Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41122 |
|
Cross-Site Scripting (XSS) in CVE-2026-41122 (CVE-2026-41122)
cross-site scripting in CVE-2026-41122 (CVE-2026-41122). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56297 |
|
Vulnerability in dos (CVE-2026-56297)
vulnerability in dos (CVE-2026-56297). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-15053 |
|
Tanium addressed a denial of service vulnerability in Tanium Server.
Tanium addressed a denial of service vulnerability in Tanium Server.
|
| CVE-2026-56250 |
|
Vulnerability in dos (CVE-2026-56250)
vulnerability in dos (CVE-2026-56250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53482 |
|
Vulnerability in dos (CVE-2026-53482)
vulnerability in dos (CVE-2026-53482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22927 |
|
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-15067 |
|
SQL Injection in sqli (CVE-2026-15067)
SQL injection in sqli (CVE-2026-15067). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11903 |
|
Cross-Site Scripting (XSS) in CVE-2026-11903 (CVE-2026-11903)
cross-site scripting in CVE-2026-11903 (CVE-2026-11903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6820 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6230 |
|
SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
|
| CVE-2026-6854 |
|
SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
|
| CVE-2026-6818 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12378 |
|
Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9700 |
|
SQL Injection in wordpress (CVE-2026-9700)
SQL injection in wordpress (CVE-2026-9700). Confidential information can be exposed externally.
|
| CVE-2026-14489 |
|
Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14495 |
|
Vulnerability in wordpress (CVE-2026-14495)
vulnerability in wordpress (CVE-2026-14495). Successful exploitation can lead to full system takeover. Exploitable via ``init``.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-14158 |
|
Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-14895 |
|
Vulnerability in dos (CVE-2026-14895)
vulnerability in dos (CVE-2026-14895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58583 |
|
Privilege Escalation in privilege-escalation (CVE-2026-58583)
vulnerability in privilege-escalation (CVE-2026-58583). Confidential information can be exposed externally.
|
| CVE-2026-49471 |
|
Vulnerability in flask (CVE-2026-49471)
vulnerability in flask (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
|
| CVE-2026-23698 |
|
Unrestricted File Upload in apache (CVE-2026-23698)
vulnerability in apache (CVE-2026-23698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57851 |
|
Vulnerability in privilege-escalation (CVE-2026-57851)
vulnerability in privilege-escalation (CVE-2026-57851). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23697 |
|
Unrestricted File Upload in apache (CVE-2026-23697)
vulnerability in apache (CVE-2026-23697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6101 |
|
Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14476 |
|
Vulnerability in path-traversal (CVE-2026-14476)
vulnerability in path-traversal (CVE-2026-14476). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11610 |
|
Vulnerability in c (CVE-2026-11610)
vulnerability in c (CVE-2026-11610). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58384 |
|
Vulnerability in dos (CVE-2026-58384)
vulnerability in dos (CVE-2026-58384). Successful exploitation can lead to full system takeover.
|
| CVE-2026-59713 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59713)
vulnerability in csrf (CVE-2026-59713). Confidential information can be exposed externally.
|
| CVE-2026-57573 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57573)
SSRF in ssrf (CVE-2026-57573). Confidential information can be exposed externally. Exploitable via `POST /crawl/stream`.
|
| CVE-2026-54234 |
|
Vulnerability in dos (CVE-2026-54234)
vulnerability in dos (CVE-2026-54234). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43825 |
|
Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53831 |
|
Cross-Site Scripting (XSS) in CVE-2025-53831 (CVE-2025-53831)
cross-site scripting in CVE-2025-53831 (CVE-2025-53831). Confidential information can be exposed externally.
|
| CVE-2025-53829 |
|
Vulnerability in path-traversal (CVE-2025-53829)
vulnerability in path-traversal (CVE-2025-53829). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53828 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-53828)
SSRF in ssrf (CVE-2025-53828). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58380 |
|
Vulnerability in dos (CVE-2026-58380)
vulnerability in dos (CVE-2026-58380). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13708 |
|
Vulnerability in dos (CVE-2026-13708)
vulnerability in dos (CVE-2026-13708). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4249 |
|
Vulnerability in dos (CVE-2026-4249)
vulnerability in dos (CVE-2026-4249). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9165 |
|
Vulnerability in dos (CVE-2026-9165)
vulnerability in dos (CVE-2026-9165). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55994 |
|
Vulnerability in apache (CVE-2026-55994)
vulnerability in apache (CVE-2026-55994). Confidential information can be exposed externally.
|
| CVE-2026-55993 |
|
Vulnerability in apache (CVE-2026-55993)
vulnerability in apache (CVE-2026-55993). Confidential information can be exposed externally.
|
| CVE-2026-46590 |
|
Unsafe Deserialization in apache (CVE-2026-46590)
vulnerability in apache (CVE-2026-46590). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46726 |
|
Vulnerability in apache (CVE-2026-46726)
vulnerability in apache (CVE-2026-46726). Confidential information can be exposed externally.
|
| CVE-2026-14809 |
|
SQL Injection in sqli (CVE-2026-14809)
SQL injection in sqli (CVE-2026-14809). Confidential information can be exposed externally.
|
| CVE-2026-43866 |
|
Unsafe Deserialization in apache (CVE-2026-43866)
vulnerability in apache (CVE-2026-43866). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42527 |
|
Unsafe Deserialization in csharp (CVE-2026-42527)
vulnerability in csharp (CVE-2026-42527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43865 |
|
Unsafe Deserialization in csharp (CVE-2026-43865)
vulnerability in csharp (CVE-2026-43865). Successful exploitation can lead to full system takeover.
|