Vulnerabilities database (CVE, CAPEC, CWE, Exploit-db)

7.5 CVE-2026-25833
Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6()...

2026-04-01T20:16:23.720

7.7 CVE-2026-25835
Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator...

2026-04-01T21:16:58.680

6.7 CVE-2026-34871
An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0....

2026-04-01T21:17:01.807

7.5 CVE-2026-34874
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference...

2026-04-01T20:16:27.673

6.5 CVE-2026-35000
ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser...

2026-04-01T19:16:33.750

5.1 CVE-2025-66442
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption)...

2026-04-01T20:16:22.107

CVE-2026-34455
Hi.Events is an open-source event management and ticket selling platform. From version 0.8.0-beta.1...

2026-04-02T17:16:23.753

9.1 CVE-2026-34456
Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite,...

2026-04-01T20:16:26.120

7.7 CVE-2026-34746
Payload is a free and open source headless content management system. Prior to version 3.79.1, an authenticated...

2026-04-01T20:16:26.727

8.5 CVE-2026-34747
Payload is a free and open source headless content management system. Prior to version 3.79.1, certain...

2026-04-01T20:16:26.887

8.7 CVE-2026-34748
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/next,...

2026-04-01T20:16:27.040

5.4 CVE-2026-34749
Payload is a free and open source headless content management system. Prior to version 3.79.1, a Cross-Site...

2026-04-01T20:16:27.187

6.5 CVE-2026-34750
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure,...

2026-04-01T20:16:27.337

9.1 CVE-2026-34872
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a...

2026-04-01T20:16:27.493

5.3 CVE-2026-5311
A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW,...

2026-04-01T20:16:29.950

5.9 CVE-2025-13916
IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than expected cryptographic algorithms that could...

2026-04-01T21:16:56.803

4.1 CVE-2025-36373
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through...

2026-04-01T21:16:57.897

7.3 CVE-2026-1345
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0...

2026-04-01T21:16:58.110

5.3 CVE-2026-1491
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0...

2026-04-01T21:16:58.317

CVE-2026-22815
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4,...

2026-04-01T21:16:58.513

3.1 CVE-2026-2475
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0...

2026-04-01T21:16:58.860