Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-24162 |
|
Unsafe Deserialization in deserialization (CVE-2026-24162)
vulnerability in deserialization (CVE-2026-24162). Successful exploitation can lead to full system takeover.
|
| CVE-2025-36220 |
|
SQL Injection in sqli (CVE-2025-36220)
SQL injection in sqli (CVE-2025-36220). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36148 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-36148)
cross-site scripting in ibm (CVE-2025-36148). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36126 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-36126)
cross-site scripting in ibm (CVE-2025-36126). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-14290 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-14290)
SSRF in ssrf (CVE-2025-14290). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36145 |
|
Vulnerability in ibm (CVE-2025-36145)
vulnerability in ibm (CVE-2025-36145). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13755 |
|
Vulnerability in ibm (CVE-2025-13755)
vulnerability in ibm (CVE-2025-13755). Confidential information can be exposed externally.
|
| CVE-2026-48692 |
|
Vulnerability in cpp (CVE-2026-48692)
vulnerability in cpp (CVE-2026-48692). Confidential information can be exposed externally.
|
| CVE-2026-48685 |
|
Vulnerability in pavel-odintsov (CVE-2026-48685)
vulnerability in pavel-odintsov (CVE-2026-48685). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48683 |
|
Out-of-Bounds Read in cpp (CVE-2026-48683)
vulnerability in cpp (CVE-2026-48683). Confidential information can be exposed externally.
|
| CVE-2026-48684 |
|
Out-of-Bounds Read in c (CVE-2026-48684)
vulnerability in c (CVE-2026-48684). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48688 |
|
Out-of-Bounds Read in cpp (CVE-2026-48688)
vulnerability in cpp (CVE-2026-48688). Confidential information can be exposed externally.
|
| CVE-2026-48687 |
|
OS Command Injection in c (CVE-2026-48687)
OS command injection in c (CVE-2026-48687). Successful exploitation can lead to full system takeover. Exploitable via ``date``.
|
| CVE-2026-48686 |
|
Vulnerability in cpp (CVE-2026-48686)
vulnerability in cpp (CVE-2026-48686). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46620 |
|
Vulnerability in csrf (CVE-2026-46620)
vulnerability in csrf (CVE-2026-46620). Data can be tampered with by attackers. Mitigation: upgrade to `2.3.5` or later.
|
| CVE-2026-43936 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-43936 (CVE-2026-43936)
SSRF in CVE-2026-43936 (CVE-2026-43936). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.4` or later.
|
| CVE-2026-43934 |
|
Vulnerability in CVE-2026-43934 (CVE-2026-43934)
vulnerability in CVE-2026-43934 (CVE-2026-43934). Data can be tampered with by attackers. Mitigation: upgrade to `2.3.4` or later.
|
| CVE-2026-43935 |
|
Vulnerability in CVE-2026-43935 (CVE-2026-43935)
vulnerability in CVE-2026-43935 (CVE-2026-43935). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `2.3.4` or later.
|
| CVE-2026-40564 |
|
Vulnerability in apache (CVE-2026-40564)
vulnerability in apache (CVE-2026-40564). Confidential information can be exposed externally.
|
| CVE-2026-25112 |
|
Vulnerability in privilege-escalation (CVE-2026-25112)
vulnerability in privilege-escalation (CVE-2026-25112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9552 |
|
Vulnerability in sqli (CVE-2026-9552)
vulnerability in sqli (CVE-2026-9552). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9551 |
|
Vulnerability in sqli (CVE-2026-9551)
vulnerability in sqli (CVE-2026-9551). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9550 |
|
Path Traversal in path-traversal (CVE-2026-9550)
path traversal in path-traversal (CVE-2026-9550). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4480 |
|
OS Command Injection in redhat (CVE-2026-4480)
OS command injection in redhat (CVE-2026-4480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46368 |
|
Command Injection in c (CVE-2026-46368)
command injection in c (CVE-2026-46368). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45247 KEV |
|
[KEV] Unsafe Deserialization in Mirasvit full-page-cache-warmer (CVE-2026-45247)
vulnerability in Mirasvit full-page-cache-warmer (CVE-2026-45247). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-42785 |
|
Code Injection in CVE-2026-42785 (CVE-2026-42785)
code injection in CVE-2026-42785 (CVE-2026-42785). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45082 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45082)
SSRF in ssrf (CVE-2026-45082). Confidential information can be exposed externally.
|
| CVE-2026-42425 |
|
SQL Injection in CVE-2026-42425 (CVE-2026-42425)
SQL injection in CVE-2026-42425 (CVE-2026-42425). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41917 |
|
Path Traversal in CVE-2026-41917 (CVE-2026-41917)
path traversal in CVE-2026-41917 (CVE-2026-41917). Confidential information can be exposed externally.
|
| CVE-2026-40034 |
|
Command Injection in gix (CVE-2026-40034)
command injection in gix (CVE-2026-40034). Successful exploitation can lead to full system takeover. Exploitable via ``update``. Mitigation: upgrade to `0.83.0` or later.
|
| CVE-2026-41401 |
|
Use-After-Free in CVE-2026-41401 (CVE-2026-41401)
vulnerability in CVE-2026-41401 (CVE-2026-41401). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40033 |
|
Vulnerability in freerdp (CVE-2026-40033)
vulnerability in freerdp (CVE-2026-40033). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9541 |
|
Buffer Overflow in cpp (CVE-2026-9541)
vulnerability in cpp (CVE-2026-9541). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9542 |
|
Vulnerability in sqli (CVE-2026-9542)
vulnerability in sqli (CVE-2026-9542). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9544 |
|
Vulnerability in sqli (CVE-2026-9544)
vulnerability in sqli (CVE-2026-9544). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9543 |
|
Command Injection in CVE-2026-9543 (CVE-2026-9543)
command injection in CVE-2026-9543 (CVE-2026-9543). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9540 |
|
Vulnerability in vllm (CVE-2026-9540)
vulnerability in vllm (CVE-2026-9540). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8174 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8174)
vulnerability in wordpress (CVE-2026-8174). Data can be tampered with by attackers.
|
| CVE-2026-8479 |
|
Vulnerability in dos (CVE-2026-8479)
vulnerability in dos (CVE-2026-8479). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7310 |
|
Vulnerability in dos (CVE-2026-7310)
vulnerability in dos (CVE-2026-7310). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7374 |
|
Vulnerability in kubevirt.io/kubevirt (CVE-2026-7374)
vulnerability in kubevirt.io/kubevirt (CVE-2026-7374). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.6` or later.
|
| CVE-2026-48135 |
|
Vulnerability in CVE-2026-48135 (CVE-2026-48135)
vulnerability in CVE-2026-48135 (CVE-2026-48135). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48136 |
|
SQL Injection in CVE-2026-48136 (CVE-2026-48136)
SQL injection in CVE-2026-48136 (CVE-2026-48136). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48134 |
|
SQL Injection in CVE-2026-48134 (CVE-2026-48134)
SQL injection in CVE-2026-48134 (CVE-2026-48134). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48132 |
|
Out-of-Bounds Read in dos (CVE-2026-48132)
vulnerability in dos (CVE-2026-48132). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48133 |
|
Vulnerability in CVE-2026-48133 (CVE-2026-48133)
vulnerability in CVE-2026-48133 (CVE-2026-48133). Confidential information can be exposed externally.
|
| CVE-2026-48131 |
|
Vulnerability in dos (CVE-2026-48131)
vulnerability in dos (CVE-2026-48131). Successful exploitation can lead to full system takeover.
|
| CVE-2025-11482 |
|
Vulnerability in CVE-2025-11482 (CVE-2025-11482)
vulnerability in CVE-2025-11482 (CVE-2025-11482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24590 |
|
Vulnerability in CVE-2026-24590 (CVE-2026-24590)
vulnerability in CVE-2026-24590 (CVE-2026-24590). Risk of unauthorized operations or information disclosure.
|