Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-10063 Buffer Overflow in trendnet (CVE-2026-10063)
vulnerability in trendnet (CVE-2026-10063). Successful exploitation can lead to full system takeover.
CVE-2026-39292 Unrestricted File Upload in CVE-2026-39292 (CVE-2026-39292)
vulnerability in CVE-2026-39292 (CVE-2026-39292). Risk of unauthorized operations or information disclosure.
CVE-2026-48501 Authorization Flaw in github.com/cli/cli/v2 (CVE-2026-48501)
vulnerability in github.com/cli/cli/v2 (CVE-2026-48501). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `2.93.0` or later.
CVE-2026-49325 Vulnerability in CVE-2026-49325 (CVE-2026-49325)
vulnerability in CVE-2026-49325 (CVE-2026-49325). Risk of unauthorized operations or information disclosure.
CVE-2026-49316 Vulnerability in CVE-2026-49316 (CVE-2026-49316)
vulnerability in CVE-2026-49316 (CVE-2026-49316). Risk of unauthorized operations or information disclosure.
CVE-2026-49317 Vulnerability in CVE-2026-49317 (CVE-2026-49317)
vulnerability in CVE-2026-49317 (CVE-2026-49317). Risk of unauthorized operations or information disclosure.
CVE-2026-49318 Vulnerability in CVE-2026-49318 (CVE-2026-49318)
vulnerability in CVE-2026-49318 (CVE-2026-49318). Risk of unauthorized operations or information disclosure.
CVE-2026-47694 Cross-Site Scripting (XSS) in WWBN/AVideo (CVE-2026-47694)
cross-site scripting in WWBN/AVideo (CVE-2026-47694). Risk of unauthorized operations or information disclosure. Exploitable via ``category_description``.
CVE-2026-46376 Vulnerability in sangoma (CVE-2026-46376)
vulnerability in sangoma (CVE-2026-46376). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.45` or later.
CVE-2026-45555 Code Injection in csharp (CVE-2026-45555)
code injection in csharp (CVE-2026-45555). Successful exploitation can lead to full system takeover. Exploitable via ``get_diagnostics``. Mitigation: upgrade to `1.17.0` or later.
CVE-2026-45615 Vulnerability in c (CVE-2026-45615)
vulnerability in c (CVE-2026-45615). Risk of unauthorized operations or information disclosure. Exploitable via ``INTEGER_decode_oer``.
CVE-2026-44698 Code Injection in CVE-2026-44698 (CVE-2026-44698)
code injection in CVE-2026-44698 (CVE-2026-44698). Successful exploitation can lead to full system takeover. Exploitable via ``window.externalApp``. Mitigation: upgrade to `2026.4.1` or later.
CVE-2026-44239 Vulnerability in path-traversal (CVE-2026-44239)
vulnerability in path-traversal (CVE-2026-44239). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.22` or later.
CVE-2026-44237 Vulnerability in sangoma (CVE-2026-44237)
vulnerability in sangoma (CVE-2026-44237). Confidential information can be exposed externally. Mitigation: upgrade to `17.0.8` or later.
CVE-2026-44238 SQL Injection in sqli (CVE-2026-44238)
SQL injection in sqli (CVE-2026-44238). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.50` or later.
CVE-2026-10074 Vulnerability in path-traversal (CVE-2026-10074)
vulnerability in path-traversal (CVE-2026-10074). Confidential information can be exposed externally.
CVE-2026-40528 Vulnerability in c (CVE-2026-40528)
vulnerability in c (CVE-2026-40528). Risk of unauthorized operations or information disclosure.
CVE-2026-40510 Vulnerability in c (CVE-2026-40510)
vulnerability in c (CVE-2026-40510). Risk of unauthorized operations or information disclosure.
CVE-2026-10075 Vulnerability in path-traversal (CVE-2026-10075)
vulnerability in path-traversal (CVE-2026-10075). Risk of unauthorized operations or information disclosure.
CVE-2026-10072 Unrestricted File Upload in CVE-2026-10072 (CVE-2026-10072)
vulnerability in CVE-2026-10072 (CVE-2026-10072). Successful exploitation can lead to full system takeover.
CVE-2026-10060 Vulnerability in trendnet (CVE-2026-10060)
vulnerability in trendnet (CVE-2026-10060). Risk of unauthorized operations or information disclosure.
CVE-2026-10061 Vulnerability in trendnet (CVE-2026-10061)
vulnerability in trendnet (CVE-2026-10061). Risk of unauthorized operations or information disclosure.
CVE-2026-10073 Vulnerability in path-traversal (CVE-2026-10073)
vulnerability in path-traversal (CVE-2026-10073). Confidential information can be exposed externally.
CVE-2026-48527 Cross-Site Scripting (XSS) in @haxtheweb/haxcms-nodejs (CVE-2026-48527)
cross-site scripting in @haxtheweb/haxcms-nodejs (CVE-2026-48527). Confidential information can be exposed externally. Exploitable via `POST /system/api/saveNode`. Mitigation: upgrade to `26.0.1` or later.
CVE-2026-49323 Vulnerability in CVE-2026-49323 (CVE-2026-49323)
vulnerability in CVE-2026-49323 (CVE-2026-49323). Confidential information can be exposed externally.
CVE-2026-9508 Vulnerability in nginx (CVE-2026-9508)
vulnerability in nginx (CVE-2026-9508). Risk of unauthorized operations or information disclosure.
CVE-2026-8326 Vulnerability in path-traversal (CVE-2026-8326)
vulnerability in path-traversal (CVE-2026-8326). Risk of unauthorized operations or information disclosure.
CVE-2026-49324 Vulnerability in CVE-2026-49324 (CVE-2026-49324)
vulnerability in CVE-2026-49324 (CVE-2026-49324). Risk of unauthorized operations or information disclosure.
CVE-2026-45043 Privilege Escalation in privilege-escalation (CVE-2026-45043)
vulnerability in privilege-escalation (CVE-2026-45043). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /rustfs/admin/v3/import-iam`. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45551 Cross-Site Scripting (XSS) in CVE-2026-45551 (CVE-2026-45551)
cross-site scripting in CVE-2026-45551 (CVE-2026-45551). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.0.25` or later.
CVE-2026-45312 Vulnerability in CVE-2026-45312 (CVE-2026-45312)
vulnerability in CVE-2026-45312 (CVE-2026-45312). Successful exploitation can lead to full system takeover.
CVE-2026-10071 Unrestricted File Upload in CVE-2026-10071 (CVE-2026-10071)
vulnerability in CVE-2026-10071 (CVE-2026-10071). Successful exploitation can lead to full system takeover.
CVE-2025-41273 Vulnerability in waterfall-security (CVE-2025-41273)
vulnerability in waterfall-security (CVE-2025-41273). Successful exploitation can lead to full system takeover.
CVE-2025-41280 Vulnerability in path-traversal (CVE-2025-41280)
vulnerability in path-traversal (CVE-2025-41280). Successful exploitation can lead to full system takeover.
CVE-2025-41278 Out-of-Bounds Read in waterfall-security (CVE-2025-41278)
vulnerability in waterfall-security (CVE-2025-41278). Successful exploitation can lead to full system takeover.
CVE-2025-41275 OS Command Injection in waterfall-security (CVE-2025-41275)
OS command injection in waterfall-security (CVE-2025-41275). Successful exploitation can lead to full system takeover.
CVE-2025-41274 OS Command Injection in waterfall-security (CVE-2025-41274)
OS command injection in waterfall-security (CVE-2025-41274). Successful exploitation can lead to full system takeover.
CVE-2025-41277 OS Command Injection in waterfall-security (CVE-2025-41277)
OS command injection in waterfall-security (CVE-2025-41277). Successful exploitation can lead to full system takeover.
CVE-2025-41276 OS Command Injection in waterfall-security (CVE-2025-41276)
OS command injection in waterfall-security (CVE-2025-41276). Successful exploitation can lead to full system takeover.
CVE-2025-41281 OS Command Injection in waterfall-security (CVE-2025-41281)
OS command injection in waterfall-security (CVE-2025-41281). Successful exploitation can lead to full system takeover.
CVE-2025-41279 OS Command Injection in waterfall-security (CVE-2025-41279)
OS command injection in waterfall-security (CVE-2025-41279). Successful exploitation can lead to full system takeover.
CVE-2025-41269 OS Command Injection in waterfall-security (CVE-2025-41269)
OS command injection in waterfall-security (CVE-2025-41269). Successful exploitation can lead to full system takeover.
CVE-2025-41266 OS Command Injection in waterfall-security (CVE-2025-41266)
OS command injection in waterfall-security (CVE-2025-41266). Successful exploitation can lead to full system takeover.
CVE-2025-41270 OS Command Injection in waterfall-security (CVE-2025-41270)
OS command injection in waterfall-security (CVE-2025-41270). Successful exploitation can lead to full system takeover.
CVE-2025-41265 OS Command Injection in waterfall-security (CVE-2025-41265)
OS command injection in waterfall-security (CVE-2025-41265). Successful exploitation can lead to full system takeover.
CVE-2025-41267 OS Command Injection in waterfall-security (CVE-2025-41267)
OS command injection in waterfall-security (CVE-2025-41267). Successful exploitation can lead to full system takeover.
CVE-2025-41272 OS Command Injection in waterfall-security (CVE-2025-41272)
OS command injection in waterfall-security (CVE-2025-41272). Successful exploitation can lead to full system takeover.
CVE-2026-49201 Vulnerability in acer (CVE-2026-49201)
vulnerability in acer (CVE-2026-49201). Successful exploitation can lead to full system takeover.
CVE-2025-41268 Vulnerability in path-traversal (CVE-2025-41268)
vulnerability in path-traversal (CVE-2025-41268). Data can be tampered with by attackers.
CVE-2025-41271 Vulnerability in path-traversal (CVE-2025-41271)
vulnerability in path-traversal (CVE-2025-41271). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →