Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2016-20065 |
|
SQL Injection in wordpress (CVE-2016-20065)
SQL injection in wordpress (CVE-2016-20065). Confidential information can be exposed externally.
|
| CVE-2016-20063 |
|
SQL Injection in sqli (CVE-2016-20063)
SQL injection in sqli (CVE-2016-20063). Confidential information can be exposed externally.
|
| CVE-2016-20062 |
|
SQL Injection in wordpress (CVE-2016-20062)
SQL injection in wordpress (CVE-2016-20062). Confidential information can be exposed externally.
|
| CVE-2026-49740 |
|
Unsafe Deserialization in typo3/cms-core (CVE-2026-49740)
vulnerability in typo3/cms-core (CVE-2026-49740). Risk of unauthorized operations or information disclosure. Exploitable via ``VariableFrontend``. Mitigation: upgrade to `14.3.3` or later.
|
| CVE-2026-49741 |
|
Vulnerability in typo3/cms-core (CVE-2026-49741)
vulnerability in typo3/cms-core (CVE-2026-49741). Risk of unauthorized operations or information disclosure. Exploitable via ``form_definition``. Mitigation: upgrade to `14.3.3` or later.
|
| CVE-2026-47348 |
|
Cross-Site Scripting (XSS) in typo3/cms-core (CVE-2026-47348)
cross-site scripting in typo3/cms-core (CVE-2026-47348). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
|
| CVE-2026-52902 |
|
Path Traversal in path-traversal (CVE-2026-52902)
path traversal in path-traversal (CVE-2026-52902). Confidential information can be exposed externally.
|
| CVE-2026-46747 |
|
Vulnerability in path-traversal (CVE-2026-46747)
vulnerability in path-traversal (CVE-2026-46747). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/sftp/uploadFiles`.
|
| CVE-2026-41031 |
|
Cross-Site Scripting (XSS) in CVE-2026-41031 (CVE-2026-41031)
cross-site scripting in CVE-2026-41031 (CVE-2026-41031). Confidential information can be exposed externally.
|
| CVE-2026-10731 |
|
SQL Injection in sqli (CVE-2026-10731)
SQL injection in sqli (CVE-2026-10731). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40808 |
|
Unrestricted File Upload in dos (CVE-2025-40808)
vulnerability in dos (CVE-2025-40808). Data can be tampered with by attackers.
|
| CVE-2026-11616 |
|
Privilege Escalation in wordpress (CVE-2026-11616)
vulnerability in wordpress (CVE-2026-11616). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8599 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8599)
cross-site scripting in wordpress (CVE-2026-8599). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25688 |
|
Vulnerability in apache (CVE-2026-25688)
vulnerability in apache (CVE-2026-25688). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8677 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8677)
cross-site scripting in wordpress (CVE-2026-8677). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34033 |
|
Cross-Site Scripting (XSS) in apache (CVE-2026-34033)
cross-site scripting in apache (CVE-2026-34033). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8365 |
|
Unsafe Deserialization in wordpress (CVE-2026-8365)
vulnerability in wordpress (CVE-2026-8365). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41983 |
|
Vulnerability in dos (CVE-2026-41983)
vulnerability in dos (CVE-2026-41983). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41977 |
|
Vulnerability in dos (CVE-2026-41977)
vulnerability in dos (CVE-2026-41977). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41972 |
|
Path Traversal in path-traversal (CVE-2026-41972)
path traversal in path-traversal (CVE-2026-41972). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41539 |
|
Cross-Site Scripting (XSS) in qnap (CVE-2026-41539)
cross-site scripting in qnap (CVE-2026-41539). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5067 |
|
Vulnerability in dos (CVE-2026-5067)
vulnerability in dos (CVE-2026-5067). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8977 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8977)
cross-site scripting in wordpress (CVE-2026-8977). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9662 |
|
Vulnerability in wordpress (CVE-2026-9662)
vulnerability in wordpress (CVE-2026-9662). Successful exploitation can lead to full system takeover. Exploitable via ``tpf``.
|
| CVE-2026-8895 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8895)
cross-site scripting in wordpress (CVE-2026-8895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8883 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8883)
cross-site scripting in wordpress (CVE-2026-8883). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8882 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8882)
cross-site scripting in wordpress (CVE-2026-8882). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8880 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8880)
cross-site scripting in wordpress (CVE-2026-8880). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8841 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8841)
cross-site scripting in wordpress (CVE-2026-8841). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7662 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7662)
cross-site scripting in wordpress (CVE-2026-7662). Risk of unauthorized operations or information disclosure. Exploitable via ``epaperflip_embed``.
|
| CVE-2026-41854 |
|
SSRF (Server-Side Request Forgery) in spring (CVE-2026-41854)
SSRF in spring (CVE-2026-41854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41849 |
|
Vulnerability in spring (CVE-2026-41849)
vulnerability in spring (CVE-2026-41849). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41850 |
|
Vulnerability in spring (CVE-2026-41850)
vulnerability in spring (CVE-2026-41850). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41851 |
|
Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41855 |
|
Unsafe Deserialization in spring (CVE-2026-41855)
vulnerability in spring (CVE-2026-41855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41842 |
|
Vulnerability in spring (CVE-2026-41842)
vulnerability in spring (CVE-2026-41842). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41848 |
|
Vulnerability in spring (CVE-2026-41848)
vulnerability in spring (CVE-2026-41848). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41846 |
|
Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
|
| CVE-2026-41845 |
|
Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
|
| CVE-2026-41843 |
|
Path Traversal in spring (CVE-2026-41843)
path traversal in spring (CVE-2026-41843). Confidential information can be exposed externally.
|
| CVE-2026-41839 |
|
Vulnerability in spring (CVE-2026-41839)
vulnerability in spring (CVE-2026-41839). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41840 |
|
Vulnerability in spring (CVE-2026-41840)
vulnerability in spring (CVE-2026-41840). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40983 |
|
Vulnerability in dos (CVE-2026-40983)
vulnerability in dos (CVE-2026-40983). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40984 |
|
Vulnerability in dos (CVE-2026-40984)
vulnerability in dos (CVE-2026-40984). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11603 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11603)
cross-site scripting in wordpress (CVE-2026-11603). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10738 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10738)
cross-site scripting in wordpress (CVE-2026-10738). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10553 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10553)
vulnerability in wordpress (CVE-2026-10553). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10024 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10024)
cross-site scripting in wordpress (CVE-2026-10024). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7556 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7556)
cross-site scripting in wordpress (CVE-2026-7556). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5714 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5714)
cross-site scripting in wordpress (CVE-2026-5714). Risk of unauthorized operations or information disclosure.
|