Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Category: os Clear
ID Title
CVE-2026-53853 OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
CVE-2026-50656 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
CVE-2025-46315 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
CVE-2025-31272 The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
CVE-2025-24284 This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
CVE-2026-45207 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34930 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34929 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34928 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-27648 in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
CVE-2026-25781 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.
CVE-2026-24792 in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
CVE-2026-41702 VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
CVE-2026-44497 Vulnerability in zfnd (CVE-2026-44497)
vulnerability in zfnd (CVE-2026-44497). Data can be tampered with by attackers. Exploitable via ``zcashd``. Mitigation: upgrade to `4.4.0` or later.
CVE-2024-51092 OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
CVE-2026-43944 Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
CVE-2026-6973 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-43208 Vulnerability in linux (CVE-2026-43208)
vulnerability in linux (CVE-2026-43208). Successful exploitation can lead to full system takeover.
CVE-2026-43205 In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: validate...
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: validate...
CVE-2026-43196 In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double...
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double...
CVE-2026-43198 Vulnerability in linux (CVE-2026-43198)
vulnerability in linux (CVE-2026-43198). Successful exploitation can lead to full system takeover.
CVE-2026-43197 Vulnerability in linux (CVE-2026-43197)
vulnerability in linux (CVE-2026-43197). Confidential information can be exposed externally.
CVE-2026-43186 Vulnerability in c (CVE-2026-43186)
vulnerability in c (CVE-2026-43186). Successful exploitation can lead to full system takeover.
CVE-2026-43185 Vulnerability in linux (CVE-2026-43185)
vulnerability in linux (CVE-2026-43185). Successful exploitation can lead to full system takeover.
CVE-2026-43125 Out-of-Bounds Write in linux (CVE-2026-43125)
out-of-bounds write in linux (CVE-2026-43125). Successful exploitation can lead to full system takeover.
CVE-2026-43117 Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
CVE-2026-43114 Vulnerability in c (CVE-2026-43114)
vulnerability in c (CVE-2026-43114). Confidential information can be exposed externally.
CVE-2026-43083 Vulnerability in linux (CVE-2026-43083)
vulnerability in linux (CVE-2026-43083). Confidential information can be exposed externally.
CVE-2026-0300 KEV [KEV] Out-of-Bounds Write in Palo alto networks palo-alto-networks (CVE-2026-0300)
out-of-bounds write in Palo alto networks palo-alto-networks (CVE-2026-0300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-43071 Vulnerability in c (CVE-2026-43071)
vulnerability in c (CVE-2026-43071). Confidential information can be exposed externally.
CVE-2026-43067 Vulnerability in linux (CVE-2026-43067)
vulnerability in linux (CVE-2026-43067). Successful exploitation can lead to full system takeover.
CVE-2026-43039 Vulnerability in linux (CVE-2026-43039)
vulnerability in linux (CVE-2026-43039). Successful exploitation can lead to full system takeover.
CVE-2026-43038 Vulnerability in linux (CVE-2026-43038)
vulnerability in linux (CVE-2026-43038). Successful exploitation can lead to full system takeover.
CVE-2026-31780 In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8...
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8...
CVE-2026-31782 In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad...
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad...
CVE-2026-31773 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smp_random() currently lab...
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smp_random() currently labels the stored STK as authenticated whenever pending_sec_level is BT_SECURITY_HIGH. That reflects wh...
CVE-2026-31772 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix...
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix...
CVE-2026-31431 KEV [KEV] Vulnerability in Linux redhat (CVE-2026-31431)
vulnerability in Linux redhat (CVE-2026-31431). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-6849 Improper neutralization of special elements used in an OS command ('OS command injection')...
Improper neutralization of special elements used in an OS command ('OS command injection')...
CVE-2026-5161 Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM...
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM...
CVE-2026-5141 Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
CVE-2026-5140 Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM...
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM...
CVE-2026-32202 KEV [KEV] Vulnerability in Microsoft windows (CVE-2026-32202)
vulnerability in Microsoft windows (CVE-2026-32202). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-29635 KEV [KEV] Command Injection in D-link dir-823x (CVE-2025-29635)
command injection in D-link dir-823x (CVE-2025-29635). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-39987 KEV [KEV] Vulnerability in Marimo remote-attack (CVE-2026-39987)
vulnerability in Marimo remote-attack (CVE-2026-39987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-33825 KEV [KEV] Vulnerability in Microsoft defender (CVE-2026-33825)
vulnerability in Microsoft defender (CVE-2026-33825). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-34197 KEV [KEV] Vulnerability in Apache activemq (CVE-2026-34197)
vulnerability in Apache activemq (CVE-2026-34197). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-60710 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-60710)
vulnerability in Microsoft windows (CVE-2025-60710). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36424 KEV [KEV] Out-of-Bounds Read in Microsoft windows (CVE-2023-36424)
vulnerability in Microsoft windows (CVE-2023-36424). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-23862 Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local...
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →