Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9074 |
|
SQL Injection in sqli (CVE-2026-9074)
SQL injection in sqli (CVE-2026-9074). Confidential information can be exposed externally.
|
| CVE-2026-15062 |
|
SQL Injection in sqli (CVE-2026-15062)
SQL injection in sqli (CVE-2026-15062). Confidential information can be exposed externally.
|
| CVE-2026-58480 |
|
Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8307 |
|
SQL Injection in sqli (CVE-2026-8307)
SQL injection in sqli (CVE-2026-8307). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9701 |
|
Vulnerability in wordpress (CVE-2026-9701)
vulnerability in wordpress (CVE-2026-9701). Successful exploitation can lead to full system takeover. Exploitable via ``eventer_verification_code``.
|
| CVE-2026-14487 |
|
Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
|
| CVE-2026-59706 |
|
Vulnerability in ssrf (CVE-2026-59706)
vulnerability in ssrf (CVE-2026-59706). Confidential information can be exposed externally. Exploitable via `GET /api/v1/config/`.
|
| CVE-2026-53481 |
|
Path Traversal in path-traversal (CVE-2026-53481)
path traversal in path-traversal (CVE-2026-53481). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33264 |
|
Unsafe Deserialization in apache (CVE-2026-33264)
vulnerability in apache (CVE-2026-33264). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14345 |
|
Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4375 |
|
Vulnerability in wordpress (CVE-2026-4375)
vulnerability in wordpress (CVE-2026-4375). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57571 |
|
Path Traversal in kidocode (CVE-2026-57571)
path traversal in kidocode (CVE-2026-57571). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34038 |
|
OS Command Injection in CVE-2026-34038 (CVE-2026-34038)
OS command injection in CVE-2026-34038 (CVE-2026-34038). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9181 |
|
Path Traversal in path-traversal (CVE-2026-9181)
path traversal in path-traversal (CVE-2026-9181). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48614 |
|
Code Injection in privilege-escalation (CVE-2026-48614)
code injection in privilege-escalation (CVE-2026-48614). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5268 |
|
Vulnerability in CVE-2026-5268 (CVE-2026-5268)
vulnerability in CVE-2026-5268 (CVE-2026-5268). Confidential information can be exposed externally.
|
| CVE-2025-53830 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-53830)
SSRF in ssrf (CVE-2025-53830). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48205 |
|
Vulnerability in apache (CVE-2026-48205)
vulnerability in apache (CVE-2026-48205). Confidential information can be exposed externally.
|
| CVE-2026-53913 |
|
Authentication Bypass in apache (CVE-2026-53913)
authentication bypass in apache (CVE-2026-53913). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48203 |
|
Vulnerability in apache (CVE-2026-48203)
vulnerability in apache (CVE-2026-48203). Confidential information can be exposed externally.
|
| CVE-2026-24013 |
|
Vulnerability in apache (CVE-2026-24013)
vulnerability in apache (CVE-2026-24013). Confidential information can be exposed externally.
|
| CVE-2026-24014 |
|
Vulnerability in apache (CVE-2026-24014)
vulnerability in apache (CVE-2026-24014). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40047 |
|
Vulnerability in apache (CVE-2026-40047)
vulnerability in apache (CVE-2026-40047). Confidential information can be exposed externally. Exploitable via ``docling``.
|
| CVE-2026-43867 |
|
Unsafe Deserialization in apache (CVE-2026-43867)
vulnerability in apache (CVE-2026-43867). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12481 |
|
Unsafe Deserialization in deserialization (CVE-2026-12481)
vulnerability in deserialization (CVE-2026-12481). Successful exploitation can lead to full system takeover. Exploitable via ``Lambda``.
|
| CVE-2026-22874 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-22874)
SSRF in ssrf (CVE-2026-22874). Confidential information can be exposed externally.
|
| CVE-2026-4321 |
|
SQL Injection in sqli (CVE-2026-4321)
SQL injection in sqli (CVE-2026-4321). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9725 |
|
Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
|
| CVE-2026-45499 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45499)
SSRF in ssrf (CVE-2026-45499). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57100 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57100)
SSRF in ssrf (CVE-2026-57100). Successful exploitation can lead to full system takeover.
|
| CVE-2024-14037 |
|
Unrestricted File Upload in CVE-2024-14037 (CVE-2024-14037)
vulnerability in CVE-2024-14037 (CVE-2024-14037). Successful exploitation can lead to full system takeover.
|
| CVE-2022-50973 |
|
Unrestricted File Upload in CVE-2022-50973 (CVE-2022-50973)
vulnerability in CVE-2022-50973 (CVE-2022-50973). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55115 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55115)
SSRF in ssrf (CVE-2026-55115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50747 |
|
SQL Injection in sqli (CVE-2026-50747)
SQL injection in sqli (CVE-2026-50747). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57683 |
|
Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.
Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.
|
| CVE-2026-57625 |
|
Cross-Site Scripting (XSS) in CVE-2026-57625 (CVE-2026-57625)
cross-site scripting in CVE-2026-57625 (CVE-2026-57625). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57624 |
|
Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
|
| CVE-2026-57679 |
|
Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.
Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.
|
| CVE-2026-52186 |
|
SQL Injection in sqli (CVE-2026-52186)
SQL injection in sqli (CVE-2026-52186). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14363 |
|
SQL Injection in sqli (CVE-2026-14363)
SQL injection in sqli (CVE-2026-14363). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58521 |
|
SQL Injection in sqli (CVE-2026-58521)
SQL injection in sqli (CVE-2026-58521). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34104 |
|
SQL Injection in sqli (CVE-2026-34104)
SQL injection in sqli (CVE-2026-34104). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34103 |
|
SQL Injection in sqli (CVE-2026-34103)
SQL injection in sqli (CVE-2026-34103). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34105 |
|
SQL Injection in sqli (CVE-2026-34105)
SQL injection in sqli (CVE-2026-34105). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34099 |
|
SQL Injection in sqli (CVE-2026-34099)
SQL injection in sqli (CVE-2026-34099). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34102 |
|
SQL Injection in sqli (CVE-2026-34102)
SQL injection in sqli (CVE-2026-34102). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34100 |
|
SQL Injection in sqli (CVE-2026-34100)
SQL injection in sqli (CVE-2026-34100). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34101 |
|
SQL Injection in sqli (CVE-2026-34101)
SQL injection in sqli (CVE-2026-34101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58126 |
|
Vulnerability in csharp (CVE-2026-58126)
vulnerability in csharp (CVE-2026-58126). Successful exploitation can lead to full system takeover.
|