Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-0611 |
|
Vulnerability in csharp (CVE-2026-0611)
vulnerability in csharp (CVE-2026-0611). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47117 |
|
Code Injection in openmed (CVE-2026-47117)
code injection in openmed (CVE-2026-47117). Successful exploitation can lead to full system takeover. Exploitable via ``model_name``. Mitigation: upgrade to `1.5.2` or later.
|
| CVE-2026-10611 |
|
Authentication Bypass in misp (CVE-2026-10611)
authentication bypass in misp (CVE-2026-10611). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42684 |
|
SQL Injection in sqli (CVE-2026-42684)
SQL injection in sqli (CVE-2026-42684). Confidential information can be exposed externally.
|
| CVE-2025-53209 |
|
Vulnerability in privilege-escalation (CVE-2025-53209)
vulnerability in privilege-escalation (CVE-2025-53209). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8206 |
|
Privilege Escalation in wordpress (CVE-2026-8206)
vulnerability in wordpress (CVE-2026-8206). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9319 |
|
Unsafe Deserialization in deserialization (CVE-2026-9319)
vulnerability in deserialization (CVE-2026-9319). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9311 |
|
Code Injection in ibm (CVE-2026-9311)
code injection in ibm (CVE-2026-9311). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42672 |
|
SQL Injection in sqli (CVE-2026-42672)
SQL injection in sqli (CVE-2026-42672). Confidential information can be exposed externally.
|
| CVE-2026-48866 |
|
Path Traversal in path-traversal (CVE-2026-48866)
path traversal in path-traversal (CVE-2026-48866). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42680 |
|
Vulnerability in privilege-escalation (CVE-2026-42680)
vulnerability in privilege-escalation (CVE-2026-42680). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48879 |
|
Vulnerability in privilege-escalation (CVE-2026-48879)
vulnerability in privilege-escalation (CVE-2026-48879). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7858 |
|
Unsafe Deserialization in deserialization (CVE-2026-7858)
vulnerability in deserialization (CVE-2026-7858). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48188 |
|
Vulnerability in sqli (CVE-2026-48188)
vulnerability in sqli (CVE-2026-48188). Confidential information can be exposed externally.
|
| CVE-2018-25412 |
|
Vulnerability in deltasql-project (CVE-2018-25412)
vulnerability in deltasql-project (CVE-2018-25412). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9051 |
|
Vulnerability in privilege-escalation (CVE-2026-9051)
vulnerability in privilege-escalation (CVE-2026-9051). Confidential information can be exposed externally.
|
| CVE-2026-45661 |
|
Path Traversal in path-traversal (CVE-2026-45661)
path traversal in path-traversal (CVE-2026-45661). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45632 |
|
OS Command Injection in CVE-2026-45632 (CVE-2026-45632)
OS command injection in CVE-2026-45632 (CVE-2026-45632). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44962 |
|
Vulnerability in privilege-escalation (CVE-2026-44962)
vulnerability in privilege-escalation (CVE-2026-44962). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10042 |
|
Unsafe Deserialization in deserialization (CVE-2026-10042)
vulnerability in deserialization (CVE-2026-10042). Successful exploitation can lead to full system takeover.
|
| CVE-2025-41273 |
|
Vulnerability in waterfall-security (CVE-2025-41273)
vulnerability in waterfall-security (CVE-2025-41273). Successful exploitation can lead to full system takeover.
|
| CVE-2025-41268 |
|
Vulnerability in path-traversal (CVE-2025-41268)
vulnerability in path-traversal (CVE-2025-41268). Data can be tampered with by attackers.
|
| CVE-2026-9559 |
|
Path Traversal in mautic/core (CVE-2026-9559)
path traversal in mautic/core (CVE-2026-9559). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
|
| CVE-2026-9558 |
|
Vulnerability in mautic/core (CVE-2026-9558)
vulnerability in mautic/core (CVE-2026-9558). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
|
| CVE-2026-3655 |
|
Authentication Bypass in wordpress (CVE-2026-3655)
authentication bypass in wordpress (CVE-2026-3655). Successful exploitation can lead to full system takeover. Exploitable via ``lwp_ajax_register``.
|
| CVE-2026-8732 |
|
Vulnerability in wordpress (CVE-2026-8732)
vulnerability in wordpress (CVE-2026-8732). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8809 |
|
Privilege Escalation in wordpress (CVE-2026-8809)
vulnerability in wordpress (CVE-2026-8809). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9094 |
|
Vulnerability in privilege-escalation (CVE-2026-9094)
vulnerability in privilege-escalation (CVE-2026-9094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22872 |
|
Vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872)
vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.13.0` or later.
|
| CVE-2026-9813 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9813)
SSRF in ssrf (CVE-2026-9813). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44888 |
|
Code Injection in CVE-2026-44888 (CVE-2026-44888)
code injection in CVE-2026-44888 (CVE-2026-44888). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026-05-07` or later.
|
| CVE-2026-44887 |
|
Code Injection in CVE-2026-44887 (CVE-2026-44887)
code injection in CVE-2026-44887 (CVE-2026-44887). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026-05-07` or later.
|
| CVE-2026-25879 |
|
SQL Injection in langroid (CVE-2026-25879)
SQL injection in langroid (CVE-2026-25879). Successful exploitation can lead to full system takeover. Exploitable via ``query``. Mitigation: upgrade to `0.63.0` or later.
|
| CVE-2026-48150 |
|
Vulnerability in @budibase/server (CVE-2026-48150)
vulnerability in @budibase/server (CVE-2026-48150). Confidential information can be exposed externally. Exploitable via `GET /api/global/self/api_key`. Mitigation: upgrade to `3.39.0` or later.
|
| CVE-2026-7524 |
|
Path Traversal in langflow (CVE-2026-7524)
path traversal in langflow (CVE-2026-7524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7876 |
|
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
|
| CVE-2026-8175 |
|
Vulnerability in dos (CVE-2026-8175)
vulnerability in dos (CVE-2026-8175). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42758 |
|
Vulnerability in privilege-escalation (CVE-2026-42758)
vulnerability in privilege-escalation (CVE-2026-42758). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42757 |
|
Path Traversal in path-traversal (CVE-2026-42757)
path traversal in path-traversal (CVE-2026-42757). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42756 |
|
Path Traversal in path-traversal (CVE-2026-42756)
path traversal in path-traversal (CVE-2026-42756). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42761 |
|
SQL Injection in sqli (CVE-2026-42761)
SQL injection in sqli (CVE-2026-42761). Confidential information can be exposed externally.
|
| CVE-2026-42755 |
|
SQL Injection in sqli (CVE-2026-42755)
SQL injection in sqli (CVE-2026-42755). Confidential information can be exposed externally.
|
| CVE-2026-42747 |
|
SQL Injection in sqli (CVE-2026-42747)
SQL injection in sqli (CVE-2026-42747). Confidential information can be exposed externally.
|
| CVE-2026-42740 |
|
SQL Injection in sqli (CVE-2026-42740)
SQL injection in sqli (CVE-2026-42740). Confidential information can be exposed externally.
|
| CVE-2026-42731 |
|
Vulnerability in privilege-escalation (CVE-2026-42731)
vulnerability in privilege-escalation (CVE-2026-42731). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42727 |
|
SQL Injection in sqli (CVE-2026-42727)
SQL injection in sqli (CVE-2026-42727). Confidential information can be exposed externally.
|
| CVE-2026-5760 |
|
Code Injection in jvn (CVE-2026-5760)
code injection in jvn (CVE-2026-5760). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8760 |
|
Vulnerability in wordpress (CVE-2026-8760)
vulnerability in wordpress (CVE-2026-8760). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9170 |
|
Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8633 |
|
Code Injection in ibm (CVE-2026-8633)
code injection in ibm (CVE-2026-8633). Successful exploitation can lead to full system takeover.
|