Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-39955 |
|
SQL Injection in sqli (CVE-2026-39955)
SQL injection in sqli (CVE-2026-39955). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39900 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2026-39900)
cross-site scripting in cacti (CVE-2026-39900). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55454 |
|
Vulnerability in ssrf (CVE-2026-55454)
vulnerability in ssrf (CVE-2026-55454). Successful exploitation can lead to full system takeover. Exploitable via `POST /load`. Mitigation: upgrade to `2.1` or later.
|
| CVE-2026-55570 |
|
Cross-Site Scripting (XSS) in CVE-2026-55570 (CVE-2026-55570)
cross-site scripting in CVE-2026-55570 (CVE-2026-55570). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54066 |
|
Path Traversal in path-traversal (CVE-2026-54066)
path traversal in path-traversal (CVE-2026-54066). Confidential information can be exposed externally. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54069 |
|
Vulnerability in CVE-2026-54069 (CVE-2026-54069)
vulnerability in CVE-2026-54069 (CVE-2026-54069). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54067 |
|
Cross-Site Scripting (XSS) in CVE-2026-54067 (CVE-2026-54067)
cross-site scripting in CVE-2026-54067 (CVE-2026-54067). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-54158 |
|
Cross-Site Scripting (XSS) in CVE-2026-54158 (CVE-2026-54158)
cross-site scripting in CVE-2026-54158 (CVE-2026-54158). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-50551 |
|
Cross-Site Scripting (XSS) in CVE-2026-50551 (CVE-2026-50551)
cross-site scripting in CVE-2026-50551 (CVE-2026-50551). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-52794 |
|
Vulnerability in dos (CVE-2026-52794)
vulnerability in dos (CVE-2026-52794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.5.2` or later.
|
| CVE-2026-10642 |
|
Vulnerability in c (CVE-2026-10642)
vulnerability in c (CVE-2026-10642). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39893 |
|
SQL Injection in sqli (CVE-2026-39893)
SQL injection in sqli (CVE-2026-39893). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39897 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2026-39897)
cross-site scripting in cacti (CVE-2026-39897). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12760 |
|
Vulnerability in dos (CVE-2026-12760)
vulnerability in dos (CVE-2026-12760). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60471 |
|
Use-After-Free in c (CVE-2025-60471)
vulnerability in c (CVE-2025-60471). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50129 |
|
Vulnerability in dos (CVE-2026-50129)
vulnerability in dos (CVE-2026-50129). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.5.11` or later.
|
| CVE-2026-33235 |
|
Vulnerability in dos (CVE-2026-33235)
vulnerability in dos (CVE-2026-33235). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53948 |
|
Unrestricted File Upload in CVE-2026-53948 (CVE-2026-53948)
vulnerability in CVE-2026-53948 (CVE-2026-53948). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.21.1` or later.
|
| CVE-2026-49220 |
|
Cross-Site Scripting (XSS) in CVE-2026-49220 (CVE-2026-49220)
cross-site scripting in CVE-2026-49220 (CVE-2026-49220). Confidential information can be exposed externally. Mitigation: upgrade to `10.11.9` or later.
|
| CVE-2026-52946 |
|
Vulnerability in dos (CVE-2026-52946)
vulnerability in dos (CVE-2026-52946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52948 |
|
Vulnerability in dos (CVE-2026-52948)
vulnerability in dos (CVE-2026-52948). Risk of unauthorized operations or information disclosure. Exploitable via ``schedule_timeout``.
|
| CVE-2026-49851 |
|
Vulnerability in dos (CVE-2026-49851)
vulnerability in dos (CVE-2026-49851). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.0` or later.
|
| CVE-2026-56121 |
|
Unsafe Deserialization in deserialization (CVE-2026-56121)
vulnerability in deserialization (CVE-2026-56121). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56111 |
|
Vulnerability in c (CVE-2026-56111)
vulnerability in c (CVE-2026-56111). Data can be tampered with by attackers.
|
| CVE-2026-50701 |
|
Cross-Site Scripting (XSS) in CVE-2026-50701 (CVE-2026-50701)
cross-site scripting in CVE-2026-50701 (CVE-2026-50701). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50703 |
|
Cross-Site Scripting (XSS) in CVE-2026-50703 (CVE-2026-50703)
cross-site scripting in CVE-2026-50703 (CVE-2026-50703). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50704 |
|
Cross-Site Scripting (XSS) in CVE-2026-50704 (CVE-2026-50704)
cross-site scripting in CVE-2026-50704 (CVE-2026-50704). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50705 |
|
Cross-Site Scripting (XSS) in CVE-2026-50705 (CVE-2026-50705)
cross-site scripting in CVE-2026-50705 (CVE-2026-50705). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50708 |
|
Cross-Site Scripting (XSS) in CVE-2026-50708 (CVE-2026-50708)
cross-site scripting in CVE-2026-50708 (CVE-2026-50708). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50709 |
|
Cross-Site Scripting (XSS) in CVE-2026-50709 (CVE-2026-50709)
cross-site scripting in CVE-2026-50709 (CVE-2026-50709). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50710 |
|
Cross-Site Scripting (XSS) in CVE-2026-50710 (CVE-2026-50710)
cross-site scripting in CVE-2026-50710 (CVE-2026-50710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50711 |
|
Cross-Site Scripting (XSS) in CVE-2026-50711 (CVE-2026-50711)
cross-site scripting in CVE-2026-50711 (CVE-2026-50711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50712 |
|
Cross-Site Scripting (XSS) in CVE-2026-50712 (CVE-2026-50712)
cross-site scripting in CVE-2026-50712 (CVE-2026-50712). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50700 |
|
Cross-Site Scripting (XSS) in CVE-2026-50700 (CVE-2026-50700)
cross-site scripting in CVE-2026-50700 (CVE-2026-50700). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12986 |
|
Cross-Site Request Forgery (CSRF) in ssrf (CVE-2026-12986)
vulnerability in ssrf (CVE-2026-12986). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11878 |
|
Cross-Site Scripting (XSS) in microfocus (CVE-2026-11878)
cross-site scripting in microfocus (CVE-2026-11878). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50698 |
|
Cross-Site Scripting (XSS) in CVE-2026-50698 (CVE-2026-50698)
cross-site scripting in CVE-2026-50698 (CVE-2026-50698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50699 |
|
Cross-Site Scripting (XSS) in CVE-2026-50699 (CVE-2026-50699)
cross-site scripting in CVE-2026-50699 (CVE-2026-50699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57306 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57306)
vulnerability in csrf (CVE-2026-57306). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57305 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57305)
vulnerability in csrf (CVE-2026-57305). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57298 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57298)
vulnerability in csrf (CVE-2026-57298). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57295 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57295)
vulnerability in csrf (CVE-2026-57295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57292 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57292)
vulnerability in csrf (CVE-2026-57292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57290 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57290)
vulnerability in csrf (CVE-2026-57290). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57296 |
|
Path Traversal in path-traversal (CVE-2026-57296)
path traversal in path-traversal (CVE-2026-57296). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57283 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57283)
vulnerability in csrf (CVE-2026-57283). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56338 |
|
Vulnerability in dos (CVE-2026-56338)
vulnerability in dos (CVE-2026-56338). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56262 |
|
Vulnerability in kidocode (CVE-2026-56262)
vulnerability in kidocode (CVE-2026-56262). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56231 |
|
Vulnerability in dos (CVE-2026-56231)
vulnerability in dos (CVE-2026-56231). Risk of unauthorized operations or information disclosure. Exploitable via `POST /build/start/`.
|
| CVE-2026-13140 |
|
Cross-Site Scripting (XSS) in CVE-2026-13140 (CVE-2026-13140)
cross-site scripting in CVE-2026-13140 (CVE-2026-13140). Risk of unauthorized operations or information disclosure.
|