Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-0611 Vulnerability in csharp (CVE-2026-0611)
vulnerability in csharp (CVE-2026-0611). Successful exploitation can lead to full system takeover.
CVE-2026-47117 Code Injection in openmed (CVE-2026-47117)
code injection in openmed (CVE-2026-47117). Successful exploitation can lead to full system takeover. Exploitable via ``model_name``. Mitigation: upgrade to `1.5.2` or later.
CVE-2026-10611 Authentication Bypass in misp (CVE-2026-10611)
authentication bypass in misp (CVE-2026-10611). Successful exploitation can lead to full system takeover.
CVE-2026-42684 SQL Injection in sqli (CVE-2026-42684)
SQL injection in sqli (CVE-2026-42684). Confidential information can be exposed externally.
CVE-2025-53209 Vulnerability in privilege-escalation (CVE-2025-53209)
vulnerability in privilege-escalation (CVE-2025-53209). Successful exploitation can lead to full system takeover.
CVE-2026-8206 Privilege Escalation in wordpress (CVE-2026-8206)
vulnerability in wordpress (CVE-2026-8206). Successful exploitation can lead to full system takeover.
CVE-2026-9319 Unsafe Deserialization in deserialization (CVE-2026-9319)
vulnerability in deserialization (CVE-2026-9319). Successful exploitation can lead to full system takeover.
CVE-2026-9311 Code Injection in ibm (CVE-2026-9311)
code injection in ibm (CVE-2026-9311). Successful exploitation can lead to full system takeover.
CVE-2026-42672 SQL Injection in sqli (CVE-2026-42672)
SQL injection in sqli (CVE-2026-42672). Confidential information can be exposed externally.
CVE-2026-48866 Path Traversal in path-traversal (CVE-2026-48866)
path traversal in path-traversal (CVE-2026-48866). Successful exploitation can lead to full system takeover.
CVE-2026-42680 Vulnerability in privilege-escalation (CVE-2026-42680)
vulnerability in privilege-escalation (CVE-2026-42680). Successful exploitation can lead to full system takeover.
CVE-2026-48879 Vulnerability in privilege-escalation (CVE-2026-48879)
vulnerability in privilege-escalation (CVE-2026-48879). Successful exploitation can lead to full system takeover.
CVE-2026-7858 Unsafe Deserialization in deserialization (CVE-2026-7858)
vulnerability in deserialization (CVE-2026-7858). Successful exploitation can lead to full system takeover.
CVE-2026-48188 Vulnerability in sqli (CVE-2026-48188)
vulnerability in sqli (CVE-2026-48188). Confidential information can be exposed externally.
CVE-2018-25412 Vulnerability in deltasql-project (CVE-2018-25412)
vulnerability in deltasql-project (CVE-2018-25412). Successful exploitation can lead to full system takeover.
CVE-2026-9051 Vulnerability in privilege-escalation (CVE-2026-9051)
vulnerability in privilege-escalation (CVE-2026-9051). Confidential information can be exposed externally.
CVE-2026-45661 Path Traversal in path-traversal (CVE-2026-45661)
path traversal in path-traversal (CVE-2026-45661). Successful exploitation can lead to full system takeover.
CVE-2026-45632 OS Command Injection in CVE-2026-45632 (CVE-2026-45632)
OS command injection in CVE-2026-45632 (CVE-2026-45632). Successful exploitation can lead to full system takeover.
CVE-2026-44962 Vulnerability in privilege-escalation (CVE-2026-44962)
vulnerability in privilege-escalation (CVE-2026-44962). Successful exploitation can lead to full system takeover.
CVE-2026-10042 Unsafe Deserialization in deserialization (CVE-2026-10042)
vulnerability in deserialization (CVE-2026-10042). Successful exploitation can lead to full system takeover.
CVE-2025-41273 Vulnerability in waterfall-security (CVE-2025-41273)
vulnerability in waterfall-security (CVE-2025-41273). Successful exploitation can lead to full system takeover.
CVE-2025-41268 Vulnerability in path-traversal (CVE-2025-41268)
vulnerability in path-traversal (CVE-2025-41268). Data can be tampered with by attackers.
CVE-2026-9559 Path Traversal in mautic/core (CVE-2026-9559)
path traversal in mautic/core (CVE-2026-9559). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-9558 Vulnerability in mautic/core (CVE-2026-9558)
vulnerability in mautic/core (CVE-2026-9558). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-3655 Authentication Bypass in wordpress (CVE-2026-3655)
authentication bypass in wordpress (CVE-2026-3655). Successful exploitation can lead to full system takeover. Exploitable via ``lwp_ajax_register``.
CVE-2026-8732 Vulnerability in wordpress (CVE-2026-8732)
vulnerability in wordpress (CVE-2026-8732). Successful exploitation can lead to full system takeover.
CVE-2026-8809 Privilege Escalation in wordpress (CVE-2026-8809)
vulnerability in wordpress (CVE-2026-8809). Successful exploitation can lead to full system takeover.
CVE-2026-9094 Vulnerability in privilege-escalation (CVE-2026-9094)
vulnerability in privilege-escalation (CVE-2026-9094). Successful exploitation can lead to full system takeover.
CVE-2026-22872 Vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872)
vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.13.0` or later.
CVE-2026-9813 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9813)
SSRF in ssrf (CVE-2026-9813). Successful exploitation can lead to full system takeover.
CVE-2026-44888 Code Injection in CVE-2026-44888 (CVE-2026-44888)
code injection in CVE-2026-44888 (CVE-2026-44888). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026-05-07` or later.
CVE-2026-44887 Code Injection in CVE-2026-44887 (CVE-2026-44887)
code injection in CVE-2026-44887 (CVE-2026-44887). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026-05-07` or later.
CVE-2026-25879 SQL Injection in langroid (CVE-2026-25879)
SQL injection in langroid (CVE-2026-25879). Successful exploitation can lead to full system takeover. Exploitable via ``query``. Mitigation: upgrade to `0.63.0` or later.
CVE-2026-48150 Vulnerability in @budibase/server (CVE-2026-48150)
vulnerability in @budibase/server (CVE-2026-48150). Confidential information can be exposed externally. Exploitable via `GET /api/global/self/api_key`. Mitigation: upgrade to `3.39.0` or later.
CVE-2026-7524 Path Traversal in langflow (CVE-2026-7524)
path traversal in langflow (CVE-2026-7524). Successful exploitation can lead to full system takeover.
CVE-2026-7876 IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
CVE-2026-8175 Vulnerability in dos (CVE-2026-8175)
vulnerability in dos (CVE-2026-8175). Successful exploitation can lead to full system takeover.
CVE-2026-42758 Vulnerability in privilege-escalation (CVE-2026-42758)
vulnerability in privilege-escalation (CVE-2026-42758). Successful exploitation can lead to full system takeover.
CVE-2026-42757 Path Traversal in path-traversal (CVE-2026-42757)
path traversal in path-traversal (CVE-2026-42757). Successful exploitation can lead to full system takeover.
CVE-2026-42756 Path Traversal in path-traversal (CVE-2026-42756)
path traversal in path-traversal (CVE-2026-42756). Successful exploitation can lead to full system takeover.
CVE-2026-42761 SQL Injection in sqli (CVE-2026-42761)
SQL injection in sqli (CVE-2026-42761). Confidential information can be exposed externally.
CVE-2026-42755 SQL Injection in sqli (CVE-2026-42755)
SQL injection in sqli (CVE-2026-42755). Confidential information can be exposed externally.
CVE-2026-42747 SQL Injection in sqli (CVE-2026-42747)
SQL injection in sqli (CVE-2026-42747). Confidential information can be exposed externally.
CVE-2026-42740 SQL Injection in sqli (CVE-2026-42740)
SQL injection in sqli (CVE-2026-42740). Confidential information can be exposed externally.
CVE-2026-42731 Vulnerability in privilege-escalation (CVE-2026-42731)
vulnerability in privilege-escalation (CVE-2026-42731). Successful exploitation can lead to full system takeover.
CVE-2026-42727 SQL Injection in sqli (CVE-2026-42727)
SQL injection in sqli (CVE-2026-42727). Confidential information can be exposed externally.
CVE-2026-5760 Code Injection in jvn (CVE-2026-5760)
code injection in jvn (CVE-2026-5760). Successful exploitation can lead to full system takeover.
CVE-2026-8760 Vulnerability in wordpress (CVE-2026-8760)
vulnerability in wordpress (CVE-2026-8760). Successful exploitation can lead to full system takeover.
CVE-2026-9170 Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
CVE-2026-8633 Code Injection in ibm (CVE-2026-8633)
code injection in ibm (CVE-2026-8633). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →