Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
14240
Total
958
Critical
4175
High
4515
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-34585 | HIGH | 8.6 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute values to bypass server-side attribute escaping when an … | Mar 31, 2026 |
| CVE-2026-34542 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34541 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34540 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34539 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF … | Mar 31, 2026 |
| CVE-2026-34537 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34536 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34535 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34534 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34533 | MEDIUM | 6.2 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger … | Mar 31, 2026 |
| CVE-2026-34453 | HIGH | 7.5 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, the publish service exposes bookmarked blocks from password-protected documents to unauthenticated visitors. In publish/read-only … | Mar 31, 2026 |
| CVE-2026-34452 | UNKNOWN | — | The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem … | Mar 31, 2026 |
| CVE-2026-34451 | UNKNOWN | — | Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.81.0, the local … | Mar 31, 2026 |
| CVE-2026-34450 | UNKNOWN | — | The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory … | Mar 31, 2026 |
| CVE-2026-34449 | CRITICAL | 9.6 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Execution (RCE) on any desktop running SiYuan … | Mar 31, 2026 |
| CVE-2026-34448 | CRITICAL | 9.0 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field … | Mar 31, 2026 |
| CVE-2026-34443 | UNKNOWN | — | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, checkIpByMask() in app/Misc/Helper.php checks whether the input … | Mar 31, 2026 |
| CVE-2026-34442 | MEDIUM | 5.4 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version (http://localhost:8080/system/status) … | Mar 31, 2026 |
| CVE-2026-34441 | MEDIUM | 4.8 | cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.40.0, cpp-httplib is vulnerable to HTTP Request Smuggling. The server's static file … | Mar 31, 2026 |
| CVE-2026-34406 | UNKNOWN | — | APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. Prior to version 2.0.1, … | Mar 31, 2026 |
| CVE-2026-34405 | MEDIUM | 6.1 | Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older … | Mar 31, 2026 |
| CVE-2026-34404 | UNKNOWN | — | Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older … | Mar 31, 2026 |
| CVE-2026-34401 | MEDIUM | 6.5 | XML Notepad is a Windows program that provides a simple intuitive User Interface for browsing and editing XML documents. Prior to version 2.9.0.21, XML Notepad … | Mar 31, 2026 |
| CVE-2026-34400 | UNKNOWN | — | Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API (q=) was vulnerable to SQL injection via the Postgres query parser, … | Mar 31, 2026 |
| CVE-2026-5213 | HIGH | 8.8 | A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 … | Mar 31, 2026 |