Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-28809 |
|
XXE (XML External Entity) in esaml (CVE-2026-28809)
vulnerability in esaml (CVE-2026-28809). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4606 |
|
Vulnerability in privilege-escalation (CVE-2026-4606)
vulnerability in privilege-escalation (CVE-2026-4606). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33236 |
|
Path Traversal in path-traversal (CVE-2026-33236)
path traversal in path-traversal (CVE-2026-33236). Data can be tampered with by attackers. Exploitable via ``subdir``.
|
| CVE-2026-33231 |
|
Vulnerability in dos (CVE-2026-33231)
vulnerability in dos (CVE-2026-33231). Risk of unauthorized operations or information disclosure. Exploitable via `GET /SHUTDOWN`.
|
| CVE-2026-29796 |
|
Vulnerability in privilege-escalation (CVE-2026-29796)
vulnerability in privilege-escalation (CVE-2026-29796). Confidential information can be exposed externally.
|
| CVE-2026-33210 |
|
Vulnerability in dos (CVE-2026-33210)
vulnerability in dos (CVE-2026-33210). Confidential information can be exposed externally.
|
| CVE-2025-63260 |
|
Cross-Site Scripting (XSS) in syncfusion (CVE-2025-63260)
cross-site scripting in syncfusion (CVE-2025-63260). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22895 |
|
Cross-Site Scripting (XSS) in qnap (CVE-2026-22895)
cross-site scripting in qnap (CVE-2026-22895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0677 |
|
Unsafe Deserialization in deserialization (CVE-2026-0677)
vulnerability in deserialization (CVE-2026-0677). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32874 |
|
Vulnerability in c (CVE-2026-32874)
vulnerability in c (CVE-2026-32874). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32875 |
|
Vulnerability in c (CVE-2026-32875)
vulnerability in c (CVE-2026-32875). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3029 |
|
Path Traversal in path-traversal (CVE-2026-3029)
path traversal in path-traversal (CVE-2026-3029). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-14716 |
|
Authentication Bypass in CVE-2025-14716 (CVE-2025-14716)
authentication bypass in CVE-2025-14716 (CVE-2025-14716). Confidential information can be exposed externally.
|
| CVE-2025-15031 |
|
Path Traversal in lfprojects (CVE-2025-15031)
path traversal in lfprojects (CVE-2025-15031). Confidential information can be exposed externally. Exploitable via ``tarfile.extractall``.
|
| CVE-2026-26740 |
|
Out-of-Bounds Write in dos (CVE-2026-26740)
out-of-bounds write in dos (CVE-2026-26740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23268 |
|
Vulnerability in Kernel (CVE-2026-23268)
vulnerability in Kernel (CVE-2026-23268). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.18, 6.19.8` or later.
|
| CVE-2026-30695 |
|
Cross-Site Scripting (XSS) in CVE-2026-30695 (CVE-2026-30695)
cross-site scripting in CVE-2026-30695 (CVE-2026-30695). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24063 |
|
Vulnerability in privilege-escalation (CVE-2026-24063)
vulnerability in privilege-escalation (CVE-2026-24063). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24062 |
|
Vulnerability in privilege-escalation (CVE-2026-24062)
vulnerability in privilege-escalation (CVE-2026-24062). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71267 |
|
Vulnerability in dos (CVE-2025-71267)
vulnerability in dos (CVE-2025-71267). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71265 |
|
Vulnerability in dos (CVE-2025-71265)
vulnerability in dos (CVE-2025-71265). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71266 |
|
Vulnerability in dos (CVE-2025-71266)
vulnerability in dos (CVE-2025-71266). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2575 |
|
Vulnerability in dos (CVE-2026-2575)
vulnerability in dos (CVE-2026-2575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32841 |
|
Vulnerability in edimax (CVE-2026-32841)
vulnerability in edimax (CVE-2026-32841). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32981 |
|
Path Traversal in ray (CVE-2026-32981)
path traversal in ray (CVE-2026-32981). Confidential information can be exposed externally. Mitigation: upgrade to `2.8.1` or later.
|
| CVE-2026-4324 |
|
SQL Injection in katello (CVE-2026-4324)
SQL injection in katello (CVE-2026-4324). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.19.1` or later.
|
| CVE-2026-3888 |
|
Vulnerability in privilege-escalation (CVE-2026-3888)
vulnerability in privilege-escalation (CVE-2026-3888). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4271 |
|
Use-After-Free in dos (CVE-2026-4271)
vulnerability in dos (CVE-2026-4271). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0708 |
|
Out-of-Bounds Read in dos (CVE-2026-0708)
vulnerability in dos (CVE-2026-0708). Confidential information can be exposed externally. Exploitable via ``ucl_object_emit``.
|
| CVE-2025-50881 |
|
Code Injection in CVE-2025-50881 (CVE-2025-50881)
code injection in CVE-2025-50881 (CVE-2025-50881). Successful exploitation can lead to full system takeover. Exploitable via ``action``.
|
| CVE-2026-32759 |
|
Vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-32759)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-32759). Data can be tampered with by attackers. Exploitable via ``enableExec``. Mitigation: upgrade to `2.33.8` or later.
|
| CVE-2026-27962 |
|
Vulnerability in deserialization (CVE-2026-27962)
vulnerability in deserialization (CVE-2026-27962). Confidential information can be exposed externally.
|
| CVE-2026-23862 |
|
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local...
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
|
| CVE-2025-62319 |
|
SQL Injection in sqli (CVE-2025-62319)
SQL injection in sqli (CVE-2025-62319). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3084 |
|
Vulnerability in gstreamer (CVE-2026-3084)
vulnerability in gstreamer (CVE-2026-3084). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3086 |
|
Out-of-Bounds Write in gstreamer (CVE-2026-3086)
out-of-bounds write in gstreamer (CVE-2026-3086). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3081 |
|
Vulnerability in gstreamer (CVE-2026-3081)
vulnerability in gstreamer (CVE-2026-3081). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3442 |
|
Out-of-Bounds Read in dos (CVE-2026-3442)
vulnerability in dos (CVE-2026-3442). Confidential information can be exposed externally.
|
| CVE-2026-3441 |
|
Out-of-Bounds Read in dos (CVE-2026-3441)
vulnerability in dos (CVE-2026-3441). Confidential information can be exposed externally.
|
| CVE-2025-2274 |
|
Cross-Site Scripting (XSS) in forcepoint (CVE-2025-2274)
cross-site scripting in forcepoint (CVE-2025-2274). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3082 |
|
Vulnerability in gstreamer (CVE-2026-3082)
vulnerability in gstreamer (CVE-2026-3082). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3085 |
|
Vulnerability in gstreamer (CVE-2026-3085)
vulnerability in gstreamer (CVE-2026-3085). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3083 |
|
Vulnerability in gstreamer (CVE-2026-3083)
vulnerability in gstreamer (CVE-2026-3083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2923 |
|
Out-of-Bounds Write in gstreamer (CVE-2026-2923)
out-of-bounds write in gstreamer (CVE-2026-2923). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2921 |
|
Vulnerability in gstreamer (CVE-2026-2921)
vulnerability in gstreamer (CVE-2026-2921). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2922 |
|
Out-of-Bounds Write in gstreamer (CVE-2026-2922)
out-of-bounds write in gstreamer (CVE-2026-2922). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2920 |
|
Vulnerability in gstreamer (CVE-2026-2920)
vulnerability in gstreamer (CVE-2026-2920). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20032 |
|
Cross-Site Scripting (XSS) in CVE-2016-20032 (CVE-2016-20032)
cross-site scripting in CVE-2016-20032 (CVE-2016-20032). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20027 |
|
Cross-Site Scripting (XSS) in CVE-2016-20027 (CVE-2016-20027)
cross-site scripting in CVE-2016-20027 (CVE-2016-20027). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20025 |
|
Vulnerability in privilege-escalation (CVE-2016-20025)
vulnerability in privilege-escalation (CVE-2016-20025). Successful exploitation can lead to full system takeover.
|