Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-40780 |
|
Vulnerability in CVE-2026-40780 (CVE-2026-40780)
vulnerability in CVE-2026-40780 (CVE-2026-40780). Data can be tampered with by attackers.
|
| CVE-2026-40619 |
|
Vulnerability in CVE-2026-40619 (CVE-2026-40619)
vulnerability in CVE-2026-40619 (CVE-2026-40619). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35716 |
|
Vulnerability in vivotek (CVE-2026-35716)
vulnerability in vivotek (CVE-2026-35716). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35718 |
|
Path Traversal in path-traversal (CVE-2026-35718)
path traversal in path-traversal (CVE-2026-35718). Confidential information can be exposed externally.
|
| CVE-2026-33398 |
|
Vulnerability in CVE-2026-33398 (CVE-2026-33398)
vulnerability in CVE-2026-33398 (CVE-2026-33398). Risk of unauthorized operations or information disclosure. Exploitable via ``post``.
|
| CVE-2026-34460 |
|
Vulnerability in csrf (CVE-2026-34460)
vulnerability in csrf (CVE-2026-34460). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-30650 |
|
Vulnerability in vivotek (CVE-2026-30650)
vulnerability in vivotek (CVE-2026-30650). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30652 |
|
Vulnerability in vivotek (CVE-2026-30652)
vulnerability in vivotek (CVE-2026-30652). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30649 |
|
Vulnerability in vivotek (CVE-2026-30649)
vulnerability in vivotek (CVE-2026-30649). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10046 |
|
Out-of-Bounds Write in c (CVE-2026-10046)
out-of-bounds write in c (CVE-2026-10046). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10047 |
|
Out-of-Bounds Write in c (CVE-2026-10047)
out-of-bounds write in c (CVE-2026-10047). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7198 |
|
Vulnerability in progress (CVE-2026-7198)
vulnerability in progress (CVE-2026-7198). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7312 |
|
Vulnerability in progress (CVE-2026-7312)
vulnerability in progress (CVE-2026-7312). Confidential information can be exposed externally.
|
| CVE-2026-7313 |
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
|
| CVE-2026-7195 |
|
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
|
| CVE-2026-49782 |
|
Vulnerability in CVE-2026-49782 (CVE-2026-49782)
vulnerability in CVE-2026-49782 (CVE-2026-49782). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43965 |
|
Path Traversal in path-traversal (CVE-2026-43965)
path traversal in path-traversal (CVE-2026-43965). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42795 |
|
Vulnerability in CVE-2026-42795 (CVE-2026-42795)
vulnerability in CVE-2026-42795 (CVE-2026-42795). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39553 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-39552 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-39555 |
|
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection.
...
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection.
...
|
| CVE-2026-35717 |
|
Vulnerability in vivotek (CVE-2026-35717)
vulnerability in vivotek (CVE-2026-35717). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28116 |
|
Cross-Site Scripting (XSS) in CVE-2026-28116 (CVE-2026-28116)
cross-site scripting in CVE-2026-28116 (CVE-2026-28116). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32250 |
|
Cross-Site Scripting (XSS) in CVE-2026-32250 (CVE-2026-32250)
cross-site scripting in CVE-2026-32250 (CVE-2026-32250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27351 |
|
Vulnerability in CVE-2026-27351 (CVE-2026-27351)
vulnerability in CVE-2026-27351 (CVE-2026-27351). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32685 |
|
Path Traversal in path-traversal (CVE-2026-32685)
path traversal in path-traversal (CVE-2026-32685). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10611 |
|
Authentication Bypass in misp (CVE-2026-10611)
authentication bypass in misp (CVE-2026-10611). Successful exploitation can lead to full system takeover.
|
| CVE-2025-68886 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2025-69369 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2025-58707 |
|
Vulnerability in CVE-2025-58707 (CVE-2025-58707)
vulnerability in CVE-2025-58707 (CVE-2025-58707). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58897 |
|
Vulnerability in CVE-2025-58897 (CVE-2025-58897)
vulnerability in CVE-2025-58897 (CVE-2025-58897). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8993 |
|
Vulnerability in ssrf (CVE-2026-8993)
vulnerability in ssrf (CVE-2026-8993). Confidential information can be exposed externally.
|
| CVE-2025-58024 |
|
Vulnerability in CVE-2025-58024 (CVE-2025-58024)
vulnerability in CVE-2025-58024 (CVE-2025-58024). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58705 |
|
Vulnerability in CVE-2025-58705 (CVE-2025-58705)
vulnerability in CVE-2025-58705 (CVE-2025-58705). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53440 |
|
Vulnerability in CVE-2025-53440 (CVE-2025-53440)
vulnerability in CVE-2025-53440 (CVE-2025-53440). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42669 |
|
Vulnerability in CVE-2026-42669 (CVE-2026-42669)
vulnerability in CVE-2026-42669 (CVE-2026-42669). Data can be tampered with by attackers.
|
| CVE-2026-42670 |
|
Vulnerability in CVE-2026-42670 (CVE-2026-42670)
vulnerability in CVE-2026-42670 (CVE-2026-42670). Confidential information can be exposed externally.
|
| CVE-2026-39550 |
|
Unsafe Deserialization in deserialization (CVE-2026-39550)
vulnerability in deserialization (CVE-2026-39550). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39551 |
|
Unsafe Deserialization in deserialization (CVE-2026-39551)
vulnerability in deserialization (CVE-2026-39551). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42684 |
|
SQL Injection in sqli (CVE-2026-42684)
SQL injection in sqli (CVE-2026-42684). Confidential information can be exposed externally.
|
| CVE-2026-42685 |
|
Cross-Site Scripting (XSS) in CVE-2026-42685 (CVE-2026-42685)
cross-site scripting in CVE-2026-42685 (CVE-2026-42685). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5191 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5191)
cross-site scripting in wordpress (CVE-2026-5191). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46718 |
|
Vulnerability in org.apache.calcite:calcite-core (CVE-2026-46718)
vulnerability in org.apache.calcite:calcite-core (CVE-2026-46718). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.42.0` or later.
|
| CVE-2026-5422 |
|
Vulnerability in jupyter-server (CVE-2026-5422)
vulnerability in jupyter-server (CVE-2026-5422). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.2` or later.
|
| CVE-2026-41115 |
|
Vulnerability in kafka (CVE-2026-41115)
vulnerability in kafka (CVE-2026-41115). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34907 |
|
Cross-Site Scripting (XSS) in CVE-2026-34907 (CVE-2026-34907)
cross-site scripting in CVE-2026-34907 (CVE-2026-34907). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34906 |
|
Vulnerability in CVE-2026-34906 (CVE-2026-34906)
vulnerability in CVE-2026-34906 (CVE-2026-34906). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10549 |
|
Vulnerability in CVE-2026-10549 (CVE-2026-10549)
vulnerability in CVE-2026-10549 (CVE-2026-10549). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53345 |
|
Vulnerability in CVE-2025-53345 (CVE-2025-53345)
vulnerability in CVE-2025-53345 (CVE-2025-53345). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53346 |
|
Vulnerability in CVE-2025-53346 (CVE-2025-53346)
vulnerability in CVE-2025-53346 (CVE-2025-53346). Risk of unauthorized operations or information disclosure.
|