Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-11322 Vulnerability in path-traversal (CVE-2026-11322)
vulnerability in path-traversal (CVE-2026-11322). Confidential information can be exposed externally.
CVE-2026-42538 Unrestricted File Upload in CVE-2026-42538 (CVE-2026-42538)
vulnerability in CVE-2026-42538 (CVE-2026-42538). Confidential information can be exposed externally.
CVE-2026-5066 Out-of-Bounds Write in c (CVE-2026-5066)
out-of-bounds write in c (CVE-2026-5066). Risk of unauthorized operations or information disclosure.
CVE-2026-5589 Out-of-Bounds Write in c (CVE-2026-5589)
out-of-bounds write in c (CVE-2026-5589). Risk of unauthorized operations or information disclosure.
CVE-2026-36499 Vulnerability in dos (CVE-2026-36499)
vulnerability in dos (CVE-2026-36499). Risk of unauthorized operations or information disclosure.
CVE-2025-65640 Cross-Site Scripting (XSS) in CVE-2025-65640 (CVE-2025-65640)
cross-site scripting in CVE-2025-65640 (CVE-2025-65640). Confidential information can be exposed externally.
CVE-2026-25550 Vulnerability in csharp (CVE-2026-25550)
vulnerability in csharp (CVE-2026-25550). Successful exploitation can lead to full system takeover.
CVE-2026-10880 SQL Injection in sqli (CVE-2026-10880)
SQL injection in sqli (CVE-2026-10880). Successful exploitation can lead to full system takeover.
CVE-2026-25551 Unsafe Deserialization in csharp (CVE-2026-25551)
vulnerability in csharp (CVE-2026-25551). Successful exploitation can lead to full system takeover.
CVE-2025-67448 Cross-Site Scripting (XSS) in CVE-2025-67448 (CVE-2025-67448)
cross-site scripting in CVE-2025-67448 (CVE-2025-67448). Confidential information can be exposed externally.
CVE-2026-49941 Vulnerability in dos (CVE-2026-49941)
vulnerability in dos (CVE-2026-49941). Risk of unauthorized operations or information disclosure.
CVE-2026-50076 Unsafe Deserialization in apache (CVE-2026-50076)
vulnerability in apache (CVE-2026-50076). Confidential information can be exposed externally.
CVE-2025-67446 Vulnerability in CVE-2025-67446 (CVE-2025-67446)
vulnerability in CVE-2025-67446 (CVE-2025-67446). Successful exploitation can lead to full system takeover.
CVE-2026-43986 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43986)
SSRF in ssrf (CVE-2026-43986). Confidential information can be exposed externally. Exploitable via ``image_hash_lookup``.
CVE-2026-43985 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-43985)
vulnerability in csrf (CVE-2026-43985). Successful exploitation can lead to full system takeover. Exploitable via ``configUpdate``.
CVE-2026-43984 Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
cross-site scripting in CVE-2026-43984 (CVE-2026-43984). Confidential information can be exposed externally. Exploitable via ``log_js_errors``.
CVE-2026-38570 Out-of-Bounds Read in dos (CVE-2026-38570)
vulnerability in dos (CVE-2026-38570). Risk of unauthorized operations or information disclosure.
CVE-2026-10811 Vulnerability in sqli (CVE-2026-10811)
vulnerability in sqli (CVE-2026-10811). Risk of unauthorized operations or information disclosure.
CVE-2026-10863 Vulnerability in sqli (CVE-2026-10863)
vulnerability in sqli (CVE-2026-10863). Confidential information can be exposed externally.
CVE-2026-8037 Command Injection in CVE-2026-8037 (CVE-2026-8037)
command injection in CVE-2026-8037 (CVE-2026-8037). Successful exploitation can lead to full system takeover.
CVE-2026-10808 Vulnerability in sqli (CVE-2026-10808)
vulnerability in sqli (CVE-2026-10808). Risk of unauthorized operations or information disclosure.
CVE-2026-10809 Vulnerability in sqli (CVE-2026-10809)
vulnerability in sqli (CVE-2026-10809). Risk of unauthorized operations or information disclosure.
CVE-2026-10810 Cross-Site Scripting (XSS) in CVE-2026-10810 (CVE-2026-10810)
cross-site scripting in CVE-2026-10810 (CVE-2026-10810). Risk of unauthorized operations or information disclosure.
CVE-2019-25745 SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.
CVE-2019-25740 Path Traversal in path-traversal (CVE-2019-25740)
path traversal in path-traversal (CVE-2019-25740). Confidential information can be exposed externally.
CVE-2019-25734 Path Traversal in csrf (CVE-2019-25734)
path traversal in csrf (CVE-2019-25734). Risk of unauthorized operations or information disclosure.
CVE-2019-25743 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25743)
cross-site scripting in wordpress (CVE-2019-25743). Risk of unauthorized operations or information disclosure.
CVE-2019-25739 Cross-Site Scripting (XSS) in CVE-2019-25739 (CVE-2019-25739)
cross-site scripting in CVE-2019-25739 (CVE-2019-25739). Risk of unauthorized operations or information disclosure.
CVE-2019-25737 Cross-Site Scripting (XSS) in CVE-2019-25737 (CVE-2019-25737)
cross-site scripting in CVE-2019-25737 (CVE-2019-25737). Risk of unauthorized operations or information disclosure.
CVE-2019-25744 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25744)
cross-site scripting in wordpress (CVE-2019-25744). Risk of unauthorized operations or information disclosure.
CVE-2019-25742 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25742)
cross-site scripting in wordpress (CVE-2019-25742). Risk of unauthorized operations or information disclosure.
CVE-2025-46638 Vulnerability in dos (CVE-2025-46638)
vulnerability in dos (CVE-2025-46638). Risk of unauthorized operations or information disclosure.
CVE-2019-25730 SQL Injection in sqli (CVE-2019-25730)
SQL injection in sqli (CVE-2019-25730). Confidential information can be exposed externally.
CVE-2019-25732 SQL Injection in sqli (CVE-2019-25732)
SQL injection in sqli (CVE-2019-25732). Confidential information can be exposed externally.
CVE-2019-25731 Cross-Site Scripting (XSS) in CVE-2019-25731 (CVE-2019-25731)
cross-site scripting in CVE-2019-25731 (CVE-2019-25731). Risk of unauthorized operations or information disclosure.
CVE-2019-25728 SQL Injection in sqli (CVE-2019-25728)
SQL injection in sqli (CVE-2019-25728). Confidential information can be exposed externally.
CVE-2019-25726 SQL Injection in sqli (CVE-2019-25726)
SQL injection in sqli (CVE-2019-25726). Confidential information can be exposed externally.
CVE-2019-25729 Cross-Site Request Forgery (CSRF) in csrf (CVE-2019-25729)
vulnerability in csrf (CVE-2019-25729). Successful exploitation can lead to full system takeover.
CVE-2026-41065 Vulnerability in CVE-2026-41065 (CVE-2026-41065)
vulnerability in CVE-2026-41065 (CVE-2026-41065). Risk of unauthorized operations or information disclosure.
CVE-2026-47707 Vulnerability in strawberry-graphql (CVE-2026-47707)
vulnerability in strawberry-graphql (CVE-2026-47707). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.315.7` or later.
CVE-2026-47706 Vulnerability in strawberry-graphql (CVE-2026-47706)
vulnerability in strawberry-graphql (CVE-2026-47706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.315.7` or later.
CVE-2026-40605 Path Traversal in path-traversal (CVE-2026-40605)
path traversal in path-traversal (CVE-2026-40605). Risk of unauthorized operations or information disclosure.
CVE-2026-4104 SQL Injection in sqli (CVE-2026-4104)
SQL injection in sqli (CVE-2026-4104). Successful exploitation can lead to full system takeover.
CVE-2025-52609 Vulnerability in hcltech (CVE-2025-52609)
vulnerability in hcltech (CVE-2025-52609). Risk of unauthorized operations or information disclosure.
CVE-2025-52612 Vulnerability in hcltech (CVE-2025-52612)
vulnerability in hcltech (CVE-2025-52612). Successful exploitation can lead to full system takeover.
CVE-2026-45431 OS Command Injection in CVE-2026-45431 (CVE-2026-45431)
OS command injection in CVE-2026-45431 (CVE-2026-45431). Risk of unauthorized operations or information disclosure.
CVE-2025-12694 Vulnerability in privilege-escalation (CVE-2025-12694)
vulnerability in privilege-escalation (CVE-2025-12694). Successful exploitation can lead to full system takeover.
CVE-2026-49771 SQL Injection in sqli (CVE-2026-49771)
SQL injection in sqli (CVE-2026-49771). Confidential information can be exposed externally.
CVE-2026-50212 Vulnerability in dos (CVE-2026-50212)
vulnerability in dos (CVE-2026-50212). Risk of unauthorized operations or information disclosure.
CVE-2026-10805 OS Command Injection in privilege-escalation (CVE-2026-10805)
OS command injection in privilege-escalation (CVE-2026-10805). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →