Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-49492 OS Command Injection in CVE-2026-49492 (CVE-2026-49492)
OS command injection in CVE-2026-49492 (CVE-2026-49492). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.8.28` or later.
CVE-2026-49493 Code Injection in CVE-2026-49493 (CVE-2026-49493)
code injection in CVE-2026-49493 (CVE-2026-49493). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.8.28` or later.
CVE-2026-45750 OS Command Injection in termix (CVE-2026-45750)
OS command injection in termix (CVE-2026-45750). Successful exploitation can lead to full system takeover. Exploitable via `GET /ssh/file_manager/ssh/resolvePath`.
CVE-2026-45748 OS Command Injection in termix (CVE-2026-45748)
OS command injection in termix (CVE-2026-45748). Successful exploitation can lead to full system takeover. Exploitable via `POST /ssh/tunnel/connect`.
CVE-2026-45746 Vulnerability in termix (CVE-2026-45746)
vulnerability in termix (CVE-2026-45746). Successful exploitation can lead to full system takeover.
CVE-2026-45745 Vulnerability in termix (CVE-2026-45745)
vulnerability in termix (CVE-2026-45745). Confidential information can be exposed externally.
CVE-2026-45744 OS Command Injection in termix (CVE-2026-45744)
OS command injection in termix (CVE-2026-45744). Successful exploitation can lead to full system takeover. Exploitable via `GET /ssh/file_manager/ssh/resolvePath`.
CVE-2026-45291 Vulnerability in CVE-2026-45291 (CVE-2026-45291)
vulnerability in CVE-2026-45291 (CVE-2026-45291). Risk of unauthorized operations or information disclosure.
CVE-2026-45290 Vulnerability in CVE-2026-45290 (CVE-2026-45290)
vulnerability in CVE-2026-45290 (CVE-2026-45290). Risk of unauthorized operations or information disclosure.
CVE-2026-36500 Path Traversal in path-traversal (CVE-2026-36500)
path traversal in path-traversal (CVE-2026-36500). Confidential information can be exposed externally.
CVE-2026-36501 Vulnerability in dos (CVE-2026-36501)
vulnerability in dos (CVE-2026-36501). Risk of unauthorized operations or information disclosure.
CVE-2026-11342 Vulnerability in sqli (CVE-2026-11342)
vulnerability in sqli (CVE-2026-11342). Risk of unauthorized operations or information disclosure.
CVE-2026-11341 Command Injection in CVE-2026-11341 (CVE-2026-11341)
command injection in CVE-2026-11341 (CVE-2026-11341). Risk of unauthorized operations or information disclosure.
CVE-2026-11344 Vulnerability in CVE-2026-11344 (CVE-2026-11344)
vulnerability in CVE-2026-11344 (CVE-2026-11344). Risk of unauthorized operations or information disclosure.
CVE-2025-71318 Vulnerability in CVE-2025-71318 (CVE-2025-71318)
vulnerability in CVE-2025-71318 (CVE-2025-71318). Successful exploitation can lead to full system takeover.
CVE-2025-71317 Vulnerability in CVE-2025-71317 (CVE-2025-71317)
vulnerability in CVE-2025-71317 (CVE-2025-71317). Successful exploitation can lead to full system takeover.
CVE-2026-8714 Vulnerability in tp-link (CVE-2026-8714)
vulnerability in tp-link (CVE-2026-8714). Risk of unauthorized operations or information disclosure.
CVE-2026-48112 Out-of-Bounds Read in 7-zip (CVE-2026-48112)
vulnerability in 7-zip (CVE-2026-48112). Confidential information can be exposed externally.
CVE-2026-48103 Out-of-Bounds Read in cpp (CVE-2026-48103)
vulnerability in cpp (CVE-2026-48103). Risk of unauthorized operations or information disclosure.
CVE-2026-48104 Out-of-Bounds Read in dos (CVE-2026-48104)
vulnerability in dos (CVE-2026-48104). Risk of unauthorized operations or information disclosure.
CVE-2026-48111 Out-of-Bounds Read in cpp (CVE-2026-48111)
vulnerability in cpp (CVE-2026-48111). Risk of unauthorized operations or information disclosure.
CVE-2026-11339 Vulnerability in c (CVE-2026-11339)
vulnerability in c (CVE-2026-11339). Risk of unauthorized operations or information disclosure.
CVE-2026-11338 Cross-Site Scripting (XSS) in CVE-2026-11338 (CVE-2026-11338)
cross-site scripting in CVE-2026-11338 (CVE-2026-11338). Risk of unauthorized operations or information disclosure.
CVE-2026-11337 Cross-Site Scripting (XSS) in CVE-2026-11337 (CVE-2026-11337)
cross-site scripting in CVE-2026-11337 (CVE-2026-11337). Risk of unauthorized operations or information disclosure.
CVE-2025-5089 Vulnerability in dos (CVE-2025-5089)
vulnerability in dos (CVE-2025-5089). Risk of unauthorized operations or information disclosure.
CVE-2025-5090 Vulnerability in dos (CVE-2025-5090)
vulnerability in dos (CVE-2025-5090). Risk of unauthorized operations or information disclosure.
CVE-2025-5088 Privilege Escalation in CVE-2025-5088 (CVE-2025-5088)
vulnerability in CVE-2025-5088 (CVE-2025-5088). Confidential information can be exposed externally.
CVE-2026-54533 Vulnerability in vantage6 (CVE-2026-54533)
vulnerability in vantage6 (CVE-2026-54533). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.0.0` or later.
CVE-2026-54445 Vulnerability in vantage6 (CVE-2026-54445)
vulnerability in vantage6 (CVE-2026-54445). Risk of unauthorized operations or information disclosure. Exploitable via ``root``. Mitigation: upgrade to `5.0.0` or later.
CVE-2026-48017 Code Injection in dbgate-api (CVE-2026-48017)
code injection in dbgate-api (CVE-2026-48017). Successful exploitation can lead to full system takeover. Exploitable via `POST /runners/load-reader`. Mitigation: upgrade to `7.1.9` or later.
CVE-2026-47684 SSRF (Server-Side Request Forgery) in @sync-in/server (CVE-2026-47684)
SSRF in @sync-in/server (CVE-2026-47684). Confidential information can be exposed externally. Mitigation: upgrade to `2.3.0` or later.
CVE-2026-47387 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47387)
cross-site scripting in nocodb (CVE-2026-47387). Risk of unauthorized operations or information disclosure. Exploitable via ``redirect_url``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47386 Vulnerability in nocodb (CVE-2026-47386)
vulnerability in nocodb (CVE-2026-47386). Risk of unauthorized operations or information disclosure. Exploitable via ``is_used``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47385 Path Traversal in nocodb (CVE-2026-47385)
path traversal in nocodb (CVE-2026-47385). Risk of unauthorized operations or information disclosure. Exploitable via ``fs.exists``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47384 SQL Injection in nocodb (CVE-2026-47384)
SQL injection in nocodb (CVE-2026-47384). Risk of unauthorized operations or information disclosure. Exploitable via ``column_name``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47383 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47383)
cross-site scripting in nocodb (CVE-2026-47383). Risk of unauthorized operations or information disclosure. Exploitable via ``localStorage``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47382 SSRF (Server-Side Request Forgery) in nocodb (CVE-2026-47382)
SSRF in nocodb (CVE-2026-47382). Risk of unauthorized operations or information disclosure. Exploitable via ``localhost``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-48101 Vulnerability in 7-zip (CVE-2026-48101)
vulnerability in 7-zip (CVE-2026-48101). Confidential information can be exposed externally.
CVE-2026-11336 Vulnerability in CVE-2026-11336 (CVE-2026-11336)
vulnerability in CVE-2026-11336 (CVE-2026-11336). Risk of unauthorized operations or information disclosure.
CVE-2026-11362 Vulnerability in binary (CVE-2026-11362)
vulnerability in binary (CVE-2026-11362). Successful exploitation can lead to full system takeover.
CVE-2026-9270 Vulnerability in binary (CVE-2026-9270)
vulnerability in binary (CVE-2026-9270). Confidential information can be exposed externally.
CVE-2026-48102 Out-of-Bounds Read in cpp (CVE-2026-48102)
vulnerability in cpp (CVE-2026-48102). Risk of unauthorized operations or information disclosure.
CVE-2026-47381 Vulnerability in nocodb (CVE-2026-47381)
vulnerability in nocodb (CVE-2026-47381). Risk of unauthorized operations or information disclosure. Exploitable via ``testConnection``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47380 Vulnerability in nocodb (CVE-2026-47380)
vulnerability in nocodb (CVE-2026-47380). Risk of unauthorized operations or information disclosure. Exploitable via ``auth.service.ts``. Mitigation: upgrade to `2026.04.1` or later.
CVE-2026-47379 Information Disclosure in nocodb (CVE-2026-47379)
vulnerability in nocodb (CVE-2026-47379). Risk of unauthorized operations or information disclosure. Exploitable via ``View.ts``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47377 Open Redirect in nocodb (CVE-2026-47377)
vulnerability in nocodb (CVE-2026-47377). Risk of unauthorized operations or information disclosure. Exploitable via ``hashRedirect``. Mitigation: upgrade to `2026.04.1` or later.
CVE-2026-47376 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47376)
cross-site scripting in nocodb (CVE-2026-47376). Risk of unauthorized operations or information disclosure. Exploitable via ``dataset.token``. Mitigation: upgrade to `2026.04.1` or later.
CVE-2026-47375 SQL Injection in nocodb (CVE-2026-47375)
SQL injection in nocodb (CVE-2026-47375). Risk of unauthorized operations or information disclosure. Exploitable via ``columnAdd``. Mitigation: upgrade to `2026.04.1` or later.
CVE-2026-47279 Vulnerability in nocodb (CVE-2026-47279)
vulnerability in nocodb (CVE-2026-47279). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v2/public/shared-view/`. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-47250 Vulnerability in mcp-server-kubernetes (CVE-2026-47250)
vulnerability in mcp-server-kubernetes (CVE-2026-47250). Confidential information can be exposed externally. Exploitable via ``kubectl_generic``. Mitigation: upgrade to `3.7.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →