Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-48239 SQL Injection in sqli (CVE-2026-48239)
SQL injection in sqli (CVE-2026-48239). Confidential information can be exposed externally.
CVE-2026-48240 SQL Injection in sqli (CVE-2026-48240)
SQL injection in sqli (CVE-2026-48240). Confidential information can be exposed externally.
CVE-2026-48238 SQL Injection in sqli (CVE-2026-48238)
SQL injection in sqli (CVE-2026-48238). Confidential information can be exposed externally.
CVE-2026-48232 SQL Injection in sqli (CVE-2026-48232)
SQL injection in sqli (CVE-2026-48232). Confidential information can be exposed externally.
CVE-2026-48233 SQL Injection in sqli (CVE-2026-48233)
SQL injection in sqli (CVE-2026-48233). Confidential information can be exposed externally.
CVE-2026-48234 SQL Injection in sqli (CVE-2026-48234)
SQL injection in sqli (CVE-2026-48234). Confidential information can be exposed externally.
CVE-2026-48223 Cross-Site Scripting (XSS) in CVE-2026-48223 (CVE-2026-48223)
cross-site scripting in CVE-2026-48223 (CVE-2026-48223). Risk of unauthorized operations or information disclosure.
CVE-2026-48224 Cross-Site Scripting (XSS) in CVE-2026-48224 (CVE-2026-48224)
cross-site scripting in CVE-2026-48224 (CVE-2026-48224). Risk of unauthorized operations or information disclosure.
CVE-2026-48216 Cross-Site Scripting (XSS) in CVE-2026-48216 (CVE-2026-48216)
cross-site scripting in CVE-2026-48216 (CVE-2026-48216). Risk of unauthorized operations or information disclosure.
CVE-2026-48226 Cross-Site Scripting (XSS) in CVE-2026-48226 (CVE-2026-48226)
cross-site scripting in CVE-2026-48226 (CVE-2026-48226). Risk of unauthorized operations or information disclosure.
CVE-2026-48227 Cross-Site Scripting (XSS) in CVE-2026-48227 (CVE-2026-48227)
cross-site scripting in CVE-2026-48227 (CVE-2026-48227). Risk of unauthorized operations or information disclosure.
CVE-2026-48220 Cross-Site Scripting (XSS) in CVE-2026-48220 (CVE-2026-48220)
cross-site scripting in CVE-2026-48220 (CVE-2026-48220). Risk of unauthorized operations or information disclosure.
CVE-2026-48229 Cross-Site Scripting (XSS) in CVE-2026-48229 (CVE-2026-48229)
cross-site scripting in CVE-2026-48229 (CVE-2026-48229). Risk of unauthorized operations or information disclosure.
CVE-2026-48221 Cross-Site Scripting (XSS) in CVE-2026-48221 (CVE-2026-48221)
cross-site scripting in CVE-2026-48221 (CVE-2026-48221). Risk of unauthorized operations or information disclosure.
CVE-2026-48228 Cross-Site Scripting (XSS) in CVE-2026-48228 (CVE-2026-48228)
cross-site scripting in CVE-2026-48228 (CVE-2026-48228). Risk of unauthorized operations or information disclosure.
CVE-2026-48222 Cross-Site Scripting (XSS) in CVE-2026-48222 (CVE-2026-48222)
cross-site scripting in CVE-2026-48222 (CVE-2026-48222). Risk of unauthorized operations or information disclosure.
CVE-2026-48217 Cross-Site Scripting (XSS) in CVE-2026-48217 (CVE-2026-48217)
cross-site scripting in CVE-2026-48217 (CVE-2026-48217). Risk of unauthorized operations or information disclosure.
CVE-2026-48219 Cross-Site Scripting (XSS) in CVE-2026-48219 (CVE-2026-48219)
cross-site scripting in CVE-2026-48219 (CVE-2026-48219). Risk of unauthorized operations or information disclosure.
CVE-2026-48225 Cross-Site Scripting (XSS) in CVE-2026-48225 (CVE-2026-48225)
cross-site scripting in CVE-2026-48225 (CVE-2026-48225). Risk of unauthorized operations or information disclosure.
CVE-2026-48218 Cross-Site Scripting (XSS) in CVE-2026-48218 (CVE-2026-48218)
cross-site scripting in CVE-2026-48218 (CVE-2026-48218). Risk of unauthorized operations or information disclosure.
CVE-2026-48230 Cross-Site Scripting (XSS) in CVE-2026-48230 (CVE-2026-48230)
cross-site scripting in CVE-2026-48230 (CVE-2026-48230). Risk of unauthorized operations or information disclosure.
CVE-2026-48231 SQL Injection in sqli (CVE-2026-48231)
SQL injection in sqli (CVE-2026-48231). Confidential information can be exposed externally.
CVE-2026-48214 Cross-Site Scripting (XSS) in CVE-2026-48214 (CVE-2026-48214)
cross-site scripting in CVE-2026-48214 (CVE-2026-48214). Risk of unauthorized operations or information disclosure.
CVE-2026-48215 Cross-Site Scripting (XSS) in CVE-2026-48215 (CVE-2026-48215)
cross-site scripting in CVE-2026-48215 (CVE-2026-48215). Risk of unauthorized operations or information disclosure.
CVE-2026-48213 Cross-Site Scripting (XSS) in CVE-2026-48213 (CVE-2026-48213)
cross-site scripting in CVE-2026-48213 (CVE-2026-48213). Risk of unauthorized operations or information disclosure.
CVE-2026-48207 Unsafe Deserialization in pyfory (CVE-2026-48207)
vulnerability in pyfory (CVE-2026-48207). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.0` or later.
CVE-2026-46492 Vulnerability in md-fileserver (CVE-2026-46492)
vulnerability in md-fileserver (CVE-2026-46492). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.10.3` or later.
CVE-2026-46490 Vulnerability in samlify (CVE-2026-46490)
vulnerability in samlify (CVE-2026-46490). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-46486 Path Traversal in mvt (CVE-2026-46486)
path traversal in mvt (CVE-2026-46486). Risk of unauthorized operations or information disclosure. Exploitable via ``fileID``. Mitigation: upgrade to `2026.5.12` or later.
CVE-2026-39531 SQL Injection in sqli (CVE-2026-39531)
SQL injection in sqli (CVE-2026-39531). Confidential information can be exposed externally.
CVE-2026-36189 Vulnerability in cpp (CVE-2026-36189)
vulnerability in cpp (CVE-2026-36189). Risk of unauthorized operations or information disclosure.
CVE-2026-45208 A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker...
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker...
CVE-2026-45207 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-45206 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34930 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34929 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34928 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34927 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34926 KEV [KEV] Vulnerability in Trend micro path-traversal (CVE-2026-34926)
vulnerability in Trend micro path-traversal (CVE-2026-34926). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2026-2740 Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and...
Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and...
CVE-2025-13477 Vulnerability in CVE-2025-13477 (CVE-2025-13477)
vulnerability in CVE-2025-13477 (CVE-2025-13477). Confidential information can be exposed externally.
CVE-2026-6841 Cross-Site Scripting (XSS) in bestpractical (CVE-2026-6841)
cross-site scripting in bestpractical (CVE-2026-6841). Risk of unauthorized operations or information disclosure.
CVE-2026-5118 Privilege Escalation in wordpress (CVE-2026-5118)
vulnerability in wordpress (CVE-2026-5118). Successful exploitation can lead to full system takeover.
CVE-2026-5433 Vulnerability in CVE-2026-5433 (CVE-2026-5433)
vulnerability in CVE-2026-5433 (CVE-2026-5433). Successful exploitation can lead to full system takeover.
CVE-2026-4858 Path Traversal in github.com/mattermost/mattermost-server (CVE-2026-4858)
path traversal in github.com/mattermost/mattermost-server (CVE-2026-4858). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.11.15` or later.
CVE-2026-44071 Vulnerability in dos (CVE-2026-44071)
vulnerability in dos (CVE-2026-44071). Risk of unauthorized operations or information disclosure.
CVE-2026-7835 Vulnerability in dos (CVE-2026-7835)
vulnerability in dos (CVE-2026-7835). Risk of unauthorized operations or information disclosure.
CVE-2026-44064 Out-of-Bounds Read in dos (CVE-2026-44064)
vulnerability in dos (CVE-2026-44064). Risk of unauthorized operations or information disclosure.
CVE-2026-44070 Vulnerability in dos (CVE-2026-44070)
vulnerability in dos (CVE-2026-44070). Risk of unauthorized operations or information disclosure.
CVE-2026-44068 Path Traversal in path-traversal (CVE-2026-44068)
path traversal in path-traversal (CVE-2026-44068). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →