Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2016-20065 SQL Injection in wordpress (CVE-2016-20065)
SQL injection in wordpress (CVE-2016-20065). Confidential information can be exposed externally.
CVE-2016-20063 SQL Injection in sqli (CVE-2016-20063)
SQL injection in sqli (CVE-2016-20063). Confidential information can be exposed externally.
CVE-2016-20062 SQL Injection in wordpress (CVE-2016-20062)
SQL injection in wordpress (CVE-2016-20062). Confidential information can be exposed externally.
CVE-2026-49740 Unsafe Deserialization in typo3/cms-core (CVE-2026-49740)
vulnerability in typo3/cms-core (CVE-2026-49740). Risk of unauthorized operations or information disclosure. Exploitable via ``VariableFrontend``. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-49741 Vulnerability in typo3/cms-core (CVE-2026-49741)
vulnerability in typo3/cms-core (CVE-2026-49741). Risk of unauthorized operations or information disclosure. Exploitable via ``form_definition``. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-47348 Cross-Site Scripting (XSS) in typo3/cms-core (CVE-2026-47348)
cross-site scripting in typo3/cms-core (CVE-2026-47348). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-52902 Path Traversal in path-traversal (CVE-2026-52902)
path traversal in path-traversal (CVE-2026-52902). Confidential information can be exposed externally.
CVE-2026-46747 Vulnerability in path-traversal (CVE-2026-46747)
vulnerability in path-traversal (CVE-2026-46747). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/sftp/uploadFiles`.
CVE-2026-41031 Cross-Site Scripting (XSS) in CVE-2026-41031 (CVE-2026-41031)
cross-site scripting in CVE-2026-41031 (CVE-2026-41031). Confidential information can be exposed externally.
CVE-2026-10731 SQL Injection in sqli (CVE-2026-10731)
SQL injection in sqli (CVE-2026-10731). Risk of unauthorized operations or information disclosure.
CVE-2025-40808 Unrestricted File Upload in dos (CVE-2025-40808)
vulnerability in dos (CVE-2025-40808). Data can be tampered with by attackers.
CVE-2026-11616 Privilege Escalation in wordpress (CVE-2026-11616)
vulnerability in wordpress (CVE-2026-11616). Successful exploitation can lead to full system takeover.
CVE-2026-8599 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8599)
cross-site scripting in wordpress (CVE-2026-8599). Risk of unauthorized operations or information disclosure.
CVE-2026-25688 Vulnerability in apache (CVE-2026-25688)
vulnerability in apache (CVE-2026-25688). Risk of unauthorized operations or information disclosure.
CVE-2026-8677 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8677)
cross-site scripting in wordpress (CVE-2026-8677). Risk of unauthorized operations or information disclosure.
CVE-2026-34033 Cross-Site Scripting (XSS) in apache (CVE-2026-34033)
cross-site scripting in apache (CVE-2026-34033). Risk of unauthorized operations or information disclosure.
CVE-2026-8365 Unsafe Deserialization in wordpress (CVE-2026-8365)
vulnerability in wordpress (CVE-2026-8365). Successful exploitation can lead to full system takeover.
CVE-2026-41983 Vulnerability in dos (CVE-2026-41983)
vulnerability in dos (CVE-2026-41983). Risk of unauthorized operations or information disclosure.
CVE-2026-41977 Vulnerability in dos (CVE-2026-41977)
vulnerability in dos (CVE-2026-41977). Risk of unauthorized operations or information disclosure.
CVE-2026-41972 Path Traversal in path-traversal (CVE-2026-41972)
path traversal in path-traversal (CVE-2026-41972). Risk of unauthorized operations or information disclosure.
CVE-2026-41539 Cross-Site Scripting (XSS) in qnap (CVE-2026-41539)
cross-site scripting in qnap (CVE-2026-41539). Risk of unauthorized operations or information disclosure.
CVE-2026-5067 Vulnerability in dos (CVE-2026-5067)
vulnerability in dos (CVE-2026-5067). Successful exploitation can lead to full system takeover.
CVE-2026-8977 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8977)
cross-site scripting in wordpress (CVE-2026-8977). Risk of unauthorized operations or information disclosure.
CVE-2026-9662 Vulnerability in wordpress (CVE-2026-9662)
vulnerability in wordpress (CVE-2026-9662). Successful exploitation can lead to full system takeover. Exploitable via ``tpf``.
CVE-2026-8895 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8895)
cross-site scripting in wordpress (CVE-2026-8895). Risk of unauthorized operations or information disclosure.
CVE-2026-8883 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8883)
cross-site scripting in wordpress (CVE-2026-8883). Risk of unauthorized operations or information disclosure.
CVE-2026-8882 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8882)
cross-site scripting in wordpress (CVE-2026-8882). Risk of unauthorized operations or information disclosure.
CVE-2026-8880 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8880)
cross-site scripting in wordpress (CVE-2026-8880). Risk of unauthorized operations or information disclosure.
CVE-2026-8841 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8841)
cross-site scripting in wordpress (CVE-2026-8841). Risk of unauthorized operations or information disclosure.
CVE-2026-7662 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7662)
cross-site scripting in wordpress (CVE-2026-7662). Risk of unauthorized operations or information disclosure. Exploitable via ``epaperflip_embed``.
CVE-2026-41854 SSRF (Server-Side Request Forgery) in spring (CVE-2026-41854)
SSRF in spring (CVE-2026-41854). Risk of unauthorized operations or information disclosure.
CVE-2026-41849 Vulnerability in spring (CVE-2026-41849)
vulnerability in spring (CVE-2026-41849). Risk of unauthorized operations or information disclosure.
CVE-2026-41850 Vulnerability in spring (CVE-2026-41850)
vulnerability in spring (CVE-2026-41850). Risk of unauthorized operations or information disclosure.
CVE-2026-41851 Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
CVE-2026-41855 Unsafe Deserialization in spring (CVE-2026-41855)
vulnerability in spring (CVE-2026-41855). Successful exploitation can lead to full system takeover.
CVE-2026-41842 Vulnerability in spring (CVE-2026-41842)
vulnerability in spring (CVE-2026-41842). Risk of unauthorized operations or information disclosure.
CVE-2026-41848 Vulnerability in spring (CVE-2026-41848)
vulnerability in spring (CVE-2026-41848). Risk of unauthorized operations or information disclosure.
CVE-2026-41846 Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
CVE-2026-41845 Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
CVE-2026-41843 Path Traversal in spring (CVE-2026-41843)
path traversal in spring (CVE-2026-41843). Confidential information can be exposed externally.
CVE-2026-41839 Vulnerability in spring (CVE-2026-41839)
vulnerability in spring (CVE-2026-41839). Risk of unauthorized operations or information disclosure.
CVE-2026-41840 Vulnerability in spring (CVE-2026-41840)
vulnerability in spring (CVE-2026-41840). Risk of unauthorized operations or information disclosure.
CVE-2026-40983 Vulnerability in dos (CVE-2026-40983)
vulnerability in dos (CVE-2026-40983). Risk of unauthorized operations or information disclosure.
CVE-2026-40984 Vulnerability in dos (CVE-2026-40984)
vulnerability in dos (CVE-2026-40984). Risk of unauthorized operations or information disclosure.
CVE-2026-11603 Cross-Site Scripting (XSS) in wordpress (CVE-2026-11603)
cross-site scripting in wordpress (CVE-2026-11603). Risk of unauthorized operations or information disclosure.
CVE-2026-10738 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10738)
cross-site scripting in wordpress (CVE-2026-10738). Risk of unauthorized operations or information disclosure.
CVE-2026-10553 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10553)
vulnerability in wordpress (CVE-2026-10553). Risk of unauthorized operations or information disclosure.
CVE-2026-10024 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10024)
cross-site scripting in wordpress (CVE-2026-10024). Risk of unauthorized operations or information disclosure.
CVE-2026-7556 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7556)
cross-site scripting in wordpress (CVE-2026-7556). Risk of unauthorized operations or information disclosure.
CVE-2026-5714 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5714)
cross-site scripting in wordpress (CVE-2026-5714). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →