Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-14029 |
|
SQL Injection in wordpress (CVE-2026-14029)
SQL injection in wordpress (CVE-2026-14029). Confidential information can be exposed externally.
|
| CVE-2026-13252 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13252)
cross-site scripting in wordpress (CVE-2026-13252). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13251 |
|
Path Traversal in wordpress (CVE-2026-13251)
path traversal in wordpress (CVE-2026-13251). Confidential information can be exposed externally.
|
| CVE-2026-10104 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10104)
cross-site scripting in wordpress (CVE-2026-10104). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9563 |
|
Vulnerability in dos (CVE-2026-9563)
vulnerability in dos (CVE-2026-9563). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5821 |
|
Vulnerability in wordpress (CVE-2026-5821)
vulnerability in wordpress (CVE-2026-5821). Data can be tampered with by attackers.
|
| CVE-2026-13357 |
|
SQL Injection in wordpress (CVE-2026-13357)
SQL injection in wordpress (CVE-2026-13357). Confidential information can be exposed externally.
|
| CVE-2026-13704 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13704)
cross-site scripting in wordpress (CVE-2026-13704). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10077 |
|
Vulnerability in wordpress (CVE-2026-10077)
vulnerability in wordpress (CVE-2026-10077). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10089 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10089)
cross-site scripting in wordpress (CVE-2026-10089). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57277 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57278 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57276 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57274 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57275 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57271 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57272 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57273 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-13125 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-14439 |
|
Path Traversal in path-traversal (CVE-2026-14439)
path traversal in path-traversal (CVE-2026-14439). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.1.1` or later.
|
| CVE-2026-52186 |
|
SQL Injection in sqli (CVE-2026-52186)
SQL injection in sqli (CVE-2026-52186). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36909 |
|
Vulnerability in dos (CVE-2026-36909)
vulnerability in dos (CVE-2026-36909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52190 |
|
Vulnerability in dos (CVE-2026-52190)
vulnerability in dos (CVE-2026-52190). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36912 |
|
Vulnerability in dos (CVE-2026-36912)
vulnerability in dos (CVE-2026-36912). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36910 |
|
Buffer Overflow in dos (CVE-2026-36910)
vulnerability in dos (CVE-2026-36910). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36911 |
|
Vulnerability in dos (CVE-2026-36911)
vulnerability in dos (CVE-2026-36911). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-38891 |
|
Vulnerability in cpp (CVE-2026-38891)
vulnerability in cpp (CVE-2026-38891). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55794 |
|
Code Injection in craftcms/cms (CVE-2026-55794)
code injection in craftcms/cms (CVE-2026-55794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
|
| CVE-2026-54712 |
|
Vulnerability in dos (CVE-2026-54712)
vulnerability in dos (CVE-2026-54712). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54263 |
|
Cross-Site Scripting (XSS) in django (CVE-2026-54263)
cross-site scripting in django (CVE-2026-54263). Confidential information can be exposed externally.
|
| CVE-2026-58517 |
|
Vulnerability in CVE-2026-58517 (CVE-2026-58517)
vulnerability in CVE-2026-58517 (CVE-2026-58517). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58451 |
|
Path Traversal in csrf (CVE-2026-58451)
path traversal in csrf (CVE-2026-58451). Confidential information can be exposed externally.
|
| CVE-2026-14363 |
|
SQL Injection in sqli (CVE-2026-14363)
SQL injection in sqli (CVE-2026-14363). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49119 |
|
Path Traversal in path-traversal (CVE-2026-49119)
path traversal in path-traversal (CVE-2026-49119). Confidential information can be exposed externally.
|
| CVE-2026-14358 |
|
Cross-Site Scripting (XSS) in CVE-2026-14358 (CVE-2026-14358)
cross-site scripting in CVE-2026-14358 (CVE-2026-14358). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58263 |
|
Cross-Site Scripting (XSS) in CVE-2026-58263 (CVE-2026-58263)
cross-site scripting in CVE-2026-58263 (CVE-2026-58263). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54720 |
|
Cross-Site Scripting (XSS) in CVE-2026-54720 (CVE-2026-54720)
cross-site scripting in CVE-2026-54720 (CVE-2026-54720). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55153 |
|
Vulnerability in deserialization (CVE-2026-55153)
vulnerability in deserialization (CVE-2026-55153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44937 |
|
SSRF (Server-Side Request Forgery) in github.com/rancher/fleet (CVE-2026-44937)
SSRF in github.com/rancher/fleet (CVE-2026-44937). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.12.15` or later.
|
| CVE-2026-14265 |
|
Unsafe Deserialization in Amazon aws (CVE-2026-14265)
vulnerability in Amazon aws (CVE-2026-14265). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54908 |
|
Out-of-Bounds Read in dos (CVE-2026-54908)
vulnerability in dos (CVE-2026-54908). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58521 |
|
SQL Injection in sqli (CVE-2026-58521)
SQL injection in sqli (CVE-2026-58521). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57737 |
|
Cross-Site Scripting (XSS) in CVE-2026-57737 (CVE-2026-57737)
cross-site scripting in CVE-2026-57737 (CVE-2026-57737). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57723 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57723)
vulnerability in csrf (CVE-2026-57723). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58454 |
|
Code Injection in CVE-2026-58454 (CVE-2026-58454)
code injection in CVE-2026-58454 (CVE-2026-58454). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58452 |
|
OS Command Injection in CVE-2026-58452 (CVE-2026-58452)
OS command injection in CVE-2026-58452 (CVE-2026-58452). Successful exploitation can lead to full system takeover.
|
| CVE-2026-51946 |
|
SQL Injection in sqli (CVE-2026-51946)
SQL injection in sqli (CVE-2026-51946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57722 |
|
Cross-Site Scripting (XSS) in CVE-2026-57722 (CVE-2026-57722)
cross-site scripting in CVE-2026-57722 (CVE-2026-57722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54428 |
|
Vulnerability in apache (CVE-2026-54428)
vulnerability in apache (CVE-2026-54428). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49090 |
|
Vulnerability in dos (CVE-2026-49090)
vulnerability in dos (CVE-2026-49090). Risk of unauthorized operations or information disclosure.
|