Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-25603 |
6.6 (3.1)
|
Path Traversal vulnerability in Linksys MR9600, Linksy… |
Linksys |
MR9600 |
2026-02-24T17:14:36.141Z | 2026-02-24T18:13:33.449Z |
| CVE-2026-27468 |
4.8 (4.0)
|
Mastodon may allow unconfirmed FASP to make subscriptions |
mastodon |
mastodon |
2026-02-24T17:12:40.349Z | 2026-02-24T17:12:40.349Z |
| CVE-2025-14963 |
6.2 (4.0)
|
A vulnerability identified in the Trellix HX Agen… |
Trellix |
Endpoint HX Agent (xAgent) |
2026-02-24T17:11:06.812Z | 2026-02-25T04:56:07.350Z |
| CVE-2026-27156 |
6.1 (3.1)
|
NiceGUI has XSS via Code Injection |
zauberzeug |
nicegui |
2026-02-24T17:00:21.628Z | 2026-02-24T17:00:21.628Z |
| CVE-2025-62512 |
5.5 (4.0)
|
Piwigo Vulnerable to User Enumeration via Password Res… |
Piwigo |
Piwigo |
2026-02-24T16:43:28.919Z | 2026-02-24T16:43:28.919Z |
| CVE-2024-48928 |
2.7 (4.0)
|
Piwigo's secret key can be brute forced |
Piwigo |
Piwigo |
2026-02-24T16:39:56.944Z | 2026-02-24T16:39:56.944Z |
| CVE-2026-27590 |
8.9 (4.0)
|
Caddy: Unicode case-folding length expansion causes in… |
caddyserver |
caddy |
2026-02-24T16:33:41.353Z | 2026-02-24T16:33:41.353Z |
| CVE-2026-27589 |
6.9 (4.0)
|
Caddy vulnerable to cross-origin config application vi… |
caddyserver |
caddy |
2026-02-24T16:30:52.016Z | 2026-02-24T16:31:35.510Z |
| CVE-2026-27588 |
7.7 (4.0)
|
Caddy: MatchHost becomes case-sensitive for large host… |
caddyserver |
caddy |
2026-02-24T16:28:28.106Z | 2026-02-24T16:28:28.106Z |
| CVE-2026-27587 |
7.7 (4.0)
|
Caddy: MatchPath %xx (escaped-path) branch skips case … |
caddyserver |
caddy |
2026-02-24T16:26:40.222Z | 2026-02-24T16:26:40.222Z |
| CVE-2026-27586 |
8.8 (4.0)
|
Caddy's mTLS client authentication silently fails open… |
caddyserver |
caddy |
2026-02-24T16:08:20.569Z | 2026-02-24T16:08:20.569Z |
| CVE-2026-27585 |
6.9 (4.0)
|
Caddy's improper sanitization of glob characters in fi… |
caddyserver |
caddy |
2026-02-24T16:06:05.030Z | 2026-02-24T16:06:05.030Z |
| CVE-2026-27571 |
5.9 (3.1)
|
nats-server websockets are vulnerable to pre-auth memory DoS |
nats-io |
nats-server |
2026-02-24T15:59:17.926Z | 2026-02-24T15:59:17.926Z |
| CVE-2025-13776 |
8.6 (4.0)
|
Hard-coded database credentials in Finka software |
TIK-SOFT |
Finka-FK |
2026-02-24T15:58:30.096Z | 2026-02-24T15:58:30.096Z |
| CVE-2025-47904 |
5.7 (4.0)
|
Unsigned upgrade package |
Microchip |
Time Provider 4100 |
2026-02-24T15:34:20.905Z | 2026-02-24T15:34:20.905Z |
| CVE-2026-27521 |
6.9 (4.0)
6.5 (3.1)
|
Binardat 10G08-0800GSM Network Switch Missing Login Ra… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:08:14.170Z | 2026-02-24T15:08:14.170Z |
| CVE-2026-27520 |
8.7 (4.0)
7.5 (3.1)
|
Binardat 10G08-0800GSM Network Switch Base64-encoded P… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:07:41.085Z | 2026-02-24T15:07:41.085Z |
| CVE-2026-27519 |
8.7 (4.0)
7.5 (3.1)
|
Binardat 10G08-0800GSM Network Switch Hard-coded RC4 E… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:07:10.410Z | 2026-02-24T15:07:10.410Z |
| CVE-2026-27518 |
5.1 (4.0)
4.3 (3.1)
|
Binardat 10G08-0800GSM Network Switch CSRF |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:06:39.513Z | 2026-02-24T15:06:39.513Z |
| CVE-2026-27517 |
5.1 (4.0)
5.4 (3.1)
|
Binardat 10G08-0800GSM Network Switch XSS |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:06:08.974Z | 2026-02-24T15:06:08.974Z |
| CVE-2026-27516 |
8.6 (4.0)
8.1 (3.1)
|
Binardat 10G08-0800GSM Network Switch Plaintext Passwo… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:05:12.384Z | 2026-02-24T15:05:12.384Z |
| CVE-2026-27515 |
9.3 (4.0)
9.1 (3.1)
|
Binardat 10G08-0800GSM Network Switch Predictable Sess… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:04:41.427Z | 2026-02-24T15:04:41.427Z |
| CVE-2026-27507 |
9.3 (4.0)
9.8 (3.1)
|
Binardat 10G08-0800GSM Network Switch Hard-coded Credentials |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:04:16.616Z | 2026-02-24T15:04:16.616Z |
| CVE-2026-23678 |
8.7 (4.0)
8.8 (3.1)
|
Binardat 10G08-0800GSM Network Switch Traceroute CLI C… |
Binardat Ltd. |
10G08-0800GSM Network Switch |
2026-02-24T15:03:35.734Z | 2026-02-24T15:03:49.724Z |
| CVE-2026-27584 |
9.2 (4.0)
|
ActualBudget server is Missing Authentication for Simp… |
actualbudget |
actual |
2026-02-24T14:59:21.175Z | 2026-02-24T14:59:21.175Z |
| CVE-2026-0402 |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerab… |
SonicWall |
SonicOS |
2026-02-24T14:58:37.608Z | 2026-02-24T15:33:50.674Z |
| CVE-2026-27732 |
8.6 (4.0)
|
AVideo has Authenticated Server-Side Request Forgery v… |
WWBN |
AVideo |
2026-02-24T14:56:55.372Z | 2026-02-24T14:56:55.372Z |
| CVE-2026-0401 |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vu… |
SonicWall |
SonicOS |
2026-02-24T14:55:57.545Z | 2026-02-24T15:34:30.604Z |
| CVE-2026-0400 |
4.9 (3.1)
|
A post-authentication Format String vulnerability… |
SonicWall |
SonicOS |
2026-02-24T14:54:15.394Z | 2026-02-24T15:35:10.650Z |
| CVE-2026-27568 |
5.1 (4.0)
|
AVideo has Stored Cross-Site Scripting via Markdown Co… |
WWBN |
AVideo |
2026-02-24T14:53:20.826Z | 2026-02-24T14:53:20.826Z |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-xqx8-2c6c-9g3g |
4.9 (3.1)
|
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-v5qr-j3c6-xxx2 |
|
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cste… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-pr9m-7cjw-258w |
4.9 (3.1)
|
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-pq5g-x5q3-3g25 |
4.9 (3.1)
|
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management … | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-mr6q-w873-6jfr |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function Se… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-6pf6-w4c2-rx3f |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code o… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-58j5-qr69-3544 |
6.8 (3.1)
|
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user aut… | 2026-02-24T15:30:33Z | 2026-02-24T15:30:33Z |
| ghsa-3q93-28v9-5x6v |
4.9 (3.1)
|
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a fi… | 2026-02-24T15:30:33Z | 2026-02-24T18:31:02Z |
| ghsa-xchm-7954-5wvg |
|
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-wcpx-2xqg-ff43 |
|
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-vxjv-c6cq-74m6 |
|
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-q6rm-rhj9-jpg5 |
|
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148 and Fi… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-p9gc-q2gc-jc6r |
4.2 (3.1)
|
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-p4fg-vw73-vr29 |
|
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-m8jj-q5xq-4qhp |
|
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This v… | 2026-02-24T15:30:32Z | 2026-02-24T15:30:32Z |
| ghsa-jvc5-7j9r-q4m6 |
|
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 14… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-hwjj-g6g7-p8cf |
|
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-hjq8-wc3q-9xf3 |
|
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, F… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-h79p-mfpr-8qm4 |
|
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firef… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-h4vm-j32v-95qm |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-gvhp-5j8m-528x |
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-gjwv-rvwj-p62j |
|
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-g9cv-cvhp-755f |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-fvj5-5qvq-g8wf |
8.8 (3.1)
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T21:31:45Z |
| ghsa-cgrc-pwqf-64v8 |
|
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c5fj-xq9f-fjxm |
|
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148 and Fir… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-c3q8-4689-m4p6 |
|
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-94rx-4fcc-c849 |
|
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ghsa-8g7m-g6r7-rqcp |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148. | 2026-02-24T15:30:32Z | 2026-02-24T18:31:02Z |
| ghsa-839v-3vpr-fpgf |
|
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148 and Fire… | 2026-02-24T15:30:32Z | 2026-02-24T18:31:01Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-182 |
|
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive… | apache-airflow | 2024-11-15T09:15:14+00:00 | 2025-01-19T04:22:59.398988+00:00 |
| pysec-2024-204 |
8.1 (3.1)
|
TorchGeo Remote Code Execution Vulnerability | torchgeo | 2024-11-12T18:15:45+00:00 | 2025-01-19T19:19:01.299352+00:00 |
| pysec-2024-231 |
8.1 (3.1)
|
LightGBM Remote Code Execution Vulnerability | lightgbm | 2024-11-12T18:15:28+00:00 | 2025-02-15T07:20:34.246161+00:00 |
| pysec-2024-238 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-11-06T15:15:11+00:00 | 2025-04-08T10:23:23.857960+00:00 |
| pysec-2024-183 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-11-06T15:15:11+00:00 | 2025-01-19T04:22:59.576907+00:00 |
| pysec-2024-202 |
6.5 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-11-05T19:15:07+00:00 | 2025-01-19T16:22:59.212853+00:00 |
| pysec-2024-201 |
6.1 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-11-05T19:15:05+00:00 | 2025-01-19T16:22:59.154645+00:00 |
| pysec-2024-115 |
9.8 (3.1)
|
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain-community versi… | langchain | 2024-11-05T16:04:14Z | 2024-11-12T19:19:57.535206Z |
| pysec-2024-259 |
9.8 (3.1)
|
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-211 |
7.5 (3.1)
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote clien… | waitress | 2024-10-29T15:15:12+00:00 | 2025-01-19T19:19:01.852094+00:00 |
| pysec-2024-210 |
4.8 (3.1)
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may… | waitress | 2024-10-29T15:15:11+00:00 | 2025-01-19T19:19:01.811922+00:00 |
| pysec-2024-119 |
7.5 (3.1)
|
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Ser… | chuanhuchatgpt | 2024-10-29T13:15:00+00:00 | 2024-11-04T22:22:08.835024+00:00 |
| pysec-2024-116 |
9.0 (3.1)
|
A vulnerability in the discussion image upload function of the Lollms application, versio… | lollms | 2024-10-29T13:15:00+00:00 | 2024-11-01T21:22:09.060172+00:00 |
| pysec-2024-114 |
9.8 (3.1)
|
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.… | langchain | 2024-10-29T13:15:00Z | 2024-11-04T19:21:44.923698Z |
| pysec-2024-113 |
4.3 (3.1)
|
In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /f… | chuanhuchatgpt | 2024-10-29T13:15:00+00:00 | 2024-10-31T19:20:49.353218+00:00 |
| pysec-2024-112 |
7.5 (3.1)
|
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 2024062… | chuanhuchatgpt | 2024-10-29T13:15:00+00:00 | 2024-10-31T19:20:49.309758+00:00 |
| pysec-2024-111 |
9.1 (3.1)
|
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha… | langchain | 2024-10-29T13:15:00Z | 2025-05-02T18:39:47.588215Z |
| pysec-2024-191 |
5.5 (3.1)
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2024-10-24T22:15:04+00:00 | 2025-01-19T10:22:29.812605+00:00 |
| pysec-2024-120 |
7.8 (3.1)
|
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the Call… | pyassimp | 2024-10-24T21:15:00+00:00 | 2024-11-05T20:22:53.185968+00:00 |
| pysec-2024-248 |
7.8 (3.1)
|
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its … | opencanary | 2024-10-14T21:15:12+00:00 | 2025-05-16T14:23:05.150356+00:00 |
| pysec-2024-122 |
4.4 (3.1)
|
A path traversal vulnerability exists in the api open_personality_folder endpoint of pari… | lollms | 2024-10-11T16:15:00+00:00 | 2024-11-15T20:23:01.816492+00:00 |
| pysec-2024-220 |
5.4 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.972580+00:00 |
| pysec-2024-219 |
9.1 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.897787+00:00 |
| pysec-2024-218 |
8.1 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:03+00:00 | 2025-01-19T22:22:23.803143+00:00 |
| pysec-2024-217 |
7.5 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This is a **data … | gradio | 2024-10-10T23:15:02+00:00 | 2025-01-19T22:22:23.723816+00:00 |
| pysec-2024-216 |
7.5 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:02+00:00 | 2025-01-19T22:22:23.549944+00:00 |
| pysec-2024-199 |
3.7 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T23:15:02+00:00 | 2025-01-19T16:22:57.938459+00:00 |
| pysec-2024-215 |
9.8 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:11+00:00 | 2025-01-19T22:22:23.471780+00:00 |
| pysec-2024-198 |
4.3 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:11+00:00 | 2025-01-19T16:22:57.845317+00:00 |
| pysec-2024-214 |
5.4 (3.1)
|
Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 2024-10-10T22:15:10+00:00 | 2025-01-19T22:22:23.399444+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-932 | Malicious code in easyreg (PyPI) | 2026-02-17T23:17:30Z | 2026-02-18T00:36:33Z |
| mal-2026-933 | Malicious code in pywin-simple-gui (PyPI) | 2026-02-17T23:14:17Z | 2026-02-17T23:14:17Z |
| mal-2026-931 | Malicious code in telebot-infe (PyPI) | 2026-02-17T20:36:23Z | 2026-02-17T20:45:24Z |
| mal-2026-930 | Malicious code in telebot-info (PyPI) | 2026-02-17T20:18:25Z | 2026-02-17T21:16:32Z |
| mal-2026-929 | Malicious code in vds-monarch (npm) | 2026-02-17T15:55:37Z | 2026-02-23T04:21:36Z |
| mal-2026-944 | Malicious code in realestate-ask (npm) | 2026-02-17T10:30:44Z | 2026-02-23T04:21:35Z |
| mal-2026-928 | Malicious code in polyutil (PyPI) | 2026-02-17T04:31:14Z | 2026-02-17T04:31:14Z |
| mal-2026-927 | Malicious code in polyclawd (PyPI) | 2026-02-16T23:40:13Z | 2026-02-16T23:40:13Z |
| mal-2026-922 | Malicious code in compass-e2e-tests (npm) | 2026-02-16T19:55:51Z | 2026-02-23T04:21:32Z |
| mal-2026-921 | Malicious code in cicibot-fix-message-naming (PyPI) | 2026-02-16T17:55:41Z | 2026-02-19T22:47:48Z |
| mal-2026-920 | Malicious code in ambar-src (npm) | 2026-02-16T17:03:16Z | 2026-02-23T04:21:31Z |
| mal-2026-919 | Malicious code in mds-webcomponents (npm) | 2026-02-16T15:20:34Z | 2026-02-23T04:21:34Z |
| mal-2026-918 | Malicious code in webpack-vite (npm) | 2026-02-16T15:03:26Z | 2026-02-23T04:21:36Z |
| mal-2026-917 | Malicious code in aliyun-python-sdk-v2 (PyPI) | 2026-02-16T11:28:09Z | 2026-02-16T11:28:09Z |
| mal-2026-916 | Malicious code in alibabacloude (PyPI) | 2026-02-16T11:20:53Z | 2026-02-16T11:20:53Z |
| mal-2026-915 | Malicious code in alibabacloud-code-tool (PyPI) | 2026-02-16T11:19:13Z | 2026-02-16T11:19:13Z |
| mal-2026-914 | Malicious code in @qualys/react-web (npm) | 2026-02-16T08:50:48Z | 2026-02-23T04:21:31Z |
| mal-2026-913 | Malicious code in groq-ppe-pkg (PyPI) | 2026-02-16T07:09:54Z | 2026-02-16T07:09:54Z |
| mal-2026-912 | Malicious code in http-request-toolkit (PyPI) | 2026-02-16T07:03:21Z | 2026-02-16T07:03:21Z |
| mal-2026-911 | Malicious code in malpkgv2-0 (PyPI) | 2026-02-16T00:00:09Z | 2026-02-16T00:00:09Z |
| mal-2026-910 | Malicious code in dns-execution-test (PyPI) | 2026-02-15T23:20:54Z | 2026-02-17T11:48:47Z |
| mal-2026-909 | Malicious code in clawdist (PyPI) | 2026-02-15T21:58:17Z | 2026-02-15T22:44:50Z |
| mal-2026-943 | Malicious code in ethereums-lint (npm) | 2026-02-15T16:24:02Z | 2026-02-23T04:21:32Z |
| mal-2026-942 | Malicious code in ethereum-lint (npm) | 2026-02-15T16:20:05Z | 2026-02-23T04:21:32Z |
| mal-2026-908 | Malicious code in hops-preset-jest (npm) | 2026-02-15T15:57:34Z | 2026-02-23T04:21:33Z |
| mal-2026-907 | Malicious code in tronpad (PyPI) | 2026-02-15T15:24:18Z | 2026-02-15T15:24:18Z |
| mal-2026-906 | Malicious code in cucumber_json_schema (RubyGems) | 2026-02-15T14:20:25Z | 2026-02-15T14:20:25Z |
| mal-2026-905 | Malicious code in marshmellows (PyPI) | 2026-02-15T09:25:56Z | 2026-02-19T22:47:48Z |
| mal-2026-904 | Malicious code in strands-agents-anthropic (PyPI) | 2026-02-15T07:34:00Z | 2026-02-15T07:34:00Z |
| mal-2026-903 | Malicious code in requests-toolkit (PyPI) | 2026-02-15T00:02:57Z | 2026-02-15T00:02:57Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-golang-2025-61726 | Memory exhaustion in query parameter parsing in net/url | 2026-01-31T08:43:29.079Z | 2026-01-31T09:09:11.750Z |
| bit-mastodon-2026-23964 | Mastodon has insufficient access control to push notification settings | 2026-01-31T08:43:24.123Z | 2026-02-03T09:12:55.720Z |
| bit-discourse-2026-23743 | Discourse allows permalinks to restricted resources to leak resource slugs to unauthorized users | 2026-01-31T08:42:04.050Z | 2026-01-31T09:09:11.750Z |
| bit-gitea-2026-20912 | Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure | 2026-01-30T08:40:49.607Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20904 | Gitea: Broken access control in OpenID visibility toggle enables cross-user visibility changes | 2026-01-30T08:40:47.849Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20897 | Gitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR) | 2026-01-30T08:40:45.840Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20888 | Gitea Pull Requests Auto-Merge: Read-Only Users Can Cancel Scheduled Auto-Merge via Web Endpoint (Authorization Bypass) | 2026-01-30T08:40:43.950Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20883 | Gitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information Disclosure | 2026-01-30T08:40:41.879Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20800 | Notification API Leaks Private Repository Issue Titles After Collaborator Permission Revocation | 2026-01-30T08:40:39.688Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20750 | Gitea Organization Projects Cross-Organization Authorization Bypass via Project ID (IDOR) | 2026-01-30T08:40:37.768Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-20736 | Gitea Web Attachment Deletion: Cross-Repository Unauthorized Deletion via Missing Repo Ownership Check | 2026-01-30T08:40:35.702Z | 2026-01-30T09:12:31.676Z |
| bit-gitea-2026-0798 | Gitea Release Email Notifications Leak Private Repository Release Details After Access Revocation | 2026-01-30T08:40:33.870Z | 2026-01-30T09:12:31.676Z |
| bit-rum-2022-50806 | 4images 1.9 - Remote Command Execution (RCE) | 2026-01-29T20:50:41.024Z | 2026-01-29T21:11:31.203Z |
| bit-ghost-2025-9862 | Ghost 6.0.6 - SSRF via oEmbed Bookmark | 2026-01-29T20:40:02.993Z | 2026-01-29T21:11:31.203Z |
| bit-pytorch-2026-24747 | PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files | 2026-01-29T08:50:25.994Z | 2026-01-29T09:11:54.406Z |
| bit-appsmith-2026-24042 | Appsmith public apps can execute unpublished actions (viewMode confusion) | 2026-01-29T08:36:35.250Z | 2026-02-18T18:09:39.057Z |
| bit-gitlab-2026-1102 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-01-27T09:13:24.685Z | 2026-01-27T09:14:53.416Z |
| bit-gitlab-2026-0723 | Unchecked Return Value in GitLab | 2026-01-27T09:13:22.812Z | 2026-01-27T09:14:53.416Z |
| bit-gitlab-2025-13928 | Incorrect Authorization in GitLab | 2026-01-27T09:10:58.706Z | 2026-01-27T09:14:53.416Z |
| bit-gitlab-2025-13927 | Allocation of Resources Without Limits or Throttling in GitLab | 2026-01-27T09:10:56.771Z | 2026-01-27T09:14:53.416Z |
| bit-gitlab-2025-13335 | Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab | 2026-01-27T09:10:47.144Z | 2026-01-27T09:14:53.416Z |
| bit-python-2026-0865 | wsgiref.headers.Headers allows header newline injection | 2026-01-26T14:50:04.789Z | 2026-02-24T09:11:39.593Z |
| bit-python-2026-0672 | Header injection in http.cookies.Morsel | 2026-01-26T14:50:03.015Z | 2026-02-20T15:52:56.451Z |
| bit-solr-2026-22444 | Apache Solr: Insufficient file-access checking in standalone core-creation requests | 2026-01-26T14:49:58.661Z | 2026-01-26T15:09:56.435Z |
| bit-solr-2026-22022 | Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin | 2026-01-26T14:49:57.084Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3647 | Moodle: idor when accessing the cohorts report | 2026-01-26T14:49:52.208Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3645 | Moodle: idor in messaging web service allows access to some user details | 2026-01-26T14:49:50.806Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3644 | Moodle: ajax section delete does not respect course_can_delete_section() | 2026-01-26T14:49:49.408Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3643 | Moodle: reflected xss risk in policy tool | 2026-01-26T14:49:47.987Z | 2026-01-26T15:09:56.435Z |
| bit-moodle-2025-3642 | Moodle: authenticated remote code execution risk in the moodle lms equella repository | 2026-01-26T14:49:46.287Z | 2026-01-26T15:09:56.435Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-kz60560 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:19:55.200542Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xi02879 | When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 | 2026-01-30T16:18:55.578686Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-um63521 | Within HostnameError | 2026-01-30T16:12:25.029065Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-cz81512 | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes | 2026-01-30T16:11:25.451968Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-jr48309 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:11:25.334563Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xr17407 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-01-30T16:11:25.270681Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uz73015 | Cancelling a query (e | 2026-01-30T16:09:25.315533Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xr85161 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:02:54.934169Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wq07901 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T16:01:54.911193Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-yc48827 | Within HostnameError | 2026-01-30T15:56:24.532632Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-hv28992 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3 | 2026-01-30T15:55:24.450018Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-dp30290 | processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input | 2026-01-30T15:52:54.729374Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-oh86281 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:52:25.054249Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ll43287 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:50:54.603931Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-qw16951 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:48:54.464404Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ad41794 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:47:54.368234Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-zp68963 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:47:54.288582Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-gc16599 | Cancelling a query (e | 2026-01-30T15:46:54.243517Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-tr11635 | Cancelling a query (e | 2026-01-30T15:46:54.229170Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xd92996 | Cancelling a query (e | 2026-01-30T15:46:24.650971Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ok45738 | Within HostnameError | 2026-01-30T15:45:53.967263Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rx06615 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:45:24.056160Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bt39952 | Moby is an open source container framework developed by Docker Inc | 2026-01-30T15:45:23.955705Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-er42900 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T15:41:23.817747Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-dv06422 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:40:54.415037Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-mj51212 | Cancelling a query (e | 2026-01-30T15:40:23.782215Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-so16176 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:39:24.255623Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ru37859 | Cancelling a query (e | 2026-01-30T15:39:24.210234Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-pc16040 | Within HostnameError | 2026-01-30T15:37:23.991168Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-rw65075 | Within HostnameError | 2026-01-30T15:35:53.815887Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-046 | 2025-04-23T16:59:33.000Z | 2025-04-23T16:59:33.000Z | |
| drupal-contrib-2025-045 | 2025-04-23T16:59:19.000Z | 2025-04-23T16:59:19.000Z | |
| drupal-contrib-2025-044 | 2025-04-23T16:59:11.000Z | 2025-04-23T16:59:11.000Z | |
| drupal-contrib-2025-043 | 2025-04-23T16:59:01.000Z | 2025-04-23T16:59:01.000Z | |
| drupal-contrib-2025-042 | 2025-04-23T16:58:51.000Z | 2025-04-23T16:58:51.000Z | |
| drupal-contrib-2025-041 | 2025-04-23T16:58:39.000Z | 2025-05-29T18:23:44.000Z | |
| drupal-contrib-2025-040 | 2025-04-16T16:26:13.000Z | 2025-04-16T16:26:13.000Z | |
| drupal-contrib-2025-039 | 2025-04-16T16:25:56.000Z | 2025-04-16T16:25:56.000Z | |
| drupal-contrib-2025-038 | 2025-04-16T16:25:45.000Z | 2025-04-16T16:25:45.000Z | |
| drupal-contrib-2025-037 | 2025-04-16T16:25:35.000Z | 2025-04-16T16:25:35.000Z | |
| drupal-contrib-2025-036 | 2025-04-16T16:25:27.000Z | 2025-04-16T16:25:27.000Z | |
| drupal-contrib-2025-035 | 2025-04-16T16:25:12.000Z | 2025-04-16T16:25:12.000Z | |
| drupal-contrib-2025-034 | 2025-04-16T16:24:49.000Z | 2025-05-29T18:24:01.000Z | |
| drupal-contrib-2025-033 | 2025-04-09T17:04:56.000Z | 2025-04-29T07:18:22.000Z | |
| drupal-contrib-2025-032 | 2025-04-09T17:04:46.000Z | 2025-04-09T17:04:46.000Z | |
| drupal-contrib-2025-031 | 2025-04-09T17:04:15.000Z | 2025-04-10T16:01:51.000Z | |
| drupal-contrib-2025-030 | 2025-04-09T17:04:09.000Z | 2025-04-09T17:04:09.000Z | |
| drupal-contrib-2025-029 | 2025-04-02T17:03:15.000Z | 2025-04-02T17:03:15.000Z | |
| drupal-contrib-2025-028 | 2025-04-02T17:02:32.000Z | 2025-04-02T17:02:32.000Z | |
| drupal-contrib-2025-027 | 2025-04-02T17:01:45.000Z | 2025-04-02T17:01:45.000Z | |
| drupal-contrib-2025-026 | 2025-03-19T18:53:42.000Z | 2025-03-31T22:07:23.000Z | |
| drupal-contrib-2025-025 | 2025-03-19T18:53:23.000Z | 2025-03-31T22:07:15.000Z | |
| drupal-contrib-2025-024 | 2025-03-19T18:52:53.000Z | 2025-03-31T22:07:08.000Z | |
| drupal-contrib-2025-023 | 2025-03-05T18:17:14.000Z | 2025-03-31T22:06:55.000Z | |
| drupal-contrib-2025-022 | 2025-03-05T17:27:19.000Z | 2025-03-31T22:06:45.000Z | |
| drupal-contrib-2025-021 | 2025-03-05T17:18:25.000Z | 2025-03-31T22:06:37.000Z | |
| drupal-contrib-2025-020 | 2025-02-26T18:35:21.000Z | 2025-03-31T22:06:18.000Z | |
| drupal-contrib-2025-019 | 2025-02-26T18:35:11.000Z | 2025-03-31T22:06:12.000Z | |
| drupal-contrib-2025-018 | 2025-02-26T18:34:59.000Z | 2025-03-31T22:06:05.000Z | |
| drupal-contrib-2025-017 | 2025-02-12T17:38:22.000Z | 2025-03-31T22:05:40.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000083 | BUFFALO NAS Navigator2 registers a Windows service with an unquoted file path | 2025-10-10T13:56+09:00 | 2025-10-10T13:56+09:00 |
| jvndb-2025-015451 | Multiple vulnerabilities in FUJI Electric V-SFT | 2025-10-09T13:39+09:00 | 2025-10-09T13:39+09:00 |
| jvndb-2025-000082 | The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries | 2025-10-06T15:38+09:00 | 2025-10-06T15:38+09:00 |
| jvndb-2025-015061 | Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation | 2025-10-06T13:52+09:00 | 2025-10-06T13:52+09:00 |
| jvndb-2025-014967 | Multiple vulnerabilities in multiple Keyence products | 2025-10-03T11:19+09:00 | 2025-12-23T14:36+09:00 |
| jvndb-2025-014793 | NIHON KOHDEN Central Monitor CNS-6201 vulnerable to NULL pointer dereference | 2025-10-01T11:35+09:00 | 2025-10-27T12:28+09:00 |
| jvndb-2025-014642 | Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-09-30T11:50+09:00 | 2025-09-30T11:50+09:00 |
| jvndb-2025-000081 | DataSpider Servista improper restriction of XML external entity references | 2025-09-29T14:44+09:00 | 2025-10-07T16:54+09:00 |
| jvndb-2025-014105 | OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path | 2025-09-19T16:21+09:00 | 2025-09-19T16:21+09:00 |
| jvndb-2025-014104 | Multiple vulnerabilities in I-O DATA wireless LAN routers | 2025-09-19T14:58+09:00 | 2025-09-19T14:58+09:00 |
| jvndb-2025-014081 | Multiple Brother and its OEM products with weak initial administrator passwords | 2025-09-19T10:52+09:00 | 2025-09-19T10:52+09:00 |
| jvndb-2025-000079 | UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting | 2025-09-18T17:43+09:00 | 2025-09-18T17:43+09:00 |
| jvndb-2025-000078 | Century HW RAID Manager registers a Windows service with an unquoted file path | 2025-09-17T13:45+09:00 | 2025-09-17T13:45+09:00 |
| jvndb-2025-000048 | WTW-EAGLE App vulnerable to improper server certificate validation | 2025-09-12T13:57+09:00 | 2025-09-12T13:57+09:00 |
| jvndb-2025-000077 | RICOH Streamline NX vulnerable to tampering with operation history | 2025-09-08T13:42+09:00 | 2025-09-24T16:53+09:00 |
| jvndb-2025-000072 | Obsidian GitHub Copilot Plugin stores sensitive information in cleartext | 2025-09-05T16:52+09:00 | 2025-09-05T16:52+09:00 |
| jvndb-2025-000073 | RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path | 2025-09-05T16:20+09:00 | 2025-09-05T16:20+09:00 |
| jvndb-2025-000071 | "Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly | 2025-09-05T15:12+09:00 | 2025-09-05T15:12+09:00 |
| jvndb-2025-000075 | Multiple vulnerabilities in TkEasyGUI | 2025-09-05T14:53+09:00 | 2025-09-05T14:53+09:00 |
| jvndb-2025-000069 | Web Caster V130 vulnerable to cross-site request forgery | 2025-09-03T14:23+09:00 | 2025-09-03T14:23+09:00 |
| jvndb-2025-000070 | "Gunosy" App vulnerable to insertion of sensitive information into sent data | 2025-09-02T14:20+09:00 | 2025-09-09T09:51+09:00 |
| jvndb-2025-000068 | Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection | 2025-09-01T16:21+09:00 | 2025-09-01T16:21+09:00 |
| jvndb-2025-012659 | Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series | 2025-09-01T15:22+09:00 | 2025-09-01T15:22+09:00 |
| jvndb-2025-000067 | Multiple vulnerabilities in multiple iND products | 2025-08-29T14:47+09:00 | 2025-08-29T14:47+09:00 |
| jvndb-2025-000066 | Improper file access permission settings in multiple i-FILTER products | 2025-08-27T19:50+09:00 | 2025-09-29T13:45+09:00 |
| jvndb-2025-000064 | Multiple vulnerabilities in SS1 | 2025-08-27T15:13+09:00 | 2025-08-27T15:13+09:00 |
| jvndb-2025-000065 | ScanSnap Manager installers vulnerable to privilege escalation | 2025-08-27T14:22+09:00 | 2025-08-27T14:22+09:00 |
| jvndb-2025-000063 | Western Digital Kitfox registers a Windows service with an unquoted file path | 2025-08-22T13:37+09:00 | 2025-08-22T13:37+09:00 |
| jvndb-2025-000062 | Multiple vulnerabilities in Group-Office | 2025-08-21T14:03+09:00 | 2025-08-21T14:03+09:00 |
| jvndb-2025-011884 | FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation | 2025-08-21T11:49+09:00 | 2025-08-25T10:38+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10678 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10678) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10677 | Microsoft Windows SMB Server权限提升漏洞(CNVD-2026-10677) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10675 | Microsoft Windows File Explorer信息泄露漏洞(CNVD-2026-10675) | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10674 | Microsoft Windows File Explorer信息泄露漏洞(CNVD-2026-10674) | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10673 | Microsoft Windows File Explorer信息泄露漏洞(CNVD-2026-10673) | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10672 | Microsoft Windows File Explorer信息泄露漏洞 | 2026-01-19 | 2026-02-11 |
| cnvd-2026-10639 | D-Link DI-8200G命令注入漏洞 | 2026-01-19 | 2026-02-09 |
| cnvd-2026-09802 | Adobe Dreamweaver命令注入漏洞 | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09801 | Adobe Substance 3D Sampler缓冲区溢出漏洞 | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09800 | Adobe Substance 3D Painter缓冲区溢出漏洞(CNVD-2026-09800) | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09799 | Adobe InCopy缓冲区溢出漏洞(CNVD-2026-09799) | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09796 | Apache Uniffle信任管理问题漏洞 | 2026-01-19 | 2026-01-30 |
| cnvd-2026-09795 | Apache NimBLE代码问题漏洞 | 2026-01-19 | 2026-02-04 |
| cnvd-2026-08750 | Microsoft Graphics Kernel竞争条件问题漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-08749 | Microsoft Graphics Component资源管理错误漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-08748 | Microsoft Excel访问控制错误漏洞 | 2026-01-19 | 2026-01-22 |
| cnvd-2026-08747 | Microsoft Excel代码执行漏洞(CNVD-2026-08747) | 2026-01-19 | 2026-01-22 |
| cnvd-2026-08746 | Microsoft Excel代码执行漏洞(CNVD-2026-08746) | 2026-01-19 | 2026-01-22 |
| cnvd-2026-08444 | Online Course Registration System /manage-students.php文件SQL注入漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08443 | Online Course Registration System /enroll.php文件SQL注入漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08435 | iccDEV CIccSingleSampledeCurveXml类的类型混淆漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08434 | iccDEV CIccCLUT::Init函数未定义行为漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08433 | iccDEV未定义行为漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08432 | iccDEV内存泄漏漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08431 | iccDEV CIccXmlArrayType::ParseTextCountNum函数整数溢出漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08430 | iccDEV CIccXform::Create函数释放后重用漏洞 | 2026-01-19 | 2026-01-27 |
| cnvd-2026-08429 | iccDEV Unicode缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08428 | iccDEV CIccTagText::Read函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08427 | iccDEV CIccTagLut8::Validate函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| cnvd-2026-08426 | iccDEV CIccTagLut16::Validate函数堆缓冲区溢出漏洞 | 2026-01-19 | 2026-01-26 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01753 | Уязвимость компонента GDI+ операционной системы Windows, позволяющая нарушителю вызвать о… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01752 | Уязвимость компонента Hyper-V операционной системы Windows, позволяющая нарушителю выполн… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01751 | Уязвимость службы Connected Devices Platform Service операционных систем Windows, позволя… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01750 | Уязвимость компонента Hyper-V операционной системы Windows, позволяющая нарушителю выполн… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01749 | Уязвимость драйвера Ancillary Function Driver for WinSock операционных систем Windows, по… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01748 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01747 | Уязвимость реализации протокола службы каталогов LDAP (Lightweight Directory Access Proto… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01746 | Уязвимость компонента Hyper-V операционной системы Windows, позволяющая нарушителю выполн… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01745 | Уязвимость компонента Mailslot File System операционных систем Windows, позволяющая наруш… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01744 | Уязвимость пакета программ Microsoft Office, связанная с недостатками механизма десериали… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01743 | Уязвимость расширения GitHub Copilot для Jetbrains, связанная с непринятием мер по очистк… | 12.02.2026 | 12.02.2026 |
| bdu:2026-01742 | Уязвимость текстового редактора Notepad операционных систем Windows, позволяющая нарушите… | 12.02.2026 | 13.02.2026 |
| bdu:2026-01727 | Уязвимость функции оценки избирательности расширения Intarray системы управления базами д… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01726 | Уязвимость функции обработки типов данных oidvector системы управления базами данных Post… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01725 | Уязвимость веб-интерфейса системы выявления и устранения угроз FortiSandbox, позволяющая … | 11.02.2026 | 11.02.2026 |
| bdu:2026-01724 | Уязвимость компонента pg_trgm системы управления базами данных PostgreSQL, позволяющая на… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01723 | Уязвимость системы управления базами данных PostgreSQL, связанная с неверным индексирован… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01722 | Уязвимость компонента pgcrypto системы управления базами данных PostgreSQL, позволяющая н… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01721 | Уязвимость веб-интерфейса управления микропрограммного обеспечения промышленных управляем… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01720 | Уязвимость компонента API-endpoint /api/domains/<domainid>/users/<userid>/aliases корпора… | 11.02.2026 | 13.02.2026 |
| bdu:2026-01718 | Уязвимость библиотеки juliangruber/brace-expansion программной платформы Node.js, позволя… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01717 | Уязвимость библиотеки diff (jsdiff) программной платформы Node.js, позволяющая нарушителю… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01716 | Уязвимость функции foregroundChild() библиотеки для поиска файлов и директорий Glob прогр… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01715 | Уязвимость функции expand() библиотеки juliangruber/brace-expansion программной платформы… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01714 | Уязвимость библиотеки node-tar программной платформы Node.js, позволяющая нарушителю раск… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01713 | Уязвимость библиотеки node-tar программной платформы Node.js, позволяющая нарушителю полу… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01712 | Уязвимость интерфейса командной строки программной платформы Node.js, позволяющая нарушит… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01711 | Уязвимость реализации алгоритма цифровой подписи EdDSA EdDSA-Java (ed25519-java), связан… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01710 | Уязвимость системы управления базами данных HyperSQL DataBase (HSQLDB), связанная с приме… | 11.02.2026 | 11.02.2026 |
| bdu:2026-01709 | Уязвимость компонента org.assertj.core.util.xml.XmlStringPrettyFormatter Java-библиотеки … | 11.02.2026 | 11.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0113 | Vulnérabilité dans Google Pixel | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0112 | Multiples vulnérabilités dans les produits VMware | 2026-02-02T00:00:00.000000 | 2026-02-02T00:00:00.000000 |
| certfr-2026-avi-0111 | Vulnérabilité dans ESET Inspect Connector | 2026-02-02T00:00:00.000000 | 2026-02-02T00:00:00.000000 |
| certfr-2026-avi-0110 | Multiples vulnérabilités Ivanti Endpoint Manager Mobile (EPMM) | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0109 | Multiples vulnérabilités dans les produits IBM | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0108 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0107 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0106 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0105 | Vulnérabilité dans Microsoft Edge | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0104 | Vulnérabilité dans Qnap QTS | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0103 | Multiples vulnérabilités dans Node.js | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0102 | Vulnérabilité dans Splunk Enterprise | 2026-01-30T00:00:00.000000 | 2026-01-30T00:00:00.000000 |
| certfr-2026-avi-0101 | Multiples vulnérabilités dans les produits Siemens | 2026-01-29T00:00:00.000000 | 2026-01-29T00:00:00.000000 |
| certfr-2026-avi-0100 | Multiples vulnérabilités dans les produits WithSecure | 2026-01-29T00:00:00.000000 | 2026-01-29T00:00:00.000000 |
| certfr-2026-avi-0099 | Multiples vulnérabilités dans SolarWinds Web Help Desk | 2026-01-28T00:00:00.000000 | 2026-01-29T00:00:00.000000 |
| certfr-2026-avi-0098 | Vulnérabilité dans les produits Symfony | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0097 | Vulnérabilité dans les produits Fortinet | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0096 | Multiples vulnérabilités dans OpenSSL | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0095 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0094 | Multiples vulnérabilités dans HPE Aruba Networking Fabric Composer | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0093 | Multiples vulnérabilités dans Tenable Network Monitor | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0092 | Vulnérabilité dans Google Chrome | 2026-01-28T00:00:00.000000 | 2026-01-28T00:00:00.000000 |
| certfr-2026-avi-0091 | Multiples vulnérabilités dans Xen | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0090 | Multiples vulnérabilités dans Citrix XenServer | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0089 | Vulnérabilité dans Microsoft Office | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0088 | Vulnérabilité dans MariaDB | 2026-01-27T00:00:00.000000 | 2026-01-27T00:00:00.000000 |
| certfr-2026-avi-0087 | Vulnérabilité dans les produits Belden | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| certfr-2026-avi-0086 | Vulnérabilité dans CPython | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| certfr-2026-avi-0085 | Multiples vulnérabilités dans NetApp Brocade SAN Navigator | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| certfr-2026-avi-0084 | Vulnérabilité dans Microsoft Edge | 2026-01-26T00:00:00.000000 | 2026-01-26T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2020-ale-016 | Vulnérabilité dans Microsoft Domain Name System (DNS) Server | 2020-07-15T00:00:00.000000 | 2020-10-12T00:00:00.000000 |
| certfr-2020-ale-015 | Vulnérabilité dans F5 BIG-IP | 2020-07-05T00:00:00.000000 | 2020-09-15T00:00:00.000000 |
| certfr-2020-ale-014 | Vulnérabilité dans Palo Alto Networks PAN-OS | 2020-07-03T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-013 | Multiples vulnérabilités dans Microsoft Windows | 2020-07-01T00:00:00.000000 | 2020-07-05T00:00:00.000000 |
| certfr-2020-ale-012 | Multiples vulnérabilités dans SaltStack | 2020-05-04T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-011 | Multiples vulnérabilités dans les produits Microsoft qui utilisent la bibliothèque Autodesk FBX | 2020-04-22T00:00:00.000000 | 2020-06-23T00:00:00.000000 |
| certfr-2020-ale-010 | Multiples vulnérabilités dans Mozilla Firefox | 2020-04-06T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-009 | Multiples vulnérabilités dans Microsoft Windows | 2020-03-24T00:00:00.000000 | 2020-06-23T00:00:00.000000 |
| certfr-2020-ale-008 | Vulnérabilité dans l'implémentation du protocole SMB par Microsoft | 2020-03-11T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-007 | Vulnérabilité dans Microsoft Exchange Server | 2020-02-27T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-006 | Vulnérabilité dans Microsoft Internet Explorer | 2020-01-20T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-ale-005 | Multiples vulnérabilités dans le serveur de passerelle RDP de Windows | 2020-01-14T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-ale-004 | Vulnérabilité dans Microsoft Windows | 2020-01-14T00:00:00.000000 | 2020-01-17T00:00:00.000000 |
| certfr-2020-ale-003 | Vulnérabilité dans les produits Mozilla | 2020-01-09T00:00:00.000000 | 2020-01-20T00:00:00.000000 |
| certfr-2020-ale-002 | Vulnérabilité dans les produits Citrix ADC et Citrix Gateway | 2020-01-09T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-001 | Multiples vulnérabilités dans les produits de Pulse Secure | 2020-01-09T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2019-ale-015 | Multiples vulnérabilités dans Google Chrome | 2019-11-04T00:00:00.000000 | 2020-01-08T00:00:00.000000 |
| certfr-2019-ale-014 | Vulnérabilité dans PHP | 2019-10-29T00:00:00.000000 | 2020-01-08T00:00:00.000000 |
| certfr-2019-ale-013 | Vulnérabilité dans Microsoft Internet Explorer | 2019-09-24T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-012 | Multiples vulnérabilités dans Microsoft Remote Desktop Services | 2019-08-14T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-011 | Vulnérabilité dans Oracle WebLogic | 2019-06-20T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-010 | Vulnérabilité dans Mozilla Firefox | 2019-06-20T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-009 | Vulnérabilité dans Exim | 2019-06-11T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-008 | Vulnérabilité dans Microsoft SharePoint Server | 2019-05-29T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-006 | Vulnérabilité dans Microsoft Remote Desktop Services | 2019-05-22T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-007 | Vulnérabilité dans le serveur DHCP de Windows | 2019-05-15T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-005 | Vulnérabilité dans Oracle WebLogic | 2019-04-26T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-004 | Multiples vulnérabilités dans Microsoft Edge et Internet Explorer | 2019-04-01T00:00:00.000000 | 2019-04-17T00:00:00.000000 |
| certfr-2019-ale-003 | Campagnes de rançongiciels | 2019-01-31T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-002 | Vulnérabilités affectant l'écosystème Microsoft Exchange et Active Directory | 2019-01-30T00:00:00.000000 | 2019-03-06T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2025-723 | Heap-buffer-overflow in processClientServerHello | 2025-09-13T00:02:40.666090Z | 2025-09-13T00:02:40.666412Z |
| osv-2025-718 | Heap-buffer-overflow in pcpp::ArpLayer::toString | 2025-09-10T00:08:49.177204Z | 2025-12-22T14:17:36.857810Z |
| osv-2025-698 | Use-of-uninitialized-value in AesEncrypt_C | 2025-09-02T00:02:49.308939Z | 2025-12-05T14:58:11.846817Z |
| osv-2025-684 | Heap-buffer-overflow in TGAHandler::read | 2025-08-25T00:17:17.781502Z | 2025-08-25T00:17:17.782094Z |
| osv-2025-677 | Heap-buffer-overflow in TGAHandler::read | 2025-08-23T00:05:27.168432Z | 2025-08-23T00:05:27.168725Z |
| osv-2025-657 | Heap-use-after-free in ftp_pp_statemachine | 2025-08-20T00:12:09.699805Z | 2025-08-20T00:12:09.700264Z |
| osv-2025-638 | Security exception in com.fasterxml.jackson.databind.deser.std.UntypedObjectDeserializer$Vanilla.deser | 2025-08-17T00:01:49.946822Z | 2025-08-17T14:48:59.288257Z |
| osv-2025-634 | Null-dereference READ in enc_fuzzer@Enc.EncTest | 2025-08-15T00:17:04.845331Z | 2025-08-15T00:17:04.845683Z |
| osv-2025-633 | UNKNOWN WRITE in _lou_handlePassVariableAction | 2025-08-15T00:16:54.142913Z | 2025-08-15T00:16:54.143400Z |
| osv-2025-631 | Null-dereference READ in advanced_api_fuzzer@AdvancedApi.AdvancedApiTest | 2025-08-15T00:02:42.080995Z | 2025-08-15T00:02:42.081563Z |
| osv-2025-628 | Null-dereference READ in ubsan_GetStackTrace | 2025-08-14T00:15:27.806312Z | 2025-08-14T00:15:27.806631Z |
| osv-2025-627 | Null-dereference READ in ProcessRows | 2025-08-14T00:14:14.245302Z | 2025-08-14T00:14:14.245619Z |
| osv-2025-622 | Heap-buffer-overflow in cc_storage_append | 2025-08-13T00:16:18.937393Z | 2025-08-13T00:16:18.937719Z |
| osv-2025-620 | Heap-buffer-overflow in FragPrepareChunk | 2025-08-12T00:14:23.793424Z | 2025-08-12T00:14:23.793828Z |
| osv-2025-619 | Heap-buffer-overflow in webvtt_domnode_SelectNodesInTree | 2025-08-12T00:13:01.748418Z | 2025-08-12T00:13:01.748751Z |
| osv-2025-618 | Heap-buffer-overflow in iTUNTripletCallback | 2025-08-12T00:05:50.847179Z | 2025-08-12T00:05:50.847582Z |
| osv-2025-617 | UNKNOWN WRITE in MP4_BoxFree | 2025-08-12T00:04:18.009473Z | 2025-08-12T00:04:18.009816Z |
| osv-2025-616 | Heap-buffer-overflow in Open | 2025-08-12T00:00:48.056276Z | 2025-08-12T00:00:48.056623Z |
| osv-2025-615 | Index-out-of-bounds in hevc_get_picture_size | 2025-08-12T00:00:42.725434Z | 2025-08-12T00:00:42.725767Z |
| osv-2025-614 | Heap-buffer-overflow in hevc_hvcC_to_AnnexB_NAL | 2025-08-12T00:00:36.634849Z | 2025-08-12T00:00:36.635239Z |
| osv-2025-613 | Heap-buffer-overflow in check_sync_pes | 2025-08-12T00:00:33.354786Z | 2025-08-12T00:00:33.355391Z |
| osv-2025-608 | Heap-buffer-overflow in _dwarf_memcpy_noswap_bytes | 2025-08-09T00:02:00.092320Z | 2025-08-11T14:17:56.957704Z |
| osv-2025-600 | Heap-buffer-overflow in generic_unpack | 2025-08-05T00:10:00.536266Z | 2025-08-05T00:10:00.536669Z |
| osv-2025-597 | Heap-buffer-overflow in generic_unpack | 2025-08-04T00:08:26.345735Z | 2025-08-04T00:08:26.346368Z |
| osv-2025-593 | Heap-buffer-overflow in mmcall | 2025-08-02T00:16:19.626747Z | 2025-12-20T14:30:41.473113Z |
| osv-2025-591 | UNKNOWN READ in mov_read_header | 2025-08-02T00:02:00.509459Z | 2025-08-02T00:02:00.510035Z |
| osv-2025-589 | Heap-buffer-overflow in isvcd_decode_recon_tfr_nmb_base_lyr | 2025-08-01T00:10:54.848946Z | 2025-08-01T00:10:54.849286Z |
| osv-2025-584 | Heap-buffer-overflow in isvcd_mark_err_slice_skip | 2025-07-31T00:09:08.538145Z | 2025-07-31T00:09:08.538507Z |
| osv-2025-580 | UNKNOWN READ in signed char Assimp::StreamReader<false, false>::Get<signed char> | 2025-07-29T00:16:41.422221Z | 2026-01-25T14:18:57.285875Z |
| osv-2025-570 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2025-07-23T00:17:34.356115Z | 2025-07-23T00:17:34.356449Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2025-0081 | `unic-char-property` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0080 | `unic-common` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0079 | `unic-ucd-hangul` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0078 | `unic-ucd-normal` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0077 | `unic-ucd` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0076 | `unic-ucd-name` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0075 | `unic-char-range` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-22T14:41:04Z |
| rustsec-2025-0074 | `unic-segment` is unmaintained | 2025-10-18T12:00:00Z | 2025-10-21T11:12:59Z |
| rustsec-2025-0073 | DoS vulnerability on `alloy_dyn_abi::TypedData` hashing | 2025-10-15T12:00:00Z | 2025-10-15T13:11:39Z |
| rustsec-2025-0072 | soundness issue and unmaintained | 2025-10-02T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0071 | Incorrect handling of embedded SVG and MathML leads to mutation XSS after removal | 2025-09-21T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0070 | Pingora MadeYouReset HTTP/2 vulnerability | 2025-09-17T12:00:00Z | 2025-09-18T07:10:31Z |
| rustsec-2025-0069 | `daemonize` is Unmaintained | 2025-09-14T12:00:00Z | 2025-09-15T14:42:32Z |
| rustsec-2025-0068 | serde_yml crate is unsound and unmaintained | 2025-09-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0067 | `libyml::string::yaml_string_extend` is unsound and unmaintained | 2025-09-11T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0065 | matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method | 2025-09-11T12:00:00Z | 2025-09-11T12:21:52Z |
| rustsec-2025-0000 | matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method | 2025-09-11T12:00:00Z | 2025-09-11T12:10:54Z |
| rustsec-2025-0066 | The `google-apis-rs` project is now unmaintained | 2025-09-09T12:00:00Z | 2025-09-11T16:34:38Z |
| rustsec-2025-0061 | iron crate is unmaintained | 2025-09-08T12:00:00Z | 2025-09-08T09:09:54Z |
| rustsec-2025-0060 | crypto-hash crate is unmaintained | 2025-09-08T12:00:00Z | 2025-09-08T09:09:54Z |
| rustsec-2025-0059 | servo-fontconfig crate is unmaintained | 2025-09-08T12:00:00Z | 2025-09-08T09:09:54Z |
| rustsec-2025-0058 | custom_derive crate is unmaintained | 2025-09-07T12:00:00Z | 2025-09-07T08:38:20Z |
| rustsec-2025-0057 | fxhash - no longer maintained | 2025-09-05T12:00:00Z | 2025-09-05T19:09:01Z |
| rustsec-2025-0056 | adler crate is unmaintained, use adler2 instead | 2025-09-05T12:00:00Z | 2025-09-05T09:05:48Z |
| rustsec-2025-0055 | Logging user input may result in poisoning logs with ANSI escape sequences | 2025-08-29T12:00:00Z | 2025-09-02T11:05:02Z |
| rustsec-2025-0052 | async-std has been discontinued | 2025-08-24T12:00:00Z | 2025-08-27T11:36:30Z |
| rustsec-2025-0054 | ArrayQueue::push_front is not panic-safe | 2025-08-14T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0053 | Multiple memory corruption vulnerabilities in safe APIs | 2025-08-14T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0050 | IdMap::from_iter may lead to uninitialized memory being freed on drop | 2025-08-14T12:00:00Z | 2025-10-28T06:02:18Z |
| rustsec-2025-0049 | User-defined implementations of the safe trait scratchpad::Tracking can cause heap buffer overflows | 2025-08-14T12:00:00Z | 2025-10-28T06:02:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:1380 | Moderate: osbuild-composer security update | 2026-01-27T00:00:00Z | 2026-01-29T12:07:35Z |
| alsa-2026:1377 | Moderate: image-builder security update | 2026-01-27T00:00:00Z | 2026-02-12T10:36:07Z |
| alsa-2026:1374 | Moderate: python3.11 security update | 2026-01-27T00:00:00Z | 2026-01-29T12:10:37Z |
| alsa-2026:1359 | Moderate: gcc-toolset-15-binutils security update | 2026-01-27T00:00:00Z | 2026-02-02T11:23:42Z |
| alsa-2026:1350 | Moderate: curl security update | 2026-01-27T00:00:00Z | 2026-01-29T12:31:06Z |
| alsa-2026:1344 | Important: grafana security update | 2026-01-27T00:00:00Z | 2026-01-29T12:12:24Z |
| alsa-2026:1334 | Moderate: glibc security update | 2026-01-27T00:00:00Z | 2026-01-29T12:29:45Z |
| alsa-2026:1254 | Important: python-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-29T12:14:07Z |
| alsa-2026:1239 | Important: fence-agents security update | 2026-01-26T00:00:00Z | 2026-02-02T11:30:59Z |
| alsa-2026:1226 | Important: python3.12-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:21:23Z |
| alsa-2026:1224 | Important: python3.11-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:28:50Z |
| alsa-2026:1178 | Moderate: kernel security update | 2026-01-26T00:00:00Z | 2026-02-02T11:36:10Z |
| alsa-2026:1148 | Important: kernel-rt security update | 2026-01-26T00:00:00Z | 2026-01-26T13:52:56Z |
| alsa-2026:1143 | Important: kernel security update | 2026-01-26T00:00:00Z | 2026-01-30T09:51:59Z |
| alsa-2026:1142 | Important: kernel security update | 2026-01-26T00:00:00Z | 2026-01-26T13:49:21Z |
| alsa-2026:1089 | Important: python3.11-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:15:08Z |
| alsa-2026:1088 | Important: python3.12-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:17:27Z |
| alsa-2026:1087 | Important: python-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-27T08:19:22Z |
| alsa-2026:1086 | Important: python-urllib3 security update | 2026-01-26T00:00:00Z | 2026-01-26T13:16:32Z |
| alsa-2026:0933 | Important: java-25-openjdk security update | 2026-01-26T00:00:00Z | 2026-01-28T14:39:55Z |
| alsa-2026:0932 | Important: java-1.8.0-openjdk security update | 2026-01-26T00:00:00Z | 2026-01-29T13:07:43Z |
| alsa-2026:0991 | Moderate: glib2 security update | 2026-01-22T00:00:00Z | 2026-01-24T01:40:03Z |
| alsa-2026:0975 | Moderate: glib2 security update | 2026-01-22T00:00:00Z | 2026-01-23T23:34:09Z |
| alsa-2026:0928 | Important: java-21-openjdk security update | 2026-01-22T00:00:00Z | 2026-01-24T01:32:22Z |
| alsa-2026:0927 | Important: java-17-openjdk security update | 2026-01-22T00:00:00Z | 2026-01-24T01:52:06Z |
| alsa-2026:0936 | Moderate: glib2 security update | 2026-01-21T00:00:00Z | 2026-01-24T01:44:09Z |
| alsa-2026:0930 | Moderate: pcs security update | 2026-01-21T00:00:00Z | 2026-01-24T01:46:11Z |
| alsa-2026:0924 | Important: thunderbird security update | 2026-01-21T00:00:00Z | 2026-01-24T01:47:12Z |
| alsa-2026:0923 | Important: golang security update | 2026-01-21T00:00:00Z | 2026-01-24T01:54:58Z |
| alsa-2026:0922 | Important: golang security update | 2026-01-21T00:00:00Z | 2026-01-23T23:39:55Z |