Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2026-14029 SQL Injection in wordpress (CVE-2026-14029)
SQL injection in wordpress (CVE-2026-14029). Confidential information can be exposed externally.
CVE-2026-13252 Cross-Site Scripting (XSS) in wordpress (CVE-2026-13252)
cross-site scripting in wordpress (CVE-2026-13252). Risk of unauthorized operations or information disclosure.
CVE-2026-13251 Path Traversal in wordpress (CVE-2026-13251)
path traversal in wordpress (CVE-2026-13251). Confidential information can be exposed externally.
CVE-2026-10104 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10104)
cross-site scripting in wordpress (CVE-2026-10104). Risk of unauthorized operations or information disclosure.
CVE-2026-9563 Vulnerability in dos (CVE-2026-9563)
vulnerability in dos (CVE-2026-9563). Risk of unauthorized operations or information disclosure.
CVE-2026-5821 Vulnerability in wordpress (CVE-2026-5821)
vulnerability in wordpress (CVE-2026-5821). Data can be tampered with by attackers.
CVE-2026-13357 SQL Injection in wordpress (CVE-2026-13357)
SQL injection in wordpress (CVE-2026-13357). Confidential information can be exposed externally.
CVE-2026-13704 Cross-Site Scripting (XSS) in wordpress (CVE-2026-13704)
cross-site scripting in wordpress (CVE-2026-13704). Risk of unauthorized operations or information disclosure.
CVE-2026-10077 Vulnerability in wordpress (CVE-2026-10077)
vulnerability in wordpress (CVE-2026-10077). Successful exploitation can lead to full system takeover.
CVE-2026-10089 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10089)
cross-site scripting in wordpress (CVE-2026-10089). Risk of unauthorized operations or information disclosure.
CVE-2026-57277 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57278 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57276 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57274 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57275 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57271 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57272 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57273 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-13125 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-14439 Path Traversal in path-traversal (CVE-2026-14439)
path traversal in path-traversal (CVE-2026-14439). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.1.1` or later.
CVE-2026-52186 SQL Injection in sqli (CVE-2026-52186)
SQL injection in sqli (CVE-2026-52186). Successful exploitation can lead to full system takeover.
CVE-2026-36909 Vulnerability in dos (CVE-2026-36909)
vulnerability in dos (CVE-2026-36909). Risk of unauthorized operations or information disclosure.
CVE-2026-52190 Vulnerability in dos (CVE-2026-52190)
vulnerability in dos (CVE-2026-52190). Risk of unauthorized operations or information disclosure.
CVE-2026-36912 Vulnerability in dos (CVE-2026-36912)
vulnerability in dos (CVE-2026-36912). Risk of unauthorized operations or information disclosure.
CVE-2026-36910 Buffer Overflow in dos (CVE-2026-36910)
vulnerability in dos (CVE-2026-36910). Risk of unauthorized operations or information disclosure.
CVE-2026-36911 Vulnerability in dos (CVE-2026-36911)
vulnerability in dos (CVE-2026-36911). Risk of unauthorized operations or information disclosure.
CVE-2026-38891 Vulnerability in cpp (CVE-2026-38891)
vulnerability in cpp (CVE-2026-38891). Risk of unauthorized operations or information disclosure.
CVE-2026-55794 Code Injection in craftcms/cms (CVE-2026-55794)
code injection in craftcms/cms (CVE-2026-55794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
CVE-2026-54712 Vulnerability in dos (CVE-2026-54712)
vulnerability in dos (CVE-2026-54712). Risk of unauthorized operations or information disclosure.
CVE-2026-54263 Cross-Site Scripting (XSS) in django (CVE-2026-54263)
cross-site scripting in django (CVE-2026-54263). Confidential information can be exposed externally.
CVE-2026-58517 Vulnerability in CVE-2026-58517 (CVE-2026-58517)
vulnerability in CVE-2026-58517 (CVE-2026-58517). Risk of unauthorized operations or information disclosure.
CVE-2026-58451 Path Traversal in csrf (CVE-2026-58451)
path traversal in csrf (CVE-2026-58451). Confidential information can be exposed externally.
CVE-2026-14363 SQL Injection in sqli (CVE-2026-14363)
SQL injection in sqli (CVE-2026-14363). Successful exploitation can lead to full system takeover.
CVE-2026-49119 Path Traversal in path-traversal (CVE-2026-49119)
path traversal in path-traversal (CVE-2026-49119). Confidential information can be exposed externally.
CVE-2026-14358 Cross-Site Scripting (XSS) in CVE-2026-14358 (CVE-2026-14358)
cross-site scripting in CVE-2026-14358 (CVE-2026-14358). Risk of unauthorized operations or information disclosure.
CVE-2026-58263 Cross-Site Scripting (XSS) in CVE-2026-58263 (CVE-2026-58263)
cross-site scripting in CVE-2026-58263 (CVE-2026-58263). Risk of unauthorized operations or information disclosure.
CVE-2026-54720 Cross-Site Scripting (XSS) in CVE-2026-54720 (CVE-2026-54720)
cross-site scripting in CVE-2026-54720 (CVE-2026-54720). Risk of unauthorized operations or information disclosure.
CVE-2026-55153 Vulnerability in deserialization (CVE-2026-55153)
vulnerability in deserialization (CVE-2026-55153). Successful exploitation can lead to full system takeover.
CVE-2026-44937 SSRF (Server-Side Request Forgery) in github.com/rancher/fleet (CVE-2026-44937)
SSRF in github.com/rancher/fleet (CVE-2026-44937). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.12.15` or later.
CVE-2026-14265 Unsafe Deserialization in Amazon aws (CVE-2026-14265)
vulnerability in Amazon aws (CVE-2026-14265). Successful exploitation can lead to full system takeover.
CVE-2026-54908 Out-of-Bounds Read in dos (CVE-2026-54908)
vulnerability in dos (CVE-2026-54908). Risk of unauthorized operations or information disclosure.
CVE-2026-58521 SQL Injection in sqli (CVE-2026-58521)
SQL injection in sqli (CVE-2026-58521). Successful exploitation can lead to full system takeover.
CVE-2026-57737 Cross-Site Scripting (XSS) in CVE-2026-57737 (CVE-2026-57737)
cross-site scripting in CVE-2026-57737 (CVE-2026-57737). Risk of unauthorized operations or information disclosure.
CVE-2026-57723 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57723)
vulnerability in csrf (CVE-2026-57723). Risk of unauthorized operations or information disclosure.
CVE-2026-58454 Code Injection in CVE-2026-58454 (CVE-2026-58454)
code injection in CVE-2026-58454 (CVE-2026-58454). Successful exploitation can lead to full system takeover.
CVE-2026-58452 OS Command Injection in CVE-2026-58452 (CVE-2026-58452)
OS command injection in CVE-2026-58452 (CVE-2026-58452). Successful exploitation can lead to full system takeover.
CVE-2026-51946 SQL Injection in sqli (CVE-2026-51946)
SQL injection in sqli (CVE-2026-51946). Risk of unauthorized operations or information disclosure.
CVE-2026-57722 Cross-Site Scripting (XSS) in CVE-2026-57722 (CVE-2026-57722)
cross-site scripting in CVE-2026-57722 (CVE-2026-57722). Risk of unauthorized operations or information disclosure.
CVE-2026-54428 Vulnerability in apache (CVE-2026-54428)
vulnerability in apache (CVE-2026-54428). Risk of unauthorized operations or information disclosure.
CVE-2026-49090 Vulnerability in dos (CVE-2026-49090)
vulnerability in dos (CVE-2026-49090). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →