Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9645 |
|
OS Command Injection in CVE-2026-9645 (CVE-2026-9645)
OS command injection in CVE-2026-9645 (CVE-2026-9645). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46841 |
|
Information Disclosure in c (CVE-2026-46841)
vulnerability in c (CVE-2026-46841). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9646 |
|
A reflected cross-site scripting issue exists in URL handling.
A reflected cross-site scripting issue exists in URL handling.
|
| CVE-2026-46843 |
|
Vulnerability in c (CVE-2026-46843)
vulnerability in c (CVE-2026-46843). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49094 |
|
Vulnerability in elk (CVE-2026-49094)
vulnerability in elk (CVE-2026-49094). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16` or later.
|
| CVE-2026-49093 |
|
SSRF (Server-Side Request Forgery) in elk (CVE-2026-49093)
SSRF in elk (CVE-2026-49093). Confidential information can be exposed externally. Mitigation: upgrade to `9.3.3` or later.
|
| CVE-2026-46840 |
|
Vulnerability in c (CVE-2026-46840)
vulnerability in c (CVE-2026-46840). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46842 |
|
Vulnerability in c (CVE-2026-46842)
vulnerability in c (CVE-2026-46842). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46839 |
|
Vulnerability in c (CVE-2026-46839)
vulnerability in c (CVE-2026-46839). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46829 |
|
Vulnerability in c (CVE-2026-46829)
vulnerability in c (CVE-2026-46829). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46834 |
|
Vulnerability in c (CVE-2026-46834)
vulnerability in c (CVE-2026-46834). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46835 |
|
Vulnerability in c (CVE-2026-46835)
vulnerability in c (CVE-2026-46835). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46823 |
|
Authorization Flaw in c (CVE-2026-46823)
vulnerability in c (CVE-2026-46823). Confidential information can be exposed externally.
|
| CVE-2026-46827 |
|
Privilege Escalation in c (CVE-2026-46827)
vulnerability in c (CVE-2026-46827). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46828 |
|
Vulnerability in c (CVE-2026-46828)
vulnerability in c (CVE-2026-46828). Confidential information can be exposed externally.
|
| CVE-2026-46830 |
|
Information Disclosure in c (CVE-2026-46830)
vulnerability in c (CVE-2026-46830). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46826 |
|
Vulnerability in c (CVE-2026-46826)
vulnerability in c (CVE-2026-46826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46837 |
|
Privilege Escalation in c (CVE-2026-46837)
vulnerability in c (CVE-2026-46837). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42399 |
|
Vulnerability in elk (CVE-2026-42399)
vulnerability in elk (CVE-2026-42399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5` or later.
|
| CVE-2026-42400 |
|
Vulnerability in elk (CVE-2026-42400)
vulnerability in elk (CVE-2026-42400). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5, 9.4.2` or later.
|
| CVE-2026-46775 |
|
Vulnerability in c (CVE-2026-46775)
vulnerability in c (CVE-2026-46775). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42398 |
|
SSRF (Server-Side Request Forgery) in elk (CVE-2026-42398)
SSRF in elk (CVE-2026-42398). Confidential information can be exposed externally. Mitigation: upgrade to `9.2.8, 9.3.2` or later.
|
| CVE-2026-46817 |
|
Privilege Escalation in c (CVE-2026-46817)
vulnerability in c (CVE-2026-46817). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46820 |
|
Vulnerability in c (CVE-2026-46820)
vulnerability in c (CVE-2026-46820). Confidential information can be exposed externally.
|
| CVE-2026-46822 |
|
Vulnerability in c (CVE-2026-46822)
vulnerability in c (CVE-2026-46822). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46824 |
|
Privilege Escalation in c (CVE-2026-46824)
vulnerability in c (CVE-2026-46824). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46821 |
|
Vulnerability in c (CVE-2026-46821)
vulnerability in c (CVE-2026-46821). Confidential information can be exposed externally.
|
| CVE-2026-46818 |
|
Vulnerability in c (CVE-2026-46818)
vulnerability in c (CVE-2026-46818). Confidential information can be exposed externally.
|
| CVE-2026-46819 |
|
Vulnerability in c (CVE-2026-46819)
vulnerability in c (CVE-2026-46819). Confidential information can be exposed externally.
|
| CVE-2026-35277 |
|
Vulnerability in c (CVE-2026-35277)
vulnerability in c (CVE-2026-35277). Confidential information can be exposed externally.
|
| CVE-2026-35266 |
|
Vulnerability in c (CVE-2026-35266)
vulnerability in c (CVE-2026-35266). Confidential information can be exposed externally.
|
| CVE-2026-9038 |
|
Vulnerability in CVE-2026-9038 (CVE-2026-9038)
vulnerability in CVE-2026-9038 (CVE-2026-9038). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9039 |
|
Vulnerability in CVE-2026-9039 (CVE-2026-9039)
vulnerability in CVE-2026-9039 (CVE-2026-9039). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49130 |
|
Vulnerability in CVE-2026-49130 (CVE-2026-49130)
vulnerability in CVE-2026-49130 (CVE-2026-49130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49127 |
|
Vulnerability in CVE-2026-49127 (CVE-2026-49127)
vulnerability in CVE-2026-49127 (CVE-2026-49127). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49129 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-49129 (CVE-2026-49129)
SSRF in CVE-2026-49129 (CVE-2026-49129). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49128 |
|
Path Traversal in path-traversal (CVE-2026-49128)
path traversal in path-traversal (CVE-2026-49128). Confidential information can be exposed externally.
|
| CVE-2026-33464 |
|
Vulnerability in elk (CVE-2026-33464)
vulnerability in elk (CVE-2026-33464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.4.2` or later.
|
| CVE-2026-42401 |
|
Cross-Site Scripting (XSS) in elk (CVE-2026-42401)
cross-site scripting in elk (CVE-2026-42401). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.4.0` or later.
|
| CVE-2026-33590 |
|
Vulnerability in CVE-2026-33590 (CVE-2026-33590)
vulnerability in CVE-2026-33590 (CVE-2026-33590). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32847 |
|
Path Traversal in path-traversal (CVE-2026-32847)
path traversal in path-traversal (CVE-2026-32847). Confidential information can be exposed externally. Exploitable via `GET /{full_path`.
|
| CVE-2026-33462 |
|
Path Traversal in elk (CVE-2026-33462)
path traversal in elk (CVE-2026-33462). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5` or later.
|
| CVE-2026-46526 |
|
SSRF (Server-Side Request Forgery) in local-deep-research (CVE-2026-46526)
SSRF in local-deep-research (CVE-2026-46526). Risk of unauthorized operations or information disclosure. Exploitable via ``validate_url``. Mitigation: upgrade to `1.6.10` or later.
|
| CVE-2026-47335 |
|
Vulnerability in canonical (CVE-2026-47335)
vulnerability in canonical (CVE-2026-47335). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47337 |
|
Vulnerability in canonical (CVE-2026-47337)
vulnerability in canonical (CVE-2026-47337). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4944 |
|
Path Traversal in CVE-2026-4944 (CVE-2026-4944)
path traversal in CVE-2026-4944 (CVE-2026-4944). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47333 |
|
Out-of-Bounds Read in canonical (CVE-2026-47333)
vulnerability in canonical (CVE-2026-47333). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47332 |
|
Out-of-Bounds Read in canonical (CVE-2026-47332)
vulnerability in canonical (CVE-2026-47332). Confidential information can be exposed externally.
|
| CVE-2026-47331 |
|
Use-After-Free in canonical (CVE-2026-47331)
vulnerability in canonical (CVE-2026-47331). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47327 |
|
Vulnerability in canonical (CVE-2026-47327)
vulnerability in canonical (CVE-2026-47327). Risk of unauthorized operations or information disclosure.
|