Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0021 |
10 (4.0)
|
Critical RCE Vulnerability reported in Windchill |
windchill |
FlexPLM |
2026-03-23T12:30:40.249187Z | 2026-03-23T12:30:40.249187Z |
| GCVE-1-2026-0020 |
10 (4.0)
|
Remote Code Execution Attack Against Eircom D1000 Router |
Eir |
D1000 |
2026-03-11T14:12:00.000Z | 2026-03-11T14:23:24.609831Z |
| GCVE-1-2026-0008 |
10 (4.0)
|
gpg-agent stack buffer overflow in pkdecrypt using KEM |
gnupg |
gpg-agent |
2026-01-28T13:48:12.350509Z | 2026-01-28T13:48:12.350509Z |
| GCVE-1-2026-0007 |
10 (4.0)
|
GNU InetUtils Security Advisory: remote authentication… |
gnu |
InetUtils |
2026-01-20T20:57:00.000Z | 2026-01-26T16:32:40.831364Z |
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox device… |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0004 |
10 (4.0)
|
XSS in Comments, Bundles, and Sightings component of v… |
CIRCL |
vulnerability-lookup |
2025-09-25T14:10:00.000Z | 2025-11-19T10:16:47.656802Z |
| GCVE-1-2026-20094 |
9.4 (4.0)
|
MISP Core: Broken access control allows instance-wide … |
misp |
misp |
2026-06-22T11:54:10.298853Z | 2026-06-22T11:56:08.008149Z |
| GCVE-1-2026-20087 |
9.4 (4.0)
|
MISP Core: Mass Assignment and Object Re-ownership via… |
misp |
misp |
2026-06-22T11:38:00.000Z | 2026-06-23T05:58:42.768204Z |
| GCVE-1-2026-0031 |
9.4 (4.0)
|
MISP - SQL injection via unvalidated ordering paramete… |
misp |
misp |
2026-04-29T20:14:00.000Z | 2026-05-06T16:00:13.755114Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |
| GCVE-1-2025-0025 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:27:00.000Z | 2025-12-02T08:50:18.897756Z |
| GCVE-1-2025-0024 |
9.4 (4.0)
|
cross-site scripting (XSS) vulnerability in the MISP s… |
misp |
misp |
2025-11-26T16:14:00.000Z | 2025-12-02T08:50:01.482327Z |
| GCVE-1-2025-0023 |
9.4 (4.0)
|
XSS in MISP server comparison tool |
misp |
misp |
2025-11-26T16:10:00.000Z | 2025-12-02T08:49:24.626168Z |
| GCVE-1-2025-0022 |
9.4 (4.0)
|
Clarified setting's impact on download_attachments_on_load |
misp |
misp |
2025-11-26T16:04:00.000Z | 2025-12-02T08:49:04.510294Z |
| GCVE-1-2025-0021 |
9.4 (4.0)
|
XSS in MISP ReST client in HTML view |
misp |
misp |
2025-11-26T15:55:00.000Z | 2025-12-02T08:48:41.869838Z |
| GCVE-1-2025-0020 |
9.4 (4.0)
|
cross-site scripting (XSS) in Galaxy element JSON view |
misp |
misp |
2025-11-26T15:49:00.000Z | 2025-12-02T08:47:41.151429Z |
| GCVE-1-2025-0018 |
9.4 (4.0)
|
HTML injection issue was identified in Lookyloo’s web … |
lookyloo |
lookyloo |
2025-11-18T15:33:00.000Z | 2025-11-18T20:39:45.579295Z |
| GCVE-1-2025-0017 |
9.4 (4.0)
|
Privilege escalation in Cerebrate allows an authentica… |
cerebrate |
cerebrate |
2025-11-12T08:15:00.000Z | 2025-11-28T07:22:08.205835Z |
| GCVE-1-2025-0014 |
9.4 (4.0)
|
XSS in event report via Mermaid diagram |
misp |
misp |
2025-11-04T08:58:00.024516Z | 2025-11-04T08:58:00.024516Z |
| GCVE-1-2025-0013 |
9.4 (4.0)
|
Vulnerability in sharing group blueprints allowing sha… |
misp |
misp |
2025-11-04T08:49:21.558087Z | 2025-11-04T08:49:21.558087Z |
| GCVE-1-2025-0011 |
9.4 (4.0)
|
Arbitrary file inclusion / deletion via import modules… |
misp |
misp |
2025-11-04T07:01:25.464225Z | 2025-11-04T07:01:25.464225Z |
| GCVE-1-2025-0005 |
9.4 (4.0)
|
Reflected XSS due to insecure use of Markup |
CIRCL |
vulnerability-lookup |
2025-10-13T08:23:29.812914Z | 2025-10-13T08:23:29.812914Z |
| GCVE-1-2026-20105 |
9.3 (4.0)
|
MISP remote code execution via arbitrary rdkafka confi… |
misp |
misp |
2026-06-22T12:39:13.015122Z | 2026-06-22T12:39:24.277077Z |
| GCVE-1-2026-20091 |
9.3 (4.0)
|
MISP AAD authentication plugin - Improper OAuth State … |
misp |
misp |
2026-06-22T12:21:00.000Z | 2026-06-22T12:24:50.403439Z |
| GCVE-1-2026-0030 |
9.3 (4.0)
|
MISP - Improper access control in auth key reset allow… |
misp |
misp |
2026-04-29T20:10:00.000Z | 2026-05-06T16:01:17.334511Z |
| GCVE-1-2026-0028 |
9.3 (4.0)
|
LookyLoo - PlaywrightCapture permits access to local f… |
LookyLoo |
PlaywrightCapture |
2026-04-29T19:28:00.000Z | 2026-04-29T19:28:44.316023Z |
| GCVE-1-2026-0026 |
9.3 (4.0)
|
misp-modules website - Missing CSRF protection in the … |
misp |
misp-modules |
2026-04-29T09:24:00.000Z | 2026-05-06T16:04:44.788582Z |
| GCVE-1-2026-0010 |
9.3 (4.0)
|
Improper input validation in the file transfer ha… |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:33:18.822829Z | 2026-01-29T14:33:18.822829Z |