Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41000 |
|
Vulnerability in c (CVE-2026-41000)
vulnerability in c (CVE-2026-41000). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41699 |
|
Unsafe Deserialization in deserialization (CVE-2026-41699)
vulnerability in deserialization (CVE-2026-41699). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41856 |
|
Vulnerability in vmware (CVE-2026-41856)
vulnerability in vmware (CVE-2026-41856). Confidential information can be exposed externally.
|
| CVE-2026-40999 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-40999 (CVE-2026-40999)
SSRF in CVE-2026-40999 (CVE-2026-40999). Confidential information can be exposed externally.
|
| CVE-2026-40987 |
|
Path Traversal in CVE-2026-40987 (CVE-2026-40987)
path traversal in CVE-2026-40987 (CVE-2026-40987). Data can be tampered with by attackers.
|
| CVE-2026-40995 |
|
Authentication Bypass in c (CVE-2026-40995)
authentication bypass in c (CVE-2026-40995). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40992 |
|
Vulnerability in spring (CVE-2026-40992)
vulnerability in spring (CVE-2026-40992). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40994 |
|
Vulnerability in CVE-2026-40994 (CVE-2026-40994)
vulnerability in CVE-2026-40994 (CVE-2026-40994). Data can be tampered with by attackers.
|
| CVE-2026-40997 |
|
Vulnerability in CVE-2026-40997 (CVE-2026-40997)
vulnerability in CVE-2026-40997 (CVE-2026-40997). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40998 |
|
XXE (XML External Entity) in CVE-2026-40998 (CVE-2026-40998)
vulnerability in CVE-2026-40998 (CVE-2026-40998). Confidential information can be exposed externally.
|
| CVE-2026-40986 |
|
Cross-Site Scripting (XSS) in CVE-2026-40986 (CVE-2026-40986)
cross-site scripting in CVE-2026-40986 (CVE-2026-40986). Data can be tampered with by attackers.
|
| CVE-2026-10795 |
|
Vulnerability in wordpress (CVE-2026-10795)
vulnerability in wordpress (CVE-2026-10795). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40985 |
|
Vulnerability in CVE-2026-40985 (CVE-2026-40985)
vulnerability in CVE-2026-40985 (CVE-2026-40985). Confidential information can be exposed externally.
|
| CVE-2026-35273 KEV |
|
[KEV] Vulnerability in Oracle c (CVE-2026-35273)
vulnerability in Oracle c (CVE-2026-35273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2827 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2827)
cross-site scripting in wordpress (CVE-2026-2827). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53462 |
|
Use-After-Free in Magick.NET-Q16-AnyCPU (CVE-2026-53462)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53462). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53463 |
|
Vulnerability in imagemagick (CVE-2026-53463)
vulnerability in imagemagick (CVE-2026-53463). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53464 |
|
Vulnerability in imagemagick (CVE-2026-53464)
vulnerability in imagemagick (CVE-2026-53464). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53461 |
|
Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-53461)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-53461). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53465 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53465)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53465). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53460 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-52726 |
|
Path Traversal in dulwich (CVE-2026-52726)
path traversal in dulwich (CVE-2026-52726). Risk of unauthorized operations or information disclosure. Exploitable via ``dulwich.porcelain.submodule_update``. Mitigation: upgrade to `1.2.5` or later.
|
| CVE-2026-50223 |
|
Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48994 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-48994)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-48994). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-49218 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-49219 |
|
Path Traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219)
path traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219). Confidential information can be exposed externally. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-48733 |
|
Vulnerability in imagemagick (CVE-2026-48733)
vulnerability in imagemagick (CVE-2026-48733). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48724 |
|
Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-48724)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-48724). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-47342 |
|
Vulnerability in apache (CVE-2026-47342)
vulnerability in apache (CVE-2026-47342). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44693 |
|
Vulnerability in CVE-2026-44693 (CVE-2026-44693)
vulnerability in CVE-2026-44693 (CVE-2026-44693). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42558 |
|
Cross-Site Scripting (XSS) in CVE-2026-42558 (CVE-2026-42558)
cross-site scripting in CVE-2026-42558 (CVE-2026-42558). Confidential information can be exposed externally.
|
| CVE-2024-21944 |
|
Vulnerability in CVE-2024-21944 (CVE-2024-21944)
vulnerability in CVE-2024-21944 (CVE-2024-21944). Data can be tampered with by attackers.
|
| CVE-2026-53740 |
|
Cross-Site Scripting (XSS) in CVE-2026-53740 (CVE-2026-53740)
cross-site scripting in CVE-2026-53740 (CVE-2026-53740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53741 |
|
Cross-Site Scripting (XSS) in CVE-2026-53741 (CVE-2026-53741)
cross-site scripting in CVE-2026-53741 (CVE-2026-53741). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53742 |
|
Cross-Site Scripting (XSS) in CVE-2026-53742 (CVE-2026-53742)
cross-site scripting in CVE-2026-53742 (CVE-2026-53742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53739 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-53739 (CVE-2026-53739)
vulnerability in CVE-2026-53739 (CVE-2026-53739). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53738 |
|
Authorization Flaw in CVE-2026-53738 (CVE-2026-53738)
vulnerability in CVE-2026-53738 (CVE-2026-53738). Data can be tampered with by attackers.
|
| CVE-2026-53634 |
|
Vulnerability in code16/sharp (CVE-2026-53634)
vulnerability in code16/sharp (CVE-2026-53634). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.22.3` or later.
|
| CVE-2026-50131 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-50131)
SSRF in ssrf (CVE-2026-50131). Confidential information can be exposed externally.
|
| CVE-2026-48108 |
|
Vulnerability in russh (CVE-2026-48108)
vulnerability in russh (CVE-2026-48108). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
|
| CVE-2026-48110 |
|
Vulnerability in russh (CVE-2026-48110)
vulnerability in russh (CVE-2026-48110). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
|
| CVE-2026-53737 |
|
Cross-Site Scripting (XSS) in CVE-2026-53737 (CVE-2026-53737)
cross-site scripting in CVE-2026-53737 (CVE-2026-53737). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53736 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-53736 (CVE-2026-53736)
vulnerability in CVE-2026-53736 (CVE-2026-53736). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46669 |
|
Vulnerability in openvm (CVE-2026-46669)
vulnerability in openvm (CVE-2026-46669). Data can be tampered with by attackers.
|
| CVE-2026-48107 |
|
Vulnerability in russh (CVE-2026-48107)
vulnerability in russh (CVE-2026-48107). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
|
| CVE-2026-45380 |
|
Path Traversal in c (CVE-2026-45380)
path traversal in c (CVE-2026-45380). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45384 |
|
Vulnerability in c (CVE-2026-45384)
vulnerability in c (CVE-2026-45384). Data can be tampered with by attackers.
|
| CVE-2026-42542 |
|
Vulnerability in tdengine (CVE-2026-42542)
vulnerability in tdengine (CVE-2026-42542). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2049 |
|
Vulnerability in CVE-2026-2049 (CVE-2026-2049)
vulnerability in CVE-2026-2049 (CVE-2026-2049). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11604 |
|
Vulnerability in dos (CVE-2026-11604)
vulnerability in dos (CVE-2026-11604). Risk of unauthorized operations or information disclosure.
|