Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2025-12714 Vulnerability in wordpress (CVE-2025-12714)
vulnerability in wordpress (CVE-2025-12714). Risk of unauthorized operations or information disclosure.
CVE-2026-42965 SSRF (Server-Side Request Forgery) in redhat (CVE-2026-42965)
SSRF in redhat (CVE-2026-42965). Confidential information can be exposed externally.
CVE-2026-46579 Authentication Bypass in redhat (CVE-2026-46579)
authentication bypass in redhat (CVE-2026-46579). Confidential information can be exposed externally. Exploitable via ``insecureEdgeTerminationPolicy``.
CVE-2026-9811 Cross-Site Scripting (XSS) in mautic/core (CVE-2026-9811)
cross-site scripting in mautic/core (CVE-2026-9811). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-9809 Cross-Site Scripting (XSS) in mautic/core (CVE-2026-9809)
cross-site scripting in mautic/core (CVE-2026-9809). Data can be tampered with by attackers. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-9808 Authorization Flaw in mautic/core (CVE-2026-9808)
vulnerability in mautic/core (CVE-2026-9808). Confidential information can be exposed externally. Exploitable via ``viewown``. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-9559 Path Traversal in mautic/core (CVE-2026-9559)
path traversal in mautic/core (CVE-2026-9559). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-9557 SSRF (Server-Side Request Forgery) in mautic/core (CVE-2026-9557)
SSRF in mautic/core (CVE-2026-9557). Risk of unauthorized operations or information disclosure. Exploitable via ``MauticFocusBundle``. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-9558 Vulnerability in mautic/core (CVE-2026-9558)
vulnerability in mautic/core (CVE-2026-9558). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-49200 Vulnerability in acer (CVE-2026-49200)
vulnerability in acer (CVE-2026-49200). Successful exploitation can lead to full system takeover.
CVE-2026-6075 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6075)
vulnerability in wordpress (CVE-2026-6075). Data can be tampered with by attackers.
CVE-2026-49199 Command Injection in acer (CVE-2026-49199)
command injection in acer (CVE-2026-49199). Successful exploitation can lead to full system takeover.
CVE-2026-49197 Authentication Bypass in acer (CVE-2026-49197)
authentication bypass in acer (CVE-2026-49197). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`.
CVE-2026-49198 Vulnerability in acer (CVE-2026-49198)
vulnerability in acer (CVE-2026-49198). Confidential information can be exposed externally.
CVE-2026-10052 SSRF (Server-Side Request Forgery) in CVE-2026-10052 (CVE-2026-10052)
SSRF in CVE-2026-10052 (CVE-2026-10052). Risk of unauthorized operations or information disclosure.
CVE-2026-49195 Vulnerability in acer (CVE-2026-49195)
vulnerability in acer (CVE-2026-49195). Successful exploitation can lead to full system takeover.
CVE-2026-10039 SQL Injection in wordpress (CVE-2026-10039)
SQL injection in wordpress (CVE-2026-10039). Confidential information can be exposed externally.
CVE-2026-49196 Command Injection in acer (CVE-2026-49196)
command injection in acer (CVE-2026-49196). Successful exploitation can lead to full system takeover.
CVE-2026-10058 Cross-Site Scripting (XSS) in CVE-2026-10058 (CVE-2026-10058)
cross-site scripting in CVE-2026-10058 (CVE-2026-10058). Risk of unauthorized operations or information disclosure.
CVE-2026-10057 Cross-Site Scripting (XSS) in CVE-2026-10057 (CVE-2026-10057)
cross-site scripting in CVE-2026-10057 (CVE-2026-10057). Risk of unauthorized operations or information disclosure.
CVE-2026-4776 Mautic has SQL Injection in API Contact Filtering
Mautic has SQL Injection in API Contact Filtering
CVE-2026-9243 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9243)
cross-site scripting in wordpress (CVE-2026-9243). Risk of unauthorized operations or information disclosure.
CVE-2026-49322 Vulnerability in CVE-2026-49322 (CVE-2026-49322)
vulnerability in CVE-2026-49322 (CVE-2026-49322). Confidential information can be exposed externally.
CVE-2026-3655 Authentication Bypass in wordpress (CVE-2026-3655)
authentication bypass in wordpress (CVE-2026-3655). Successful exploitation can lead to full system takeover. Exploitable via ``lwp_ajax_register``.
CVE-2025-11262 The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
CVE-2025-14042 Cross-Site Scripting (XSS) in wordpress (CVE-2025-14042)
cross-site scripting in wordpress (CVE-2025-14042). Risk of unauthorized operations or information disclosure.
CVE-2026-6275 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6275)
cross-site scripting in wordpress (CVE-2026-6275). Risk of unauthorized operations or information disclosure.
CVE-2026-9714 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9714)
cross-site scripting in wordpress (CVE-2026-9714). Risk of unauthorized operations or information disclosure.
CVE-2026-8732 Vulnerability in wordpress (CVE-2026-8732)
vulnerability in wordpress (CVE-2026-8732). Successful exploitation can lead to full system takeover.
CVE-2026-6324 Vulnerability in CVE-2026-6324 (CVE-2026-6324)
vulnerability in CVE-2026-6324 (CVE-2026-6324). Risk of unauthorized operations or information disclosure.
CVE-2025-11993 Unsafe Deserialization in wordpress (CVE-2025-11993)
vulnerability in wordpress (CVE-2025-11993). Successful exploitation can lead to full system takeover.
CVE-2026-2128 Information Disclosure in wordpress (CVE-2026-2128)
vulnerability in wordpress (CVE-2026-2128). Risk of unauthorized operations or information disclosure. Exploitable via ``wordpress_logged_in_``.
CVE-2026-8995 Information Disclosure in wordpress (CVE-2026-8995)
vulnerability in wordpress (CVE-2026-8995). Risk of unauthorized operations or information disclosure.
CVE-2026-7430 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7430)
cross-site scripting in wordpress (CVE-2026-7430). Risk of unauthorized operations or information disclosure. Exploitable via ``WPEditor.php``.
CVE-2026-7480 Vulnerability in CVE-2026-7480 (CVE-2026-7480)
vulnerability in CVE-2026-7480 (CVE-2026-7480). Risk of unauthorized operations or information disclosure.
CVE-2026-8070 Vulnerability in CVE-2026-8070 (CVE-2026-8070)
vulnerability in CVE-2026-8070 (CVE-2026-8070). Risk of unauthorized operations or information disclosure.
CVE-2026-9967 Out-of-Bounds Write in google (CVE-2026-9967)
out-of-bounds write in google (CVE-2026-9967). Successful exploitation can lead to full system takeover.
CVE-2026-9938 Code Injection in google (CVE-2026-9938)
code injection in google (CVE-2026-9938). Successful exploitation can lead to full system takeover.
CVE-2026-9948 Use-After-Free in google (CVE-2026-9948)
vulnerability in google (CVE-2026-9948). Successful exploitation can lead to full system takeover.
CVE-2026-9934 Use-After-Free in Google chrome (CVE-2026-9934)
vulnerability in Google chrome (CVE-2026-9934). Successful exploitation can lead to full system takeover.
CVE-2026-9951 Use-After-Free in google (CVE-2026-9951)
vulnerability in google (CVE-2026-9951). Successful exploitation can lead to full system takeover.
CVE-2026-9946 Use-After-Free in google (CVE-2026-9946)
vulnerability in google (CVE-2026-9946). Successful exploitation can lead to full system takeover.
CVE-2026-9937 Use-After-Free in google (CVE-2026-9937)
vulnerability in google (CVE-2026-9937). Successful exploitation can lead to full system takeover.
CVE-2026-9952 Use-After-Free in google (CVE-2026-9952)
vulnerability in google (CVE-2026-9952). Successful exploitation can lead to full system takeover.
CVE-2026-9947 Use-After-Free in google (CVE-2026-9947)
vulnerability in google (CVE-2026-9947). Successful exploitation can lead to full system takeover.
CVE-2026-9910 Out-of-Bounds Read in google (CVE-2026-9910)
vulnerability in google (CVE-2026-9910). Successful exploitation can lead to full system takeover.
CVE-2026-9913 Out-of-Bounds Read in google (CVE-2026-9913)
vulnerability in google (CVE-2026-9913). Risk of unauthorized operations or information disclosure.
CVE-2026-9919 Out-of-Bounds Read in google (CVE-2026-9919)
vulnerability in google (CVE-2026-9919). Risk of unauthorized operations or information disclosure.
CVE-2026-9928 Out-of-Bounds Read in google (CVE-2026-9928)
vulnerability in google (CVE-2026-9928). Successful exploitation can lead to full system takeover.
CVE-2026-9908 Out-of-Bounds Read in google (CVE-2026-9908)
vulnerability in google (CVE-2026-9908). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →