Why vulnerability monitoring is critical for your business
In 2025, 48,185 new vulnerabilities (CVEs) were published — a 20% increase compared to 2024. In 2026, the trend is accelerating further. Every day, more than 130 flaws are made public, some of which affect the software your business uses daily.
According to the Verizon Data Breach Investigations Report, 60% of data breaches exploit vulnerabilities for which a patch already existed at the time of the attack. The problem is not the absence of patches — it is the absence of monitoring. No IT team can manually track 130 CVEs per day.
Avec CVE Find, explorez la plus grande base de données de vulnérabilités au monde.
Le CVE (Common Vulnerabilities and Exposures) est une liste de failles de sécurité informatique divulguées publiquement. Le programme CVE a pour objectif de faciliter le partage des données entre les différentes capacités de détection des vulnérabilités, qu'il s'agisse d'outils, de bases de données ou de services. Il fournit également une norme pour évaluer la couverture de ces outils et services.
Accédez à CVE Find
What CVE Find does for you
How can I be alerted in real time?
CVE Find notifies you by email and SMS as soon as a vulnerability affects your products. Configurable frequency: from instant alerts to monthly summaries.
Are my software products vulnerable?
Configure your products (CMS, servers, libraries) via the CPE catalogue. CVE Find continuously monitors the MITRE database and alerts you automatically. 338,000+ CVEs indexed.
How do I prioritise patches?
CVSS scoring (severity) and EPSS (probability of real-world exploitation) show you what to fix first. No more false positives.
Which vulnerabilities are being actively exploited?
The integrated CISA KEV catalogue identifies vulnerabilities already exploited in the wild. These are the flaws to fix with absolute top priority.
Is the platform available in English?
Yes. CVE Find is available in French, English and German. Developed in Switzerland by Bexxo, it is the only comprehensive French-language CVE platform.
Is the data reliable and up to date?
Real-time synchronisation with MITRE, NVD, CISA and FIRST.org. More than 48,000 CVEs added in 2025, and the database is enriched every hour.
Stay ahead with the latest critical security vulnerabilities.
CVE-2026-40281 - CRITICAL
06/05/2026
Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but leaves metadata values unsanitized. A newline character in a metadata value splits the ExifTool stdin line into two separate arguments, allowing injection of arbitrary ExifTool pseudo-tags such as -FileName, -Directory, -SymLink, ...
OWSAP: A03
CVE-2026-44116 - HIGH
06/05/2026
OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through the SSRF guard. Attackers can bypass SSRF protection by providing malicious photo URLs to the Zalo Bot API, enabling unauthorized access to internal resources.
ssrfOWSAP: A10
CVE-2026-44115 - HIGH
06/05/2026
OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime.
OWSAP: A03
CVE-2026-44110 - HIGH
06/05/2026
OpenClaw before 2026.4.15 contains an authorization bypass vulnerability in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs can execute room control commands without being in configured allowlists by posting in bot rooms, potentially enabling privileged OpenClaw behavior.
authorisationproblemOWSAP: A01
CVE-2026-44109 - CRITICAL
06/05/2026
OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptKey configuration and blank callback tokens fail open instead of rejecting requests, enabling attackers to bypass signature verification and replay protection to execute arbitrary commands.
CVE-2026-43584 - HIGH
06/05/2026
OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup variables including VIMINIT, EXINIT, LUA_INIT, and HOSTALIASES. Attackers can exploit this by manipulating these environment variables to influence downstream execution behavior or network connectivity...
OWSAP: A03
CVE-2026-43581 - CRITICAL
06/05/2026
OpenClaw before 2026.4.10 contains an improper network binding vulnerability in the sandbox browser CDP relay that exposes Chrome DevTools Protocol on 0.0.0.0. Attackers can access the DevTools protocol outside intended local sandbox boundaries by exploiting the overly broad binding configuration.
CVE-2026-43578 - CRITICAL
06/05/2026
OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged context than intended.
OWSAP: A03
CVE-2026-43575 - CRITICAL
06/05/2026
OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can access the noVNC helper route without bridge authentication to gain unauthorized access to the interactive browser session.
authorisationproblemOWSAP: A01
CVE-2026-41938 - HIGH
06/05/2026
Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restrictions by uploading a .htaccess file to map .phtml extensions to the PHP handler. Attackers can upload a .phtml file containing arbitrary PHP code and trigger execution by sending an unauthenticated HTTP ...
fileinclusionOWSAP: A04
CVE-2026-41934 - HIGH
06/05/2026
Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code by exploiting insufficient file extension restrictions. Attackers with editor, author, contributor, or site_admin roles can write a malicious .htaccess file to map arbitrary extensions to the PHP handler, then up...
OWSAP: A03
CVE-2026-41930 - CRITICAL
06/05/2026
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to gain unrestricted read and write access to the entire Vvveb database, including administrator password h...
authorisationproblemOWSAP: A07
CVE-2024-30151 - HIGH
06/05/2026
HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to privilege escalation. This could allow unauthorized users to gain elevated privileges, bypassing intended access restrictions. This may result in exposure of sensitive data or unauthorized system modifications
OWSAP: A09
CVE-2026-7875 - HIGH
06/05/2026
NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messages_out.id and content.files values or creating symlinked outbox files. Attackers can exploit this vulnerability to trigger host-side reads of arbi...
directorytraversalOWSAP: A01
CVE-2026-42503 - HIGH
06/05/2026
gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host (e.g. :8080), or -port is used, gopls will listen on 0.0.0.0. As a result, users might inadvertently cause gopls to bind 0.0.0.0. This can allow a malicious party on the same network to execute code arbitrarily via gopls.
CVE-2026-20034 - HIGH
06/05/2026
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute arbitr...
OWSAP: A01
CVE-2026-5081 - CRITICAL
06/05/2026
Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_ID environment variable for the session id. The UNIQUE_ID variable is set by the Apache mod_unique_id plugin, which generates unique ids for the request. The id is based on the IPv4 address, the proces...
OWSAP: A02
CVE-2025-31951 - HIGH
06/05/2026
HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling vulnerability. A flaw in a component's input handling was identified that could permit unauthorized command execution.
commandinjectionOWSAP: A03OWSAP: A04
CVE-2026-40010 - CRITICAL
06/05/2026
Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version 10.9.0, which fixes the issue.
OWSAP: A07
CVE-2026-7841 - HIGH
06/05/2026
A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the frontend restrictions.
codeinjectionOWSAP: A03
