Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-40368 Unsafe Deserialization in deserialization (CVE-2026-40368)
vulnerability in deserialization (CVE-2026-40368). Successful exploitation can lead to full system takeover.
CVE-2026-40357 Unsafe Deserialization in deserialization (CVE-2026-40357)
vulnerability in deserialization (CVE-2026-40357). Successful exploitation can lead to full system takeover.
CVE-2026-40365 Vulnerability in microsoft (CVE-2026-40365)
vulnerability in microsoft (CVE-2026-40365). Successful exploitation can lead to full system takeover.
CVE-2026-33110 Unsafe Deserialization in deserialization (CVE-2026-33110)
vulnerability in deserialization (CVE-2026-33110). Successful exploitation can lead to full system takeover.
CVE-2026-33112 Unsafe Deserialization in deserialization (CVE-2026-33112)
vulnerability in deserialization (CVE-2026-33112). Successful exploitation can lead to full system takeover.
CVE-2026-31237 Unsafe Deserialization in ludwig (CVE-2026-31237)
vulnerability in ludwig (CVE-2026-31237). Successful exploitation can lead to full system takeover.
CVE-2026-31238 Unsafe Deserialization in ludwig (CVE-2026-31238)
vulnerability in ludwig (CVE-2026-31238). Successful exploitation can lead to full system takeover.
CVE-2026-31235 Unsafe Deserialization in imgaug (CVE-2026-31235)
vulnerability in imgaug (CVE-2026-31235). Successful exploitation can lead to full system takeover.
CVE-2026-31239 Unsafe Deserialization in mamba-ssm (CVE-2026-31239)
vulnerability in mamba-ssm (CVE-2026-31239). Successful exploitation can lead to full system takeover.
CVE-2026-31243 Vulnerability in dos (CVE-2026-31243)
vulnerability in dos (CVE-2026-31243). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /memories`.
CVE-2026-31242 Vulnerability in dos (CVE-2026-31242)
vulnerability in dos (CVE-2026-31242). Data can be tampered with by attackers. Exploitable via `DELETE /memories`.
CVE-2026-31241 Vulnerability in mem0ai (CVE-2026-31241)
vulnerability in mem0ai (CVE-2026-31241). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /memories`.
CVE-2026-31244 Vulnerability in dos (CVE-2026-31244)
vulnerability in dos (CVE-2026-31244). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /memories/{memory_id}`.
CVE-2026-31231 Code Injection in CVE-2026-31231 (CVE-2026-31231)
code injection in CVE-2026-31231 (CVE-2026-31231). Successful exploitation can lead to full system takeover.
CVE-2026-31229 Unsafe Deserialization in deserialization (CVE-2026-31229)
vulnerability in deserialization (CVE-2026-31229). Successful exploitation can lead to full system takeover.
CVE-2026-31234 Unsafe Deserialization in horovod (CVE-2026-31234)
vulnerability in horovod (CVE-2026-31234). Successful exploitation can lead to full system takeover.
CVE-2026-31232 Unsafe Deserialization in deserialization (CVE-2026-31232)
vulnerability in deserialization (CVE-2026-31232). Successful exploitation can lead to full system takeover.
CVE-2026-31233 Code Injection in guardrails-ai (CVE-2026-31233)
code injection in guardrails-ai (CVE-2026-31233). Successful exploitation can lead to full system takeover.
CVE-2025-53681 SQL Injection in sqli (CVE-2025-53681)
SQL injection in sqli (CVE-2025-53681). Successful exploitation can lead to full system takeover.
CVE-2026-25088 SQL Injection in sqli (CVE-2026-25088)
SQL injection in sqli (CVE-2026-25088). Risk of unauthorized operations or information disclosure.
CVE-2026-44196 Authentication Bypass in CVE-2026-44196 (CVE-2026-44196)
authentication bypass in CVE-2026-44196 (CVE-2026-44196). Confidential information can be exposed externally. Mitigation: upgrade to `1.16.3` or later.
CVE-2026-44204 Vulnerability in sqli (CVE-2026-44204)
vulnerability in sqli (CVE-2026-44204). Confidential information can be exposed externally. Mitigation: upgrade to `1.20.1` or later.
CVE-2026-43892 Cross-Site Scripting (XSS) in CVE-2026-43892 (CVE-2026-43892)
cross-site scripting in CVE-2026-43892 (CVE-2026-43892). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.1.16` or later.
CVE-2026-43929 Vulnerability in ssrfcheck (CVE-2026-43929)
vulnerability in ssrfcheck (CVE-2026-43929). Confidential information can be exposed externally. Exploitable via ``ssrfcheck``.
CVE-2026-42175 SSRF (Server-Side Request Forgery) in requests-hardened (CVE-2026-42175)
SSRF in requests-hardened (CVE-2026-42175). Confidential information can be exposed externally. Mitigation: upgrade to `1.2.1` or later.
CVE-2026-42048 Path Traversal in langflow (CVE-2026-42048)
path traversal in langflow (CVE-2026-42048). Data can be tampered with by attackers. Exploitable via `DELETE /api/v1/knowledge_bases`. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-41612 Path Traversal in path-traversal (CVE-2026-41612)
path traversal in path-traversal (CVE-2026-41612). Confidential information can be exposed externally.
CVE-2026-42141 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42141)
SSRF in ssrf (CVE-2026-42141). Confidential information can be exposed externally. Mitigation: upgrade to `4.4.1` or later.
CVE-2026-42045 Cross-Site Scripting (XSS) in @lobehub/lobehub (CVE-2026-42045)
cross-site scripting in @lobehub/lobehub (CVE-2026-42045). Confidential information can be exposed externally. Exploitable via ``runCommand``.
CVE-2026-41610 Vulnerability in microsoft (CVE-2026-41610)
vulnerability in microsoft (CVE-2026-41610). Confidential information can be exposed externally.
CVE-2026-41611 Command Injection in microsoft (CVE-2026-41611)
command injection in microsoft (CVE-2026-41611). Successful exploitation can lead to full system takeover.
CVE-2026-43993 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43993)
SSRF in ssrf (CVE-2026-43993). Confidential information can be exposed externally. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-20887 Vulnerability in dos (CVE-2026-20887)
vulnerability in dos (CVE-2026-20887). Risk of unauthorized operations or information disclosure.
CVE-2026-20914 Vulnerability in dos (CVE-2026-20914)
vulnerability in dos (CVE-2026-20914). Risk of unauthorized operations or information disclosure.
CVE-2026-20905 Vulnerability in dos (CVE-2026-20905)
vulnerability in dos (CVE-2026-20905). Risk of unauthorized operations or information disclosure.
CVE-2026-20881 Vulnerability in dos (CVE-2026-20881)
vulnerability in dos (CVE-2026-20881). Risk of unauthorized operations or information disclosure.
CVE-2026-20879 Out-of-Bounds Write in dos (CVE-2026-20879)
out-of-bounds write in dos (CVE-2026-20879). Risk of unauthorized operations or information disclosure.
CVE-2026-20793 Vulnerability in dos (CVE-2026-20793)
vulnerability in dos (CVE-2026-20793). Risk of unauthorized operations or information disclosure.
CVE-2026-20782 Vulnerability in dos (CVE-2026-20782)
vulnerability in dos (CVE-2026-20782). Risk of unauthorized operations or information disclosure.
CVE-2026-20771 Vulnerability in dos (CVE-2026-20771)
vulnerability in dos (CVE-2026-20771). Risk of unauthorized operations or information disclosure.
CVE-2026-20754 Vulnerability in dos (CVE-2026-20754)
vulnerability in dos (CVE-2026-20754). Risk of unauthorized operations or information disclosure.
CVE-2026-20751 Out-of-Bounds Read in dos (CVE-2026-20751)
vulnerability in dos (CVE-2026-20751). Risk of unauthorized operations or information disclosure.
CVE-2026-20717 Vulnerability in dos (CVE-2026-20717)
vulnerability in dos (CVE-2026-20717). Risk of unauthorized operations or information disclosure.
CVE-2025-36510 Buffer Overflow in dos (CVE-2025-36510)
vulnerability in dos (CVE-2025-36510). Risk of unauthorized operations or information disclosure.
CVE-2025-27723 Use-After-Free in dos (CVE-2025-27723)
vulnerability in dos (CVE-2025-27723). Risk of unauthorized operations or information disclosure.
CVE-2026-43512 Authentication Bypass in tomcat (CVE-2026-43512)
authentication bypass in tomcat (CVE-2026-43512). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-31225 Code Injection in superduper-framework (CVE-2026-31225)
code injection in superduper-framework (CVE-2026-31225). Successful exploitation can lead to full system takeover.
CVE-2026-31226 OS Command Injection in CVE-2026-31226 (CVE-2026-31226)
OS command injection in CVE-2026-31226 (CVE-2026-31226). Successful exploitation can lead to full system takeover.
CVE-2026-31228 Code Injection in CVE-2026-31228 (CVE-2026-31228)
code injection in CVE-2026-31228 (CVE-2026-31228). Successful exploitation can lead to full system takeover.
CVE-2026-34187 SQL Injection in sqli (CVE-2026-34187)
SQL injection in sqli (CVE-2026-34187). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →