Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-36499 Vulnerability in dos (CVE-2026-36499)
vulnerability in dos (CVE-2026-36499). Risk of unauthorized operations or information disclosure.
CVE-2025-65640 Cross-Site Scripting (XSS) in CVE-2025-65640 (CVE-2025-65640)
cross-site scripting in CVE-2025-65640 (CVE-2025-65640). Confidential information can be exposed externally.
CVE-2026-50292 Vulnerability in freedesktop (CVE-2026-50292)
vulnerability in freedesktop (CVE-2026-50292). Successful exploitation can lead to full system takeover.
CVE-2026-48040 Out-of-Bounds Read in io.netty.incubator:netty-incubator-codec-ohttp-hpke-native-boringssl (CVE-2026-48040)
vulnerability in io.netty.incubator:netty-incubator-codec-ohttp-hpke-native-boringssl (CVE-2026-48040). Confidential information can be exposed externally. Exploitable via ``sun.misc.Unsafe``. Mitigation: upgrade to `0.0.22.Final` or later.
CVE-2026-10880 SQL Injection in sqli (CVE-2026-10880)
SQL injection in sqli (CVE-2026-10880). Successful exploitation can lead to full system takeover.
CVE-2025-69755 OS Command Injection in CVE-2025-69755 (CVE-2025-69755)
OS command injection in CVE-2025-69755 (CVE-2025-69755). Confidential information can be exposed externally.
CVE-2026-10796 OS Command Injection in openjsf (CVE-2026-10796)
OS command injection in openjsf (CVE-2026-10796). Successful exploitation can lead to full system takeover. Exploitable via ``eval``.
CVE-2026-25550 Vulnerability in csharp (CVE-2026-25550)
vulnerability in csharp (CVE-2026-25550). Successful exploitation can lead to full system takeover.
CVE-2026-25551 Unsafe Deserialization in csharp (CVE-2026-25551)
vulnerability in csharp (CVE-2026-25551). Successful exploitation can lead to full system takeover.
CVE-2025-67448 Cross-Site Scripting (XSS) in CVE-2025-67448 (CVE-2025-67448)
cross-site scripting in CVE-2025-67448 (CVE-2025-67448). Confidential information can be exposed externally.
CVE-2025-67447 OS Command Injection in CVE-2025-67447 (CVE-2025-67447)
OS command injection in CVE-2025-67447 (CVE-2025-67447). Successful exploitation can lead to full system takeover.
CVE-2026-50266 Authorization Flaw in CVE-2026-50266 (CVE-2026-50266)
vulnerability in CVE-2026-50266 (CVE-2026-50266). Risk of unauthorized operations or information disclosure.
CVE-2026-50076 Unsafe Deserialization in apache (CVE-2026-50076)
vulnerability in apache (CVE-2026-50076). Confidential information can be exposed externally.
CVE-2026-49941 Vulnerability in dos (CVE-2026-49941)
vulnerability in dos (CVE-2026-49941). Risk of unauthorized operations or information disclosure.
CVE-2026-46739 Vulnerability in cosimo (CVE-2026-46739)
vulnerability in cosimo (CVE-2026-46739). Risk of unauthorized operations or information disclosure.
CVE-2026-46741 Vulnerability in sanbeg (CVE-2026-46741)
vulnerability in sanbeg (CVE-2026-46741). Data can be tampered with by attackers.
CVE-2026-7774 Path Traversal in libpython (CVE-2026-7774)
path traversal in libpython (CVE-2026-7774). Risk of unauthorized operations or information disclosure.
CVE-2026-5228 Vulnerability in CVE-2026-5228 (CVE-2026-5228)
vulnerability in CVE-2026-5228 (CVE-2026-5228). Successful exploitation can lead to full system takeover.
CVE-2026-43986 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43986)
SSRF in ssrf (CVE-2026-43986). Confidential information can be exposed externally. Exploitable via ``image_hash_lookup``.
CVE-2026-44393 Vulnerability in CVE-2026-44393 (CVE-2026-44393)
vulnerability in CVE-2026-44393 (CVE-2026-44393). Confidential information can be exposed externally.
CVE-2026-43985 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-43985)
vulnerability in csrf (CVE-2026-43985). Successful exploitation can lead to full system takeover. Exploitable via ``configUpdate``.
CVE-2026-43984 Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
cross-site scripting in CVE-2026-43984 (CVE-2026-43984). Confidential information can be exposed externally. Exploitable via ``log_js_errors``.
CVE-2026-40930 Vulnerability in CVE-2026-40930 (CVE-2026-40930)
vulnerability in CVE-2026-40930 (CVE-2026-40930). Risk of unauthorized operations or information disclosure. Exploitable via ``png_process_data``.
CVE-2026-38570 Out-of-Bounds Read in dos (CVE-2026-38570)
vulnerability in dos (CVE-2026-38570). Risk of unauthorized operations or information disclosure.
CVE-2026-10868 Privilege Escalation in CVE-2026-10868 (CVE-2026-10868)
vulnerability in CVE-2026-10868 (CVE-2026-10868). Risk of unauthorized operations or information disclosure.
CVE-2026-10815 Vulnerability in CVE-2026-10815 (CVE-2026-10815)
vulnerability in CVE-2026-10815 (CVE-2026-10815). Risk of unauthorized operations or information disclosure.
CVE-2026-21404 Vulnerability in cisa (CVE-2026-21404)
vulnerability in cisa (CVE-2026-21404). Data can be tampered with by attackers.
CVE-2026-10864 Information Disclosure in misp (CVE-2026-10864)
vulnerability in misp (CVE-2026-10864). Risk of unauthorized operations or information disclosure.
CVE-2026-36176 Vulnerability in CVE-2026-36176 (CVE-2026-36176)
vulnerability in CVE-2026-36176 (CVE-2026-36176). Confidential information can be exposed externally.
CVE-2026-35905 Vulnerability in CVE-2026-35905 (CVE-2026-35905)
vulnerability in CVE-2026-35905 (CVE-2026-35905). Successful exploitation can lead to full system takeover.
CVE-2026-10811 Vulnerability in sqli (CVE-2026-10811)
vulnerability in sqli (CVE-2026-10811). Risk of unauthorized operations or information disclosure.
CVE-2026-10863 Vulnerability in sqli (CVE-2026-10863)
vulnerability in sqli (CVE-2026-10863). Confidential information can be exposed externally.
CVE-2026-36175 Vulnerability in CVE-2026-36175 (CVE-2026-36175)
vulnerability in CVE-2026-36175 (CVE-2026-36175). Successful exploitation can lead to full system takeover.
CVE-2026-35906 OS Command Injection in CVE-2026-35906 (CVE-2026-35906)
OS command injection in CVE-2026-35906 (CVE-2026-35906). Successful exploitation can lead to full system takeover.
CVE-2026-28318 KEV [KEV] Vulnerability in Solarwinds serv-u (CVE-2026-28318)
vulnerability in Solarwinds serv-u (CVE-2026-28318). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-35904 Vulnerability in CVE-2026-35904 (CVE-2026-35904)
vulnerability in CVE-2026-35904 (CVE-2026-35904). Successful exploitation can lead to full system takeover.
CVE-2026-36180 Vulnerability in CVE-2026-36180 (CVE-2026-36180)
vulnerability in CVE-2026-36180 (CVE-2026-36180). Data can be tampered with by attackers.
CVE-2026-10855 Vulnerability in misp (CVE-2026-10855)
vulnerability in misp (CVE-2026-10855). Risk of unauthorized operations or information disclosure.
CVE-2026-10860 Authorization Flaw in misp (CVE-2026-10860)
vulnerability in misp (CVE-2026-10860). Data can be tampered with by attackers.
CVE-2026-10806 Vulnerability in CVE-2026-10806 (CVE-2026-10806)
vulnerability in CVE-2026-10806 (CVE-2026-10806). Risk of unauthorized operations or information disclosure.
CVE-2026-10807 Vulnerability in CVE-2026-10807 (CVE-2026-10807)
vulnerability in CVE-2026-10807 (CVE-2026-10807). Risk of unauthorized operations or information disclosure.
CVE-2026-10856 Open Redirect in misp (CVE-2026-10856)
vulnerability in misp (CVE-2026-10856). Risk of unauthorized operations or information disclosure.
CVE-2026-10861 Open Redirect in misp (CVE-2026-10861)
vulnerability in misp (CVE-2026-10861). Risk of unauthorized operations or information disclosure.
CVE-2026-10854 Information Disclosure in misp (CVE-2026-10854)
vulnerability in misp (CVE-2026-10854). Risk of unauthorized operations or information disclosure.
CVE-2026-45433 Vulnerability in CVE-2026-45433 (CVE-2026-45433)
vulnerability in CVE-2026-45433 (CVE-2026-45433). Risk of unauthorized operations or information disclosure.
CVE-2026-10808 Vulnerability in sqli (CVE-2026-10808)
vulnerability in sqli (CVE-2026-10808). Risk of unauthorized operations or information disclosure.
CVE-2026-10809 Vulnerability in sqli (CVE-2026-10809)
vulnerability in sqli (CVE-2026-10809). Risk of unauthorized operations or information disclosure.
CVE-2026-8037 Command Injection in CVE-2026-8037 (CVE-2026-8037)
command injection in CVE-2026-8037 (CVE-2026-8037). Successful exploitation can lead to full system takeover.
CVE-2026-10810 Cross-Site Scripting (XSS) in CVE-2026-10810 (CVE-2026-10810)
cross-site scripting in CVE-2026-10810 (CVE-2026-10810). Risk of unauthorized operations or information disclosure.
CVE-2019-25745 SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →