Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-47326 Vulnerability in canonical (CVE-2026-47326)
vulnerability in canonical (CVE-2026-47326). Risk of unauthorized operations or information disclosure.
CVE-2026-47136 Information Disclosure in CVE-2026-47136 (CVE-2026-47136)
vulnerability in CVE-2026-47136 (CVE-2026-47136). Risk of unauthorized operations or information disclosure. Exploitable via `GET /rustfs/console/license`. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-46685 Vulnerability in CVE-2026-46685 (CVE-2026-46685)
vulnerability in CVE-2026-46685 (CVE-2026-46685). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45044 Vulnerability in dos (CVE-2026-45044)
vulnerability in dos (CVE-2026-45044). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45040 Vulnerability in CVE-2026-45040 (CVE-2026-45040)
vulnerability in CVE-2026-45040 (CVE-2026-45040). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45039 Vulnerability in CVE-2026-45039 (CVE-2026-45039)
vulnerability in CVE-2026-45039 (CVE-2026-45039). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45041 Vulnerability in CVE-2026-45041 (CVE-2026-45041)
vulnerability in CVE-2026-45041 (CVE-2026-45041). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-44394 Authorization Flaw in keystone (CVE-2026-44394)
vulnerability in keystone (CVE-2026-44394). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v3/auth/tokens`. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-45042 Authorization Flaw in CVE-2026-45042 (CVE-2026-45042)
vulnerability in CVE-2026-45042 (CVE-2026-45042). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-42998 Authorization Flaw in keystone (CVE-2026-42998)
vulnerability in keystone (CVE-2026-42998). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-42999 Vulnerability in keystone (CVE-2026-42999)
vulnerability in keystone (CVE-2026-42999). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-43000 Vulnerability in keystone (CVE-2026-43000)
vulnerability in keystone (CVE-2026-43000). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-30760 Vulnerability in CVE-2026-30760 (CVE-2026-30760)
vulnerability in CVE-2026-30760 (CVE-2026-30760). Risk of unauthorized operations or information disclosure.
CVE-2026-30761 Unrestricted File Upload in CVE-2026-30761 (CVE-2026-30761)
vulnerability in CVE-2026-30761 (CVE-2026-30761). Risk of unauthorized operations or information disclosure.
CVE-2026-45323 Cross-Site Scripting (XSS) in jpettitt (CVE-2026-45323)
cross-site scripting in jpettitt (CVE-2026-45323). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.3.3` or later.
CVE-2026-45297 Vulnerability in CVE-2026-45297 (CVE-2026-45297)
vulnerability in CVE-2026-45297 (CVE-2026-45297). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.26.0` or later.
CVE-2026-45296 Vulnerability in CVE-2026-45296 (CVE-2026-45296)
vulnerability in CVE-2026-45296 (CVE-2026-45296). Confidential information can be exposed externally. Mitigation: upgrade to `1.26.0` or later.
CVE-2026-45307 Open Redirect in CVE-2026-45307 (CVE-2026-45307)
vulnerability in CVE-2026-45307 (CVE-2026-45307). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.8.20-alpha` or later.
CVE-2026-45287 Vulnerability in go.opentelemetry.io/otel/schema/v1.1 (CVE-2026-45287)
vulnerability in go.opentelemetry.io/otel/schema/v1.1 (CVE-2026-45287). Risk of unauthorized operations or information disclosure. Exploitable via ``ParseFile``. Mitigation: upgrade to `0.0.17` or later.
CVE-2026-9095 Vulnerability in CVE-2026-9095 (CVE-2026-9095)
vulnerability in CVE-2026-9095 (CVE-2026-9095). Successful exploitation can lead to full system takeover.
CVE-2026-8697 Vulnerability in tp-link (CVE-2026-8697)
vulnerability in tp-link (CVE-2026-8697). Successful exploitation can lead to full system takeover.
CVE-2026-6720 Vulnerability in github.com/projectcalico/calicoctl/v3 (CVE-2026-6720)
vulnerability in github.com/projectcalico/calicoctl/v3 (CVE-2026-6720). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.31.6` or later.
CVE-2026-47675 Vulnerability in hono (CVE-2026-47675)
vulnerability in hono (CVE-2026-47675). Risk of unauthorized operations or information disclosure. Exploitable via ``domain``. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-47676 Vulnerability in hono (CVE-2026-47676)
vulnerability in hono (CVE-2026-47676). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-47673 Vulnerability in hono (CVE-2026-47673)
vulnerability in hono (CVE-2026-47673). Risk of unauthorized operations or information disclosure. Exploitable via ``jwt``. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-45261 Code Injection in CVE-2026-45261 (CVE-2026-45261)
code injection in CVE-2026-45261 (CVE-2026-45261). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.19.7` or later.
CVE-2026-44465 OS Command Injection in zed (CVE-2026-44465)
OS command injection in zed (CVE-2026-44465). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.227.1` or later.
CVE-2026-44466 OS Command Injection in zed (CVE-2026-44466)
OS command injection in zed (CVE-2026-44466). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.229.0` or later.
CVE-2026-44463 OS Command Injection in zed (CVE-2026-44463)
OS command injection in zed (CVE-2026-44463). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.229.0` or later.
CVE-2026-44462 Vulnerability in zed (CVE-2026-44462)
vulnerability in zed (CVE-2026-44462). Confidential information can be exposed externally. Mitigation: upgrade to `0.229.0` or later.
CVE-2026-44461 OS Command Injection in zed (CVE-2026-44461)
OS command injection in zed (CVE-2026-44461). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.227.1` or later.
CVE-2026-41160 Vulnerability in CVE-2026-41160 (CVE-2026-41160)
vulnerability in CVE-2026-41160 (CVE-2026-41160). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/Note/{id}/pin`. Mitigation: upgrade to `9.3.5` or later.
CVE-2026-41184 Vulnerability in github.com/projectcalico/calico (CVE-2026-41184)
vulnerability in github.com/projectcalico/calico (CVE-2026-41184). Confidential information can be exposed externally. Mitigation: upgrade to `1.11.0-cni-plugin.0.20260417001138-cd73bc2cea0f` or later.
CVE-2026-41185 Vulnerability in github.com/projectcalico/calico (CVE-2026-41185)
vulnerability in github.com/projectcalico/calico (CVE-2026-41185). Confidential information can be exposed externally. Mitigation: upgrade to `1.11.0-cni-plugin.0.20260417001138-cd73bc2cea0f` or later.
CVE-2026-38702 Command Injection in inhandnetworks (CVE-2026-38702)
command injection in inhandnetworks (CVE-2026-38702). Successful exploitation can lead to full system takeover.
CVE-2026-38703 Command Injection in inhandnetworks (CVE-2026-38703)
command injection in inhandnetworks (CVE-2026-38703). Successful exploitation can lead to full system takeover.
CVE-2026-38704 Command Injection in inhandnetworks (CVE-2026-38704)
command injection in inhandnetworks (CVE-2026-38704). Successful exploitation can lead to full system takeover.
CVE-2026-38707 Command Injection in inhandnetworks (CVE-2026-38707)
command injection in inhandnetworks (CVE-2026-38707). Successful exploitation can lead to full system takeover.
CVE-2026-24444 Vulnerability in CVE-2026-24444 (CVE-2026-24444)
vulnerability in CVE-2026-24444 (CVE-2026-24444). Successful exploitation can lead to full system takeover.
CVE-2026-22872 Vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872)
vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.13.0` or later.
CVE-2026-30963 Vulnerability in github.com/projectcapsule/capsule (CVE-2026-30963)
vulnerability in github.com/projectcapsule/capsule (CVE-2026-30963). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.13.0` or later.
CVE-2026-6824 Cross-Site Scripting (XSS) in cisa (CVE-2026-6824)
cross-site scripting in cisa (CVE-2026-6824). Successful exploitation can lead to full system takeover.
CVE-2026-7786 Vulnerability in cisa (CVE-2026-7786)
vulnerability in cisa (CVE-2026-7786). Successful exploitation can lead to full system takeover.
CVE-2026-9037 Vulnerability in cisa (CVE-2026-9037)
vulnerability in cisa (CVE-2026-9037). Risk of unauthorized operations or information disclosure.
CVE-2026-48523 Vulnerability in pyjwt (CVE-2026-48523)
vulnerability in pyjwt (CVE-2026-48523). Risk of unauthorized operations or information disclosure. Exploitable via ``PyJWK``. Mitigation: upgrade to `2.12.1` or later.
CVE-2026-48524 Vulnerability in pyjwt (CVE-2026-48524)
vulnerability in pyjwt (CVE-2026-48524). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48735 Vulnerability in pypdf (CVE-2026-48735)
vulnerability in pypdf (CVE-2026-48735). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.1` or later.
CVE-2026-48525 Vulnerability in pyjwt (CVE-2026-48525)
vulnerability in pyjwt (CVE-2026-48525). Risk of unauthorized operations or information disclosure. Exploitable via `POST /verify`. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48522 Vulnerability in pyjwt (CVE-2026-48522)
vulnerability in pyjwt (CVE-2026-48522). Risk of unauthorized operations or information disclosure. Exploitable via ``uri``. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48526 Authentication Bypass in pyjwt (CVE-2026-48526)
authentication bypass in pyjwt (CVE-2026-48526). Confidential information can be exposed externally. Mitigation: upgrade to `2.13.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →