Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-11645 KEV [KEV] Out-of-Bounds Read in Google chrome (CVE-2026-11645)
vulnerability in Google chrome (CVE-2026-11645). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-11643 Use-After-Free in google (CVE-2026-11643)
vulnerability in google (CVE-2026-11643). Successful exploitation can lead to full system takeover.
CVE-2026-11644 Use-After-Free in google (CVE-2026-11644)
vulnerability in google (CVE-2026-11644). Successful exploitation can lead to full system takeover.
CVE-2026-11646 Use-After-Free in google (CVE-2026-11646)
vulnerability in google (CVE-2026-11646). Successful exploitation can lead to full system takeover.
CVE-2026-11647 Use-After-Free in google (CVE-2026-11647)
vulnerability in google (CVE-2026-11647). Successful exploitation can lead to full system takeover.
CVE-2026-11648 Use-After-Free in google (CVE-2026-11648)
vulnerability in google (CVE-2026-11648). Successful exploitation can lead to full system takeover.
CVE-2026-11649 Use-After-Free in google (CVE-2026-11649)
vulnerability in google (CVE-2026-11649). Successful exploitation can lead to full system takeover.
CVE-2026-11650 Use-After-Free in google (CVE-2026-11650)
vulnerability in google (CVE-2026-11650). Successful exploitation can lead to full system takeover.
CVE-2026-11635 Use-After-Free in google (CVE-2026-11635)
vulnerability in google (CVE-2026-11635). Successful exploitation can lead to full system takeover.
CVE-2026-11636 Use-After-Free in google (CVE-2026-11636)
vulnerability in google (CVE-2026-11636). Successful exploitation can lead to full system takeover.
CVE-2026-11637 Use-After-Free in google (CVE-2026-11637)
vulnerability in google (CVE-2026-11637). Successful exploitation can lead to full system takeover.
CVE-2026-11638 Use-After-Free in google (CVE-2026-11638)
vulnerability in google (CVE-2026-11638). Successful exploitation can lead to full system takeover.
CVE-2026-11639 Use-After-Free in google (CVE-2026-11639)
vulnerability in google (CVE-2026-11639). Successful exploitation can lead to full system takeover.
CVE-2026-11641 Use-After-Free in google (CVE-2026-11641)
vulnerability in google (CVE-2026-11641). Successful exploitation can lead to full system takeover.
CVE-2026-11642 Use-After-Free in google (CVE-2026-11642)
vulnerability in google (CVE-2026-11642). Successful exploitation can lead to full system takeover.
CVE-2026-11640 Vulnerability in google (CVE-2026-11640)
vulnerability in google (CVE-2026-11640). Successful exploitation can lead to full system takeover.
CVE-2026-11629 Use-After-Free in CVE-2026-11629 (CVE-2026-11629)
vulnerability in CVE-2026-11629 (CVE-2026-11629). Successful exploitation can lead to full system takeover.
CVE-2026-11630 Use-After-Free in google (CVE-2026-11630)
vulnerability in google (CVE-2026-11630). Successful exploitation can lead to full system takeover.
CVE-2026-11631 Use-After-Free in google (CVE-2026-11631)
vulnerability in google (CVE-2026-11631). Successful exploitation can lead to full system takeover.
CVE-2026-11632 Use-After-Free in google (CVE-2026-11632)
vulnerability in google (CVE-2026-11632). Successful exploitation can lead to full system takeover.
CVE-2026-11633 Use-After-Free in google (CVE-2026-11633)
vulnerability in google (CVE-2026-11633). Successful exploitation can lead to full system takeover.
CVE-2026-11634 Use-After-Free in google (CVE-2026-11634)
vulnerability in google (CVE-2026-11634). Successful exploitation can lead to full system takeover.
CVE-2026-47734 Vulnerability in dulwich (CVE-2026-47734)
vulnerability in dulwich (CVE-2026-47734). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.5` or later.
CVE-2026-9669 Vulnerability in libpython (CVE-2026-9669)
vulnerability in libpython (CVE-2026-9669). Risk of unauthorized operations or information disclosure.
CVE-2026-47712 Path Traversal in dulwich (CVE-2026-47712)
path traversal in dulwich (CVE-2026-47712). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.5` or later.
CVE-2026-47244 Vulnerability in io.netty:netty-codec-http2 (CVE-2026-47244)
vulnerability in io.netty:netty-codec-http2 (CVE-2026-47244). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-46340 Vulnerability in io.netty:netty-transport-sctp (CVE-2026-46340)
vulnerability in io.netty:netty-transport-sctp (CVE-2026-46340). Risk of unauthorized operations or information disclosure. Exploitable via ``complete``. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-45673 Vulnerability in io.netty:netty-resolver-dns (CVE-2026-45673)
vulnerability in io.netty:netty-resolver-dns (CVE-2026-45673). Data can be tampered with by attackers. Exploitable via ``DnsQueryIdSpace``. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-45536 Information Disclosure in io.netty:netty-transport-native-epoll (CVE-2026-45536)
vulnerability in io.netty:netty-transport-native-epoll (CVE-2026-45536). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-45416 Vulnerability in io.netty:netty-handler (CVE-2026-45416)
vulnerability in io.netty:netty-handler (CVE-2026-45416). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-45034 Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-45034)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-45034). Risk of unauthorized operations or information disclosure. Exploitable via ``parse_url``. Mitigation: upgrade to `1.30.5` or later.
CVE-2026-44894 Vulnerability in io.netty:netty-codec-classes-quic (CVE-2026-44894)
vulnerability in io.netty:netty-codec-classes-quic (CVE-2026-44894). Data can be tampered with by attackers. Mitigation: upgrade to `4.2.15.Final` or later.
CVE-2026-11585 Vulnerability in sqli (CVE-2026-11585)
vulnerability in sqli (CVE-2026-11585). Risk of unauthorized operations or information disclosure.
CVE-2026-40215 Out-of-Bounds Read in CVE-2026-40215 (CVE-2026-40215)
vulnerability in CVE-2026-40215 (CVE-2026-40215). Risk of unauthorized operations or information disclosure.
CVE-2026-47344 Cross-Site Scripting (XSS) in typo3/html-sanitizer (CVE-2026-47344)
cross-site scripting in typo3/html-sanitizer (CVE-2026-47344). Risk of unauthorized operations or information disclosure. Exploitable via ``ALLOW_INSECURE_RAW_TEXT``. Mitigation: upgrade to `2.3.2` or later.
CVE-2026-47345 Cross-Site Scripting (XSS) in typo3/html-sanitizer (CVE-2026-47345)
cross-site scripting in typo3/html-sanitizer (CVE-2026-47345). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.2` or later.
CVE-2026-46484 Path Traversal in path-traversal (CVE-2026-46484)
path traversal in path-traversal (CVE-2026-46484). Data can be tampered with by attackers.
CVE-2026-11584 Vulnerability in sqli (CVE-2026-11584)
vulnerability in sqli (CVE-2026-11584). Risk of unauthorized operations or information disclosure.
CVE-2026-40519 OS Command Injection in nginx (CVE-2026-40519)
OS command injection in nginx (CVE-2026-40519). Successful exploitation can lead to full system takeover.
CVE-2026-11582 Vulnerability in sqli (CVE-2026-11582)
vulnerability in sqli (CVE-2026-11582). Risk of unauthorized operations or information disclosure.
CVE-2026-11583 Vulnerability in sqli (CVE-2026-11583)
vulnerability in sqli (CVE-2026-11583). Risk of unauthorized operations or information disclosure.
CVE-2026-11393 Code Injection in Amazon aws (CVE-2026-11393)
code injection in Amazon aws (CVE-2026-11393). Successful exploitation can lead to full system takeover.
CVE-2026-52778 Code Injection in yeswiki/yeswiki (CVE-2026-52778)
code injection in yeswiki/yeswiki (CVE-2026-52778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.6.6` or later.
CVE-2026-11559 Vulnerability in sqli (CVE-2026-11559)
vulnerability in sqli (CVE-2026-11559). Risk of unauthorized operations or information disclosure.
CVE-2026-11558 Vulnerability in sqli (CVE-2026-11558)
vulnerability in sqli (CVE-2026-11558). Risk of unauthorized operations or information disclosure.
CVE-2026-11557 Buffer Overflow in CVE-2026-11557 (CVE-2026-11557)
vulnerability in CVE-2026-11557 (CVE-2026-11557). Successful exploitation can lead to full system takeover.
CVE-2026-10787 Vulnerability in devolutions (CVE-2026-10787)
vulnerability in devolutions (CVE-2026-10787). Risk of unauthorized operations or information disclosure.
CVE-2026-10544 OS Command Injection in devolutions (CVE-2026-10544)
OS command injection in devolutions (CVE-2026-10544). Risk of unauthorized operations or information disclosure.
CVE-2026-10786 Vulnerability in devolutions (CVE-2026-10786)
vulnerability in devolutions (CVE-2026-10786). Confidential information can be exposed externally.
CVE-2026-44893 Vulnerability in io.netty:netty-codec-haproxy (CVE-2026-44893)
vulnerability in io.netty:netty-codec-haproxy (CVE-2026-44893). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →