Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-20175 |
|
Vulnerability in cisco (CVE-2026-20175)
vulnerability in cisco (CVE-2026-20175). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20230 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Cisco ssrf (CVE-2026-20230)
SSRF in Cisco ssrf (CVE-2026-20230). Data can be tampered with by attackers. Listed in CISA KEV — actively exploited.
|
| CVE-2026-44281 |
|
Vulnerability in CVE-2026-44281 (CVE-2026-44281)
vulnerability in CVE-2026-44281 (CVE-2026-44281). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42321 |
|
Cross-Site Scripting (XSS) in CVE-2026-42321 (CVE-2026-42321)
cross-site scripting in CVE-2026-42321 (CVE-2026-42321). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36748 |
|
Cross-Site Scripting (XSS) in CVE-2026-36748 (CVE-2026-36748)
cross-site scripting in CVE-2026-36748 (CVE-2026-36748). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37462 |
|
Vulnerability in dos (CVE-2026-37462)
vulnerability in dos (CVE-2026-37462). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42317 |
|
Vulnerability in CVE-2026-42317 (CVE-2026-42317)
vulnerability in CVE-2026-42317 (CVE-2026-42317). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42318 |
|
Vulnerability in CVE-2026-42318 (CVE-2026-42318)
vulnerability in CVE-2026-42318 (CVE-2026-42318). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42320 |
|
Vulnerability in CVE-2026-42320 (CVE-2026-42320)
vulnerability in CVE-2026-42320 (CVE-2026-42320). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36574 |
|
Vulnerability in CVE-2026-36574 (CVE-2026-36574)
vulnerability in CVE-2026-36574 (CVE-2026-36574). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36576 |
|
OS Command Injection in CVE-2026-36576 (CVE-2026-36576)
OS command injection in CVE-2026-36576 (CVE-2026-36576). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31114 |
|
Cross-Site Scripting (XSS) in backpack/crud (CVE-2022-31114)
cross-site scripting in backpack/crud (CVE-2022-31114). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.63` or later.
|
| CVE-2026-10770 |
|
Cross-Site Scripting (XSS) in drupal/cleantalk (CVE-2026-10770)
cross-site scripting in drupal/cleantalk (CVE-2026-10770). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.7.1` or later.
|
| CVE-2026-10769 |
|
Cross-Site Scripting (XSS) in drupal/commerce (CVE-2026-10769)
cross-site scripting in drupal/commerce (CVE-2026-10769). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.6` or later.
|
| CVE-2026-10768 |
|
Vulnerability in drupal/localgov_workflows (CVE-2026-10768)
vulnerability in drupal/localgov_workflows (CVE-2026-10768). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.6.0` or later.
|
| CVE-2026-8404 |
|
Vulnerability in django (CVE-2026-8404)
vulnerability in django (CVE-2026-8404). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.2.15, 6.0.6` or later.
|
| CVE-2026-6873 |
|
Vulnerability in django (CVE-2026-6873)
vulnerability in django (CVE-2026-6873). Risk of unauthorized operations or information disclosure. Exploitable via ``django.http.HttpRequest.get_signed_cookie``. Mitigation: upgrade to `5.2.15, 6.0.6` or later.
|
| CVE-2026-5241 |
|
Vulnerability in huggingface (CVE-2026-5241)
vulnerability in huggingface (CVE-2026-5241). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``.
|
| CVE-2026-47324 |
|
Cross-Site Scripting (XSS) in CVE-2026-47324 (CVE-2026-47324)
cross-site scripting in CVE-2026-47324 (CVE-2026-47324). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47325 |
|
Vulnerability in CVE-2026-47325 (CVE-2026-47325)
vulnerability in CVE-2026-47325 (CVE-2026-47325). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44546 |
|
Vulnerability in daphne (CVE-2026-44546)
vulnerability in daphne (CVE-2026-44546). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.2.2` or later.
|
| CVE-2026-44545 |
|
Vulnerability in daphne (CVE-2026-44545)
vulnerability in daphne (CVE-2026-44545). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.2.2` or later.
|
| CVE-2026-37460 |
|
Vulnerability in c (CVE-2026-37460)
vulnerability in c (CVE-2026-37460). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35193 |
|
Vulnerability in django (CVE-2026-35193)
vulnerability in django (CVE-2026-35193). Risk of unauthorized operations or information disclosure. Exploitable via ``Authorization``. Mitigation: upgrade to `5.2.15, 6.0.6` or later.
|
| CVE-2026-10729 |
|
Vulnerability in CVE-2026-10729 (CVE-2026-10729)
vulnerability in CVE-2026-10729 (CVE-2026-10729). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60477 |
|
Vulnerability in c (CVE-2025-60477)
vulnerability in c (CVE-2025-60477). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-70101 |
|
Out-of-Bounds Read in c (CVE-2025-70101)
vulnerability in c (CVE-2025-70101). Confidential information can be exposed externally.
|
| CVE-2024-47263 |
|
Path Traversal in path-traversal (CVE-2024-47263)
path traversal in path-traversal (CVE-2024-47263). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-47273 |
|
Path Traversal in path-traversal (CVE-2024-47273)
path traversal in path-traversal (CVE-2024-47273). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-49042 |
|
Vulnerability in synology (CVE-2022-49042)
vulnerability in synology (CVE-2022-49042). Successful exploitation can lead to full system takeover.
|
| CVE-2022-49036 |
|
Vulnerability in synology (CVE-2022-49036)
vulnerability in synology (CVE-2022-49036). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35084 |
|
Vulnerability in mbs-solutions (CVE-2026-35084)
vulnerability in mbs-solutions (CVE-2026-35084). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35085 |
|
Vulnerability in mbs-solutions (CVE-2026-35085)
vulnerability in mbs-solutions (CVE-2026-35085). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35083 |
|
Vulnerability in mbs-solutions (CVE-2026-35083)
vulnerability in mbs-solutions (CVE-2026-35083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35079 |
|
Vulnerability in mbs-solutions (CVE-2026-35079)
vulnerability in mbs-solutions (CVE-2026-35079). Data can be tampered with by attackers.
|
| CVE-2026-35080 |
|
Vulnerability in mbs-solutions (CVE-2026-35080)
vulnerability in mbs-solutions (CVE-2026-35080). Data can be tampered with by attackers.
|
| CVE-2026-35082 |
|
Path Traversal in mbs-solutions (CVE-2026-35082)
path traversal in mbs-solutions (CVE-2026-35082). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35081 |
|
Vulnerability in mbs-solutions (CVE-2026-35081)
vulnerability in mbs-solutions (CVE-2026-35081). Data can be tampered with by attackers.
|
| CVE-2026-10722 |
|
Vulnerability in cilium (CVE-2026-10722)
vulnerability in cilium (CVE-2026-10722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35076 |
|
Vulnerability in mbs-solutions (CVE-2026-35076)
vulnerability in mbs-solutions (CVE-2026-35076). Data can be tampered with by attackers.
|
| CVE-2026-35077 |
|
Vulnerability in mbs-solutions (CVE-2026-35077)
vulnerability in mbs-solutions (CVE-2026-35077). Data can be tampered with by attackers.
|
| CVE-2026-35078 |
|
Vulnerability in mbs-solutions (CVE-2026-35078)
vulnerability in mbs-solutions (CVE-2026-35078). Data can be tampered with by attackers.
|
| CVE-2026-35075 |
|
Vulnerability in mbs-solutions (CVE-2026-35075)
vulnerability in mbs-solutions (CVE-2026-35075). Successful exploitation can lead to full system takeover.
|
| CVE-2025-41259 |
|
Vulnerability in CVE-2025-41259 (CVE-2025-41259)
vulnerability in CVE-2025-41259 (CVE-2025-41259). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41032 |
|
Information Disclosure in CVE-2026-41032 (CVE-2026-41032)
vulnerability in CVE-2026-41032 (CVE-2026-41032). Confidential information can be exposed externally.
|
| CVE-2025-15655 |
|
SQL Injection in sqli (CVE-2025-15655)
SQL injection in sqli (CVE-2025-15655). Confidential information can be exposed externally.
|
| CVE-2025-14774 |
|
Incorrect Authorization vulnerability in ABB T-MAC Plus.
This issue affects T-MAC Plus: 4.0-24.
Incorrect Authorization vulnerability in ABB T-MAC Plus.
This issue affects T-MAC Plus: 4.0-24.
|
| CVE-2026-47065 |
|
Unsafe Deserialization in apache (CVE-2026-47065)
vulnerability in apache (CVE-2026-47065). Successful exploitation can lead to full system takeover.
|
| CVE-2025-14773 |
|
Cross-Site Scripting (XSS) in abb (CVE-2025-14773)
cross-site scripting in abb (CVE-2025-14773). Successful exploitation can lead to full system takeover.
|
| CVE-2025-14771 |
|
Vulnerability in abb (CVE-2025-14771)
vulnerability in abb (CVE-2025-14771). Successful exploitation can lead to full system takeover.
|