Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54230 |
|
Vulnerability in abrt-project (CVE-2026-54230)
vulnerability in abrt-project (CVE-2026-54230). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12068 |
|
Vulnerability in CVE-2026-12068 (CVE-2026-12068)
vulnerability in CVE-2026-12068 (CVE-2026-12068). Confidential information can be exposed externally.
|
| CVE-2025-14098 |
|
Vulnerability in dos (CVE-2025-14098)
vulnerability in dos (CVE-2025-14098). Successful exploitation can lead to full system takeover.
|
| CVE-2025-9032 |
|
Out-of-Bounds Read in CVE-2025-9032 (CVE-2025-9032)
vulnerability in CVE-2025-9032 (CVE-2025-9032). Successful exploitation can lead to full system takeover.
|
| CVE-2025-9033 |
|
Out-of-Bounds Read in CVE-2025-9033 (CVE-2025-9033)
vulnerability in CVE-2025-9033 (CVE-2025-9033). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11443 |
|
Cross-Site Scripting (XSS) in CVE-2026-11443 (CVE-2026-11443)
cross-site scripting in CVE-2026-11443 (CVE-2026-11443). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11442 |
|
Path Traversal in path-traversal (CVE-2026-11442)
path traversal in path-traversal (CVE-2026-11442). Confidential information can be exposed externally.
|
| CVE-2026-6676 |
|
Out-of-Bounds Write in CVE-2026-6676 (CVE-2026-6676)
out-of-bounds write in CVE-2026-6676 (CVE-2026-6676). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54090 |
|
Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-54090)
command injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-54090). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/login`. Mitigation: upgrade to `2.33.10` or later.
|
| CVE-2026-53868 |
|
Vulnerability in dos (CVE-2026-53868)
vulnerability in dos (CVE-2026-53868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53867 |
|
Vulnerability in CVE-2026-53867 (CVE-2026-53867)
vulnerability in CVE-2026-53867 (CVE-2026-53867). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54398 |
|
Authorization Flaw in CVE-2026-54398 (CVE-2026-54398)
vulnerability in CVE-2026-54398 (CVE-2026-54398). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53835 |
|
Authorization Flaw in openclaw (CVE-2026-53835)
vulnerability in openclaw (CVE-2026-53835). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53834 |
|
Authorization Flaw in openclaw (CVE-2026-53834)
vulnerability in openclaw (CVE-2026-53834). Data can be tampered with by attackers.
|
| CVE-2026-53838 |
|
Vulnerability in openclaw (CVE-2026-53838)
vulnerability in openclaw (CVE-2026-53838). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53836 |
|
Vulnerability in openclaw (CVE-2026-53836)
vulnerability in openclaw (CVE-2026-53836). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53831 |
|
Vulnerability in openclaw (CVE-2026-53831)
vulnerability in openclaw (CVE-2026-53831). Confidential information can be exposed externally.
|
| CVE-2026-53832 |
|
Vulnerability in CVE-2026-53832 (CVE-2026-53832)
vulnerability in CVE-2026-53832 (CVE-2026-53832). Confidential information can be exposed externally.
|
| CVE-2026-53833 |
|
Vulnerability in openclaw (CVE-2026-53833)
vulnerability in openclaw (CVE-2026-53833). Confidential information can be exposed externally.
|
| CVE-2026-53829 |
|
Vulnerability in openclaw (CVE-2026-53829)
vulnerability in openclaw (CVE-2026-53829). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53827 |
|
SSRF (Server-Side Request Forgery) in openclaw (CVE-2026-53827)
SSRF in openclaw (CVE-2026-53827). Confidential information can be exposed externally.
|
| CVE-2026-53828 |
|
Authorization Flaw in openclaw (CVE-2026-53828)
vulnerability in openclaw (CVE-2026-53828). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53825 |
|
Path Traversal in openclaw (CVE-2026-53825)
path traversal in openclaw (CVE-2026-53825). Confidential information can be exposed externally.
|
| CVE-2026-53821 |
|
Vulnerability in openclaw (CVE-2026-53821)
vulnerability in openclaw (CVE-2026-53821). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53820 |
|
Vulnerability in openclaw (CVE-2026-53820)
vulnerability in openclaw (CVE-2026-53820). Data can be tampered with by attackers.
|
| CVE-2026-53822 |
|
Command Injection in openclaw (CVE-2026-53822)
command injection in openclaw (CVE-2026-53822). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53823 |
|
Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
|
| CVE-2026-53826 |
|
Vulnerability in c (CVE-2026-53826)
vulnerability in c (CVE-2026-53826). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53523 |
|
Open Redirect in github.com/nezhahq/nezha (CVE-2026-53523)
vulnerability in github.com/nezhahq/nezha (CVE-2026-53523). Confidential information can be exposed externally. Exploitable via `GET /api/v1/oauth2/github`. Mitigation: upgrade to `2.2.0` or later.
|
| CVE-2026-53609 |
|
Vulnerability in CVE-2026-53609 (CVE-2026-53609)
vulnerability in CVE-2026-53609 (CVE-2026-53609). Confidential information can be exposed externally. Exploitable via ``__proto__``.
|
| CVE-2026-53520 |
|
Vulnerability in github.com/nezhahq/nezha (CVE-2026-53520)
vulnerability in github.com/nezhahq/nezha (CVE-2026-53520). Risk of unauthorized operations or information disclosure. Exploitable via ``domain``. Mitigation: upgrade to `2.1.0` or later.
|
| CVE-2026-53521 |
|
Authorization Flaw in github.com/nezhahq/nezha (CVE-2026-53521)
vulnerability in github.com/nezhahq/nezha (CVE-2026-53521). Risk of unauthorized operations or information disclosure. Exploitable via `PATCH /server/{id}`. Mitigation: upgrade to `2.1.0` or later.
|
| CVE-2026-53522 |
|
Vulnerability in github.com/nezhahq/nezha (CVE-2026-53522)
vulnerability in github.com/nezhahq/nezha (CVE-2026-53522). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/terminal`. Mitigation: upgrade to `2.2.0` or later.
|
| CVE-2026-53608 |
|
Cross-Site Scripting (XSS) in CVE-2026-53608 (CVE-2026-53608)
cross-site scripting in CVE-2026-53608 (CVE-2026-53608). Confidential information can be exposed externally. Exploitable via ``seoGoogleTrackingId``.
|
| CVE-2026-53519 |
|
Path Traversal in github.com/nezhahq/nezha (CVE-2026-53519)
path traversal in github.com/nezhahq/nezha (CVE-2026-53519). Confidential information can be exposed externally. Exploitable via `GET /dashboard../data/config.yaml`. Mitigation: upgrade to `2.0.13` or later.
|
| CVE-2026-34195 |
|
Out-of-Bounds Write in CVE-2026-34195 (CVE-2026-34195)
out-of-bounds write in CVE-2026-34195 (CVE-2026-34195). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41157 |
|
Out-of-Bounds Write in Google chrome (CVE-2026-41157)
out-of-bounds write in Google chrome (CVE-2026-41157). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41155 |
|
Vulnerability in CVE-2026-41155 (CVE-2026-41155)
vulnerability in CVE-2026-41155 (CVE-2026-41155). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41158 |
|
Use-After-Free in CVE-2026-41158 (CVE-2026-41158)
vulnerability in CVE-2026-41158 (CVE-2026-41158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12131 |
|
Vulnerability in sqli (CVE-2026-12131)
vulnerability in sqli (CVE-2026-12131). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7017 |
|
Out-of-Bounds Read in CVE-2025-7017 (CVE-2025-7017)
vulnerability in CVE-2025-7017 (CVE-2025-7017). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7011 |
|
Out-of-Bounds Read in CVE-2025-7011 (CVE-2025-7011)
vulnerability in CVE-2025-7011 (CVE-2025-7011). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7018 |
|
Vulnerability in CVE-2025-7018 (CVE-2025-7018)
vulnerability in CVE-2025-7018 (CVE-2025-7018). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7019 |
|
Vulnerability in CVE-2025-7019 (CVE-2025-7019)
vulnerability in CVE-2025-7019 (CVE-2025-7019). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7009 |
|
Out-of-Bounds Read in CVE-2025-7009 (CVE-2025-7009)
vulnerability in CVE-2025-7009 (CVE-2025-7009). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7008 |
|
Out-of-Bounds Read in csharp (CVE-2025-7008)
vulnerability in csharp (CVE-2025-7008). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7003 |
|
Out-of-Bounds Read in CVE-2025-7003 (CVE-2025-7003)
vulnerability in CVE-2025-7003 (CVE-2025-7003). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7002 |
|
Out-of-Bounds Read in CVE-2025-7002 (CVE-2025-7002)
vulnerability in CVE-2025-7002 (CVE-2025-7002). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7004 |
|
Out-of-Bounds Write in CVE-2025-7004 (CVE-2025-7004)
out-of-bounds write in CVE-2025-7004 (CVE-2025-7004). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54091 |
|
Authorization Flaw in github.com/filebrowser/filebrowser/v2 (CVE-2026-54091)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-54091). Confidential information can be exposed externally. Exploitable via `GET /api/public/share/`. Mitigation: upgrade to `2.63.6` or later.
|