Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-45329 |
|
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c vali...
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked....
|
| CVE-2026-45160 |
|
Out-of-Bounds Read in c (CVE-2026-45160)
vulnerability in c (CVE-2026-45160). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46546 |
|
Vulnerability in frappe (CVE-2026-46546)
vulnerability in frappe (CVE-2026-46546). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44634 |
|
Vulnerability in CVE-2026-44634 (CVE-2026-44634)
vulnerability in CVE-2026-44634 (CVE-2026-44634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47838 |
|
Authentication Bypass in org.springframework.security:spring-security-web (CVE-2026-47838)
authentication bypass in org.springframework.security:spring-security-web (CVE-2026-47838). Confidential information can be exposed externally. Exploitable via ``SubjectDnX509PrincipalExtractor``.
|
| CVE-2026-41726 |
|
Vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41726)
vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41726). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41721 |
|
Vulnerability in dos (CVE-2026-41721)
vulnerability in dos (CVE-2026-41721). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41731 |
|
Unsafe Deserialization in org.springframework.kafka:spring-kafka (CVE-2026-41731)
vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41731). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41732 |
|
Unsafe Deserialization in apache (CVE-2026-41732)
vulnerability in apache (CVE-2026-41732). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41728 |
|
Vulnerability in vmware (CVE-2026-41728)
vulnerability in vmware (CVE-2026-41728). Data can be tampered with by attackers.
|
| CVE-2026-41837 |
|
Vulnerability in vmware (CVE-2026-41837)
vulnerability in vmware (CVE-2026-41837). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41729 |
|
Vulnerability in vmware (CVE-2026-41729)
vulnerability in vmware (CVE-2026-41729). Confidential information can be exposed externally.
|
| CVE-2026-41719 |
|
Vulnerability in CVE-2026-41719 (CVE-2026-41719)
vulnerability in CVE-2026-41719 (CVE-2026-41719). Confidential information can be exposed externally.
|
| CVE-2026-41730 |
|
Vulnerability in vmware (CVE-2026-41730)
vulnerability in vmware (CVE-2026-41730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41727 |
|
Vulnerability in apache (CVE-2026-41727)
vulnerability in apache (CVE-2026-41727). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40991 |
|
XXE (XML External Entity) in CVE-2026-40991 (CVE-2026-40991)
vulnerability in CVE-2026-40991 (CVE-2026-40991). Confidential information can be exposed externally.
|
| CVE-2026-41003 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2026-41003)
cross-site scripting in vmware (CVE-2026-41003). Confidential information can be exposed externally.
|
| CVE-2026-9753 |
|
Vulnerability in mongodb (CVE-2026-9753)
vulnerability in mongodb (CVE-2026-9753). Confidential information can be exposed externally.
|
| CVE-2026-41716 |
|
Vulnerability in broadcom (CVE-2026-41716)
vulnerability in broadcom (CVE-2026-41716). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40988 |
|
Vulnerability in dos (CVE-2026-40988)
vulnerability in dos (CVE-2026-40988). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41711 |
|
Vulnerability in dos (CVE-2026-41711)
vulnerability in dos (CVE-2026-41711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40993 |
|
Unsafe Deserialization in vmware (CVE-2026-40993)
vulnerability in vmware (CVE-2026-40993). Data can be tampered with by attackers.
|
| CVE-2026-41714 |
|
Vulnerability in CVE-2026-41714 (CVE-2026-41714)
vulnerability in CVE-2026-41714 (CVE-2026-41714). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41008 |
|
Open Redirect in broadcom (CVE-2026-41008)
vulnerability in broadcom (CVE-2026-41008). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41706 |
|
Open Redirect in vmware (CVE-2026-41706)
vulnerability in vmware (CVE-2026-41706). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41694 |
|
Vulnerability in vmware (CVE-2026-41694)
vulnerability in vmware (CVE-2026-41694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41717 |
|
Vulnerability in vmware (CVE-2026-41717)
vulnerability in vmware (CVE-2026-41717). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41701 |
|
Vulnerability in CVE-2026-41701 (CVE-2026-41701)
vulnerability in CVE-2026-41701 (CVE-2026-41701). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9735 |
|
Vulnerability in mongodb (CVE-2026-9735)
vulnerability in mongodb (CVE-2026-9735). Confidential information can be exposed externally.
|
| CVE-2026-9751 |
|
Vulnerability in mongodb (CVE-2026-9751)
vulnerability in mongodb (CVE-2026-9751). Confidential information can be exposed externally. Mitigation: upgrade to `7.0.35, 8.0.24, 8.2.10, 8.3.3` or later.
|
| CVE-2026-9742 |
|
Vulnerability in mongodb (CVE-2026-9742)
vulnerability in mongodb (CVE-2026-9742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9743 |
|
Vulnerability in dos (CVE-2026-9743)
vulnerability in dos (CVE-2026-9743). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9752 |
|
Vulnerability in mongodb (CVE-2026-9752)
vulnerability in mongodb (CVE-2026-9752). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44963 |
|
Unsafe Deserialization in CVE-2026-44963 (CVE-2026-44963)
vulnerability in CVE-2026-44963 (CVE-2026-44963). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46541 |
|
Vulnerability in CVE-2026-46541 (CVE-2026-46541)
vulnerability in CVE-2026-46541 (CVE-2026-46541). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46518 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2026-46518)
cross-site scripting in csrf (CVE-2026-46518). Confidential information can be exposed externally.
|
| CVE-2026-45782 |
|
Use-After-Free in CVE-2026-45782 (CVE-2026-45782)
vulnerability in CVE-2026-45782 (CVE-2026-45782). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44505 |
|
Vulnerability in CVE-2026-44505 (CVE-2026-44505)
vulnerability in CVE-2026-44505 (CVE-2026-44505). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41695 |
|
Vulnerability in dos (CVE-2026-41695)
vulnerability in dos (CVE-2026-41695). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46433 |
|
Out-of-Bounds Read in c (CVE-2026-46433)
vulnerability in c (CVE-2026-46433). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47903 |
|
Vulnerability in adobe (CVE-2026-47903)
vulnerability in adobe (CVE-2026-47903). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47902 |
|
Vulnerability in adobe (CVE-2026-47902)
vulnerability in adobe (CVE-2026-47902). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47904 |
|
Vulnerability in adobe (CVE-2026-47904)
vulnerability in adobe (CVE-2026-47904). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47905 |
|
Vulnerability in adobe (CVE-2026-47905)
vulnerability in adobe (CVE-2026-47905). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34713 |
|
Vulnerability in adobe (CVE-2026-34713)
vulnerability in adobe (CVE-2026-34713). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34712 |
|
Vulnerability in adobe (CVE-2026-34712)
vulnerability in adobe (CVE-2026-34712). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34711 |
|
Vulnerability in adobe (CVE-2026-34711)
vulnerability in adobe (CVE-2026-34711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25860 |
|
Cross-Site Scripting (XSS) in CVE-2026-25860 (CVE-2026-25860)
cross-site scripting in CVE-2026-25860 (CVE-2026-25860). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34417 |
|
Cross-Site Scripting (XSS) in CVE-2026-34417 (CVE-2026-34417)
cross-site scripting in CVE-2026-34417 (CVE-2026-34417). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34657 |
|
Path Traversal in path-traversal (CVE-2026-34657)
path traversal in path-traversal (CVE-2026-34657). Data can be tampered with by attackers.
|