Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-10466 Cross-Site Scripting (XSS) in synology (CVE-2025-10466)
cross-site scripting in synology (CVE-2025-10466). Risk of unauthorized operations or information disclosure.
CVE-2025-22741 Cross-Site Scripting (XSS) in CVE-2025-22741 (CVE-2025-22741)
cross-site scripting in CVE-2025-22741 (CVE-2025-22741). Risk of unauthorized operations or information disclosure.
CVE-2025-13167 Cross-Site Scripting (XSS) in synology (CVE-2025-13167)
cross-site scripting in synology (CVE-2025-13167). Risk of unauthorized operations or information disclosure.
CVE-2026-40816 SQL Injection in sqli (CVE-2026-40816)
SQL injection in sqli (CVE-2026-40816). Confidential information can be exposed externally.
CVE-2026-40814 SQL Injection in sqli (CVE-2026-40814)
SQL injection in sqli (CVE-2026-40814). Confidential information can be exposed externally.
CVE-2026-40817 SQL Injection in sqli (CVE-2026-40817)
SQL injection in sqli (CVE-2026-40817). Confidential information can be exposed externally.
CVE-2026-40821 SQL Injection in sqli (CVE-2026-40821)
SQL injection in sqli (CVE-2026-40821). Confidential information can be exposed externally.
CVE-2026-40826 SQL Injection in sqli (CVE-2026-40826)
SQL injection in sqli (CVE-2026-40826). Confidential information can be exposed externally.
CVE-2026-40818 SQL Injection in sqli (CVE-2026-40818)
SQL injection in sqli (CVE-2026-40818). Confidential information can be exposed externally.
CVE-2026-40815 SQL Injection in sqli (CVE-2026-40815)
SQL injection in sqli (CVE-2026-40815). Confidential information can be exposed externally.
CVE-2026-40824 SQL Injection in sqli (CVE-2026-40824)
SQL injection in sqli (CVE-2026-40824). Confidential information can be exposed externally.
CVE-2026-7618 SQL Injection in wordpress (CVE-2026-7618)
SQL injection in wordpress (CVE-2026-7618). Confidential information can be exposed externally.
CVE-2026-40822 SQL Injection in sqli (CVE-2026-40822)
SQL injection in sqli (CVE-2026-40822). Confidential information can be exposed externally.
CVE-2026-40819 SQL Injection in c (CVE-2026-40819)
SQL injection in c (CVE-2026-40819). Confidential information can be exposed externally.
CVE-2026-40823 SQL Injection in sqli (CVE-2026-40823)
SQL injection in sqli (CVE-2026-40823). Confidential information can be exposed externally.
CVE-2026-40825 SQL Injection in sqli (CVE-2026-40825)
SQL injection in sqli (CVE-2026-40825). Confidential information can be exposed externally.
CVE-2026-49001 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-49001)
vulnerability in csrf (CVE-2026-49001). Data can be tampered with by attackers.
CVE-2026-8042 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8042)
cross-site scripting in wordpress (CVE-2026-8042). Risk of unauthorized operations or information disclosure.
CVE-2026-8143 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8143)
cross-site scripting in wordpress (CVE-2026-8143). Risk of unauthorized operations or information disclosure.
CVE-2024-47267 Path Traversal in path-traversal (CVE-2024-47267)
path traversal in path-traversal (CVE-2024-47267). Risk of unauthorized operations or information disclosure.
CVE-2026-6169 Code Injection in wordpress (CVE-2026-6169)
code injection in wordpress (CVE-2026-6169). Successful exploitation can lead to full system takeover.
CVE-2026-8832 Code Injection in wordpress (CVE-2026-8832)
code injection in wordpress (CVE-2026-8832). Successful exploitation can lead to full system takeover.
CVE-2026-40812 SQL Injection in sqli (CVE-2026-40812)
SQL injection in sqli (CVE-2026-40812). Confidential information can be exposed externally.
CVE-2026-40811 SQL Injection in sqli (CVE-2026-40811)
SQL injection in sqli (CVE-2026-40811). Confidential information can be exposed externally.
CVE-2026-40810 SQL Injection in sqli (CVE-2026-40810)
SQL injection in sqli (CVE-2026-40810). Confidential information can be exposed externally.
CVE-2026-40813 SQL Injection in sqli (CVE-2026-40813)
SQL injection in sqli (CVE-2026-40813). Confidential information can be exposed externally.
CVE-2026-3001 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3001)
cross-site scripting in wordpress (CVE-2026-3001). Risk of unauthorized operations or information disclosure.
CVE-2026-2030 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2030)
cross-site scripting in wordpress (CVE-2026-2030). Risk of unauthorized operations or information disclosure.
CVE-2026-3895 Vulnerability in wordpress (CVE-2026-3895)
vulnerability in wordpress (CVE-2026-3895). Risk of unauthorized operations or information disclosure. Exploitable via ``lvca_admin_ajax``.
CVE-2026-3897 Vulnerability in wordpress (CVE-2026-3897)
vulnerability in wordpress (CVE-2026-3897). Risk of unauthorized operations or information disclosure. Exploitable via ``labb_admin_ajax``.
CVE-2026-3896 Vulnerability in wordpress (CVE-2026-3896)
vulnerability in wordpress (CVE-2026-3896). Risk of unauthorized operations or information disclosure. Exploitable via ``lsow_admin_ajax``.
CVE-2026-3375 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3375)
cross-site scripting in wordpress (CVE-2026-3375). Risk of unauthorized operations or information disclosure.
CVE-2025-41670 Vulnerability in privilege-escalation (CVE-2025-41670)
vulnerability in privilege-escalation (CVE-2025-41670). Successful exploitation can lead to full system takeover.
CVE-2026-5760 Code Injection in jvn (CVE-2026-5760)
code injection in jvn (CVE-2026-5760). Successful exploitation can lead to full system takeover.
CVE-2026-8899 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8899)
cross-site scripting in wordpress (CVE-2026-8899). Risk of unauthorized operations or information disclosure.
CVE-2026-8994 Authentication Bypass in wordpress (CVE-2026-8994)
authentication bypass in wordpress (CVE-2026-8994). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv``.
CVE-2026-8875 Cross-Site Scripting (XSS) in c (CVE-2026-8875)
cross-site scripting in c (CVE-2026-8875). Risk of unauthorized operations or information disclosure.
CVE-2026-8877 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8877)
cross-site scripting in wordpress (CVE-2026-8877). Risk of unauthorized operations or information disclosure.
CVE-2026-8884 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8884)
cross-site scripting in wordpress (CVE-2026-8884). Risk of unauthorized operations or information disclosure.
CVE-2026-8886 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8886)
cross-site scripting in wordpress (CVE-2026-8886). Risk of unauthorized operations or information disclosure.
CVE-2026-8887 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8887)
cross-site scripting in wordpress (CVE-2026-8887). Risk of unauthorized operations or information disclosure.
CVE-2026-8891 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8891)
cross-site scripting in wordpress (CVE-2026-8891). Risk of unauthorized operations or information disclosure.
CVE-2026-8894 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8894)
cross-site scripting in wordpress (CVE-2026-8894). Risk of unauthorized operations or information disclosure. Exploitable via ``iwrtooltip``.
CVE-2026-8897 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8897)
cross-site scripting in wordpress (CVE-2026-8897). Risk of unauthorized operations or information disclosure.
CVE-2026-8898 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8898)
cross-site scripting in wordpress (CVE-2026-8898). Risk of unauthorized operations or information disclosure.
CVE-2026-8867 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8867)
cross-site scripting in wordpress (CVE-2026-8867). Risk of unauthorized operations or information disclosure.
CVE-2026-8868 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8868)
cross-site scripting in wordpress (CVE-2026-8868). Risk of unauthorized operations or information disclosure.
CVE-2026-8869 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8869)
cross-site scripting in wordpress (CVE-2026-8869). Risk of unauthorized operations or information disclosure.
CVE-2026-8870 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8870)
cross-site scripting in wordpress (CVE-2026-8870). Risk of unauthorized operations or information disclosure.
CVE-2026-8871 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8871)
cross-site scripting in wordpress (CVE-2026-8871). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →