch compiler executes `table.fill` 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0088 Data leakage between pooling allocator instances 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0087 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0086 Host data leakage with 64-bit tables and Winch 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0085 Panic when lifting `flags` component value 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0084 `logprinter` was removed from crates.io for malicious code 2026-04-09T12:00:00Z 2026-04-09T11:23:07Z
rustsec-2026-0083 zantetsu-trainer is unmaintained 2026-04-07T12:00:00Z 2026-04-08T08:55:27Z
rustsec-2026-0082 zantetsu-ffi is unmaintained 2026-04-07T12:00:00Z 2026-04-08T08:55:27Z
rustsec-2026-0081 `logtrace` was removed from crates.io for malicious code 2026-04-05T12:00:00Z 2026-04-05T23:52:05Z
rustsec-2026-0080 Multiple soundness issues in `scaly` safe APIs 2026-01-19T12:00:00Z 2026-04-05T05:30:42Z
rustsec-2026-0079 `DynFuture` drop can construct a dangling reference 2026-01-21T12:00:00Z 2026-04-05T05:30:42Z
rustsec-2023-0125 Logs AWS credentials when TRACE-level logging is enabled 2023-04-19T12:00:00Z 2026-04-02T14:44:59Z
ID Description Published Updated
bit-python-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes 2026-04-23T08:52:48.858Z 2026-04-23T09:10:51.830Z
bit-libpython-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes 2026-04-23T08:44:10.229Z 2026-04-23T09:10:51.830Z
bit-kyverno-2026-40868 kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token 2026-04-23T08:41:53.633Z 2026-04-23T09:10:51.830Z
bit-kibana-2026-33461 Incorrect Authorization in Kibana Fleet Leading to Information Disclosure 2026-04-13T05:42:03.441Z 2026-04-23T09:10:51.830Z
bit-elk-2026-33461 Incorrect Authorization in Kibana Fleet Leading to Information Disclosure 2026-04-13T05:38:38.805Z 2026-04-23T09:10:51.830Z
bit-dotnet-2026-25667 2026-04-16T23:38:58.356Z 2026-04-23T09:10:51.830Z
bit-airflow-2026-25917 Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5) 2026-04-21T12:01:27.677Z 2026-04-23T09:10:51.830Z
bit-python-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF 2026-04-16T23:50:28.207Z 2026-04-22T09:10:06.651Z
bit-mlflow-2026-0545 Missing Authentication for Critical Function in mlflow/mlflow 2026-04-22T08:45:28.317Z 2026-04-22T09:10:06.651Z
bit-logstash-2026-33466 Improper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write 2026-04-13T05:42:10.653Z 2026-04-22T09:10:06.651Z
bit-libpython-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF 2026-04-16T23:43:06.028Z 2026-04-22T09:10:06.651Z
bit-kafka-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output 2026-04-22T08:40:42.095Z 2026-04-22T09:10:06.651Z
bit-kafka-2026-33557 Apache Kafka: Missing JWT token validation in OAUTHBEARER authentication 2026-04-22T08:40:40.515Z 2026-04-22T09:10:06.651Z
bit-vault-2026-5807 Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations 2026-04-21T12:15:58.123Z 2026-04-21T12:33:30.555Z
bit-vault-2026-5052 Vault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS 2026-04-21T12:15:56.307Z 2026-04-21T12:33:30.555Z
bit-vault-2026-4525 Vault Token Leaked to Backends via Authorization: Bearer Passthrough Header 2026-04-21T12:15:54.610Z 2026-04-21T12:33:30.555Z
bit-vault-2026-3605 Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service 2026-04-21T12:15:52.905Z 2026-04-21T12:33:30.555Z
bit-python-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure 2026-04-16T23:50:36.926Z 2026-04-21T12:33:30.555Z
bit-python-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() 2026-04-16T23:50:33.477Z 2026-04-21T12:33:30.555Z
bit-mlflow-2026-33866 Authorization Bypass in MLflow AJAX Endpoint 2026-04-21T12:08:47.512Z 2026-04-21T12:33:30.555Z
bit-mlflow-2026-33865 Stored XSS via unsafe YAML parsing in MLflow 2026-04-21T12:08:45.926Z 2026-04-21T12:33:30.555Z
bit-mlflow-2026-0596 Command Injection in mlflow/mlflow 2026-04-16T23:45:08.946Z 2026-04-21T12:33:30.555Z
bit-libpython-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure 2026-04-16T23:43:14.482Z 2026-04-21T12:33:30.555Z
bit-libpython-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() 2026-04-16T23:43:11.016Z 2026-04-21T12:33:30.555Z
bit-grafana-2026-21727 Grafana Correlations: Cross-Tenant Data Disclosure and Permanent Deletion via Legacy org_id=0 Record 2026-04-21T12:04:43.119Z 2026-04-21T12:33:30.555Z
bit-golang-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 2026-04-13T05:43:50.259Z 2026-04-21T12:33:30.555Z
bit-airflow-2026-32690 Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1 2026-04-21T12:01:40.542Z 2026-04-21T12:33:30.555Z
bit-airflow-2026-32228 Apache Airflow: Users with asset materialization permisssions could trigger Dags they had no access to 2026-04-21T12:01:39.199Z 2026-04-21T12:33:30.555Z
bit-airflow-2026-30912 Apache Airflow: Exposing stack trace in case of constraint error 2026-04-21T12:01:36.297Z 2026-04-21T12:33:30.555Z
bit-airflow-2026-30898 Apache Airflow: Bad example of BashOperator shell injection via dag_run.conf 2026-04-21T12:01:33.318Z 2026-04-21T12:33:30.555Z
ID Description Published Updated
cleanstart-2026-kx82113 In libexpat before 2 2026-04-23T00:37:25.300123Z 2026-04-22T09:49:02Z
cleanstart-2026-hm96194 In libexpat before 2 2026-04-23T00:37:25.660354Z 2026-04-22T09:49:02Z
cleanstart-2026-is05941 CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native 2026-04-23T00:39:55.461024Z 2026-04-22T06:13:27Z
cleanstart-2026-fo49462 Security fixes for ghsa-3xc5-wrhm-f963 applied in versions: 1.31.1-r0 2026-04-22T00:36:28.593230Z 2026-04-21T09:53:20Z
cleanstart-2026-kb76878 When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written 2026-04-22T00:39:59.241183Z 2026-04-21T09:47:18Z
cleanstart-2026-al68245 filippo 2026-04-22T00:37:28.755649Z 2026-04-21T09:29:42Z
cleanstart-2026-bb70412 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-22T00:41:59.291167Z 2026-04-21T09:28:36Z
cleanstart-2026-lf33811 In libexpat before 2 2026-04-22T00:40:28.653558Z 2026-04-21T09:26:32Z
cleanstart-2026-lt06489 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-22T00:37:51.095485Z 2026-04-21T07:42:07Z
cleanstart-2026-af45008 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers 2026-04-21T00:40:00.550928Z 2026-04-20T07:28:24Z
cleanstart-2026-ad31975 Security fixes for ghsa-72hv-8253-57qq, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.5.6-r3 2026-04-21T00:36:59.139031Z 2026-04-20T07:28:24Z
cleanstart-2026-dy53885 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-21T00:37:09.087233Z 2026-04-20T05:52:44Z
cleanstart-2026-dk70097 In libexpat before 2 2026-04-21T00:38:59.570153Z 2026-04-20T05:52:44Z
cleanstart-2026-cp08056 In libexpat before 2 2026-04-21T00:38:29.529453Z 2026-04-20T05:52:44Z
cleanstart-2026-mw34654 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-18T00:36:20.394488Z 2026-04-17T12:37:31Z
cleanstart-2026-js27352 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-18T00:36:20.590981Z 2026-04-17T12:37:31Z
cleanstart-2026-bc44092 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-18T00:36:20.226066Z 2026-04-17T12:37:31Z
cleanstart-2026-kf53276 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-17T00:38:05.902586Z 2026-04-16T05:00:01Z
cleanstart-2026-gw37659 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-17T00:38:05.744772Z 2026-04-16T05:00:01Z
cleanstart-2026-co09549 In libexpat before 2 2026-04-17T00:39:07.237615Z 2026-04-16T05:00:01Z
cleanstart-2026-ak18460 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-17T00:38:05.524563Z 2026-04-16T05:00:01Z
cleanstart-2026-mn70386 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-16T00:37:18.538311Z 2026-04-15T10:48:12Z
cleanstart-2026-io64153 In libexpat before 2 2026-04-16T00:38:53.556040Z 2026-04-15T10:48:12Z
cleanstart-2026-hh39661 In libexpat before 2 2026-04-16T00:38:49.545664Z 2026-04-15T10:48:12Z
cleanstart-2026-ez90321 Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s... 2026-04-16T00:40:49.655378Z 2026-04-15T10:23:29Z
cleanstart-2026-cf62516 Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s... 2026-04-16T00:42:51.354420Z 2026-04-15T10:18:15Z
cleanstart-2026-gn18755 gRPC-Go is the Go language implementation of gRPC 2026-04-16T00:38:55.766955Z 2026-04-15T10:06:08Z
cleanstart-2026-bh97849 gRPC-Go is the Go language implementation of gRPC 2026-04-16T00:46:20.819037Z 2026-04-15T10:00:00Z
cleanstart-2026-an01004 filippo 2026-04-16T00:44:50.314232Z 2026-04-15T09:36:13Z
cleanstart-2026-jz43336 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-16T00:45:49.932786Z 2026-04-15T09:24:00Z
ID Description Published Updated
drupal-contrib-2026-033 2026-04-22T17:47:43.000Z 2026-04-22T17:47:43.000Z
drupal-contrib-2026-032 2026-04-08T16:09:54.000Z 2026-04-10T16:51:06.000Z
drupal-contrib-2026-031 2026-04-01T16:38:14.000Z 2026-04-02T14:13:13.000Z
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-26T19:50:52.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-26T19:43:59.000Z
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ts-2026-001 TS-2026-001 2026-01-15T00:00
ts-2025-008 TS-2025-008 2025-11-19T00:00
ts-2025-007 TS-2025-007 2025-11-07T00:00
ts-2025-006 TS-2025-006 2025-10-28T00:00
ts-2025-005 TS-2025-005 2025-08-07T00:00
ts-2025-004 TS-2025-004 2025-05-27T00:00
ts-2025-003 TS-2025-003 2025-05-21T00:00
ts-2025-002 TS-2025-002 2025-05-15T00:00
ts-2025-001 TS-2025-001 2025-03-07T00:00
ts-2024-013 TS-2024-013 2024-12-04T00:00
ts-2024-012 TS-2024-012 2024-10-02T00:00
ts-2024-011 TS-2024-011 2024-07-22T00:00
ts-2024-010 TS-2024-010 2024-07-19T00:00
ts-2024-009 TS-2024-009 2024-06-27T00:00
ts-2024-008 TS-2024-008 2024-06-14T00:00
ts-2024-007 TS-2024-007 2024-06-12T00:00
ts-2024-006 TS-2024-006 2024-05-22T00:00
ts-2024-005 TS-2024-005 2024-05-08T00:00
ts-2024-004 TS-2024-004 2024-05-06T00:00
ts-2024-003 TS-2024-003 2024-04-23T00:00
ts-2024-002 TS-2024-002 2024-01-30T00:00
ts-2024-001 TS-2024-001 2024-01-08T00:00
ts-2023-009 TS-2023-009 2023-12-22T00:00
ts-2023-008 TS-2023-008 2023-11-01T00:00
ts-2023-007 TS-2023-007 2023-10-26T00:00
ts-2023-006 TS-2023-006 2023-08-22T00:00
ts-2023-005 TS-2023-005 2023-04-28T00:00
ts-2023-004 TS-2023-004 2023-04-04T00:00
ts-2023-003 TS-2023-003 2023-03-22T00:00
ts-2023-002 TS-2023-002 2023-01-24T00:00
ID Description Published Updated
certfr-2026-ale-003 Note d’alerte – Ciblage des messageries instantanées 2026-03-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-ale-004 Vulnérabilité dans F5 BIG-IP Access Policy Manager 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-ale-002 [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2025-ale-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2026-ale-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2025-ale-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0480 Multiples vulnérabilités dans les produits Mozilla 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0479 Multiples vulnérabilités dans les produits Atlassian 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0478 Vulnérabilité dans Microsoft .Net 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0477 Multiples vulnérabilités dans les produits Spring 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0476 Multiples vulnérabilités dans les produits NetApp 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0475 Multiples vulnérabilités dans GitLab 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0474 Vulnérabilité dans Python 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0473 Multiples vulnérabilités dans Oracle Weblogic 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0472 Multiples vulnérabilités dans Oracle Virtualization 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0471 Multiples vulnérabilités dans Oracle Systems 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0470 Multiples vulnérabilités dans Oracle PeopleSoft 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0469 Multiples vulnérabilités dans Oracle MySQL 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0468 Multiples vulnérabilités dans Oracle Java SE 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0467 Multiples vulnérabilités dans Oracle Database Server 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0466 Multiples vulnérabilités dans les produits Microsoft 2026-04-21T00:00:00.000000 2026-04-21T00:00:00.000000
certfr-2026-avi-0465 Vulnérabilité dans Mattermost Server 2026-04-21T00:00:00.000000 2026-04-21T00:00:00.000000
certfr-2026-avi-0464 Vulnérabilité dans Typo3 2026-04-21T00:00:00.000000 2026-04-21T00:00:00.000000
certfr-2026-avi-0463 Multiples vulnérabilités dans les produits Microsoft 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0462 Multiples vulnérabilités dans Microsoft Edge 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0461 Multiples vulnérabilités dans Apache Kafka 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0460 Vulnérabilité dans Xen 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0459 Vulnérabilité dans Mattermost Server 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0458 Vulnérabilité dans les produits Moxa 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0457 Multiples vulnérabilités dans Spring Framework 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0243 Vulnérabilité dans SPIP 2026-03-06T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-avi-0456 Multiples vulnérabilités dans les produits Microsoft 2026-04-17T00:00:00.000000 2026-04-17T00:00:00.000000
certfr-2026-avi-0455 Multiples vulnérabilités dans IBM QRadar 2026-04-17T00:00:00.000000 2026-04-17T00:00:00.000000
certfr-2026-avi-0454 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-04-17T00:00:00.000000 2026-04-17T00:00:00.000000
certfr-2026-avi-0453 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-04-17T00:00:00.000000 2026-04-17T00:00:00.000000
certfr-2026-avi-0452 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-04-17T00:00:00.000000 2026-04-17T00:00:00.000000
ID Description Published Updated
jvndb-2026-000064 GROWI vulnerable to Regular expression Denial-of-Service (ReDoS) 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000063 IP Setting Software may insecurely load Dynamic Link Libraries 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000062 CMS ALAYA vulnerable to SQL injection 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000059 Multiple vulnerabilities in LogonTracer 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000061 Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries 2026-04-22T15:45+09:00 2026-04-22T15:45+09:00
jvndb-2026-000060 DeepL Chrome browser extension vulnerable to cross-site scripting 2026-04-22T15:45+09:00 2026-04-22T15:45+09:00
jvndb-2026-000058 Ziostation2 vulnerable to path traversal 2026-04-22T15:45+09:00 2026-04-22T15:45+09:00
jvndb-2026-012056 Multiple vulnerabilities in silex technology SD-330AC and AMC Manager 2026-04-21T15:27+09:00 2026-04-21T15:27+09:00
jvndb-2026-000051 SKYSEA Client View and SKYMEC IT Manager improper file access permission settings 2026-04-20T14:47+09:00 2026-04-20T14:47+09:00
jvndb-2026-011472 OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries 2026-04-17T14:54+09:00 2026-04-17T14:54+09:00
jvndb-2026-000057 Multiple vulnerabilities in CubeCart 2026-04-17T13:32+09:00 2026-04-17T13:32+09:00
jvndb-2026-000056 Arcserve UDP Console vulnerable to redirect to a dummy URL 2026-04-16T17:29+09:00 2026-04-16T17:29+09:00
jvndb-2026-000055 GROWI vulnerable to stored cross-site scripting 2026-04-15T17:21+09:00 2026-04-15T17:21+09:00
jvndb-2026-010851 Stack-based buffer overflow vulnerability in Dynabook Bluetooth ACPI Drivers 2026-04-14T18:13+09:00 2026-04-14T18:13+09:00
jvndb-2026-000053 EmoCheck loads Dynamic Link Libraries insecurely 2026-04-10T13:38+09:00 2026-04-10T13:38+09:00
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-04-09T13:55+09:00
jvndb-2026-000052 Multiple vulnerabilities in MATCHA series 2026-04-08T16:15+09:00 2026-04-08T16:15+09:00
jvndb-2026-000050 Multiple vulnerabilities in Movable Type 2026-04-08T16:15+09:00 2026-04-08T16:15+09:00
jvndb-2026-010301 Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-010300 Multiple Vulnerabilities in Hitachi Ops Center Viewpoint 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-010299 Multiple Vulnerabilities in Hitachi Ops Center Common Services 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-009720 Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) 2026-04-02T14:58+09:00 2026-04-03T15:50+09:00
jvndb-2026-000049 Multiple vulnerabilities in NEC Aterm series (NV26-001) 2026-04-03T15:09+09:00 2026-04-03T15:09+09:00
jvndb-2026-009412 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009411 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009410 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009409 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009408 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009406 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009147 Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2026-03-27T18:18+09:00 2026-03-27T18:18+09:00
ID Description Published Updated
cnvd-2026-17803 Cisco Unity Connection Web管理界面SQL注入漏洞 2026-04-16 2026-04-17
cnvd-2026-17802 Cisco Webex Contact Center桌面代理跨站脚本漏洞 2026-04-16 2026-04-17
cnvd-2026-17658 D-Link DI-8003和DI-8003G缓冲区溢出漏洞 2026-04-16 2026-04-17
cnvd-2026-17657 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17657) 2026-04-16 2026-04-17
cnvd-2026-17656 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17656) 2026-04-16 2026-04-17
cnvd-2026-17655 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17655) 2026-04-16 2026-04-17
cnvd-2026-17654 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17654) 2026-04-16 2026-04-17
cnvd-2026-17652 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17652) 2026-04-16 2026-04-17
cnvd-2026-17650 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17650) 2026-04-16 2026-04-17
cnvd-2026-17648 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17648) 2026-04-16 2026-04-17
cnvd-2026-17643 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17643) 2026-04-16 2026-04-17
cnvd-2026-17638 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17638) 2026-04-16 2026-04-17
cnvd-2026-17635 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17635) 2026-04-16 2026-04-17
cnvd-2026-17634 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17634) 2026-04-16 2026-04-17
cnvd-2026-17633 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17633) 2026-04-16 2026-04-17
cnvd-2026-17632 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17632) 2026-04-16 2026-04-17
cnvd-2026-17631 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17631) 2026-04-16 2026-04-17
cnvd-2026-17630 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17630) 2026-04-16 2026-04-17
cnvd-2026-17628 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17628) 2026-04-16 2026-04-17
cnvd-2026-17627 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17627) 2026-04-16 2026-04-17
cnvd-2026-17624 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17624) 2026-04-16 2026-04-17
cnvd-2026-17623 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17623) 2026-04-16 2026-04-17
cnvd-2026-17622 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17622) 2026-04-16 2026-04-17
cnvd-2026-17537 D-Link DI-8003缓冲区溢出漏洞(CNVD-2026-17537) 2026-04-16 2026-04-17
cnvd-2026-17494 WordPress插件Atarim存在未明漏洞 2026-03-19 2026-04-16
cnvd-2026-17493 Microsoft Edge (Chromium-based) for Android欺骗漏洞(CNVD-2026-17493) 2026-03-19 2026-04-16
cnvd-2026-17492 IBM Aspera Console拒绝服务漏洞 2026-03-19 2026-04-16
cnvd-2026-17491 IBM Aspera Console信息泄露漏洞(CNVD-2026-17491) 2026-03-19 2026-04-16
cnvd-2026-17490 MailEnable StartDate参数跨站脚本漏洞 2026-03-26 2026-04-16
cnvd-2026-17489 MailEnable SelectedIndex参数跨站脚本漏洞 2026-03-26 2026-04-16
ID Description Published Updated
bdu:2026-01844 Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… 16.02.2026 16.02.2026
bdu:2026-01843 Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… 16.02.2026 16.02.2026
bdu:2026-01842 Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … 16.02.2026 16.02.2026
bdu:2026-01841 Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… 16.02.2026 16.02.2026
bdu:2026-01840 Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… 16.02.2026 16.02.2026
bdu:2026-01839 Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… 16.02.2026 16.02.2026
bdu:2026-01838 Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… 16.02.2026 16.02.2026
bdu:2026-01837 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01836 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01835 Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… 16.02.2026 16.02.2026
bdu:2026-01834 Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… 16.02.2026 16.02.2026
bdu:2026-01833 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01832 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01831 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01830 Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… 16.02.2026 16.02.2026
bdu:2026-01829 Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… 16.02.2026 16.02.2026
bdu:2026-01828 Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… 16.02.2026 16.02.2026
bdu:2026-01827 Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… 16.02.2026 16.02.2026
bdu:2026-01826 Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… 16.02.2026 16.02.2026
bdu:2026-01825 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01824 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01823 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01822 Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… 16.02.2026 16.02.2026
bdu:2026-01821 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01820 Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … 16.02.2026 16.02.2026
bdu:2026-01819 Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… 16.02.2026 16.02.2026
bdu:2026-01818 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01817 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01816 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01815 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications … 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monter… 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includ… 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2026-023 Phoenix Contact: Several products are affected by vulnerabilities found in OpenSSL 2026-04-22T08:00:00.000Z 2026-04-22T08:00:00.000Z
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2018-003 PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities 2018-03-23T09:43:00.000Z 2025-10-01T08:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2019-015 PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers 2019-08-07T00:00:00.000Z 2025-07-11T07:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2020-002 PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks 2020-02-25T09:07:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
ID Description Published Updated
advisory2026-04_vde-2026-040 CODESYS EtherNetIP - Improper timeout handling 2026-04-23T12:00:00.000Z 2026-04-23T12:00:00.000Z
advisory2026-03_vde-2026-018 CODESYS Control V3 - Externally-controlled format string in Auditlog 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-02_vde-2026-011 CODESYS Control V3 - Untrusted boot application 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-030 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-04-02T11:00:00.000Z 2026-04-02T11:00:00.000Z
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
ID Description Published Updated
vde-2026-015 Helmholz: Use of a Broken or Risky Cryptographic Algorithm 2026-04-21T10:00:00.000Z 2026-04-21T12:00:00.000Z
vde-2026-043 Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual 2026-04-13T11:00:00.000Z 2026-04-13T11:00:00.000Z
vde-2026-013 Helmholz: Use of a Broken or Risky Cryptographic Algorithm 2026-04-07T08:00:00.000Z 2026-04-07T08:00:00.000Z
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI – devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
ID Description Published Updated
ppsa-2026-002 Pilz: Vulnerability affecting PASvisu Runtime 2026-04-23T12:00:00.000Z 2026-04-23T12:00:00.000Z
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
ID Description Published Updated
vde-2024-008 Wago: Vulnerability in WBM through Open VPN 2026-04-08T07:00:00.000Z 2026-04-08T07:00:00.000Z
vde-2026-021 WAGO: Multiple Vulnerabilities in WAGO VC Hub 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-010 WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2018-013 WAGO: 750-8xx Controller Denial of Service 2018-08-17T09:45:00.000Z 2025-09-22T10:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-011 WAGO: Multiple Vulnerabilities in I/O-Check Service 2020-03-09T09:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-009 WAGO: e!Cockpit Two Update Package Vulnerabilities 2020-03-09T09:18:00.000Z 2025-05-22T13:03:10.000Z
vde-2018-010 WAGO: Multiple vulnerabilities in e!DISPLAY products 2018-07-10T09:50:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-024 Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2026-032 Endress+Hauser: sudo vulnerability affects Endress+Hauser MCS200HW 2026-04-21T07:00:00.000Z 2026-04-21T07:00:00.000Z
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2026-04-02T10:00:00.000Z
vde-2026-003 Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime 2026-03-31T08:00:00.000Z 2026-04-01T11:00:00.000Z
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-029 METTLER TOLEDO: OpenSSL vulnerability in MX and MR balances 2026-04-23T10:00:00.000Z 2026-04-23T10:00:00.000Z
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0025
6.9 (4.0)
RansomLook - Improper Filtering of Private Location En… ransomlook
 ransomlook
 2026-04-12T15:22:00.000Z 2026-04-15T20:29:51.794609Z
GCVE-1-2026-0024
8.8 (4.0)
LDAP injection in MISP ApacheAuthenticate when using a… misp
 misp
 2026-04-08T08:28:00.000Z 2026-04-09T04:44:04.936665Z
GCVE-1-2026-0023
8.5 (4.0)
Stored XSS in modal item preview for long item content… ail-project
 ail-framework
 2026-04-07T06:29:00.000Z 2026-04-08T04:22:15.084342Z
GCVE-1-2026-0022
6.4 (4.0)
MISP - Beta Overmind UI Stored Cross-Site Scripting in… misp
 misp
 2026-03-30T09:48:36.968649Z 2026-03-30T09:48:36.968649Z
GCVE-1-2026-0021
10 (4.0)
Critical RCE Vulnerability reported in Windchill windchill
 FlexPLM
 2026-03-23T12:30:40.249187Z 2026-03-23T12:30:40.249187Z
GCVE-1-2026-0020
10 (4.0)
Remote Code Execution Attack Against Eircom D1000 Router Eir
 D1000
 2026-03-11T14:12:00.000Z 2026-03-11T14:23:24.609831Z
GCVE-1-2026-0019
6.4 (4.0)
Improper URL validation in MISP dashboard button widge… misp
 misp
 2026-02-27T14:55:00.000Z 2026-02-27T15:44:29.998063Z
GCVE-1-2026-0018
6.5 (4.0)
Improper access control in MISP user contact form allo… misp
 misp
 2026-02-27T13:25:32.632362Z 2026-02-27T13:25:32.632362Z
GCVE-1-2026-0017
7.2 (4.0)
Improper Neutralization of Raw HTML in MISP modules Ma… misp
 misp-modules
 2026-02-27T13:10:24.641948Z 2026-02-27T13:10:24.641948Z
GCVE-1-2026-0016
7 (4.0)
Server-Side Request Forgery via Event Report Import Fr… misp
 misp
 2026-02-27T10:56:32.745676Z 2026-02-27T10:56:32.745676Z
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDA… fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifi… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Rese… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enum… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet … EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer ha… EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer ne… EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authentication… gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encry… cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model A… cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlle… cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URL… misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)… typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identif… misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was id… misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Du… misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectin… Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z