Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-56422 Unsafe Deserialization in deserialization (CVE-2025-56422)
vulnerability in deserialization (CVE-2025-56422). Successful exploitation can lead to full system takeover.
CVE-2026-2743 Path Traversal in path-traversal (CVE-2026-2743)
path traversal in path-traversal (CVE-2026-2743). Successful exploitation can lead to full system takeover.
CVE-2025-11252 SQL Injection in sqli (CVE-2025-11252)
SQL injection in sqli (CVE-2025-11252). Successful exploitation can lead to full system takeover.
CVE-2025-11251 SQL Injection in sqli (CVE-2025-11251)
SQL injection in sqli (CVE-2025-11251). Successful exploitation can lead to full system takeover.
CVE-2026-27148 Vulnerability in storybook (CVE-2026-27148)
vulnerability in storybook (CVE-2026-27148). Successful exploitation can lead to full system takeover.
CVE-2026-2624 Vulnerability in epati (CVE-2026-2624)
vulnerability in epati (CVE-2026-2624). Successful exploitation can lead to full system takeover.
CVE-2026-27606 Path Traversal in path-traversal (CVE-2026-27606)
path traversal in path-traversal (CVE-2026-27606). Successful exploitation can lead to full system takeover.
CVE-2026-2777 Privilege Escalation in privilege-escalation (CVE-2026-2777)
vulnerability in privilege-escalation (CVE-2026-2777). Successful exploitation can lead to full system takeover.
CVE-2026-25896 Vulnerability in c (CVE-2026-25896)
vulnerability in c (CVE-2026-25896). Data can be tampered with by attackers. Mitigation: upgrade to `5.3.5` or later.
CVE-2025-10970 SQL Injection in sqli (CVE-2025-10970)
SQL injection in sqli (CVE-2025-10970). Successful exploitation can lead to full system takeover.
CVE-2025-9953 Vulnerability in sqli (CVE-2025-9953)
vulnerability in sqli (CVE-2025-9953). Successful exploitation can lead to full system takeover.
CVE-2025-8350 Vulnerability in CVE-2025-8350 (CVE-2025-8350)
vulnerability in CVE-2025-8350 (CVE-2025-8350). Successful exploitation can lead to full system takeover.
CVE-2025-13590 Unrestricted File Upload in wso2 (CVE-2025-13590)
vulnerability in wso2 (CVE-2025-13590). Successful exploitation can lead to full system takeover.
CVE-2026-22208 Vulnerability in CVE-2026-22208 (CVE-2026-22208)
vulnerability in CVE-2026-22208 (CVE-2026-22208). Successful exploitation can lead to full system takeover.
CVE-2025-10969 SQL Injection in sqli (CVE-2025-10969)
SQL injection in sqli (CVE-2025-10969). Successful exploitation can lead to full system takeover.
CVE-2025-8668 Cross-Site Scripting (XSS) in CVE-2025-8668 (CVE-2025-8668)
cross-site scripting in CVE-2025-8668 (CVE-2025-8668). Data can be tampered with by attackers.
CVE-2025-11242 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-11242)
SSRF in ssrf (CVE-2025-11242). Successful exploitation can lead to full system takeover.
CVE-2025-6830 SQL Injection in sqli (CVE-2025-6830)
SQL injection in sqli (CVE-2025-6830). Successful exploitation can lead to full system takeover.
CVE-2026-1615 Code Injection in CVE-2026-1615 (CVE-2026-1615)
code injection in CVE-2026-1615 (CVE-2026-1615). Successful exploitation can lead to full system takeover.
CVE-2026-1709 Vulnerability in keylime (CVE-2026-1709)
vulnerability in keylime (CVE-2026-1709). Data can be tampered with by attackers. Mitigation: upgrade to `7.12.0` or later.
CVE-2025-5329 SQL Injection in sqli (CVE-2025-5329)
SQL injection in sqli (CVE-2025-5329). Successful exploitation can lead to full system takeover.
CVE-2025-5319 SQL Injection in sqli (CVE-2025-5319)
SQL injection in sqli (CVE-2025-5319). Successful exploitation can lead to full system takeover.
CVE-2026-22778 Vulnerability in vllm (CVE-2026-22778)
vulnerability in vllm (CVE-2026-22778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
CVE-2020-37002 OS Command Injection in CVE-2020-37002 (CVE-2020-37002)
OS command injection in CVE-2020-37002 (CVE-2020-37002). Successful exploitation can lead to full system takeover.
CVE-2026-24858 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858)
vulnerability in Fortinet multiple-products (CVE-2026-24858). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-52025 SQL Injection in sqli (CVE-2025-52025)
SQL injection in sqli (CVE-2025-52025). Confidential information can be exposed externally.
CVE-2025-4320 Vulnerability in CVE-2025-4320 (CVE-2025-4320)
vulnerability in CVE-2025-4320 (CVE-2025-4320). Successful exploitation can lead to full system takeover.
CVE-2025-56005 Unsafe Deserialization in dabeaz (CVE-2025-56005)
vulnerability in dabeaz (CVE-2025-56005). Successful exploitation can lead to full system takeover. Exploitable via ``picklefile``.
CVE-2026-23883 Use-After-Free in dos (CVE-2026-23883)
vulnerability in dos (CVE-2026-23883). Successful exploitation can lead to full system takeover. Exploitable via ``xf_Pointer_New``.
CVE-2026-23884 Use-After-Free in dos (CVE-2026-23884)
vulnerability in dos (CVE-2026-23884). Successful exploitation can lead to full system takeover.
CVE-2026-23533 Vulnerability in dos (CVE-2026-23533)
vulnerability in dos (CVE-2026-23533). Successful exploitation can lead to full system takeover.
CVE-2026-23534 Vulnerability in dos (CVE-2026-23534)
vulnerability in dos (CVE-2026-23534). Successful exploitation can lead to full system takeover.
CVE-2026-23532 Vulnerability in dos (CVE-2026-23532)
vulnerability in dos (CVE-2026-23532). Successful exploitation can lead to full system takeover. Exploitable via ``gdi_SurfaceToSurface``.
CVE-2026-23530 Vulnerability in dos (CVE-2026-23530)
vulnerability in dos (CVE-2026-23530). Successful exploitation can lead to full system takeover. Exploitable via ``freerdp_bitmap_decompress_planar``.
CVE-2026-23531 Vulnerability in dos (CVE-2026-23531)
vulnerability in dos (CVE-2026-23531). Successful exploitation can lead to full system takeover. Exploitable via ``glyphData``.
CVE-2025-60534 Authentication Bypass in blueaccesstech (CVE-2025-60534)
authentication bypass in blueaccesstech (CVE-2025-60534). Successful exploitation can lead to full system takeover.
CVE-2025-67268 Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
CVE-2025-12504 SQL Injection in sqli (CVE-2025-12504)
SQL injection in sqli (CVE-2025-12504). Successful exploitation can lead to full system takeover.
CVE-2025-11022 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
CVE-2025-64054 Cross-Site Scripting (XSS) in dos (CVE-2025-64054)
cross-site scripting in dos (CVE-2025-64054). Successful exploitation can lead to full system takeover.
CVE-2025-64055 Authentication Bypass in fanvil (CVE-2025-64055)
authentication bypass in fanvil (CVE-2025-64055). Successful exploitation can lead to full system takeover.
CVE-2025-51683 SQL Injection in sqli (CVE-2025-51683)
SQL injection in sqli (CVE-2025-51683). Successful exploitation can lead to full system takeover.
CVE-2025-10437 SQL Injection in sqli (CVE-2025-10437)
SQL injection in sqli (CVE-2025-10437). Successful exploitation can lead to full system takeover.
CVE-2025-56385 SQL Injection in sqli (CVE-2025-56385)
SQL injection in sqli (CVE-2025-56385). Successful exploitation can lead to full system takeover.
CVE-2025-6520 SQL Injection in sqli (CVE-2025-6520)
SQL injection in sqli (CVE-2025-6520). Successful exploitation can lead to full system takeover.
CVE-2025-11253 SQL Injection in sqli (CVE-2025-11253)
SQL injection in sqli (CVE-2025-11253). Successful exploitation can lead to full system takeover.
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-56447 TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
CVE-2025-57567 Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
CVE-2025-10610 SQL Injection in sqli (CVE-2025-10610)
SQL injection in sqli (CVE-2025-10610). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →