Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-3319 |
|
Cross-Site Scripting (XSS) in CVE-2026-3319 (CVE-2026-3319)
cross-site scripting in CVE-2026-3319 (CVE-2026-3319). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31246 |
|
OS Command Injection in gpt-pilot (CVE-2026-31246)
OS command injection in gpt-pilot (CVE-2026-31246). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31247 |
|
Vulnerability in docling (CVE-2026-31247)
vulnerability in docling (CVE-2026-31247). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65418 |
|
Path Traversal in path-traversal (CVE-2025-65418)
path traversal in path-traversal (CVE-2025-65418). Confidential information can be exposed externally.
|
| CVE-2025-65417 |
|
Cross-Site Scripting (XSS) in CVE-2025-65417 (CVE-2025-65417)
cross-site scripting in CVE-2025-65417 (CVE-2025-65417). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61308 |
|
Cross-Site Scripting (XSS) in CVE-2025-61308 (CVE-2025-61308)
cross-site scripting in CVE-2025-61308 (CVE-2025-61308). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61309 |
|
Cross-Site Scripting (XSS) in CVE-2025-61309 (CVE-2025-61309)
cross-site scripting in CVE-2025-61309 (CVE-2025-61309). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61310 |
|
Cross-Site Scripting (XSS) in CVE-2025-61310 (CVE-2025-61310)
cross-site scripting in CVE-2025-61310 (CVE-2025-61310). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61311 |
|
Cross-Site Scripting (XSS) in CVE-2025-61311 (CVE-2025-61311)
cross-site scripting in CVE-2025-61311 (CVE-2025-61311). Confidential information can be exposed externally.
|
| CVE-2025-61312 |
|
Cross-Site Scripting (XSS) in CVE-2025-61312 (CVE-2025-61312)
cross-site scripting in CVE-2025-61312 (CVE-2025-61312). Confidential information can be exposed externally.
|
| CVE-2025-61313 |
|
Cross-Site Scripting (XSS) in CVE-2025-61313 (CVE-2025-61313)
cross-site scripting in CVE-2025-61313 (CVE-2025-61313). Confidential information can be exposed externally.
|
| CVE-2025-61314 |
|
Cross-Site Scripting (XSS) in CVE-2025-61314 (CVE-2025-61314)
cross-site scripting in CVE-2025-61314 (CVE-2025-61314). Confidential information can be exposed externally.
|
| CVE-2025-61305 |
|
Cross-Site Scripting (XSS) in CVE-2025-61305 (CVE-2025-61305)
cross-site scripting in CVE-2025-61305 (CVE-2025-61305). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61306 |
|
Cross-Site Scripting (XSS) in CVE-2025-61306 (CVE-2025-61306)
cross-site scripting in CVE-2025-61306 (CVE-2025-61306). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61307 |
|
Cross-Site Scripting (XSS) in CVE-2025-61307 (CVE-2025-61307)
cross-site scripting in CVE-2025-61307 (CVE-2025-61307). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45033 |
|
Vulnerability in @github/copilot (CVE-2026-45033)
vulnerability in @github/copilot (CVE-2026-45033). Successful exploitation can lead to full system takeover. Exploitable via ``core.fsmonitor``. Mitigation: upgrade to `1.0.43` or later.
|
| CVE-2026-44572 |
|
Vulnerability in next (CVE-2026-44572)
vulnerability in next (CVE-2026-44572). Risk of unauthorized operations or information disclosure. Exploitable via ``Location``. Mitigation: upgrade to `16.2.5` or later.
|
| CVE-2026-44521 |
|
SQL Injection in studio-42/elfinder (CVE-2026-44521)
SQL injection in studio-42/elfinder (CVE-2026-44521). Successful exploitation can lead to full system takeover. Exploitable via ``elFinderVolumeMySQL``. Mitigation: upgrade to `2.1.68` or later.
|
| CVE-2026-44581 |
|
Cross-Site Scripting (XSS) in next (CVE-2026-44581)
cross-site scripting in next (CVE-2026-44581). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.2.5` or later.
|
| CVE-2026-44580 |
|
Cross-Site Scripting (XSS) in next (CVE-2026-44580)
cross-site scripting in next (CVE-2026-44580). Risk of unauthorized operations or information disclosure. Exploitable via ``beforeInteractive``. Mitigation: upgrade to `16.2.5` or later.
|
| CVE-2026-44971 |
|
SSRF (Server-Side Request Forgery) in guarddog (CVE-2026-44971)
SSRF in guarddog (CVE-2026-44971). Confidential information can be exposed externally. Exploitable via ``GH_TOKEN``.
|
| CVE-2026-8290 |
|
Vulnerability in c (CVE-2026-8290)
vulnerability in c (CVE-2026-8290). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8289 |
|
Vulnerability in c (CVE-2026-8289)
vulnerability in c (CVE-2026-8289). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42595 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.32.0` or later.
|
| CVE-2026-8288 |
|
Vulnerability in c (CVE-2026-8288)
vulnerability in c (CVE-2026-8288). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9973 |
|
Vulnerability in privilege-escalation (CVE-2025-9973)
vulnerability in privilege-escalation (CVE-2025-9973). Confidential information can be exposed externally.
|
| CVE-2026-6909 |
|
Cross-Site Scripting (XSS) in CVE-2026-6909 (CVE-2026-6909)
cross-site scripting in CVE-2026-6909 (CVE-2026-6909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6956 |
|
Cross-Site Scripting (XSS) in CVE-2026-6956 (CVE-2026-6956)
cross-site scripting in CVE-2026-6956 (CVE-2026-6956). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43992 |
|
Vulnerability in dell (CVE-2025-43992)
vulnerability in dell (CVE-2025-43992). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23918 |
|
Vulnerability in jvn (CVE-2026-23918)
vulnerability in jvn (CVE-2026-23918). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4367 |
|
Out-of-Bounds Read in jvn (CVE-2026-4367)
vulnerability in jvn (CVE-2026-4367). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41530 |
|
Path Traversal in jvn (CVE-2026-41530)
path traversal in jvn (CVE-2026-41530). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41951 |
|
Path Traversal in jvn (CVE-2026-41951)
path traversal in jvn (CVE-2026-41951). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8270 |
|
Vulnerability in dos (CVE-2026-8270)
vulnerability in dos (CVE-2026-8270). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8269 |
|
Vulnerability in dos (CVE-2026-8269)
vulnerability in dos (CVE-2026-8269). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8274 |
|
Path Traversal in c (CVE-2026-8274)
path traversal in c (CVE-2026-8274). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8268 |
|
Vulnerability in dos (CVE-2026-8268)
vulnerability in dos (CVE-2026-8268). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8267 |
|
Vulnerability in dos (CVE-2026-8267)
vulnerability in dos (CVE-2026-8267). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8266 |
|
Vulnerability in c (CVE-2026-8266)
vulnerability in c (CVE-2026-8266). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8262 |
|
Cross-Site Scripting (XSS) in CVE-2026-8262 (CVE-2026-8262)
cross-site scripting in CVE-2026-8262 (CVE-2026-8262). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8256 |
|
Cross-Site Scripting (XSS) in CVE-2026-8256 (CVE-2026-8256)
cross-site scripting in CVE-2026-8256 (CVE-2026-8256). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8253 |
|
Cross-Site Scripting (XSS) in CVE-2026-8253 (CVE-2026-8253)
cross-site scripting in CVE-2026-8253 (CVE-2026-8253). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8254 |
|
Cross-Site Scripting (XSS) in CVE-2026-8254 (CVE-2026-8254)
cross-site scripting in CVE-2026-8254 (CVE-2026-8254). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8255 |
|
Cross-Site Scripting (XSS) in CVE-2026-8255 (CVE-2026-8255)
cross-site scripting in CVE-2026-8255 (CVE-2026-8255). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8251 |
|
Vulnerability in c (CVE-2026-8251)
vulnerability in c (CVE-2026-8251). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8250 |
|
Vulnerability in c (CVE-2026-8250)
vulnerability in c (CVE-2026-8250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8249 |
|
Vulnerability in c (CVE-2026-8249)
vulnerability in c (CVE-2026-8249). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8248 |
|
Vulnerability in c (CVE-2026-8248)
vulnerability in c (CVE-2026-8248). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8177 |
|
Out-of-Bounds Read in dos (CVE-2026-8177)
vulnerability in dos (CVE-2026-8177). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50963 |
|
Cross-Site Scripting (XSS) in CVE-2022-50963 (CVE-2022-50963)
cross-site scripting in CVE-2022-50963 (CVE-2022-50963). Risk of unauthorized operations or information disclosure.
|