Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-53429 Vulnerability in dos (CVE-2026-53429)
vulnerability in dos (CVE-2026-53429). Risk of unauthorized operations or information disclosure.
CVE-2026-54888 Vulnerability in c (CVE-2026-54888)
vulnerability in c (CVE-2026-54888). Risk of unauthorized operations or information disclosure.
CVE-2026-56017 Out-of-Bounds Read in dos (CVE-2026-56017)
vulnerability in dos (CVE-2026-56017). Risk of unauthorized operations or information disclosure.
CVE-2026-56018 Vulnerability in dos (CVE-2026-56018)
vulnerability in dos (CVE-2026-56018). Risk of unauthorized operations or information disclosure.
CVE-2026-53428 Vulnerability in dos (CVE-2026-53428)
vulnerability in dos (CVE-2026-53428). Risk of unauthorized operations or information disclosure.
CVE-2026-53427 Cross-Site Scripting (XSS) in CVE-2026-53427 (CVE-2026-53427)
cross-site scripting in CVE-2026-53427 (CVE-2026-53427). Risk of unauthorized operations or information disclosure.
CVE-2026-57955 SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers...
SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers...
CVE-2026-57947 Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook...
Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook...
CVE-2026-57950 ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
CVE-2026-57948 Vulnerability in CVE-2026-57948 (CVE-2026-57948)
vulnerability in CVE-2026-57948 (CVE-2026-57948). Confidential information can be exposed externally.
CVE-2026-57958 Cross-Site Scripting (XSS) in laravel (CVE-2026-57958)
cross-site scripting in laravel (CVE-2026-57958). Risk of unauthorized operations or information disclosure.
CVE-2026-36848 Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
CVE-2026-11720 Path Traversal in path-traversal (CVE-2026-11720)
path traversal in path-traversal (CVE-2026-11720). Confidential information can be exposed externally.
CVE-2026-56285 Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
CVE-2026-56782 Vulnerability in CVE-2026-56782 (CVE-2026-56782)
vulnerability in CVE-2026-56782 (CVE-2026-56782). Successful exploitation can lead to full system takeover.
CVE-2026-56780 Modoboa before 2.9.0 contains an insecure direct object reference vulnerability in the PUT /api...
Modoboa before 2.9.0 contains an insecure direct object reference vulnerability in the PUT /api...
CVE-2026-12912 Vulnerability in dos (CVE-2026-12912)
vulnerability in dos (CVE-2026-12912). Successful exploitation can lead to full system takeover.
CVE-2026-57320 Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.
Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.
CVE-2026-57326 Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
CVE-2026-57328 Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
CVE-2026-57333 Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
CVE-2026-57337 Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
CVE-2026-57336 Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
CVE-2026-57329 Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.
Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.
CVE-2026-57330 Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.
Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.
CVE-2026-56290 KEV [KEV] Unrestricted File Upload in Joomlack page-builder-ck (CVE-2026-56290)
vulnerability in Joomlack page-builder-ck (CVE-2026-56290). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-57338 Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
CVE-2026-13572 Vulnerability in sqli (CVE-2026-13572)
vulnerability in sqli (CVE-2026-13572). Risk of unauthorized operations or information disclosure.
CVE-2026-13578 Vulnerability in sqli (CVE-2026-13578)
vulnerability in sqli (CVE-2026-13578). Risk of unauthorized operations or information disclosure.
CVE-2026-13579 Vulnerability in sqli (CVE-2026-13579)
vulnerability in sqli (CVE-2026-13579). Risk of unauthorized operations or information disclosure.
CVE-2026-54371 Vulnerability in privilege-escalation (CVE-2026-54371)
vulnerability in privilege-escalation (CVE-2026-54371). Confidential information can be exposed externally.
CVE-2026-54370 Vulnerability in privilege-escalation (CVE-2026-54370)
vulnerability in privilege-escalation (CVE-2026-54370). Confidential information can be exposed externally.
CVE-2026-54369 Vulnerability in privilege-escalation (CVE-2026-54369)
vulnerability in privilege-escalation (CVE-2026-54369). Confidential information can be exposed externally.
CVE-2026-40523 SQL Injection in sqli (CVE-2026-40523)
SQL injection in sqli (CVE-2026-40523). Confidential information can be exposed externally.
CVE-2026-40524 SQL Injection in sqli (CVE-2026-40524)
SQL injection in sqli (CVE-2026-40524). Confidential information can be exposed externally.
CVE-2026-40522 SQL Injection in sqli (CVE-2026-40522)
SQL injection in sqli (CVE-2026-40522). Confidential information can be exposed externally.
CVE-2026-40521 Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
CVE-2026-13569 Vulnerability in sqli (CVE-2026-13569)
vulnerability in sqli (CVE-2026-13569). Risk of unauthorized operations or information disclosure.
CVE-2026-13567 Cross-Site Scripting (XSS) in CVE-2026-13567 (CVE-2026-13567)
cross-site scripting in CVE-2026-13567 (CVE-2026-13567). Risk of unauthorized operations or information disclosure.
CVE-2026-13570 Cross-Site Scripting (XSS) in CVE-2026-13570 (CVE-2026-13570)
cross-site scripting in CVE-2026-13570 (CVE-2026-13570). Risk of unauthorized operations or information disclosure.
CVE-2026-13565 Vulnerability in sqli (CVE-2026-13565)
vulnerability in sqli (CVE-2026-13565). Risk of unauthorized operations or information disclosure.
CVE-2026-13566 Vulnerability in sqli (CVE-2026-13566)
vulnerability in sqli (CVE-2026-13566). Risk of unauthorized operations or information disclosure.
CVE-2026-13165 Unrestricted File Upload in CVE-2026-13165 (CVE-2026-13165)
vulnerability in CVE-2026-13165 (CVE-2026-13165). Risk of unauthorized operations or information disclosure.
CVE-2026-13559 Vulnerability in sqli (CVE-2026-13559)
vulnerability in sqli (CVE-2026-13559). Risk of unauthorized operations or information disclosure.
CVE-2026-13558 Cross-Site Scripting (XSS) in CVE-2026-13558 (CVE-2026-13558)
cross-site scripting in CVE-2026-13558 (CVE-2026-13558). Risk of unauthorized operations or information disclosure.
CVE-2026-57346 Path Traversal in path-traversal (CVE-2026-57346)
path traversal in path-traversal (CVE-2026-57346). Risk of unauthorized operations or information disclosure.
CVE-2026-25707 Vulnerability in path-traversal (CVE-2026-25707)
vulnerability in path-traversal (CVE-2026-25707). Successful exploitation can lead to full system takeover.
CVE-2026-13557 Cross-Site Scripting (XSS) in CVE-2026-13557 (CVE-2026-13557)
cross-site scripting in CVE-2026-13557 (CVE-2026-13557). Risk of unauthorized operations or information disclosure.
CVE-2026-13555 Vulnerability in sqli (CVE-2026-13555)
vulnerability in sqli (CVE-2026-13555). Risk of unauthorized operations or information disclosure.
CVE-2026-13554 Cross-Site Scripting (XSS) in CVE-2026-13554 (CVE-2026-13554)
cross-site scripting in CVE-2026-13554 (CVE-2026-13554). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →