Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-10143 |
|
Vulnerability in dpkp (CVE-2026-10143)
vulnerability in dpkp (CVE-2026-10143). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0274 |
|
Vulnerability in paloaltonetworks (CVE-2026-0274)
vulnerability in paloaltonetworks (CVE-2026-0274). Confidential information can be exposed externally.
|
| CVE-2026-0271 |
|
Vulnerability in privilege-escalation (CVE-2026-0271)
vulnerability in privilege-escalation (CVE-2026-0271). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0273 |
|
OS Command Injection in paloaltonetworks (CVE-2026-0273)
OS command injection in paloaltonetworks (CVE-2026-0273). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0272 |
|
Vulnerability in privilege-escalation (CVE-2026-0272)
vulnerability in privilege-escalation (CVE-2026-0272). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0270 |
|
Path Traversal in path-traversal (CVE-2026-0270)
path traversal in path-traversal (CVE-2026-0270). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0269 |
|
Vulnerability in CVE-2026-0269 (CVE-2026-0269)
vulnerability in CVE-2026-0269 (CVE-2026-0269). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0267 |
|
Vulnerability in paloaltonetworks (CVE-2026-0267)
vulnerability in paloaltonetworks (CVE-2026-0267). Confidential information can be exposed externally.
|
| CVE-2026-0268 |
|
Vulnerability in CVE-2026-0268 (CVE-2026-0268)
vulnerability in CVE-2026-0268 (CVE-2026-0268). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-48575 |
|
Authentication Bypass in apple (CVE-2022-48575)
authentication bypass in apple (CVE-2022-48575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0266 |
|
Cross-Site Scripting (XSS) in CVE-2026-0266 (CVE-2026-0266)
cross-site scripting in CVE-2026-0266 (CVE-2026-0266). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26758 |
|
Vulnerability in apple (CVE-2022-26758)
vulnerability in apple (CVE-2022-26758). Confidential information can be exposed externally.
|
| CVE-2026-6893 |
|
OS Command Injection in CVE-2026-6893 (CVE-2026-6893)
OS command injection in CVE-2026-6893 (CVE-2026-6893). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1220 |
|
Vulnerability in google (CVE-2026-1220)
vulnerability in google (CVE-2026-1220). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50127 |
|
SSRF (Server-Side Request Forgery) in weblate (CVE-2026-50127)
SSRF in weblate (CVE-2026-50127). Confidential information can be exposed externally. Exploitable via ``VCS_RESTRICT_PRIVATE``. Mitigation: upgrade to `2026.6` or later.
|
| CVE-2026-46529 |
|
Command Injection in c (CVE-2026-46529)
command injection in c (CVE-2026-46529). Successful exploitation can lead to full system takeover. Exploitable via ``g_shell_quote``. Mitigation: upgrade to `1.6.2` or later.
|
| CVE-2026-50637 |
|
Vulnerability in pevans (CVE-2026-50637)
vulnerability in pevans (CVE-2026-50637). Data can be tampered with by attackers.
|
| CVE-2026-50638 |
|
Vulnerability in pevans (CVE-2026-50638)
vulnerability in pevans (CVE-2026-50638). Confidential information can be exposed externally.
|
| CVE-2026-50639 |
|
Vulnerability in pevans (CVE-2026-50639)
vulnerability in pevans (CVE-2026-50639). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11626 |
|
Vulnerability in privilege-escalation (CVE-2026-11626)
vulnerability in privilege-escalation (CVE-2026-11626). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10740 |
|
Vulnerability in Amazon aws (CVE-2026-10740)
vulnerability in Amazon aws (CVE-2026-10740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9151 |
|
OS Command Injection in CVE-2026-9151 (CVE-2026-9151)
OS command injection in CVE-2026-9151 (CVE-2026-9151). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20256 |
|
Vulnerability in splunk (CVE-2026-20256)
vulnerability in splunk (CVE-2026-20256). Confidential information can be exposed externally.
|
| CVE-2026-20255 |
|
Vulnerability in splunk (CVE-2026-20255)
vulnerability in splunk (CVE-2026-20255). Confidential information can be exposed externally.
|
| CVE-2026-20257 |
|
Vulnerability in splunk (CVE-2026-20257)
vulnerability in splunk (CVE-2026-20257). Confidential information can be exposed externally.
|
| CVE-2026-20254 |
|
Vulnerability in splunk (CVE-2026-20254)
vulnerability in splunk (CVE-2026-20254). Confidential information can be exposed externally.
|
| CVE-2026-20258 |
|
Cross-Site Scripting (XSS) in splunk (CVE-2026-20258)
cross-site scripting in splunk (CVE-2026-20258). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20251 |
|
Unsafe Deserialization in deserialization (CVE-2026-20251)
vulnerability in deserialization (CVE-2026-20251). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20252 |
|
SSRF (Server-Side Request Forgery) in splunk (CVE-2026-20252)
SSRF in splunk (CVE-2026-20252). Confidential information can be exposed externally.
|
| CVE-2026-20259 |
|
Vulnerability in splunk (CVE-2026-20259)
vulnerability in splunk (CVE-2026-20259). Confidential information can be exposed externally. Exploitable via ``edit_saved_search_owner``.
|
| CVE-2026-20253 KEV |
|
[KEV] Vulnerability in splunk (CVE-2026-20253)
vulnerability in splunk (CVE-2026-20253). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-50566 |
|
Vulnerability in github.com/fission/fission (CVE-2026-50566)
vulnerability in github.com/fission/fission (CVE-2026-50566). Successful exploitation can lead to full system takeover. Exploitable via ``PodSpec``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-50570 |
|
Privilege Escalation in CVE-2026-50570 (CVE-2026-50570)
vulnerability in CVE-2026-50570 (CVE-2026-50570). Data can be tampered with by attackers.
|
| CVE-2026-50569 |
|
Vulnerability in CVE-2026-50569 (CVE-2026-50569)
vulnerability in CVE-2026-50569 (CVE-2026-50569). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50567 |
|
Path Traversal in CVE-2026-50567 (CVE-2026-50567)
path traversal in CVE-2026-50567 (CVE-2026-50567). Data can be tampered with by attackers.
|
| CVE-2026-50545 |
|
Privilege Escalation in github.com/fission/fission (CVE-2026-50545)
vulnerability in github.com/fission/fission (CVE-2026-50545). Successful exploitation can lead to full system takeover. Exploitable via ``Environment.spec.runtime.podSpec``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-50564 |
|
Privilege Escalation in github.com/fission/fission (CVE-2026-50564)
vulnerability in github.com/fission/fission (CVE-2026-50564). Successful exploitation can lead to full system takeover. Exploitable via ``Environment``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-50563 |
|
Privilege Escalation in github.com/fission/fission (CVE-2026-50563)
vulnerability in github.com/fission/fission (CVE-2026-50563). Successful exploitation can lead to full system takeover. Exploitable via ``Function.spec.podspec``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-50565 |
|
Vulnerability in github.com/fission/fission (CVE-2026-50565)
vulnerability in github.com/fission/fission (CVE-2026-50565). Confidential information can be exposed externally. Exploitable via ``Environment.spec.builder.image``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-49821 |
|
Vulnerability in github.com/fission/fission (CVE-2026-49821)
vulnerability in github.com/fission/fission (CVE-2026-49821). Confidential information can be exposed externally. Exploitable via ``buildermgr``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-49822 |
|
Vulnerability in github.com/fission/fission (CVE-2026-49822)
vulnerability in github.com/fission/fission (CVE-2026-49822). Confidential information can be exposed externally. Exploitable via ``KubernetesWatchTrigger``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-49823 |
|
Vulnerability in github.com/fission/fission (CVE-2026-49823)
vulnerability in github.com/fission/fission (CVE-2026-49823). Confidential information can be exposed externally. Exploitable via ``PackageRef.Namespace``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-49824 |
|
Vulnerability in github.com/fission/fission (CVE-2026-49824)
vulnerability in github.com/fission/fission (CVE-2026-49824). Confidential information can be exposed externally. Exploitable via ``spec.environment.namespace``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-46642 |
|
Cross-Site Scripting (XSS) in CVE-2026-46642 (CVE-2026-46642)
cross-site scripting in CVE-2026-46642 (CVE-2026-46642). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11417 |
|
OS Command Injection in aws-cdk-lib (CVE-2026-11417)
OS command injection in aws-cdk-lib (CVE-2026-11417). Successful exploitation can lead to full system takeover. Exploitable via ``NodejsFunction``. Mitigation: upgrade to `2.246.0` or later.
|
| CVE-2026-11909 |
|
Vulnerability in drupal/examples (CVE-2026-11909)
vulnerability in drupal/examples (CVE-2026-11909). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.6` or later.
|
| CVE-2026-11908 |
|
Cross-Site Scripting (XSS) in drupal/tagify (CVE-2026-11908)
cross-site scripting in drupal/tagify (CVE-2026-11908). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.52` or later.
|
| CVE-2025-53114 |
|
Vulnerability in org.cometd.java:cometd-java-server-common (CVE-2025-53114)
vulnerability in org.cometd.java:cometd-java-server-common (CVE-2025-53114). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.0.x` or later.
|
| CVE-2026-53698 |
|
Vulnerability in CVE-2026-53698 (CVE-2026-53698)
vulnerability in CVE-2026-53698 (CVE-2026-53698). Confidential information can be exposed externally.
|
| CVE-2026-53694 |
|
Vulnerability in CVE-2026-53694 (CVE-2026-53694)
vulnerability in CVE-2026-53694 (CVE-2026-53694). Risk of unauthorized operations or information disclosure.
|