Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-11645 KEV |
|
[KEV] Out-of-Bounds Read in Google chrome (CVE-2026-11645)
vulnerability in Google chrome (CVE-2026-11645). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-11643 |
|
Use-After-Free in google (CVE-2026-11643)
vulnerability in google (CVE-2026-11643). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11644 |
|
Use-After-Free in google (CVE-2026-11644)
vulnerability in google (CVE-2026-11644). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11646 |
|
Use-After-Free in google (CVE-2026-11646)
vulnerability in google (CVE-2026-11646). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11647 |
|
Use-After-Free in google (CVE-2026-11647)
vulnerability in google (CVE-2026-11647). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11648 |
|
Use-After-Free in google (CVE-2026-11648)
vulnerability in google (CVE-2026-11648). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11649 |
|
Use-After-Free in google (CVE-2026-11649)
vulnerability in google (CVE-2026-11649). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11650 |
|
Use-After-Free in google (CVE-2026-11650)
vulnerability in google (CVE-2026-11650). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11635 |
|
Use-After-Free in google (CVE-2026-11635)
vulnerability in google (CVE-2026-11635). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11636 |
|
Use-After-Free in google (CVE-2026-11636)
vulnerability in google (CVE-2026-11636). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11637 |
|
Use-After-Free in google (CVE-2026-11637)
vulnerability in google (CVE-2026-11637). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11638 |
|
Use-After-Free in google (CVE-2026-11638)
vulnerability in google (CVE-2026-11638). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11639 |
|
Use-After-Free in google (CVE-2026-11639)
vulnerability in google (CVE-2026-11639). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11641 |
|
Use-After-Free in google (CVE-2026-11641)
vulnerability in google (CVE-2026-11641). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11642 |
|
Use-After-Free in google (CVE-2026-11642)
vulnerability in google (CVE-2026-11642). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11640 |
|
Vulnerability in google (CVE-2026-11640)
vulnerability in google (CVE-2026-11640). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11629 |
|
Use-After-Free in CVE-2026-11629 (CVE-2026-11629)
vulnerability in CVE-2026-11629 (CVE-2026-11629). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11630 |
|
Use-After-Free in google (CVE-2026-11630)
vulnerability in google (CVE-2026-11630). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11631 |
|
Use-After-Free in google (CVE-2026-11631)
vulnerability in google (CVE-2026-11631). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11632 |
|
Use-After-Free in google (CVE-2026-11632)
vulnerability in google (CVE-2026-11632). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11633 |
|
Use-After-Free in google (CVE-2026-11633)
vulnerability in google (CVE-2026-11633). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11634 |
|
Use-After-Free in google (CVE-2026-11634)
vulnerability in google (CVE-2026-11634). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47734 |
|
Vulnerability in dulwich (CVE-2026-47734)
vulnerability in dulwich (CVE-2026-47734). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.5` or later.
|
| CVE-2026-9669 |
|
Vulnerability in libpython (CVE-2026-9669)
vulnerability in libpython (CVE-2026-9669). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47712 |
|
Path Traversal in dulwich (CVE-2026-47712)
path traversal in dulwich (CVE-2026-47712). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.5` or later.
|
| CVE-2026-47244 |
|
Vulnerability in io.netty:netty-codec-http2 (CVE-2026-47244)
vulnerability in io.netty:netty-codec-http2 (CVE-2026-47244). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-46340 |
|
Vulnerability in io.netty:netty-transport-sctp (CVE-2026-46340)
vulnerability in io.netty:netty-transport-sctp (CVE-2026-46340). Risk of unauthorized operations or information disclosure. Exploitable via ``complete``. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-45673 |
|
Vulnerability in io.netty:netty-resolver-dns (CVE-2026-45673)
vulnerability in io.netty:netty-resolver-dns (CVE-2026-45673). Data can be tampered with by attackers. Exploitable via ``DnsQueryIdSpace``. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-45536 |
|
Information Disclosure in io.netty:netty-transport-native-epoll (CVE-2026-45536)
vulnerability in io.netty:netty-transport-native-epoll (CVE-2026-45536). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-45416 |
|
Vulnerability in io.netty:netty-handler (CVE-2026-45416)
vulnerability in io.netty:netty-handler (CVE-2026-45416). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-45034 |
|
Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-45034)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-45034). Risk of unauthorized operations or information disclosure. Exploitable via ``parse_url``. Mitigation: upgrade to `1.30.5` or later.
|
| CVE-2026-44894 |
|
Vulnerability in io.netty:netty-codec-classes-quic (CVE-2026-44894)
vulnerability in io.netty:netty-codec-classes-quic (CVE-2026-44894). Data can be tampered with by attackers. Mitigation: upgrade to `4.2.15.Final` or later.
|
| CVE-2026-11585 |
|
Vulnerability in sqli (CVE-2026-11585)
vulnerability in sqli (CVE-2026-11585). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40215 |
|
Out-of-Bounds Read in CVE-2026-40215 (CVE-2026-40215)
vulnerability in CVE-2026-40215 (CVE-2026-40215). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47344 |
|
Cross-Site Scripting (XSS) in typo3/html-sanitizer (CVE-2026-47344)
cross-site scripting in typo3/html-sanitizer (CVE-2026-47344). Risk of unauthorized operations or information disclosure. Exploitable via ``ALLOW_INSECURE_RAW_TEXT``. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-47345 |
|
Cross-Site Scripting (XSS) in typo3/html-sanitizer (CVE-2026-47345)
cross-site scripting in typo3/html-sanitizer (CVE-2026-47345). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-46484 |
|
Path Traversal in path-traversal (CVE-2026-46484)
path traversal in path-traversal (CVE-2026-46484). Data can be tampered with by attackers.
|
| CVE-2026-11584 |
|
Vulnerability in sqli (CVE-2026-11584)
vulnerability in sqli (CVE-2026-11584). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40519 |
|
OS Command Injection in nginx (CVE-2026-40519)
OS command injection in nginx (CVE-2026-40519). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11582 |
|
Vulnerability in sqli (CVE-2026-11582)
vulnerability in sqli (CVE-2026-11582). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11583 |
|
Vulnerability in sqli (CVE-2026-11583)
vulnerability in sqli (CVE-2026-11583). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11393 |
|
Code Injection in Amazon aws (CVE-2026-11393)
code injection in Amazon aws (CVE-2026-11393). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52778 |
|
Code Injection in yeswiki/yeswiki (CVE-2026-52778)
code injection in yeswiki/yeswiki (CVE-2026-52778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.6.6` or later.
|
| CVE-2026-11559 |
|
Vulnerability in sqli (CVE-2026-11559)
vulnerability in sqli (CVE-2026-11559). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11558 |
|
Vulnerability in sqli (CVE-2026-11558)
vulnerability in sqli (CVE-2026-11558). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11557 |
|
Buffer Overflow in CVE-2026-11557 (CVE-2026-11557)
vulnerability in CVE-2026-11557 (CVE-2026-11557). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10787 |
|
Vulnerability in devolutions (CVE-2026-10787)
vulnerability in devolutions (CVE-2026-10787). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10544 |
|
OS Command Injection in devolutions (CVE-2026-10544)
OS command injection in devolutions (CVE-2026-10544). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10786 |
|
Vulnerability in devolutions (CVE-2026-10786)
vulnerability in devolutions (CVE-2026-10786). Confidential information can be exposed externally.
|
| CVE-2026-44893 |
|
Vulnerability in io.netty:netty-codec-haproxy (CVE-2026-44893)
vulnerability in io.netty:netty-codec-haproxy (CVE-2026-44893). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
|