Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-47351 Information Disclosure in typo3/cms-core (CVE-2026-47351)
vulnerability in typo3/cms-core (CVE-2026-47351). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-47348 Cross-Site Scripting (XSS) in typo3/cms-core (CVE-2026-47348)
cross-site scripting in typo3/cms-core (CVE-2026-47348). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-47347 Open Redirect in typo3/cms-core (CVE-2026-47347)
vulnerability in typo3/cms-core (CVE-2026-47347). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-11607 Vulnerability in typo3/cms-core (CVE-2026-11607)
vulnerability in typo3/cms-core (CVE-2026-11607). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
CVE-2026-4058 Vulnerability in wordpress (CVE-2026-4058)
vulnerability in wordpress (CVE-2026-4058). Risk of unauthorized operations or information disclosure.
CVE-2026-52902 Path Traversal in path-traversal (CVE-2026-52902)
path traversal in path-traversal (CVE-2026-52902). Confidential information can be exposed externally.
CVE-2026-46748 Vulnerability in siemens (CVE-2026-46748)
vulnerability in siemens (CVE-2026-46748). Successful exploitation can lead to full system takeover.
CVE-2026-46746 OS Command Injection in siemens (CVE-2026-46746)
OS command injection in siemens (CVE-2026-46746). Successful exploitation can lead to full system takeover.
CVE-2026-41031 Cross-Site Scripting (XSS) in CVE-2026-41031 (CVE-2026-41031)
cross-site scripting in CVE-2026-41031 (CVE-2026-41031). Confidential information can be exposed externally.
CVE-2026-10731 SQL Injection in sqli (CVE-2026-10731)
SQL injection in sqli (CVE-2026-10731). Risk of unauthorized operations or information disclosure.
CVE-2025-40808 Unrestricted File Upload in dos (CVE-2025-40808)
vulnerability in dos (CVE-2025-40808). Data can be tampered with by attackers.
CVE-2025-10263 Vulnerability in CVE-2025-10263 (CVE-2025-10263)
vulnerability in CVE-2025-10263 (CVE-2025-10263). Confidential information can be exposed externally.
CVE-2026-8365 Unsafe Deserialization in wordpress (CVE-2026-8365)
vulnerability in wordpress (CVE-2026-8365). Successful exploitation can lead to full system takeover.
CVE-2026-49818 Path Traversal in apache-airflow-providers-samba (CVE-2026-49818)
path traversal in apache-airflow-providers-samba (CVE-2026-49818). Risk of unauthorized operations or information disclosure. Exploitable via ``GCSToSambaOperator``. Mitigation: upgrade to `4.12.6` or later.
CVE-2026-34905 Information Disclosure in apache (CVE-2026-34905)
vulnerability in apache (CVE-2026-34905). Confidential information can be exposed externally.
CVE-2026-7542 Information Disclosure in wordpress (CVE-2026-7542)
vulnerability in wordpress (CVE-2026-7542). Confidential information can be exposed externally.
CVE-2026-34031 Unrestricted File Upload in apache (CVE-2026-34031)
vulnerability in apache (CVE-2026-34031). Risk of unauthorized operations or information disclosure.
CVE-2026-33582 Unrestricted File Upload in apache (CVE-2026-33582)
vulnerability in apache (CVE-2026-33582). Risk of unauthorized operations or information disclosure.
CVE-2026-11616 Privilege Escalation in wordpress (CVE-2026-11616)
vulnerability in wordpress (CVE-2026-11616). Successful exploitation can lead to full system takeover.
CVE-2026-28262 Vulnerability in CVE-2026-28262 (CVE-2026-28262)
vulnerability in CVE-2026-28262 (CVE-2026-28262). Data can be tampered with by attackers.
CVE-2026-34033 Cross-Site Scripting (XSS) in apache (CVE-2026-34033)
cross-site scripting in apache (CVE-2026-34033). Risk of unauthorized operations or information disclosure.
CVE-2026-8677 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8677)
cross-site scripting in wordpress (CVE-2026-8677). Risk of unauthorized operations or information disclosure.
CVE-2026-8599 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8599)
cross-site scripting in wordpress (CVE-2026-8599). Risk of unauthorized operations or information disclosure.
CVE-2026-5068 Out-of-Bounds Write in c (CVE-2026-5068)
out-of-bounds write in c (CVE-2026-5068). Risk of unauthorized operations or information disclosure.
CVE-2026-9698 Out-of-Bounds Write in perl (CVE-2026-9698)
out-of-bounds write in perl (CVE-2026-9698). Successful exploitation can lead to full system takeover.
CVE-2026-41984 Vulnerability in CVE-2026-41984 (CVE-2026-41984)
vulnerability in CVE-2026-41984 (CVE-2026-41984). Risk of unauthorized operations or information disclosure.
CVE-2026-41985 Vulnerability in CVE-2026-41985 (CVE-2026-41985)
vulnerability in CVE-2026-41985 (CVE-2026-41985). Data can be tampered with by attackers.
CVE-2026-41981 Vulnerability in CVE-2026-41981 (CVE-2026-41981)
vulnerability in CVE-2026-41981 (CVE-2026-41981). Risk of unauthorized operations or information disclosure.
CVE-2026-41982 Use-After-Free in CVE-2026-41982 (CVE-2026-41982)
vulnerability in CVE-2026-41982 (CVE-2026-41982). Confidential information can be exposed externally.
CVE-2026-41983 Vulnerability in dos (CVE-2026-41983)
vulnerability in dos (CVE-2026-41983). Risk of unauthorized operations or information disclosure.
CVE-2026-41974 Vulnerability in CVE-2026-41974 (CVE-2026-41974)
vulnerability in CVE-2026-41974 (CVE-2026-41974). Risk of unauthorized operations or information disclosure.
CVE-2026-41972 Path Traversal in path-traversal (CVE-2026-41972)
path traversal in path-traversal (CVE-2026-41972). Risk of unauthorized operations or information disclosure.
CVE-2026-41977 Vulnerability in dos (CVE-2026-41977)
vulnerability in dos (CVE-2026-41977). Risk of unauthorized operations or information disclosure.
CVE-2025-62858 Vulnerability in qnap (CVE-2025-62858)
vulnerability in qnap (CVE-2025-62858). Data can be tampered with by attackers.
CVE-2026-8981 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8981)
cross-site scripting in wordpress (CVE-2026-8981). Risk of unauthorized operations or information disclosure.
CVE-2026-11572 Command Injection in CVE-2026-11572 (CVE-2026-11572)
command injection in CVE-2026-11572 (CVE-2026-11572). Successful exploitation can lead to full system takeover.
CVE-2026-41539 Cross-Site Scripting (XSS) in qnap (CVE-2026-41539)
cross-site scripting in qnap (CVE-2026-41539). Risk of unauthorized operations or information disclosure.
CVE-2026-5067 Vulnerability in dos (CVE-2026-5067)
vulnerability in dos (CVE-2026-5067). Successful exploitation can lead to full system takeover.
CVE-2026-4986 Vulnerability in wordpress (CVE-2026-4986)
vulnerability in wordpress (CVE-2026-4986). Risk of unauthorized operations or information disclosure.
CVE-2026-9662 Vulnerability in wordpress (CVE-2026-9662)
vulnerability in wordpress (CVE-2026-9662). Successful exploitation can lead to full system takeover. Exploitable via ``tpf``.
CVE-2026-8977 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8977)
cross-site scripting in wordpress (CVE-2026-8977). Risk of unauthorized operations or information disclosure.
CVE-2026-8895 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8895)
cross-site scripting in wordpress (CVE-2026-8895). Risk of unauthorized operations or information disclosure.
CVE-2026-8902 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8902)
vulnerability in wordpress (CVE-2026-8902). Risk of unauthorized operations or information disclosure.
CVE-2026-8904 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8904)
vulnerability in wordpress (CVE-2026-8904). Risk of unauthorized operations or information disclosure.
CVE-2026-8907 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8907)
vulnerability in wordpress (CVE-2026-8907). Risk of unauthorized operations or information disclosure.
CVE-2026-8909 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8909)
vulnerability in wordpress (CVE-2026-8909). Risk of unauthorized operations or information disclosure.
CVE-2026-8910 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8910)
vulnerability in wordpress (CVE-2026-8910). Risk of unauthorized operations or information disclosure.
CVE-2026-8940 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8940)
vulnerability in wordpress (CVE-2026-8940). Risk of unauthorized operations or information disclosure.
CVE-2026-8499 Vulnerability in wordpress (CVE-2026-8499)
vulnerability in wordpress (CVE-2026-8499). Risk of unauthorized operations or information disclosure. Exploitable via ``token``.
CVE-2026-7662 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7662)
cross-site scripting in wordpress (CVE-2026-7662). Risk of unauthorized operations or information disclosure. Exploitable via ``epaperflip_embed``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →