Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-48546 Vulnerability in CVE-2026-48546 (CVE-2026-48546)
vulnerability in CVE-2026-48546 (CVE-2026-48546). Confidential information can be exposed externally.
CVE-2026-46698 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46698)
SSRF in wordpress (CVE-2026-46698). Risk of unauthorized operations or information disclosure.
CVE-2026-49261 OS Command Injection in mariadb (CVE-2026-49261)
OS command injection in mariadb (CVE-2026-49261). Successful exploitation can lead to full system takeover. Exploitable via ``wsrep_notify_cmd``. Mitigation: upgrade to `10.6.27` or later.
CVE-2026-46697 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46697)
SSRF in wordpress (CVE-2026-46697). Confidential information can be exposed externally.
CVE-2026-11986 Vulnerability in CVE-2026-11986 (CVE-2026-11986)
vulnerability in CVE-2026-11986 (CVE-2026-11986). Data can be tampered with by attackers.
CVE-2026-49982 Vulnerability in tmp (CVE-2026-49982)
vulnerability in tmp (CVE-2026-49982). Data can be tampered with by attackers. Exploitable via ``_assertPath``. Mitigation: upgrade to `0.2.7` or later.
CVE-2026-11945 SQL Injection in dalibo (CVE-2026-11945)
SQL injection in dalibo (CVE-2026-11945). Successful exploitation can lead to full system takeover.
CVE-2026-7870 Vulnerability in ibm (CVE-2026-7870)
vulnerability in ibm (CVE-2026-7870). Successful exploitation can lead to full system takeover.
CVE-2026-53777 Path Traversal in path-traversal (CVE-2026-53777)
path traversal in path-traversal (CVE-2026-53777). Confidential information can be exposed externally.
CVE-2026-3341 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-3341)
SSRF in ssrf (CVE-2026-3341). Risk of unauthorized operations or information disclosure.
CVE-2026-11839 Unrestricted File Upload in CVE-2026-11839 (CVE-2026-11839)
vulnerability in CVE-2026-11839 (CVE-2026-11839). Successful exploitation can lead to full system takeover.
CVE-2024-45636 Vulnerability in ibm (CVE-2024-45636)
vulnerability in ibm (CVE-2024-45636). Confidential information can be exposed externally.
CVE-2026-50245 Vulnerability in cisa (CVE-2026-50245)
vulnerability in cisa (CVE-2026-50245). Confidential information can be exposed externally.
CVE-2026-10557 Vulnerability in cisa (CVE-2026-10557)
vulnerability in cisa (CVE-2026-10557). Successful exploitation can lead to full system takeover.
CVE-2026-6338 Vulnerability in CVE-2026-6338 (CVE-2026-6338)
vulnerability in CVE-2026-6338 (CVE-2026-6338). Risk of unauthorized operations or information disclosure.
CVE-2026-38581 SQL Injection in sqli (CVE-2026-38581)
SQL injection in sqli (CVE-2026-38581). Successful exploitation can lead to full system takeover.
CVE-2026-11816 Path Traversal in path-traversal (CVE-2026-11816)
path traversal in path-traversal (CVE-2026-11816). Confidential information can be exposed externally. Exploitable via ``AttributeError``.
CVE-2026-10847 Vulnerability in privilege-escalation (CVE-2026-10847)
vulnerability in privilege-escalation (CVE-2026-10847). Successful exploitation can lead to full system takeover.
CVE-2026-48043 Vulnerability in io.netty:netty-codec-http2 (CVE-2026-48043)
vulnerability in io.netty:netty-codec-http2 (CVE-2026-48043). Risk of unauthorized operations or information disclosure. Exploitable via ``DelegatingDecompressorFrameListener``. Mitigation: upgrade to `4.2.15.Final` or later.
CVE-2026-48020 Vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020)
vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020). Confidential information can be exposed externally. Exploitable via `GET /admin`. Mitigation: upgrade to `2.11.48` or later.
CVE-2026-48006 Vulnerability in io.netty:netty-codec-redis (CVE-2026-48006)
vulnerability in io.netty:netty-codec-redis (CVE-2026-48006). Risk of unauthorized operations or information disclosure. Exploitable via ``depths``. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-7852 Unrestricted File Upload in CVE-2026-7852 (CVE-2026-7852)
vulnerability in CVE-2026-7852 (CVE-2026-7852). Successful exploitation can lead to full system takeover.
CVE-2026-11561 Vulnerability in CVE-2026-11561 (CVE-2026-11561)
vulnerability in CVE-2026-11561 (CVE-2026-11561). Successful exploitation can lead to full system takeover.
CVE-2026-53723 Vulnerability in guzzlehttp/guzzle-services (CVE-2026-53723)
vulnerability in guzzlehttp/guzzle-services (CVE-2026-53723). Risk of unauthorized operations or information disclosure. Exploitable via ``additionalParameters``. Mitigation: upgrade to `1.5.4` or later.
CVE-2026-48998 Vulnerability in guzzlehttp/psr7 (CVE-2026-48998)
vulnerability in guzzlehttp/psr7 (CVE-2026-48998). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `2.10.2` or later.
CVE-2026-49214 Vulnerability in guzzlehttp/psr7 (CVE-2026-49214)
vulnerability in guzzlehttp/psr7 (CVE-2026-49214). Risk of unauthorized operations or information disclosure. Exploitable via ``Uri``. Mitigation: upgrade to `2.10.2` or later.
CVE-2026-8589 Cross-Site Scripting (XSS) in gitlab (CVE-2026-8589)
cross-site scripting in gitlab (CVE-2026-8589). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-7250 Vulnerability in gitlab (CVE-2026-7250)
vulnerability in gitlab (CVE-2026-7250). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6269 Authorization Flaw in gitlab (CVE-2026-6269)
vulnerability in gitlab (CVE-2026-6269). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6277 Authorization Flaw in gitlab (CVE-2026-6277)
vulnerability in gitlab (CVE-2026-6277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-9204 SSRF (Server-Side Request Forgery) in gitlab (CVE-2026-9204)
SSRF in gitlab (CVE-2026-9204). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-8464 Path Traversal in path-traversal (CVE-2026-8464)
path traversal in path-traversal (CVE-2026-8464). Risk of unauthorized operations or information disclosure.
CVE-2026-1500 Vulnerability in gitlab (CVE-2026-1500)
vulnerability in gitlab (CVE-2026-1500). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2022-45813 Vulnerability in CVE-2022-45813 (CVE-2022-45813)
vulnerability in CVE-2022-45813 (CVE-2022-45813). Risk of unauthorized operations or information disclosure.
CVE-2023-25969 Vulnerability in CVE-2023-25969 (CVE-2023-25969)
vulnerability in CVE-2023-25969 (CVE-2023-25969). Risk of unauthorized operations or information disclosure.
CVE-2023-32959 Vulnerability in CVE-2023-32959 (CVE-2023-32959)
vulnerability in CVE-2023-32959 (CVE-2023-32959). Risk of unauthorized operations or information disclosure.
CVE-2026-4764 Vulnerability in CVE-2026-4764 (CVE-2026-4764)
vulnerability in CVE-2026-4764 (CVE-2026-4764). Risk of unauthorized operations or information disclosure.
CVE-2026-3553 Authorization Flaw in gitlab (CVE-2026-3553)
vulnerability in gitlab (CVE-2026-3553). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-53912 Information Disclosure in CVE-2026-53912 (CVE-2026-53912)
vulnerability in CVE-2026-53912 (CVE-2026-53912). Risk of unauthorized operations or information disclosure.
CVE-2022-47150 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-47150)
vulnerability in csrf (CVE-2022-47150). Risk of unauthorized operations or information disclosure.
CVE-2026-10087 Cross-Site Scripting (XSS) in gitlab (CVE-2026-10087)
cross-site scripting in gitlab (CVE-2026-10087). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-53423 Vulnerability in membrane_mp4_plugin (CVE-2026-53423)
vulnerability in membrane_mp4_plugin (CVE-2026-53423). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.36.7` or later.
CVE-2026-5497 vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS)...
vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS)...
CVE-2025-7064 Vulnerability in CVE-2025-7064 (CVE-2025-7064)
vulnerability in CVE-2025-7064 (CVE-2025-7064). Data can be tampered with by attackers.
CVE-2026-11850 Vulnerability in c (CVE-2026-11850)
vulnerability in c (CVE-2026-11850). Risk of unauthorized operations or information disclosure.
CVE-2022-44630 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-44630)
vulnerability in csrf (CVE-2022-44630). Risk of unauthorized operations or information disclosure.
CVE-2022-42479 Vulnerability in CVE-2022-42479 (CVE-2022-42479)
vulnerability in CVE-2022-42479 (CVE-2022-42479). Risk of unauthorized operations or information disclosure.
CVE-2026-53901 Vulnerability in CVE-2026-53901 (CVE-2026-53901)
vulnerability in CVE-2026-53901 (CVE-2026-53901). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.37` or later.
CVE-2023-33999 Cross-Site Scripting (XSS) in CVE-2023-33999 (CVE-2023-33999)
cross-site scripting in CVE-2023-33999 (CVE-2023-33999). Risk of unauthorized operations or information disclosure.
CVE-2024-32110 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-32110)
vulnerability in csrf (CVE-2024-32110). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →