Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-36499 |
|
Vulnerability in dos (CVE-2026-36499)
vulnerability in dos (CVE-2026-36499). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65640 |
|
Cross-Site Scripting (XSS) in CVE-2025-65640 (CVE-2025-65640)
cross-site scripting in CVE-2025-65640 (CVE-2025-65640). Confidential information can be exposed externally.
|
| CVE-2026-50292 |
|
Vulnerability in freedesktop (CVE-2026-50292)
vulnerability in freedesktop (CVE-2026-50292). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48040 |
|
Out-of-Bounds Read in io.netty.incubator:netty-incubator-codec-ohttp-hpke-native-boringssl (CVE-2026-48040)
vulnerability in io.netty.incubator:netty-incubator-codec-ohttp-hpke-native-boringssl (CVE-2026-48040). Confidential information can be exposed externally. Exploitable via ``sun.misc.Unsafe``. Mitigation: upgrade to `0.0.22.Final` or later.
|
| CVE-2026-10880 |
|
SQL Injection in sqli (CVE-2026-10880)
SQL injection in sqli (CVE-2026-10880). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69755 |
|
OS Command Injection in CVE-2025-69755 (CVE-2025-69755)
OS command injection in CVE-2025-69755 (CVE-2025-69755). Confidential information can be exposed externally.
|
| CVE-2026-10796 |
|
OS Command Injection in openjsf (CVE-2026-10796)
OS command injection in openjsf (CVE-2026-10796). Successful exploitation can lead to full system takeover. Exploitable via ``eval``.
|
| CVE-2026-25550 |
|
Vulnerability in csharp (CVE-2026-25550)
vulnerability in csharp (CVE-2026-25550). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25551 |
|
Unsafe Deserialization in csharp (CVE-2026-25551)
vulnerability in csharp (CVE-2026-25551). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67448 |
|
Cross-Site Scripting (XSS) in CVE-2025-67448 (CVE-2025-67448)
cross-site scripting in CVE-2025-67448 (CVE-2025-67448). Confidential information can be exposed externally.
|
| CVE-2025-67447 |
|
OS Command Injection in CVE-2025-67447 (CVE-2025-67447)
OS command injection in CVE-2025-67447 (CVE-2025-67447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50266 |
|
Authorization Flaw in CVE-2026-50266 (CVE-2026-50266)
vulnerability in CVE-2026-50266 (CVE-2026-50266). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50076 |
|
Unsafe Deserialization in apache (CVE-2026-50076)
vulnerability in apache (CVE-2026-50076). Confidential information can be exposed externally.
|
| CVE-2026-49941 |
|
Vulnerability in dos (CVE-2026-49941)
vulnerability in dos (CVE-2026-49941). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46739 |
|
Vulnerability in cosimo (CVE-2026-46739)
vulnerability in cosimo (CVE-2026-46739). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46741 |
|
Vulnerability in sanbeg (CVE-2026-46741)
vulnerability in sanbeg (CVE-2026-46741). Data can be tampered with by attackers.
|
| CVE-2026-7774 |
|
Path Traversal in libpython (CVE-2026-7774)
path traversal in libpython (CVE-2026-7774). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5228 |
|
Vulnerability in CVE-2026-5228 (CVE-2026-5228)
vulnerability in CVE-2026-5228 (CVE-2026-5228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43986 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43986)
SSRF in ssrf (CVE-2026-43986). Confidential information can be exposed externally. Exploitable via ``image_hash_lookup``.
|
| CVE-2026-44393 |
|
Vulnerability in CVE-2026-44393 (CVE-2026-44393)
vulnerability in CVE-2026-44393 (CVE-2026-44393). Confidential information can be exposed externally.
|
| CVE-2026-43985 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-43985)
vulnerability in csrf (CVE-2026-43985). Successful exploitation can lead to full system takeover. Exploitable via ``configUpdate``.
|
| CVE-2026-43984 |
|
Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
cross-site scripting in CVE-2026-43984 (CVE-2026-43984). Confidential information can be exposed externally. Exploitable via ``log_js_errors``.
|
| CVE-2026-40930 |
|
Vulnerability in CVE-2026-40930 (CVE-2026-40930)
vulnerability in CVE-2026-40930 (CVE-2026-40930). Risk of unauthorized operations or information disclosure. Exploitable via ``png_process_data``.
|
| CVE-2026-38570 |
|
Out-of-Bounds Read in dos (CVE-2026-38570)
vulnerability in dos (CVE-2026-38570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10868 |
|
Privilege Escalation in CVE-2026-10868 (CVE-2026-10868)
vulnerability in CVE-2026-10868 (CVE-2026-10868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10815 |
|
Vulnerability in CVE-2026-10815 (CVE-2026-10815)
vulnerability in CVE-2026-10815 (CVE-2026-10815). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21404 |
|
Vulnerability in cisa (CVE-2026-21404)
vulnerability in cisa (CVE-2026-21404). Data can be tampered with by attackers.
|
| CVE-2026-10864 |
|
Information Disclosure in misp (CVE-2026-10864)
vulnerability in misp (CVE-2026-10864). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36176 |
|
Vulnerability in CVE-2026-36176 (CVE-2026-36176)
vulnerability in CVE-2026-36176 (CVE-2026-36176). Confidential information can be exposed externally.
|
| CVE-2026-35905 |
|
Vulnerability in CVE-2026-35905 (CVE-2026-35905)
vulnerability in CVE-2026-35905 (CVE-2026-35905). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10811 |
|
Vulnerability in sqli (CVE-2026-10811)
vulnerability in sqli (CVE-2026-10811). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10863 |
|
Vulnerability in sqli (CVE-2026-10863)
vulnerability in sqli (CVE-2026-10863). Confidential information can be exposed externally.
|
| CVE-2026-36175 |
|
Vulnerability in CVE-2026-36175 (CVE-2026-36175)
vulnerability in CVE-2026-36175 (CVE-2026-36175). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35906 |
|
OS Command Injection in CVE-2026-35906 (CVE-2026-35906)
OS command injection in CVE-2026-35906 (CVE-2026-35906). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28318 KEV |
|
[KEV] Vulnerability in Solarwinds serv-u (CVE-2026-28318)
vulnerability in Solarwinds serv-u (CVE-2026-28318). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-35904 |
|
Vulnerability in CVE-2026-35904 (CVE-2026-35904)
vulnerability in CVE-2026-35904 (CVE-2026-35904). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36180 |
|
Vulnerability in CVE-2026-36180 (CVE-2026-36180)
vulnerability in CVE-2026-36180 (CVE-2026-36180). Data can be tampered with by attackers.
|
| CVE-2026-10855 |
|
Vulnerability in misp (CVE-2026-10855)
vulnerability in misp (CVE-2026-10855). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10860 |
|
Authorization Flaw in misp (CVE-2026-10860)
vulnerability in misp (CVE-2026-10860). Data can be tampered with by attackers.
|
| CVE-2026-10806 |
|
Vulnerability in CVE-2026-10806 (CVE-2026-10806)
vulnerability in CVE-2026-10806 (CVE-2026-10806). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10807 |
|
Vulnerability in CVE-2026-10807 (CVE-2026-10807)
vulnerability in CVE-2026-10807 (CVE-2026-10807). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10856 |
|
Open Redirect in misp (CVE-2026-10856)
vulnerability in misp (CVE-2026-10856). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10861 |
|
Open Redirect in misp (CVE-2026-10861)
vulnerability in misp (CVE-2026-10861). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10854 |
|
Information Disclosure in misp (CVE-2026-10854)
vulnerability in misp (CVE-2026-10854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45433 |
|
Vulnerability in CVE-2026-45433 (CVE-2026-45433)
vulnerability in CVE-2026-45433 (CVE-2026-45433). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10808 |
|
Vulnerability in sqli (CVE-2026-10808)
vulnerability in sqli (CVE-2026-10808). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10809 |
|
Vulnerability in sqli (CVE-2026-10809)
vulnerability in sqli (CVE-2026-10809). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8037 |
|
Command Injection in CVE-2026-8037 (CVE-2026-8037)
command injection in CVE-2026-8037 (CVE-2026-8037). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10810 |
|
Cross-Site Scripting (XSS) in CVE-2026-10810 (CVE-2026-10810)
cross-site scripting in CVE-2026-10810 (CVE-2026-10810). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25745 |
|
SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.
|