Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-11322 |
|
Vulnerability in path-traversal (CVE-2026-11322)
vulnerability in path-traversal (CVE-2026-11322). Confidential information can be exposed externally.
|
| CVE-2026-42538 |
|
Unrestricted File Upload in CVE-2026-42538 (CVE-2026-42538)
vulnerability in CVE-2026-42538 (CVE-2026-42538). Confidential information can be exposed externally.
|
| CVE-2026-5066 |
|
Out-of-Bounds Write in c (CVE-2026-5066)
out-of-bounds write in c (CVE-2026-5066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5589 |
|
Out-of-Bounds Write in c (CVE-2026-5589)
out-of-bounds write in c (CVE-2026-5589). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36499 |
|
Vulnerability in dos (CVE-2026-36499)
vulnerability in dos (CVE-2026-36499). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65640 |
|
Cross-Site Scripting (XSS) in CVE-2025-65640 (CVE-2025-65640)
cross-site scripting in CVE-2025-65640 (CVE-2025-65640). Confidential information can be exposed externally.
|
| CVE-2026-25550 |
|
Vulnerability in csharp (CVE-2026-25550)
vulnerability in csharp (CVE-2026-25550). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10880 |
|
SQL Injection in sqli (CVE-2026-10880)
SQL injection in sqli (CVE-2026-10880). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25551 |
|
Unsafe Deserialization in csharp (CVE-2026-25551)
vulnerability in csharp (CVE-2026-25551). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67448 |
|
Cross-Site Scripting (XSS) in CVE-2025-67448 (CVE-2025-67448)
cross-site scripting in CVE-2025-67448 (CVE-2025-67448). Confidential information can be exposed externally.
|
| CVE-2026-49941 |
|
Vulnerability in dos (CVE-2026-49941)
vulnerability in dos (CVE-2026-49941). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50076 |
|
Unsafe Deserialization in apache (CVE-2026-50076)
vulnerability in apache (CVE-2026-50076). Confidential information can be exposed externally.
|
| CVE-2025-67446 |
|
Vulnerability in CVE-2025-67446 (CVE-2025-67446)
vulnerability in CVE-2025-67446 (CVE-2025-67446). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43986 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43986)
SSRF in ssrf (CVE-2026-43986). Confidential information can be exposed externally. Exploitable via ``image_hash_lookup``.
|
| CVE-2026-43985 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-43985)
vulnerability in csrf (CVE-2026-43985). Successful exploitation can lead to full system takeover. Exploitable via ``configUpdate``.
|
| CVE-2026-43984 |
|
Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
cross-site scripting in CVE-2026-43984 (CVE-2026-43984). Confidential information can be exposed externally. Exploitable via ``log_js_errors``.
|
| CVE-2026-38570 |
|
Out-of-Bounds Read in dos (CVE-2026-38570)
vulnerability in dos (CVE-2026-38570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10811 |
|
Vulnerability in sqli (CVE-2026-10811)
vulnerability in sqli (CVE-2026-10811). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10863 |
|
Vulnerability in sqli (CVE-2026-10863)
vulnerability in sqli (CVE-2026-10863). Confidential information can be exposed externally.
|
| CVE-2026-8037 |
|
Command Injection in CVE-2026-8037 (CVE-2026-8037)
command injection in CVE-2026-8037 (CVE-2026-8037). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10808 |
|
Vulnerability in sqli (CVE-2026-10808)
vulnerability in sqli (CVE-2026-10808). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10809 |
|
Vulnerability in sqli (CVE-2026-10809)
vulnerability in sqli (CVE-2026-10809). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10810 |
|
Cross-Site Scripting (XSS) in CVE-2026-10810 (CVE-2026-10810)
cross-site scripting in CVE-2026-10810 (CVE-2026-10810). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25745 |
|
SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.
|
| CVE-2019-25740 |
|
Path Traversal in path-traversal (CVE-2019-25740)
path traversal in path-traversal (CVE-2019-25740). Confidential information can be exposed externally.
|
| CVE-2019-25734 |
|
Path Traversal in csrf (CVE-2019-25734)
path traversal in csrf (CVE-2019-25734). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25743 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2019-25743)
cross-site scripting in wordpress (CVE-2019-25743). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25739 |
|
Cross-Site Scripting (XSS) in CVE-2019-25739 (CVE-2019-25739)
cross-site scripting in CVE-2019-25739 (CVE-2019-25739). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25737 |
|
Cross-Site Scripting (XSS) in CVE-2019-25737 (CVE-2019-25737)
cross-site scripting in CVE-2019-25737 (CVE-2019-25737). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25744 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2019-25744)
cross-site scripting in wordpress (CVE-2019-25744). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25742 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2019-25742)
cross-site scripting in wordpress (CVE-2019-25742). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46638 |
|
Vulnerability in dos (CVE-2025-46638)
vulnerability in dos (CVE-2025-46638). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25730 |
|
SQL Injection in sqli (CVE-2019-25730)
SQL injection in sqli (CVE-2019-25730). Confidential information can be exposed externally.
|
| CVE-2019-25732 |
|
SQL Injection in sqli (CVE-2019-25732)
SQL injection in sqli (CVE-2019-25732). Confidential information can be exposed externally.
|
| CVE-2019-25731 |
|
Cross-Site Scripting (XSS) in CVE-2019-25731 (CVE-2019-25731)
cross-site scripting in CVE-2019-25731 (CVE-2019-25731). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25728 |
|
SQL Injection in sqli (CVE-2019-25728)
SQL injection in sqli (CVE-2019-25728). Confidential information can be exposed externally.
|
| CVE-2019-25726 |
|
SQL Injection in sqli (CVE-2019-25726)
SQL injection in sqli (CVE-2019-25726). Confidential information can be exposed externally.
|
| CVE-2019-25729 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2019-25729)
vulnerability in csrf (CVE-2019-25729). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41065 |
|
Vulnerability in CVE-2026-41065 (CVE-2026-41065)
vulnerability in CVE-2026-41065 (CVE-2026-41065). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47707 |
|
Vulnerability in strawberry-graphql (CVE-2026-47707)
vulnerability in strawberry-graphql (CVE-2026-47707). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.315.7` or later.
|
| CVE-2026-47706 |
|
Vulnerability in strawberry-graphql (CVE-2026-47706)
vulnerability in strawberry-graphql (CVE-2026-47706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.315.7` or later.
|
| CVE-2026-40605 |
|
Path Traversal in path-traversal (CVE-2026-40605)
path traversal in path-traversal (CVE-2026-40605). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4104 |
|
SQL Injection in sqli (CVE-2026-4104)
SQL injection in sqli (CVE-2026-4104). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52609 |
|
Vulnerability in hcltech (CVE-2025-52609)
vulnerability in hcltech (CVE-2025-52609). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52612 |
|
Vulnerability in hcltech (CVE-2025-52612)
vulnerability in hcltech (CVE-2025-52612). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45431 |
|
OS Command Injection in CVE-2026-45431 (CVE-2026-45431)
OS command injection in CVE-2026-45431 (CVE-2026-45431). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-12694 |
|
Vulnerability in privilege-escalation (CVE-2025-12694)
vulnerability in privilege-escalation (CVE-2025-12694). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49771 |
|
SQL Injection in sqli (CVE-2026-49771)
SQL injection in sqli (CVE-2026-49771). Confidential information can be exposed externally.
|
| CVE-2026-50212 |
|
Vulnerability in dos (CVE-2026-50212)
vulnerability in dos (CVE-2026-50212). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10805 |
|
OS Command Injection in privilege-escalation (CVE-2026-10805)
OS command injection in privilege-escalation (CVE-2026-10805). Successful exploitation can lead to full system takeover.
|