Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-24187 Use-After-Free in dos (CVE-2026-24187)
vulnerability in dos (CVE-2026-24187). Successful exploitation can lead to full system takeover.
CVE-2026-46624 OS Command Injection in sqli (CVE-2026-46624)
OS command injection in sqli (CVE-2026-46624). Successful exploitation can lead to full system takeover.
CVE-2026-47202 Authentication Bypass in CVE-2026-47202 (CVE-2026-47202)
authentication bypass in CVE-2026-47202 (CVE-2026-47202). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.9.0.2` or later.
CVE-2026-44730 Vulnerability in pycti (CVE-2026-44730)
vulnerability in pycti (CVE-2026-44730). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.9.7` or later.
CVE-2026-44775 Vulnerability in CVE-2026-44775 (CVE-2026-44775)
vulnerability in CVE-2026-44775 (CVE-2026-44775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.9.0` or later.
CVE-2026-44668 Vulnerability in CVE-2026-44668 (CVE-2026-44668)
vulnerability in CVE-2026-44668 (CVE-2026-44668). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.3` or later.
CVE-2026-44706 SQL Injection in sqli (CVE-2026-44706)
SQL injection in sqli (CVE-2026-44706). Confidential information can be exposed externally. Mitigation: upgrade to `4.11.2` or later.
CVE-2026-44667 Cross-Site Scripting (XSS) in CVE-2026-44667 (CVE-2026-44667)
cross-site scripting in CVE-2026-44667 (CVE-2026-44667). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.3` or later.
CVE-2026-44669 Cross-Site Scripting (XSS) in CVE-2026-44669 (CVE-2026-44669)
cross-site scripting in CVE-2026-44669 (CVE-2026-44669). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.3` or later.
CVE-2026-44707 Vulnerability in CVE-2026-44707 (CVE-2026-44707)
vulnerability in CVE-2026-44707 (CVE-2026-44707). Confidential information can be exposed externally. Mitigation: upgrade to `4.13.0` or later.
CVE-2026-42448 Path Traversal in magic-wormhole (CVE-2026-42448)
path traversal in magic-wormhole (CVE-2026-42448). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.24.0` or later.
CVE-2026-9562 Vulnerability in CVE-2026-9562 (CVE-2026-9562)
vulnerability in CVE-2026-9562 (CVE-2026-9562). Risk of unauthorized operations or information disclosure.
CVE-2026-9565 Command Injection in CVE-2026-9565 (CVE-2026-9565)
command injection in CVE-2026-9565 (CVE-2026-9565). Risk of unauthorized operations or information disclosure.
CVE-2026-9564 Cross-Site Scripting (XSS) in CVE-2026-9564 (CVE-2026-9564)
cross-site scripting in CVE-2026-9564 (CVE-2026-9564). Risk of unauthorized operations or information disclosure.
CVE-2026-48903 Cross-Site Scripting (XSS) in joomla (CVE-2026-48903)
cross-site scripting in joomla (CVE-2026-48903). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48905 Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.
Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.
CVE-2026-8850 Vulnerability in dos (CVE-2026-8850)
vulnerability in dos (CVE-2026-8850). Risk of unauthorized operations or information disclosure.
CVE-2026-48904 Vulnerability in joomla (CVE-2026-48904)
vulnerability in joomla (CVE-2026-48904). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48864 Out-of-Bounds Write in dos (CVE-2026-48864)
out-of-bounds write in dos (CVE-2026-48864). Successful exploitation can lead to full system takeover.
CVE-2026-48896 Joomla! Core - [20260511] - MFA Authentication Bypass
Joomla! Core - [20260511] - MFA Authentication Bypass
CVE-2026-48897 Joomla! Core - [20260512] - MFA Authentication Bypass
Joomla! Core - [20260512] - MFA Authentication Bypass
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
Joomla! Core - [20260513] - Privilege escalation through com_users batch task
CVE-2026-48899 Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
CVE-2026-48900 Vulnerability in joomla (CVE-2026-48900)
vulnerability in joomla (CVE-2026-48900). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48901 Vulnerability in joomla (CVE-2026-48901)
vulnerability in joomla (CVE-2026-48901). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48693 Vulnerability in cpp (CVE-2026-48693)
vulnerability in cpp (CVE-2026-48693). Data can be tampered with by attackers.
CVE-2026-48126 Path Traversal in github.com/xyproto/algernon (CVE-2026-48126)
path traversal in github.com/xyproto/algernon (CVE-2026-48126). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `1.17.8` or later.
CVE-2026-47728 Vulnerability in bugsink (CVE-2026-47728)
vulnerability in bugsink (CVE-2026-47728). Risk of unauthorized operations or information disclosure. Exploitable via ``FEATURE_MINIDUMPS``. Mitigation: upgrade to `2.2.0` or later.
CVE-2026-48697 Vulnerability in cpp (CVE-2026-48697)
vulnerability in cpp (CVE-2026-48697). Confidential information can be exposed externally.
CVE-2026-48690 Vulnerability in pavel-odintsov (CVE-2026-48690)
vulnerability in pavel-odintsov (CVE-2026-48690). Confidential information can be exposed externally.
CVE-2026-48691 Vulnerability in pavel-odintsov (CVE-2026-48691)
vulnerability in pavel-odintsov (CVE-2026-48691). Successful exploitation can lead to full system takeover.
CVE-2026-45836 Vulnerability in linux (CVE-2026-45836)
vulnerability in linux (CVE-2026-45836). Risk of unauthorized operations or information disclosure.
CVE-2026-45834 Vulnerability in linux (CVE-2026-45834)
vulnerability in linux (CVE-2026-45834). Risk of unauthorized operations or information disclosure.
CVE-2026-45835 Vulnerability in linux (CVE-2026-45835)
vulnerability in linux (CVE-2026-45835). Risk of unauthorized operations or information disclosure.
CVE-2026-44314 Authorization Flaw in traccar (CVE-2026-44314)
vulnerability in traccar (CVE-2026-44314). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.13.0` or later.
CVE-2026-43982 Path Traversal in CVE-2026-43982 (CVE-2026-43982)
path traversal in CVE-2026-43982 (CVE-2026-43982). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.17.6` or later.
CVE-2026-44729 Cross-Site Scripting (XSS) in twenty (CVE-2026-44729)
cross-site scripting in twenty (CVE-2026-44729). Confidential information can be exposed externally.
CVE-2026-44723 OS Command Injection in vowpalwabbit (CVE-2026-44723)
OS command injection in vowpalwabbit (CVE-2026-44723). Risk of unauthorized operations or information disclosure.
CVE-2026-43981 Vulnerability in c (CVE-2026-43981)
vulnerability in c (CVE-2026-43981). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.17.6` or later.
CVE-2026-40383 Joomla! Core - [20260509] - LFI in HTMLView layout parameter
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
CVE-2026-40384 Path Traversal in joomla (CVE-2026-40384)
path traversal in joomla (CVE-2026-40384). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
CVE-2026-35220 Cross-Site Request Forgery (CSRF) in joomla (CVE-2026-35220)
vulnerability in joomla (CVE-2026-35220). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.1` or later.
CVE-2026-35221 SQL Injection in joomla (CVE-2026-35221)
SQL injection in joomla (CVE-2026-35221). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-35222 Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
CVE-2026-30895 Joomla! Core - [20260504] - XSS in readmore links
Joomla! Core - [20260504] - XSS in readmore links
CVE-2026-25900 Joomla! Core - [20260501] - XSS in feed modules
Joomla! Core - [20260501] - XSS in feed modules
CVE-2026-25901 Joomla! Core - [20260502] - XSS in com_associations
Joomla! Core - [20260502] - XSS in com_associations
CVE-2026-30894 Joomla! Core - [20260503] - XSS in com_contenthistory
Joomla! Core - [20260503] - XSS in com_contenthistory
CVE-2026-2264 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-2264)
SSRF in ssrf (CVE-2026-2264). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →