Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-24554 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-24554)
vulnerability in csrf (CVE-2026-24554). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9485 |
|
Cross-Site Scripting (XSS) in CVE-2026-9485 (CVE-2026-9485)
cross-site scripting in CVE-2026-9485 (CVE-2026-9485). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24574 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-24574)
vulnerability in csrf (CVE-2026-24574). Data can be tampered with by attackers.
|
| CVE-2026-24597 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-24597)
vulnerability in csrf (CVE-2026-24597). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44598 |
|
Open Redirect in org.apache.shiro:shiro-jakarta-ee (CVE-2026-44598)
vulnerability in org.apache.shiro:shiro-jakarta-ee (CVE-2026-44598). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.0-alpha-2` or later.
|
| CVE-2026-9497 |
|
Vulnerability in org.mengyun:tcc-transaction (CVE-2026-9497)
vulnerability in org.mengyun:tcc-transaction (CVE-2026-9497). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48849 |
|
Cross-Site Scripting (XSS) in CVE-2026-48849 (CVE-2026-48849)
cross-site scripting in CVE-2026-48849 (CVE-2026-48849). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48845 |
|
Vulnerability in privilege-escalation (CVE-2026-48845)
vulnerability in privilege-escalation (CVE-2026-48845). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48842 |
|
SQL Injection in sqli (CVE-2026-48842)
SQL injection in sqli (CVE-2026-48842). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48843 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48843)
SSRF in ssrf (CVE-2026-48843). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9473 |
|
Path Traversal in c (CVE-2026-9473)
path traversal in c (CVE-2026-9473). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9472 |
|
Path Traversal in path-traversal (CVE-2026-9472)
path traversal in path-traversal (CVE-2026-9472). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9474 |
|
Vulnerability in sqli (CVE-2026-9474)
vulnerability in sqli (CVE-2026-9474). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9471 |
|
Cross-Site Scripting (XSS) in CVE-2026-9471 (CVE-2026-9471)
cross-site scripting in CVE-2026-9471 (CVE-2026-9471). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9468 |
|
Path Traversal in path-traversal (CVE-2026-9468)
path traversal in path-traversal (CVE-2026-9468). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9467 |
|
Path Traversal in path-traversal (CVE-2026-9467)
path traversal in path-traversal (CVE-2026-9467). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9470 |
|
Vulnerability in sqli (CVE-2026-9470)
vulnerability in sqli (CVE-2026-9470). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9469 |
|
Vulnerability in sqli (CVE-2026-9469)
vulnerability in sqli (CVE-2026-9469). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27768 |
|
SQL Injection affecting the Access Manager role.
SQL Injection affecting the Access Manager role.
|
| CVE-2026-9465 |
|
Vulnerability in sqli (CVE-2026-9465)
vulnerability in sqli (CVE-2026-9465). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25380 |
|
SQL Injection in sqli (CVE-2018-25380)
SQL injection in sqli (CVE-2018-25380). Confidential information can be exposed externally.
|
| CVE-2018-25381 |
|
SQL Injection in sqli (CVE-2018-25381)
SQL injection in sqli (CVE-2018-25381). Confidential information can be exposed externally.
|
| CVE-2018-25379 |
|
SQL Injection in sqli (CVE-2018-25379)
SQL injection in sqli (CVE-2018-25379). Confidential information can be exposed externally.
|
| CVE-2018-25378 |
|
Vulnerability in dos (CVE-2018-25378)
vulnerability in dos (CVE-2018-25378). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25368 |
|
Vulnerability in dos (CVE-2018-25368)
vulnerability in dos (CVE-2018-25368). Confidential information can be exposed externally.
|
| CVE-2018-25367 |
|
Vulnerability in dos (CVE-2018-25367)
vulnerability in dos (CVE-2018-25367). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25369 |
|
Vulnerability in dos (CVE-2018-25369)
vulnerability in dos (CVE-2018-25369). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25374 |
|
Path Traversal in c (CVE-2018-25374)
path traversal in c (CVE-2018-25374). Confidential information can be exposed externally.
|
| CVE-2018-25372 |
|
SQL Injection in sqli (CVE-2018-25372)
SQL injection in sqli (CVE-2018-25372). Confidential information can be exposed externally.
|
| CVE-2018-25371 |
|
SQL Injection in sqli (CVE-2018-25371)
SQL injection in sqli (CVE-2018-25371). Confidential information can be exposed externally.
|
| CVE-2018-25361 |
|
Vulnerability in CVE-2018-25361 (CVE-2018-25361)
vulnerability in CVE-2018-25361 (CVE-2018-25361). Confidential information can be exposed externally.
|
| CVE-2018-25365 |
|
Path Traversal in path-traversal (CVE-2018-25365)
path traversal in path-traversal (CVE-2018-25365). Confidential information can be exposed externally.
|
| CVE-2018-25362 |
|
SQL Injection in sqli (CVE-2018-25362)
SQL injection in sqli (CVE-2018-25362). Confidential information can be exposed externally.
|
| CVE-2018-25364 |
|
SQL Injection in sqli (CVE-2018-25364)
SQL injection in sqli (CVE-2018-25364). Confidential information can be exposed externally.
|
| CVE-2026-9058 |
|
Vulnerability in CVE-2026-9058 (CVE-2026-9058)
vulnerability in CVE-2026-9058 (CVE-2026-9058). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7766 |
|
Path Traversal in path-traversal (CVE-2026-7766)
path traversal in path-traversal (CVE-2026-7766). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9451 |
|
Vulnerability in sqli (CVE-2026-9451)
vulnerability in sqli (CVE-2026-9451). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9449 |
|
Vulnerability in sqli (CVE-2026-9449)
vulnerability in sqli (CVE-2026-9449). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9450 |
|
Vulnerability in sqli (CVE-2026-9450)
vulnerability in sqli (CVE-2026-9450). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9448 |
|
Cross-Site Scripting (XSS) in CVE-2026-9448 (CVE-2026-9448)
cross-site scripting in CVE-2026-9448 (CVE-2026-9448). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9446 |
|
Vulnerability in sqli (CVE-2026-9446)
vulnerability in sqli (CVE-2026-9446). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9444 |
|
Vulnerability in sqli (CVE-2026-9444)
vulnerability in sqli (CVE-2026-9444). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9447 |
|
Vulnerability in sqli (CVE-2026-9447)
vulnerability in sqli (CVE-2026-9447). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45249 |
|
Cross-Site Scripting (XSS) in echarts (CVE-2026-45249)
cross-site scripting in echarts (CVE-2026-45249). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.0` or later.
|
| CVE-2026-4915 |
|
Vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4915)
vulnerability in github.com/mattermost/mattermost-server (CVE-2026-4915). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.15` or later.
|
| CVE-2026-9418 |
|
Cross-Site Scripting (XSS) in CVE-2026-9418 (CVE-2026-9418)
cross-site scripting in CVE-2026-9418 (CVE-2026-9418). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9419 |
|
Cross-Site Scripting (XSS) in CVE-2026-9419 (CVE-2026-9419)
cross-site scripting in CVE-2026-9419 (CVE-2026-9419). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9417 |
|
Cross-Site Scripting (XSS) in CVE-2026-9417 (CVE-2026-9417)
cross-site scripting in CVE-2026-9417 (CVE-2026-9417). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9416 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-9416)
cross-site scripting in c (CVE-2026-9416). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9489 |
|
Path Traversal in privilege-escalation (CVE-2026-9489)
path traversal in privilege-escalation (CVE-2026-9489). Risk of unauthorized operations or information disclosure.
|