Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53693 |
|
Cross-Site Scripting (XSS) in CVE-2026-53693 (CVE-2026-53693)
cross-site scripting in CVE-2026-53693 (CVE-2026-53693). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48859 |
|
Vulnerability in erlang (CVE-2026-48859)
vulnerability in erlang (CVE-2026-48859). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48860 |
|
Authorization Flaw in erlang (CVE-2026-48860)
vulnerability in erlang (CVE-2026-48860). Confidential information can be exposed externally.
|
| CVE-2026-49759 |
|
Vulnerability in c (CVE-2026-49759)
vulnerability in c (CVE-2026-49759). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49760 |
|
Vulnerability in c (CVE-2026-49760)
vulnerability in c (CVE-2026-49760). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48858 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48858)
SSRF in ssrf (CVE-2026-48858). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48856 |
|
Open Redirect in erlang (CVE-2026-48856)
vulnerability in erlang (CVE-2026-48856). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2026-48855 |
|
Information Disclosure in erlang (CVE-2026-48855)
vulnerability in erlang (CVE-2026-48855). Confidential information can be exposed externally.
|
| CVE-2026-48096 |
|
Vulnerability in github.com/openfga/openfga (CVE-2026-48096)
vulnerability in github.com/openfga/openfga (CVE-2026-48096). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-46558 |
|
Vulnerability in plane (CVE-2026-46558)
vulnerability in plane (CVE-2026-46558). Confidential information can be exposed externally.
|
| CVE-2026-45569 |
|
Path Traversal in c (CVE-2026-45569)
path traversal in c (CVE-2026-45569). Confidential information can be exposed externally.
|
| CVE-2026-45567 |
|
Authentication Bypass in nginx (CVE-2026-45567)
authentication bypass in nginx (CVE-2026-45567). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45565 |
|
Vulnerability in nginx (CVE-2026-45565)
vulnerability in nginx (CVE-2026-45565). Confidential information can be exposed externally.
|
| CVE-2026-45566 |
|
Open Redirect in nginx (CVE-2026-45566)
vulnerability in nginx (CVE-2026-45566). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9045 |
|
Vulnerability in CVE-2026-9045 (CVE-2026-9045)
vulnerability in CVE-2026-9045 (CVE-2026-9045). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8335 |
|
Vulnerability in CVE-2026-8335 (CVE-2026-8335)
vulnerability in CVE-2026-8335 (CVE-2026-8335). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6090 |
|
Vulnerability in CVE-2026-6090 (CVE-2026-6090)
vulnerability in CVE-2026-6090 (CVE-2026-6090). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7516 |
|
Vulnerability in CVE-2026-7516 (CVE-2026-7516)
vulnerability in CVE-2026-7516 (CVE-2026-7516). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53476 |
|
Vulnerability in path-traversal (CVE-2026-53476)
vulnerability in path-traversal (CVE-2026-53476). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53475 |
|
Vulnerability in kubev2v (CVE-2026-53475)
vulnerability in kubev2v (CVE-2026-53475). Confidential information can be exposed externally.
|
| CVE-2026-8637 |
|
Vulnerability in CVE-2026-8637 (CVE-2026-8637)
vulnerability in CVE-2026-8637 (CVE-2026-8637). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53469 |
|
Vulnerability in CVE-2026-53469 (CVE-2026-53469)
vulnerability in CVE-2026-53469 (CVE-2026-53469). Data can be tampered with by attackers.
|
| CVE-2026-53474 |
|
SQL Injection in sqli (CVE-2026-53474)
SQL injection in sqli (CVE-2026-53474). Confidential information can be exposed externally.
|
| CVE-2026-53473 |
|
Cross-Site Scripting (XSS) in kubev2v (CVE-2026-53473)
cross-site scripting in kubev2v (CVE-2026-53473). Confidential information can be exposed externally.
|
| CVE-2026-45564 |
|
OS Command Injection in c (CVE-2026-45564)
OS command injection in c (CVE-2026-45564). Successful exploitation can lead to full system takeover. Exploitable via `POST /config/versions/`.
|
| CVE-2026-45563 |
|
Vulnerability in nginx (CVE-2026-45563)
vulnerability in nginx (CVE-2026-45563). Risk of unauthorized operations or information disclosure. Exploitable via `GET /history/`.
|
| CVE-2026-45561 |
|
SSRF (Server-Side Request Forgery) in flask (CVE-2026-45561)
SSRF in flask (CVE-2026-45561). Confidential information can be exposed externally.
|
| CVE-2026-45550 |
|
Vulnerability in nginx (CVE-2026-45550)
vulnerability in nginx (CVE-2026-45550). Data can be tampered with by attackers. Exploitable via `PUT /smon/check`.
|
| CVE-2026-45552 |
|
Vulnerability in nginx (CVE-2026-45552)
vulnerability in nginx (CVE-2026-45552). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45558 |
|
Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
|
| CVE-2026-45556 |
|
Vulnerability in nginx (CVE-2026-45556)
vulnerability in nginx (CVE-2026-45556). Successful exploitation can lead to full system takeover. Exploitable via `POST /waf/`.
|
| CVE-2026-45560 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-45560)
cross-site scripting in c (CVE-2026-45560). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45549 |
|
Vulnerability in nginx (CVE-2026-45549)
vulnerability in nginx (CVE-2026-45549). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11884 |
|
Vulnerability in CVE-2026-11884 (CVE-2026-11884)
vulnerability in CVE-2026-11884 (CVE-2026-11884). Data can be tampered with by attackers.
|
| CVE-2025-10238 |
|
Out-of-Bounds Write in CVE-2025-10238 (CVE-2025-10238)
out-of-bounds write in CVE-2025-10238 (CVE-2025-10238). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9758 |
|
Vulnerability in CVE-2026-9758 (CVE-2026-9758)
vulnerability in CVE-2026-9758 (CVE-2026-9758). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53441 |
|
Cross-Site Scripting (XSS) in org.jenkins-ci.main:jenkins-core (CVE-2026-53441)
cross-site scripting in org.jenkins-ci.main:jenkins-core (CVE-2026-53441). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.568` or later.
|
| CVE-2026-52758 |
|
SQL Injection in sqli (CVE-2026-52758)
SQL injection in sqli (CVE-2026-52758). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52757 |
|
Use-After-Free in nsa (CVE-2026-52757)
vulnerability in nsa (CVE-2026-52757). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53438 |
|
Vulnerability in jenkins (CVE-2026-53438)
vulnerability in jenkins (CVE-2026-53438). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53439 |
|
Vulnerability in jenkins (CVE-2026-53439)
vulnerability in jenkins (CVE-2026-53439). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53435 |
|
Unsafe Deserialization in jenkins (CVE-2026-53435)
vulnerability in jenkins (CVE-2026-53435). Successful exploitation can lead to full system takeover. Exploitable via ``config.xml``. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53436 |
|
Open Redirect in jenkins (CVE-2026-53436)
vulnerability in jenkins (CVE-2026-53436). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53437 |
|
Open Redirect in jenkins (CVE-2026-53437)
vulnerability in jenkins (CVE-2026-53437). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53440 |
|
Open Redirect in jenkins (CVE-2026-53440)
vulnerability in jenkins (CVE-2026-53440). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-52754 |
|
Vulnerability in nsa (CVE-2026-52754)
vulnerability in nsa (CVE-2026-52754). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52750 |
|
Vulnerability in nsa (CVE-2026-52750)
vulnerability in nsa (CVE-2026-52750). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52751 |
|
Unsafe Deserialization in deserialization (CVE-2026-52751)
vulnerability in deserialization (CVE-2026-52751). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52752 |
|
Path Traversal in path-traversal (CVE-2026-52752)
path traversal in path-traversal (CVE-2026-52752). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52755 |
|
Path Traversal in path-traversal (CVE-2026-52755)
path traversal in path-traversal (CVE-2026-52755). Successful exploitation can lead to full system takeover.
|