Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-8872 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8872)
cross-site scripting in wordpress (CVE-2026-8872). Risk of unauthorized operations or information disclosure.
CVE-2026-8873 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8873)
cross-site scripting in wordpress (CVE-2026-8873). Risk of unauthorized operations or information disclosure.
CVE-2026-8837 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8837)
cross-site scripting in wordpress (CVE-2026-8837). Risk of unauthorized operations or information disclosure.
CVE-2026-8842 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8842)
cross-site scripting in wordpress (CVE-2026-8842). Risk of unauthorized operations or information disclosure.
CVE-2026-8844 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8844)
cross-site scripting in wordpress (CVE-2026-8844). Risk of unauthorized operations or information disclosure.
CVE-2026-8845 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8845)
cross-site scripting in wordpress (CVE-2026-8845). Risk of unauthorized operations or information disclosure.
CVE-2026-8846 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8846)
cross-site scripting in wordpress (CVE-2026-8846). Risk of unauthorized operations or information disclosure.
CVE-2026-8847 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8847)
cross-site scripting in wordpress (CVE-2026-8847). Risk of unauthorized operations or information disclosure.
CVE-2026-8866 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8866)
cross-site scripting in wordpress (CVE-2026-8866). Risk of unauthorized operations or information disclosure.
CVE-2026-8787 Privilege Escalation in wordpress (CVE-2026-8787)
vulnerability in wordpress (CVE-2026-8787). Successful exploitation can lead to full system takeover. Exploitable via ``user_email``.
CVE-2026-8048 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8048)
cross-site scripting in wordpress (CVE-2026-8048). Risk of unauthorized operations or information disclosure.
CVE-2026-8698 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8698)
cross-site scripting in wordpress (CVE-2026-8698). Risk of unauthorized operations or information disclosure.
CVE-2026-8701 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8701)
cross-site scripting in wordpress (CVE-2026-8701). Risk of unauthorized operations or information disclosure. Exploitable via ``border``.
CVE-2026-8702 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8702)
cross-site scripting in wordpress (CVE-2026-8702). Risk of unauthorized operations or information disclosure.
CVE-2026-8703 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8703)
cross-site scripting in wordpress (CVE-2026-8703). Risk of unauthorized operations or information disclosure.
CVE-2026-8707 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8707)
cross-site scripting in wordpress (CVE-2026-8707). Risk of unauthorized operations or information disclosure.
CVE-2026-8760 Vulnerability in wordpress (CVE-2026-8760)
vulnerability in wordpress (CVE-2026-8760). Successful exploitation can lead to full system takeover.
CVE-2026-8040 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8040)
cross-site scripting in wordpress (CVE-2026-8040). Risk of unauthorized operations or information disclosure.
CVE-2026-6268 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6268)
cross-site scripting in wordpress (CVE-2026-6268). Risk of unauthorized operations or information disclosure.
CVE-2026-6287 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6287)
cross-site scripting in wordpress (CVE-2026-6287). Risk of unauthorized operations or information disclosure.
CVE-2026-9022 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9022)
cross-site scripting in wordpress (CVE-2026-9022). Risk of unauthorized operations or information disclosure.
CVE-2026-2253 Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0,...
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0,...
CVE-2025-15649 Vulnerability in dos (CVE-2025-15649)
vulnerability in dos (CVE-2025-15649). Risk of unauthorized operations or information disclosure.
CVE-2026-49017 Vulnerability in swift (CVE-2026-49017)
vulnerability in swift (CVE-2026-49017). Risk of unauthorized operations or information disclosure.
CVE-2026-9156 Tanium addressed a denial of service vulnerability in Tanium Server.
Tanium addressed a denial of service vulnerability in Tanium Server.
CVE-2026-7493 Vulnerability in wordpress (CVE-2026-7493)
vulnerability in wordpress (CVE-2026-7493). Risk of unauthorized operations or information disclosure.
CVE-2026-6565 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6565)
cross-site scripting in wordpress (CVE-2026-6565). Risk of unauthorized operations or information disclosure.
CVE-2026-9608 Cross-Site Scripting (XSS) in CVE-2026-9608 (CVE-2026-9608)
cross-site scripting in CVE-2026-9608 (CVE-2026-9608). Risk of unauthorized operations or information disclosure.
CVE-2026-44705 Path Traversal in tmp (CVE-2026-44705)
path traversal in tmp (CVE-2026-44705). Data can be tampered with by attackers. Exploitable via ``prefix``. Mitigation: upgrade to `0.2.6` or later.
CVE-2026-9607 Vulnerability in sqli (CVE-2026-9607)
vulnerability in sqli (CVE-2026-9607). Risk of unauthorized operations or information disclosure.
CVE-2026-9606 Vulnerability in sqli (CVE-2026-9606)
vulnerability in sqli (CVE-2026-9606). Risk of unauthorized operations or information disclosure.
CVE-2026-8606 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-8606)
SSRF in ssrf (CVE-2026-8606). Confidential information can be exposed externally.
CVE-2026-9312 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9312)
SSRF in ssrf (CVE-2026-9312). Confidential information can be exposed externally.
CVE-2026-44645 Vulnerability in liquidjs (CVE-2026-44645)
vulnerability in liquidjs (CVE-2026-44645). Risk of unauthorized operations or information disclosure. Exploitable via ``renderLimit``.
CVE-2026-44644 Cross-Site Scripting (XSS) in liquidjs (CVE-2026-44644)
cross-site scripting in liquidjs (CVE-2026-44644). Risk of unauthorized operations or information disclosure. Exploitable via ``strip_html``.
CVE-2026-44587 Cross-Site Scripting (XSS) in carrierwave (CVE-2026-44587)
cross-site scripting in carrierwave (CVE-2026-44587). Risk of unauthorized operations or information disclosure. Exploitable via ``Regexp.quote``. Mitigation: upgrade to `2.2.7` or later.
CVE-2026-34986 Vulnerability in github.com/go-jose/go-jose/v3 (CVE-2026-34986)
vulnerability in github.com/go-jose/go-jose/v3 (CVE-2026-34986). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.5` or later.
CVE-2026-9584 A security vulnerability has been detected in code-projects Project Management System 1.0....
A security vulnerability has been detected in code-projects Project Management System 1.0....
CVE-2026-5260 A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret...
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret...
CVE-2026-44905 Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza....
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure as syntactically val...
CVE-2026-42015 Vulnerability in dos (CVE-2026-42015)
vulnerability in dos (CVE-2026-42015). Risk of unauthorized operations or information disclosure.
CVE-2026-43988 Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When pro...
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing corrupted ASN.1/OER structures (e.g., invalid length fi...
CVE-2026-42013 A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name ...
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name ...
CVE-2026-45412 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45412)
SSRF in ssrf (CVE-2026-45412). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.9.1` or later.
CVE-2026-42336 Vulnerability in ssrf (CVE-2026-42336)
vulnerability in ssrf (CVE-2026-42336). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-42335 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42335)
SSRF in ssrf (CVE-2026-42335). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.8.1` or later.
CVE-2025-68711 Vulnerability in c (CVE-2025-68711)
vulnerability in c (CVE-2025-68711). Risk of unauthorized operations or information disclosure.
CVE-2025-68708 Vulnerability in c (CVE-2025-68708)
vulnerability in c (CVE-2025-68708). Risk of unauthorized operations or information disclosure.
CVE-2026-9573 Vulnerability in sqli (CVE-2026-9573)
vulnerability in sqli (CVE-2026-9573). Risk of unauthorized operations or information disclosure.
CVE-2026-9574 Vulnerability in sqli (CVE-2026-9574)
vulnerability in sqli (CVE-2026-9574). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →