Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-48681 Vulnerability in path-traversal (CVE-2026-48681)
vulnerability in path-traversal (CVE-2026-48681). Confidential information can be exposed externally.
CVE-2026-41283 Authorization Flaw in CVE-2026-41283 (CVE-2026-41283)
vulnerability in CVE-2026-41283 (CVE-2026-41283). Successful exploitation can lead to full system takeover.
CVE-2026-8653 SQL Injection in wordpress (CVE-2026-8653)
SQL injection in wordpress (CVE-2026-8653). Confidential information can be exposed externally.
CVE-2026-7764 Out-of-Bounds Read in dos (CVE-2026-7764)
vulnerability in dos (CVE-2026-7764). Risk of unauthorized operations or information disclosure.
CVE-2026-10775 Vulnerability in dos (CVE-2026-10775)
vulnerability in dos (CVE-2026-10775). Risk of unauthorized operations or information disclosure.
CVE-2026-10777 A vulnerability was identified in ealpha072 Student-Management-System up to...
A vulnerability was identified in ealpha072 Student-Management-System up to...
CVE-2026-10771 A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate...
A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate...
CVE-2026-44022 Path Traversal in docling (CVE-2026-44022)
path traversal in docling (CVE-2026-44022). Confidential information can be exposed externally. Mitigation: upgrade to `2.91.0` or later.
CVE-2026-44020 Vulnerability in docling (CVE-2026-44020)
vulnerability in docling (CVE-2026-44020). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.74.0` or later.
CVE-2026-44016 Code Injection in docling (CVE-2026-44016)
code injection in docling (CVE-2026-44016). Confidential information can be exposed externally. Exploitable via ``enable_remote_fetch``. Mitigation: upgrade to `2.91.0` or later.
CVE-2026-40898 Vulnerability in github.com/quic-go/quic-go (CVE-2026-40898)
vulnerability in github.com/quic-go/quic-go (CVE-2026-40898). Risk of unauthorized operations or information disclosure. Exploitable via ``http.Header``. Mitigation: upgrade to `0.59.1` or later.
CVE-2026-50033 Vulnerability in privilege-escalation (CVE-2026-50033)
vulnerability in privilege-escalation (CVE-2026-50033). Successful exploitation can lead to full system takeover.
CVE-2026-44682 Vulnerability in privilege-escalation (CVE-2026-44682)
vulnerability in privilege-escalation (CVE-2026-44682). Successful exploitation can lead to full system takeover.
CVE-2026-44609 Vulnerability in privilege-escalation (CVE-2026-44609)
vulnerability in privilege-escalation (CVE-2026-44609). Successful exploitation can lead to full system takeover.
CVE-2026-37700 Cross-Site Scripting (XSS) in CVE-2026-37700 (CVE-2026-37700)
cross-site scripting in CVE-2026-37700 (CVE-2026-37700). Risk of unauthorized operations or information disclosure.
CVE-2026-42061 Vulnerability in privilege-escalation (CVE-2026-42061)
vulnerability in privilege-escalation (CVE-2026-42061). Successful exploitation can lead to full system takeover.
CVE-2026-44017 Path Traversal in docling (CVE-2026-44017)
path traversal in docling (CVE-2026-44017). Successful exploitation can lead to full system takeover. Exploitable via ``SecurityError``. Mitigation: upgrade to `2.91.0` or later.
CVE-2026-8888 Vulnerability in dos (CVE-2026-8888)
vulnerability in dos (CVE-2026-8888). Risk of unauthorized operations or information disclosure.
CVE-2026-26379 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-26379)
SSRF in ssrf (CVE-2026-26379). Risk of unauthorized operations or information disclosure.
CVE-2026-26378 Cross-Site Scripting (XSS) in koha (CVE-2026-26378)
cross-site scripting in koha (CVE-2026-26378). Risk of unauthorized operations or information disclosure.
CVE-2026-39107 Cross-Site Scripting (XSS) in CVE-2026-39107 (CVE-2026-39107)
cross-site scripting in CVE-2026-39107 (CVE-2026-39107). Risk of unauthorized operations or information disclosure.
CVE-2026-36460 Cross-Site Scripting (XSS) in CVE-2026-36460 (CVE-2026-36460)
cross-site scripting in CVE-2026-36460 (CVE-2026-36460). Risk of unauthorized operations or information disclosure.
CVE-2026-36605 Vulnerability in dos (CVE-2026-36605)
vulnerability in dos (CVE-2026-36605). Risk of unauthorized operations or information disclosure.
CVE-2026-20230 KEV [KEV] SSRF (Server-Side Request Forgery) in Cisco ssrf (CVE-2026-20230)
SSRF in Cisco ssrf (CVE-2026-20230). Data can be tampered with by attackers. Listed in CISA KEV — actively exploited.
CVE-2026-20233 Cross-Site Scripting (XSS) in Cisco webex-meetings (CVE-2026-20233)
cross-site scripting in Cisco webex-meetings (CVE-2026-20233). Risk of unauthorized operations or information disclosure.
CVE-2026-42321 Cross-Site Scripting (XSS) in CVE-2026-42321 (CVE-2026-42321)
cross-site scripting in CVE-2026-42321 (CVE-2026-42321). Risk of unauthorized operations or information disclosure.
CVE-2026-36748 Cross-Site Scripting (XSS) in CVE-2026-36748 (CVE-2026-36748)
cross-site scripting in CVE-2026-36748 (CVE-2026-36748). Successful exploitation can lead to full system takeover.
CVE-2026-37462 Vulnerability in dos (CVE-2026-37462)
vulnerability in dos (CVE-2026-37462). Risk of unauthorized operations or information disclosure.
CVE-2022-31114 Cross-Site Scripting (XSS) in backpack/crud (CVE-2022-31114)
cross-site scripting in backpack/crud (CVE-2022-31114). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.63` or later.
CVE-2026-5241 Vulnerability in huggingface (CVE-2026-5241)
vulnerability in huggingface (CVE-2026-5241). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``.
CVE-2026-47324 Cross-Site Scripting (XSS) in CVE-2026-47324 (CVE-2026-47324)
cross-site scripting in CVE-2026-47324 (CVE-2026-47324). Risk of unauthorized operations or information disclosure.
CVE-2026-44545 Vulnerability in dos (CVE-2026-44545)
vulnerability in dos (CVE-2026-44545). Risk of unauthorized operations or information disclosure.
CVE-2026-37460 Vulnerability in c (CVE-2026-37460)
vulnerability in c (CVE-2026-37460). Risk of unauthorized operations or information disclosure.
CVE-2026-10729 Vulnerability in CVE-2026-10729 (CVE-2026-10729)
vulnerability in CVE-2026-10729 (CVE-2026-10729). Risk of unauthorized operations or information disclosure.
CVE-2025-60477 Vulnerability in c (CVE-2025-60477)
vulnerability in c (CVE-2025-60477). Risk of unauthorized operations or information disclosure.
CVE-2025-70100 Vulnerability in c (CVE-2025-70100)
vulnerability in c (CVE-2025-70100). Risk of unauthorized operations or information disclosure.
CVE-2025-70101 Out-of-Bounds Read in c (CVE-2025-70101)
vulnerability in c (CVE-2025-70101). Confidential information can be exposed externally.
CVE-2024-47273 Path Traversal in path-traversal (CVE-2024-47273)
path traversal in path-traversal (CVE-2024-47273). Risk of unauthorized operations or information disclosure.
CVE-2024-47263 Path Traversal in path-traversal (CVE-2024-47263)
path traversal in path-traversal (CVE-2024-47263). Risk of unauthorized operations or information disclosure.
CVE-2025-15655 SQL Injection in sqli (CVE-2025-15655)
SQL injection in sqli (CVE-2025-15655). Confidential information can be exposed externally.
CVE-2025-15656 Vulnerability in privilege-escalation (CVE-2025-15656)
vulnerability in privilege-escalation (CVE-2025-15656). Successful exploitation can lead to full system takeover.
CVE-2025-14773 Cross-Site Scripting (XSS) in abb (CVE-2025-14773)
cross-site scripting in abb (CVE-2025-14773). Successful exploitation can lead to full system takeover.
CVE-2025-15654 Cross-Site Scripting (XSS) in CVE-2025-15654 (CVE-2025-15654)
cross-site scripting in CVE-2025-15654 (CVE-2025-15654). Risk of unauthorized operations or information disclosure.
CVE-2026-50052 Vulnerability in CVE-2026-50052 (CVE-2026-50052)
vulnerability in CVE-2026-50052 (CVE-2026-50052). Risk of unauthorized operations or information disclosure.
CVE-2026-10704 Vulnerability in sqli (CVE-2026-10704)
vulnerability in sqli (CVE-2026-10704). Risk of unauthorized operations or information disclosure.
CVE-2026-9516 Vulnerability in dos (CVE-2026-9516)
vulnerability in dos (CVE-2026-9516). Risk of unauthorized operations or information disclosure.
CVE-2026-7421 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7421)
cross-site scripting in wordpress (CVE-2026-7421). Risk of unauthorized operations or information disclosure. Exploitable via ``shop_name``.
CVE-2026-40108 Cross-Site Scripting (XSS) in CVE-2026-40108 (CVE-2026-40108)
cross-site scripting in CVE-2026-40108 (CVE-2026-40108). Risk of unauthorized operations or information disclosure.
CVE-2026-35212 Cross-Site Scripting (XSS) in pycti (CVE-2026-35212)
cross-site scripting in pycti (CVE-2026-35212). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.260227.0` or later.
CVE-2021-4481 Vulnerability in privilege-escalation (CVE-2021-4481)
vulnerability in privilege-escalation (CVE-2021-4481). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →