Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-52192 |
|
Vulnerability in dos (CVE-2026-52192)
vulnerability in dos (CVE-2026-52192). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58460 |
|
Path Traversal in react (CVE-2026-58460)
path traversal in react (CVE-2026-58460). Data can be tampered with by attackers.
|
| CVE-2026-38972 |
|
Vulnerability in c (CVE-2026-38972)
vulnerability in c (CVE-2026-38972). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52188 |
|
Buffer Overflow in dos (CVE-2026-52188)
vulnerability in dos (CVE-2026-52188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59101 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59101)
SSRF in ssrf (CVE-2026-59101). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/setup/test-downloader`.
|
| CVE-2026-38969 |
|
Vulnerability in CVE-2026-38969 (CVE-2026-38969)
vulnerability in CVE-2026-38969 (CVE-2026-38969). Data can be tampered with by attackers.
|
| CVE-2026-59102 |
|
Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59097 |
|
Vulnerability in CVE-2026-59097 (CVE-2026-59097)
vulnerability in CVE-2026-59097 (CVE-2026-59097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59095 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59095)
SSRF in ssrf (CVE-2026-59095). Confidential information can be exposed externally.
|
| CVE-2026-58579 |
|
Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58381 |
|
Vulnerability in dos (CVE-2026-58381)
vulnerability in dos (CVE-2026-58381). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58467 |
|
Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
|
| CVE-2025-71385 |
|
Cross-Site Scripting (XSS) in netdata (CVE-2025-71385)
cross-site scripting in netdata (CVE-2025-71385). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52187 |
|
Vulnerability in dos (CVE-2026-52187)
vulnerability in dos (CVE-2026-52187). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52830 |
|
Path Traversal in fast-mcp-telegram (CVE-2026-52830)
path traversal in fast-mcp-telegram (CVE-2026-52830). Confidential information can be exposed externally. Exploitable via ``telegram``. Mitigation: upgrade to `0.19.1` or later.
|
| CVE-2026-59800 |
|
OS Command Injection in 9router (CVE-2026-59800)
OS command injection in 9router (CVE-2026-59800). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/tunnel/tailscale-install`. Mitigation: upgrade to `0.4.44` or later.
|
| CVE-2026-7311 |
|
Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
|
| CVE-2026-58465 |
|
Vulnerability in c (CVE-2026-58465)
vulnerability in c (CVE-2026-58465). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44454 |
|
OS Command Injection in github.com/coder/coder/v2 (CVE-2026-44454)
OS command injection in github.com/coder/coder/v2 (CVE-2026-44454). Confidential information can be exposed externally. Exploitable via ``dotfiles``. Mitigation: upgrade to `2.30.2` or later.
|
| CVE-2026-8699 |
|
Cross-Site Scripting (XSS) in CVE-2026-8699 (CVE-2026-8699)
cross-site scripting in CVE-2026-8699 (CVE-2026-8699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55950 |
|
Vulnerability in dos (CVE-2026-55950)
vulnerability in dos (CVE-2026-55950). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54886 |
|
Vulnerability in dos (CVE-2026-54886)
vulnerability in dos (CVE-2026-54886). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50282 |
|
Vulnerability in craftcms/cms (CVE-2026-50282)
vulnerability in craftcms/cms (CVE-2026-50282). Risk of unauthorized operations or information disclosure. Exploitable via ``deleteAssets``. Mitigation: upgrade to `4.17.14` or later.
|
| CVE-2024-14037 |
|
Unrestricted File Upload in CVE-2024-14037 (CVE-2024-14037)
vulnerability in CVE-2024-14037 (CVE-2024-14037). Successful exploitation can lead to full system takeover.
|
| CVE-2022-50973 |
|
Unrestricted File Upload in CVE-2022-50973 (CVE-2022-50973)
vulnerability in CVE-2022-50973 (CVE-2022-50973). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13743 |
|
Vulnerability in cisa (CVE-2026-13743)
vulnerability in cisa (CVE-2026-13743). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58455 |
|
OS Command Injection in CVE-2026-58455 (CVE-2026-58455)
OS command injection in CVE-2026-58455 (CVE-2026-58455). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44941 |
|
Vulnerability in path-traversal (CVE-2026-44941)
vulnerability in path-traversal (CVE-2026-44941). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56842 |
|
Authorization Flaw in ui (CVE-2026-56842)
vulnerability in ui (CVE-2026-56842). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8079 |
|
Authorization Flaw in progress (CVE-2026-8079)
vulnerability in progress (CVE-2026-8079). Confidential information can be exposed externally.
|
| CVE-2026-55117 |
|
Path Traversal in path-traversal (CVE-2026-55117)
path traversal in path-traversal (CVE-2026-55117). Confidential information can be exposed externally.
|
| CVE-2026-55118 |
|
Vulnerability in ui (CVE-2026-55118)
vulnerability in ui (CVE-2026-55118). Data can be tampered with by attackers.
|
| CVE-2026-55119 |
|
Vulnerability in CVE-2026-55119 (CVE-2026-55119)
vulnerability in CVE-2026-55119 (CVE-2026-55119). Confidential information can be exposed externally.
|
| CVE-2026-55116 |
|
Vulnerability in CVE-2026-55116 (CVE-2026-55116)
vulnerability in CVE-2026-55116 (CVE-2026-55116). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56841 |
|
SQL Injection in sqli (CVE-2026-56841)
SQL injection in sqli (CVE-2026-56841). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9272 |
|
SQL Injection in progress (CVE-2026-9272)
SQL injection in progress (CVE-2026-9272). Confidential information can be exposed externally.
|
| CVE-2026-56004 |
|
OS Command Injection in CVE-2026-56004 (CVE-2026-56004)
OS command injection in CVE-2026-56004 (CVE-2026-56004). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55115 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55115)
SSRF in ssrf (CVE-2026-55115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55113 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55113)
SSRF in ssrf (CVE-2026-55113). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55111 |
|
Path Traversal in path-traversal (CVE-2026-55111)
path traversal in path-traversal (CVE-2026-55111). Confidential information can be exposed externally.
|
| CVE-2026-54407 |
|
Vulnerability in ui (CVE-2026-54407)
vulnerability in ui (CVE-2026-54407). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54408 |
|
Vulnerability in ui (CVE-2026-54408)
vulnerability in ui (CVE-2026-54408). Confidential information can be exposed externally.
|
| CVE-2026-55112 |
|
Vulnerability in CVE-2026-55112 (CVE-2026-55112)
vulnerability in CVE-2026-55112 (CVE-2026-55112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55114 |
|
Vulnerability in ui (CVE-2026-55114)
vulnerability in ui (CVE-2026-55114). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54409 |
|
Vulnerability in ui (CVE-2026-54409)
vulnerability in ui (CVE-2026-54409). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4767 |
|
Vulnerability in CVE-2026-4767 (CVE-2026-4767)
vulnerability in CVE-2026-4767 (CVE-2026-4767). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50748 |
|
Vulnerability in CVE-2026-50748 (CVE-2026-50748)
vulnerability in CVE-2026-50748 (CVE-2026-50748). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54405 |
|
Vulnerability in dos (CVE-2026-54405)
vulnerability in dos (CVE-2026-54405). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54402 |
|
Vulnerability in CVE-2026-54402 (CVE-2026-54402)
vulnerability in CVE-2026-54402 (CVE-2026-54402). Successful exploitation can lead to full system takeover.
|