Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2016-20024 Vulnerability in csharp (CVE-2016-20024)
vulnerability in csharp (CVE-2016-20024). Successful exploitation can lead to full system takeover.
CVE-2026-3999 Vulnerability in privilege-escalation (CVE-2026-3999)
vulnerability in privilege-escalation (CVE-2026-3999). Successful exploitation can lead to full system takeover.
CVE-2026-23942 Path Traversal in path-traversal (CVE-2026-23942)
path traversal in path-traversal (CVE-2026-23942). Risk of unauthorized operations or information disclosure.
CVE-2026-23943 Vulnerability in dos (CVE-2026-23943)
vulnerability in dos (CVE-2026-23943). Risk of unauthorized operations or information disclosure.
CVE-2025-8766 Vulnerability in privilege-escalation (CVE-2025-8766)
vulnerability in privilege-escalation (CVE-2025-8766). Successful exploitation can lead to full system takeover.
CVE-2025-57849 Vulnerability in privilege-escalation (CVE-2025-57849)
vulnerability in privilege-escalation (CVE-2025-57849). Successful exploitation can lead to full system takeover.
CVE-2025-13702 Cross-Site Scripting (XSS) in ibm (CVE-2025-13702)
cross-site scripting in ibm (CVE-2025-13702). Risk of unauthorized operations or information disclosure.
CVE-2025-61154 Vulnerability in c (CVE-2025-61154)
vulnerability in c (CVE-2025-61154). Risk of unauthorized operations or information disclosure.
CVE-2026-28356 Vulnerability in dos (CVE-2026-28356)
vulnerability in dos (CVE-2026-28356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.2` or later.
CVE-2026-21708 SQL Injection in veeam (CVE-2026-21708)
SQL injection in veeam (CVE-2026-21708). Confidential information can be exposed externally.
CVE-2026-21672 Vulnerability in privilege-escalation (CVE-2026-21672)
vulnerability in privilege-escalation (CVE-2026-21672). Successful exploitation can lead to full system takeover.
CVE-2026-21669 Code Injection in veeam (CVE-2026-21669)
code injection in veeam (CVE-2026-21669). Successful exploitation can lead to full system takeover.
CVE-2026-21671 Code Injection in veeam (CVE-2026-21671)
code injection in veeam (CVE-2026-21671). Successful exploitation can lead to full system takeover.
CVE-2026-20117 Cross-Site Scripting (XSS) in express (CVE-2026-20117)
cross-site scripting in express (CVE-2026-20117). Risk of unauthorized operations or information disclosure.
CVE-2026-28807 Path Traversal in wisp (CVE-2026-28807)
path traversal in wisp (CVE-2026-28807). Confidential information can be exposed externally. Exploitable via ``wisp.serve_static``. Mitigation: upgrade to `2.2.1` or later.
CVE-2026-30951 SQL Injection in sqli (CVE-2026-30951)
SQL injection in sqli (CVE-2026-30951). Confidential information can be exposed externally. Mitigation: upgrade to `6.37.8` or later.
CVE-2026-31812 Vulnerability in dos (CVE-2026-31812)
vulnerability in dos (CVE-2026-31812). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.11.14` or later.
CVE-2026-28292 OS Command Injection in simple-git-project (CVE-2026-28292)
OS command injection in simple-git-project (CVE-2026-28292). Successful exploitation can lead to full system takeover.
CVE-2025-11739 Unsafe Deserialization in deserialization (CVE-2025-11739)
vulnerability in deserialization (CVE-2025-11739). Successful exploitation can lead to full system takeover.
CVE-2026-1286 Unsafe Deserialization in deserialization (CVE-2026-1286)
vulnerability in deserialization (CVE-2026-1286). Successful exploitation can lead to full system takeover.
CVE-2025-56421 SQL Injection in sqli (CVE-2025-56421)
SQL injection in sqli (CVE-2025-56421). Confidential information can be exposed externally.
CVE-2025-56422 Unsafe Deserialization in deserialization (CVE-2025-56422)
vulnerability in deserialization (CVE-2025-56422). Successful exploitation can lead to full system takeover.
CVE-2025-13901 Vulnerability in dos (CVE-2025-13901)
vulnerability in dos (CVE-2025-13901). Risk of unauthorized operations or information disclosure.
CVE-2025-13902 Cross-Site Scripting (XSS) in schneider-electric (CVE-2025-13902)
cross-site scripting in schneider-electric (CVE-2025-13902). Risk of unauthorized operations or information disclosure.
CVE-2026-29773 Authorization Flaw in privilege-escalation (CVE-2026-29773)
vulnerability in privilege-escalation (CVE-2026-29773). Risk of unauthorized operations or information disclosure.
CVE-2026-24316 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-24316)
SSRF in ssrf (CVE-2026-24316). Risk of unauthorized operations or information disclosure.
CVE-2026-25960 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-25960)
SSRF in ssrf (CVE-2026-25960). Confidential information can be exposed externally.
CVE-2026-29771 Vulnerability in dos (CVE-2026-29771)
vulnerability in dos (CVE-2026-29771). Risk of unauthorized operations or information disclosure.
CVE-2026-2219 Vulnerability in dos (CVE-2026-2219)
vulnerability in dos (CVE-2026-2219). Risk of unauthorized operations or information disclosure.
CVE-2025-69654 Vulnerability in dos (CVE-2025-69654)
vulnerability in dos (CVE-2025-69654). Risk of unauthorized operations or information disclosure. Exploitable via ``qjs``.
CVE-2026-29091 Vulnerability in locutus (CVE-2026-29091)
vulnerability in locutus (CVE-2026-29091). Successful exploitation can lead to full system takeover.
CVE-2026-26018 Vulnerability in dos (CVE-2026-26018)
vulnerability in dos (CVE-2026-26018). Risk of unauthorized operations or information disclosure.
CVE-2026-2753 Vulnerability in path-traversal (CVE-2026-2753)
vulnerability in path-traversal (CVE-2026-2753). Confidential information can be exposed externally.
CVE-2026-29062 Vulnerability in dos (CVE-2026-29062)
vulnerability in dos (CVE-2026-29062). Risk of unauthorized operations or information disclosure.
CVE-2025-69534 Vulnerability in markdown (CVE-2025-69534)
vulnerability in markdown (CVE-2025-69534). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.8.1` or later.
CVE-2026-2743 Path Traversal in path-traversal (CVE-2026-2743)
path traversal in path-traversal (CVE-2026-2743). Successful exploitation can lead to full system takeover.
CVE-2026-0847 Path Traversal in nltk (CVE-2026-0847)
path traversal in nltk (CVE-2026-0847). Confidential information can be exposed externally. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-20025 Vulnerability in dos (CVE-2026-20025)
vulnerability in dos (CVE-2026-20025). Risk of unauthorized operations or information disclosure.
CVE-2026-20069 Vulnerability in cisco (CVE-2026-20069)
vulnerability in cisco (CVE-2026-20069). Risk of unauthorized operations or information disclosure.
CVE-2026-3520 Vulnerability in dos (CVE-2026-3520)
vulnerability in dos (CVE-2026-3520). Risk of unauthorized operations or information disclosure.
CVE-2026-25673 Vulnerability in django (CVE-2026-25673)
vulnerability in django (CVE-2026-25673). Risk of unauthorized operations or information disclosure.
CVE-2026-2584 SQL Injection in sqli (CVE-2026-2584)
SQL injection in sqli (CVE-2026-2584). Risk of unauthorized operations or information disclosure.
CVE-2026-3304 Vulnerability in dos (CVE-2026-3304)
vulnerability in dos (CVE-2026-3304). Risk of unauthorized operations or information disclosure.
CVE-2026-2359 Vulnerability in dos (CVE-2026-2359)
vulnerability in dos (CVE-2026-2359). Risk of unauthorized operations or information disclosure.
CVE-2025-10990 Vulnerability in dos (CVE-2025-10990)
vulnerability in dos (CVE-2025-10990). Risk of unauthorized operations or information disclosure.
CVE-2025-11252 SQL Injection in sqli (CVE-2025-11252)
SQL injection in sqli (CVE-2025-11252). Successful exploitation can lead to full system takeover.
CVE-2025-11950 Cross-Site Scripting (XSS) in eduasist (CVE-2025-11950)
cross-site scripting in eduasist (CVE-2025-11950). Risk of unauthorized operations or information disclosure.
CVE-2026-24351 Cross-Site Scripting (XSS) in pluxml (CVE-2026-24351)
cross-site scripting in pluxml (CVE-2026-24351). Risk of unauthorized operations or information disclosure.
CVE-2026-24350 Cross-Site Scripting (XSS) in pluxml (CVE-2026-24350)
cross-site scripting in pluxml (CVE-2026-24350). Risk of unauthorized operations or information disclosure.
CVE-2025-11251 SQL Injection in sqli (CVE-2025-11251)
SQL injection in sqli (CVE-2025-11251). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →