Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-40961 Open Redirect in airflow (CVE-2026-40961)
vulnerability in airflow (CVE-2026-40961). Risk of unauthorized operations or information disclosure. Exploitable via ``is_safe_url``. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-40548 Unrestricted File Upload in path-traversal (CVE-2026-40548)
vulnerability in path-traversal (CVE-2026-40548). Risk of unauthorized operations or information disclosure.
CVE-2026-40861 Vulnerability in apache-airflow (CVE-2026-40861)
vulnerability in apache-airflow (CVE-2026-40861). Confidential information can be exposed externally. Exploitable via ``airflow.cfg``. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-40549 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-40549)
vulnerability in csrf (CVE-2026-40549). Risk of unauthorized operations or information disclosure.
CVE-2026-40543 Vulnerability in CVE-2026-40543 (CVE-2026-40543)
vulnerability in CVE-2026-40543 (CVE-2026-40543). Risk of unauthorized operations or information disclosure.
CVE-2026-41014 Vulnerability in apache-airflow (CVE-2026-41014)
vulnerability in apache-airflow (CVE-2026-41014). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-40547 Path Traversal in path-traversal (CVE-2026-40547)
path traversal in path-traversal (CVE-2026-40547). Risk of unauthorized operations or information disclosure.
CVE-2026-40963 Vulnerability in airflow (CVE-2026-40963)
vulnerability in airflow (CVE-2026-40963). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-40546 SQL Injection in sqli (CVE-2026-40546)
SQL injection in sqli (CVE-2026-40546). Risk of unauthorized operations or information disclosure.
CVE-2026-40544 Cross-Site Scripting (XSS) in CVE-2026-40544 (CVE-2026-40544)
cross-site scripting in CVE-2026-40544 (CVE-2026-40544). Risk of unauthorized operations or information disclosure.
CVE-2026-40545 Cross-Site Scripting (XSS) in CVE-2026-40545 (CVE-2026-40545)
cross-site scripting in CVE-2026-40545 (CVE-2026-40545). Risk of unauthorized operations or information disclosure.
CVE-2026-10237 Vulnerability in sqli (CVE-2026-10237)
vulnerability in sqli (CVE-2026-10237). Risk of unauthorized operations or information disclosure.
CVE-2026-10242 Vulnerability in sqli (CVE-2026-10242)
vulnerability in sqli (CVE-2026-10242). Risk of unauthorized operations or information disclosure.
CVE-2026-10239 SSRF (Server-Side Request Forgery) in CVE-2026-10239 (CVE-2026-10239)
SSRF in CVE-2026-10239 (CVE-2026-10239). Risk of unauthorized operations or information disclosure.
CVE-2026-10240 SSRF (Server-Side Request Forgery) in CVE-2026-10240 (CVE-2026-10240)
SSRF in CVE-2026-10240 (CVE-2026-10240). Risk of unauthorized operations or information disclosure.
CVE-2026-10517 SSRF (Server-Side Request Forgery) in github.com/quay/claircore (CVE-2026-10517)
SSRF in github.com/quay/claircore (CVE-2026-10517). Risk of unauthorized operations or information disclosure.
CVE-2026-10241 SSRF (Server-Side Request Forgery) in CVE-2026-10241 (CVE-2026-10241)
SSRF in CVE-2026-10241 (CVE-2026-10241). Risk of unauthorized operations or information disclosure.
CVE-2026-10243 Authentication Bypass in CVE-2026-10243 (CVE-2026-10243)
authentication bypass in CVE-2026-10243 (CVE-2026-10243). Risk of unauthorized operations or information disclosure.
CVE-2026-10236 Vulnerability in CVE-2026-10236 (CVE-2026-10236)
vulnerability in CVE-2026-10236 (CVE-2026-10236). Risk of unauthorized operations or information disclosure.
CVE-2026-27788 Vulnerability in jvn (CVE-2026-27788)
vulnerability in jvn (CVE-2026-27788). Successful exploitation can lead to full system takeover.
CVE-2026-45192 Information Disclosure in apache-airflow (CVE-2026-45192)
vulnerability in apache-airflow (CVE-2026-45192). Confidential information can be exposed externally. Exploitable via ``extra``. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-10235 Vulnerability in sqli (CVE-2026-10235)
vulnerability in sqli (CVE-2026-10235). Risk of unauthorized operations or information disclosure.
CVE-2026-10234 Cross-Site Scripting (XSS) in CVE-2026-10234 (CVE-2026-10234)
cross-site scripting in CVE-2026-10234 (CVE-2026-10234). Risk of unauthorized operations or information disclosure.
CVE-2026-10233 Buffer Overflow in cpp (CVE-2026-10233)
vulnerability in cpp (CVE-2026-10233). Risk of unauthorized operations or information disclosure.
CVE-2026-10232 Buffer Overflow in cpp (CVE-2026-10232)
vulnerability in cpp (CVE-2026-10232). Risk of unauthorized operations or information disclosure.
CVE-2026-10229 Buffer Overflow in cpp (CVE-2026-10229)
vulnerability in cpp (CVE-2026-10229). Risk of unauthorized operations or information disclosure.
CVE-2026-10230 Buffer Overflow in cpp (CVE-2026-10230)
vulnerability in cpp (CVE-2026-10230). Risk of unauthorized operations or information disclosure.
CVE-2026-10231 Buffer Overflow in cpp (CVE-2026-10231)
vulnerability in cpp (CVE-2026-10231). Risk of unauthorized operations or information disclosure.
CVE-2026-10228 Cross-Site Scripting (XSS) in CVE-2026-10228 (CVE-2026-10228)
cross-site scripting in CVE-2026-10228 (CVE-2026-10228). Risk of unauthorized operations or information disclosure.
CVE-2026-10227 Vulnerability in sqli (CVE-2026-10227)
vulnerability in sqli (CVE-2026-10227). Risk of unauthorized operations or information disclosure.
CVE-2026-10225 Vulnerability in sqli (CVE-2026-10225)
vulnerability in sqli (CVE-2026-10225). Risk of unauthorized operations or information disclosure.
CVE-2026-10226 Vulnerability in sqli (CVE-2026-10226)
vulnerability in sqli (CVE-2026-10226). Risk of unauthorized operations or information disclosure.
CVE-2026-10224 Vulnerability in CVE-2026-10224 (CVE-2026-10224)
vulnerability in CVE-2026-10224 (CVE-2026-10224). Risk of unauthorized operations or information disclosure.
CVE-2026-10223 Vulnerability in CVE-2026-10223 (CVE-2026-10223)
vulnerability in CVE-2026-10223 (CVE-2026-10223). Risk of unauthorized operations or information disclosure.
CVE-2026-10222 Vulnerability in hermes-agent (CVE-2026-10222)
vulnerability in hermes-agent (CVE-2026-10222). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.18.0` or later.
CVE-2026-48209 Cross-Site Scripting (XSS) in c (CVE-2026-48209)
cross-site scripting in c (CVE-2026-48209). Data can be tampered with by attackers.
CVE-2026-48208 Vulnerability in dos (CVE-2026-48208)
vulnerability in dos (CVE-2026-48208). Risk of unauthorized operations or information disclosure.
CVE-2026-20455 Out-of-Bounds Write in mediatek (CVE-2026-20455)
out-of-bounds write in mediatek (CVE-2026-20455). Successful exploitation can lead to full system takeover.
CVE-2026-20456 Out-of-Bounds Write in dos (CVE-2026-20456)
out-of-bounds write in dos (CVE-2026-20456). Risk of unauthorized operations or information disclosure.
CVE-2026-48187 Vulnerability in otrs (CVE-2026-48187)
vulnerability in otrs (CVE-2026-48187). Risk of unauthorized operations or information disclosure.
CVE-2026-48189 Information Disclosure in otrs (CVE-2026-48189)
vulnerability in otrs (CVE-2026-48189). Confidential information can be exposed externally.
CVE-2026-20454 Vulnerability in mediatek (CVE-2026-20454)
vulnerability in mediatek (CVE-2026-20454). Successful exploitation can lead to full system takeover.
CVE-2026-48188 Vulnerability in sqli (CVE-2026-48188)
vulnerability in sqli (CVE-2026-48188). Confidential information can be exposed externally.
CVE-2026-48190 Vulnerability in otrs (CVE-2026-48190)
vulnerability in otrs (CVE-2026-48190). Risk of unauthorized operations or information disclosure.
CVE-2026-48191 Vulnerability in otrs (CVE-2026-48191)
vulnerability in otrs (CVE-2026-48191). Risk of unauthorized operations or information disclosure.
CVE-2026-10219 Command Injection in github.com/nextlevelbuilder/goclaw (CVE-2026-10219)
command injection in github.com/nextlevelbuilder/goclaw (CVE-2026-10219). Risk of unauthorized operations or information disclosure.
CVE-2026-20453 Out-of-Bounds Write in mediatek (CVE-2026-20453)
out-of-bounds write in mediatek (CVE-2026-20453). Successful exploitation can lead to full system takeover.
CVE-2026-20452 Vulnerability in mediatek (CVE-2026-20452)
vulnerability in mediatek (CVE-2026-20452). Successful exploitation can lead to full system takeover.
CVE-2026-10220 Vulnerability in CVE-2026-10220 (CVE-2026-10220)
vulnerability in CVE-2026-10220 (CVE-2026-10220). Risk of unauthorized operations or information disclosure.
CVE-2026-10221 Vulnerability in CVE-2026-10221 (CVE-2026-10221)
vulnerability in CVE-2026-10221 (CVE-2026-10221). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →