Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-3319 Cross-Site Scripting (XSS) in CVE-2026-3319 (CVE-2026-3319)
cross-site scripting in CVE-2026-3319 (CVE-2026-3319). Risk of unauthorized operations or information disclosure.
CVE-2026-31246 OS Command Injection in gpt-pilot (CVE-2026-31246)
OS command injection in gpt-pilot (CVE-2026-31246). Risk of unauthorized operations or information disclosure.
CVE-2026-31247 Vulnerability in docling (CVE-2026-31247)
vulnerability in docling (CVE-2026-31247). Risk of unauthorized operations or information disclosure.
CVE-2025-65418 Path Traversal in path-traversal (CVE-2025-65418)
path traversal in path-traversal (CVE-2025-65418). Confidential information can be exposed externally.
CVE-2025-65417 Cross-Site Scripting (XSS) in CVE-2025-65417 (CVE-2025-65417)
cross-site scripting in CVE-2025-65417 (CVE-2025-65417). Risk of unauthorized operations or information disclosure.
CVE-2025-61308 Cross-Site Scripting (XSS) in CVE-2025-61308 (CVE-2025-61308)
cross-site scripting in CVE-2025-61308 (CVE-2025-61308). Risk of unauthorized operations or information disclosure.
CVE-2025-61309 Cross-Site Scripting (XSS) in CVE-2025-61309 (CVE-2025-61309)
cross-site scripting in CVE-2025-61309 (CVE-2025-61309). Risk of unauthorized operations or information disclosure.
CVE-2025-61310 Cross-Site Scripting (XSS) in CVE-2025-61310 (CVE-2025-61310)
cross-site scripting in CVE-2025-61310 (CVE-2025-61310). Risk of unauthorized operations or information disclosure.
CVE-2025-61311 Cross-Site Scripting (XSS) in CVE-2025-61311 (CVE-2025-61311)
cross-site scripting in CVE-2025-61311 (CVE-2025-61311). Confidential information can be exposed externally.
CVE-2025-61312 Cross-Site Scripting (XSS) in CVE-2025-61312 (CVE-2025-61312)
cross-site scripting in CVE-2025-61312 (CVE-2025-61312). Confidential information can be exposed externally.
CVE-2025-61313 Cross-Site Scripting (XSS) in CVE-2025-61313 (CVE-2025-61313)
cross-site scripting in CVE-2025-61313 (CVE-2025-61313). Confidential information can be exposed externally.
CVE-2025-61314 Cross-Site Scripting (XSS) in CVE-2025-61314 (CVE-2025-61314)
cross-site scripting in CVE-2025-61314 (CVE-2025-61314). Confidential information can be exposed externally.
CVE-2025-61305 Cross-Site Scripting (XSS) in CVE-2025-61305 (CVE-2025-61305)
cross-site scripting in CVE-2025-61305 (CVE-2025-61305). Risk of unauthorized operations or information disclosure.
CVE-2025-61306 Cross-Site Scripting (XSS) in CVE-2025-61306 (CVE-2025-61306)
cross-site scripting in CVE-2025-61306 (CVE-2025-61306). Risk of unauthorized operations or information disclosure.
CVE-2025-61307 Cross-Site Scripting (XSS) in CVE-2025-61307 (CVE-2025-61307)
cross-site scripting in CVE-2025-61307 (CVE-2025-61307). Risk of unauthorized operations or information disclosure.
CVE-2026-45033 Vulnerability in @github/copilot (CVE-2026-45033)
vulnerability in @github/copilot (CVE-2026-45033). Successful exploitation can lead to full system takeover. Exploitable via ``core.fsmonitor``. Mitigation: upgrade to `1.0.43` or later.
CVE-2026-44572 Vulnerability in next (CVE-2026-44572)
vulnerability in next (CVE-2026-44572). Risk of unauthorized operations or information disclosure. Exploitable via ``Location``. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44521 SQL Injection in studio-42/elfinder (CVE-2026-44521)
SQL injection in studio-42/elfinder (CVE-2026-44521). Successful exploitation can lead to full system takeover. Exploitable via ``elFinderVolumeMySQL``. Mitigation: upgrade to `2.1.68` or later.
CVE-2026-44581 Cross-Site Scripting (XSS) in next (CVE-2026-44581)
cross-site scripting in next (CVE-2026-44581). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44580 Cross-Site Scripting (XSS) in next (CVE-2026-44580)
cross-site scripting in next (CVE-2026-44580). Risk of unauthorized operations or information disclosure. Exploitable via ``beforeInteractive``. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44971 SSRF (Server-Side Request Forgery) in guarddog (CVE-2026-44971)
SSRF in guarddog (CVE-2026-44971). Confidential information can be exposed externally. Exploitable via ``GH_TOKEN``.
CVE-2026-8290 Vulnerability in c (CVE-2026-8290)
vulnerability in c (CVE-2026-8290). Risk of unauthorized operations or information disclosure.
CVE-2026-8289 Vulnerability in c (CVE-2026-8289)
vulnerability in c (CVE-2026-8289). Risk of unauthorized operations or information disclosure.
CVE-2026-42595 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-42595). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.32.0` or later.
CVE-2026-8288 Vulnerability in c (CVE-2026-8288)
vulnerability in c (CVE-2026-8288). Risk of unauthorized operations or information disclosure.
CVE-2025-9973 Vulnerability in privilege-escalation (CVE-2025-9973)
vulnerability in privilege-escalation (CVE-2025-9973). Confidential information can be exposed externally.
CVE-2026-6909 Cross-Site Scripting (XSS) in CVE-2026-6909 (CVE-2026-6909)
cross-site scripting in CVE-2026-6909 (CVE-2026-6909). Risk of unauthorized operations or information disclosure.
CVE-2026-6956 Cross-Site Scripting (XSS) in CVE-2026-6956 (CVE-2026-6956)
cross-site scripting in CVE-2026-6956 (CVE-2026-6956). Risk of unauthorized operations or information disclosure.
CVE-2025-43992 Vulnerability in dell (CVE-2025-43992)
vulnerability in dell (CVE-2025-43992). Risk of unauthorized operations or information disclosure.
CVE-2026-23918 Vulnerability in jvn (CVE-2026-23918)
vulnerability in jvn (CVE-2026-23918). Successful exploitation can lead to full system takeover.
CVE-2026-4367 Out-of-Bounds Read in jvn (CVE-2026-4367)
vulnerability in jvn (CVE-2026-4367). Risk of unauthorized operations or information disclosure.
CVE-2026-41530 Path Traversal in jvn (CVE-2026-41530)
path traversal in jvn (CVE-2026-41530). Risk of unauthorized operations or information disclosure.
CVE-2026-41951 Path Traversal in jvn (CVE-2026-41951)
path traversal in jvn (CVE-2026-41951). Successful exploitation can lead to full system takeover.
CVE-2026-8270 Vulnerability in dos (CVE-2026-8270)
vulnerability in dos (CVE-2026-8270). Risk of unauthorized operations or information disclosure.
CVE-2026-8269 Vulnerability in dos (CVE-2026-8269)
vulnerability in dos (CVE-2026-8269). Risk of unauthorized operations or information disclosure.
CVE-2026-8274 Path Traversal in c (CVE-2026-8274)
path traversal in c (CVE-2026-8274). Risk of unauthorized operations or information disclosure.
CVE-2026-8268 Vulnerability in dos (CVE-2026-8268)
vulnerability in dos (CVE-2026-8268). Risk of unauthorized operations or information disclosure.
CVE-2026-8267 Vulnerability in dos (CVE-2026-8267)
vulnerability in dos (CVE-2026-8267). Risk of unauthorized operations or information disclosure.
CVE-2026-8266 Vulnerability in c (CVE-2026-8266)
vulnerability in c (CVE-2026-8266). Risk of unauthorized operations or information disclosure.
CVE-2026-8262 Cross-Site Scripting (XSS) in CVE-2026-8262 (CVE-2026-8262)
cross-site scripting in CVE-2026-8262 (CVE-2026-8262). Risk of unauthorized operations or information disclosure.
CVE-2026-8256 Cross-Site Scripting (XSS) in CVE-2026-8256 (CVE-2026-8256)
cross-site scripting in CVE-2026-8256 (CVE-2026-8256). Risk of unauthorized operations or information disclosure.
CVE-2026-8253 Cross-Site Scripting (XSS) in CVE-2026-8253 (CVE-2026-8253)
cross-site scripting in CVE-2026-8253 (CVE-2026-8253). Risk of unauthorized operations or information disclosure.
CVE-2026-8254 Cross-Site Scripting (XSS) in CVE-2026-8254 (CVE-2026-8254)
cross-site scripting in CVE-2026-8254 (CVE-2026-8254). Risk of unauthorized operations or information disclosure.
CVE-2026-8255 Cross-Site Scripting (XSS) in CVE-2026-8255 (CVE-2026-8255)
cross-site scripting in CVE-2026-8255 (CVE-2026-8255). Risk of unauthorized operations or information disclosure.
CVE-2026-8251 Vulnerability in c (CVE-2026-8251)
vulnerability in c (CVE-2026-8251). Risk of unauthorized operations or information disclosure.
CVE-2026-8250 Vulnerability in c (CVE-2026-8250)
vulnerability in c (CVE-2026-8250). Risk of unauthorized operations or information disclosure.
CVE-2026-8249 Vulnerability in c (CVE-2026-8249)
vulnerability in c (CVE-2026-8249). Risk of unauthorized operations or information disclosure.
CVE-2026-8248 Vulnerability in c (CVE-2026-8248)
vulnerability in c (CVE-2026-8248). Risk of unauthorized operations or information disclosure.
CVE-2026-8177 Out-of-Bounds Read in dos (CVE-2026-8177)
vulnerability in dos (CVE-2026-8177). Risk of unauthorized operations or information disclosure.
CVE-2022-50963 Cross-Site Scripting (XSS) in CVE-2022-50963 (CVE-2022-50963)
cross-site scripting in CVE-2022-50963 (CVE-2022-50963). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →