Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

Filtering: Group: cwe Clear

ID	Title	Severity	Tags	Detected
CVE-2026-42354	Vulnerability in sso (CVE-2026-42354) vulnerability in sso (CVE-2026-42354). Confidential information can be exposed externally. Exploitable via ``Moved``.	Critical	Cwe 290 Authentication Bypass Sso SAML +10	22 hours ago
CVE-2026-42352	SSRF (Server-Side Request Forgery) in CVE-2026-42352 (CVE-2026-42352) SSRF in CVE-2026-42352 (CVE-2026-42352). Confidential information can be exposed externally.	High	Python Cwe 918	22 hours ago
CVE-2026-42453	Command Injection in CVE-2026-42453 (CVE-2026-42453) command injection in CVE-2026-42453 (CVE-2026-42453). Risk of unauthorized operations or information disclosure.		Cwe 77	22 hours ago
CVE-2026-42345	SSRF (Server-Side Request Forgery) in CVE-2026-42345 (CVE-2026-42345) SSRF in CVE-2026-42345 (CVE-2026-42345). Confidential information can be exposed externally.	High	Cwe 918	22 hours ago
CVE-2026-42343	Vulnerability in dos (CVE-2026-42343) vulnerability in dos (CVE-2026-42343). Risk of unauthorized operations or information disclosure.		JavaScript Denial of Service Cwe 400	22 hours ago
CVE-2026-42346	SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42346) SSRF in ssrf (CVE-2026-42346). Confidential information can be exposed externally.	Medium	Server-Side Request Forgery Cwe 918	22 hours ago
CVE-2026-42344	Vulnerability in CVE-2026-42344 (CVE-2026-42344) vulnerability in CVE-2026-42344 (CVE-2026-42344). Confidential information can be exposed externally.	Medium	Cwe 367	22 hours ago
CVE-2026-42298	Code Injection in docker (CVE-2026-42298) code injection in docker (CVE-2026-42298). Successful exploitation can lead to full system takeover. Exploitable via ``GITHUB_TOKEN``. Mitigation: upgrade to `>= 0` or later.	Critical	Cwe 94 Docker GitHub Actions Remote Code Execution +12	22 hours ago
CVE-2026-42339	SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42339) SSRF in ssrf (CVE-2026-42339). Risk of unauthorized operations or information disclosure.		Server-Side Request Forgery Cwe 918	22 hours ago
CVE-2026-42302	Vulnerability in openai-sdk (CVE-2026-42302) vulnerability in openai-sdk (CVE-2026-42302). Successful exploitation can lead to full system takeover. Exploitable via ``entrypoint.sh``.	Critical	Remote Code Execution Cwe 306 OpenAI SDK Ai Ml +10	22 hours ago
CVE-2026-42307	OS Command Injection in CVE-2026-42307 (CVE-2026-42307) OS command injection in CVE-2026-42307 (CVE-2026-42307). Risk of unauthorized operations or information disclosure.	Medium	Cwe 78	22 hours ago
CVE-2026-41432	Vulnerability in CVE-2026-41432 (CVE-2026-41432) vulnerability in CVE-2026-41432 (CVE-2026-41432). Data can be tampered with by attackers.	High	Cwe 345 Cwe 863 Cwe 1188	22 hours ago
CVE-2026-41682	Vulnerability in CVE-2026-41682 (CVE-2026-41682) vulnerability in CVE-2026-41682 (CVE-2026-41682). Risk of unauthorized operations or information disclosure.		Cwe 195 Cwe 918	22 hours ago
CVE-2026-42224	Cross-Site Scripting (XSS) in CVE-2026-42224 (CVE-2026-42224) cross-site scripting in CVE-2026-42224 (CVE-2026-42224). Successful exploitation can lead to full system takeover.	High	PHP JavaScript Cwe 79	22 hours ago
CVE-2026-41520	Information Disclosure in CVE-2026-41520 (CVE-2026-41520) vulnerability in CVE-2026-41520 (CVE-2026-41520). Confidential information can be exposed externally.	High	Cwe 200 Cwe 312	22 hours ago
CVE-2026-42287	SQL Injection in sqli (CVE-2026-42287) SQL injection in sqli (CVE-2026-42287). Risk of unauthorized operations or information disclosure.		SQL Injection Cwe 89	23 hours ago
CVE-2026-42286	Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-42286) vulnerability in csrf (CVE-2026-42286). Risk of unauthorized operations or information disclosure.		Cross-Site Request Forgery Cwe 352	23 hours ago
CVE-2026-42212	Vulnerability in csharp (CVE-2026-42212) vulnerability in csharp (CVE-2026-42212). Risk of unauthorized operations or information disclosure.		C# Denial of Service Cwe 400 Cwe 611 +1	23 hours ago
CVE-2026-42213	Path Traversal in CVE-2026-42213 (CVE-2026-42213) path traversal in CVE-2026-42213 (CVE-2026-42213). Risk of unauthorized operations or information disclosure.		Cwe 22 Cwe 200 Cwe 295 Cwe 918	23 hours ago
CVE-2026-42195	Information Disclosure in CVE-2026-42195 (CVE-2026-42195) vulnerability in CVE-2026-42195 (CVE-2026-42195). Risk of unauthorized operations or information disclosure.	Low	Cwe 200 Cwe 601	23 hours ago
CVE-2026-42205	Vulnerability in rails (CVE-2026-42205) vulnerability in rails (CVE-2026-42205). Successful exploitation can lead to full system takeover.	High	Ruby Ruby on Rails Privilege Escalation Cwe 284 +1	23 hours ago
CVE-2026-42193	Vulnerability in aws (CVE-2026-42193) vulnerability in aws (CVE-2026-42193). Data can be tampered with by attackers.	Critical	Cwe 347 AWS Webhook Signature Verification +13	23 hours ago
CVE-2026-42192	Cross-Site Scripting (XSS) in react (CVE-2026-42192) cross-site scripting in react (CVE-2026-42192). Risk of unauthorized operations or information disclosure.	Medium	React Cross-Site Scripting Cwe 79	23 hours ago
CVE-2026-42199	Vulnerability in CVE-2026-42199 (CVE-2026-42199) vulnerability in CVE-2026-42199 (CVE-2026-42199). Risk of unauthorized operations or information disclosure.	Medium	Rust Cwe 190	23 hours ago
CVE-2026-42202	Vulnerability in CVE-2026-42202 (CVE-2026-42202) vulnerability in CVE-2026-42202 (CVE-2026-42202). Data can be tampered with by attackers.	Medium	Cwe 285	23 hours ago
CVE-2026-41517	Unrestricted File Upload in CVE-2026-41517 (CVE-2026-41517) vulnerability in CVE-2026-41517 (CVE-2026-41517). Risk of unauthorized operations or information disclosure.		PHP Cwe 434	23 hours ago
CVE-2026-41486	Code Injection in CVE-2026-41486 (CVE-2026-41486) code injection in CVE-2026-41486 (CVE-2026-41486). Risk of unauthorized operations or information disclosure.		Cwe 94 Cwe 502	23 hours ago
CVE-2026-7807	Path Traversal in CVE-2026-7807 (CVE-2026-7807) path traversal in CVE-2026-7807 (CVE-2026-7807). Successful exploitation can lead to full system takeover.	High	Cwe 22	1 day ago
CVE-2026-42189	Vulnerability in CVE-2026-42189 (CVE-2026-42189) vulnerability in CVE-2026-42189 (CVE-2026-42189). Risk of unauthorized operations or information disclosure.	High	Rust Cwe 770 Cwe 789	1 day ago
CVE-2026-42185	Privilege Escalation in CVE-2026-42185 (CVE-2026-42185) vulnerability in CVE-2026-42185 (CVE-2026-42185). Data can be tampered with by attackers.	Medium	Cwe 269	1 day ago
CVE-2026-42180	SSRF (Server-Side Request Forgery) in CVE-2026-42180 (CVE-2026-42180) SSRF in CVE-2026-42180 (CVE-2026-42180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v3/post.`.	Medium	Cwe 918	1 day ago
CVE-2026-42282	Vulnerability in CVE-2026-42282 (CVE-2026-42282) vulnerability in CVE-2026-42282 (CVE-2026-42282). Risk of unauthorized operations or information disclosure.	Medium	Cwe 532	1 day ago
CVE-2026-42190	Cross-Site Request Forgery (CSRF) in react (CVE-2026-42190) vulnerability in react (CVE-2026-42190). Data can be tampered with by attackers.	Medium	React Cwe 352	1 day ago
CVE-2026-44694	Vulnerability in n8n-mcp (CVE-2026-44694) vulnerability in n8n-mcp (CVE-2026-44694). Risk of unauthorized operations or information disclosure. Exploitable via ``N8N_API_URL``. Mitigation: upgrade to `2.50.2` or later.		Cwe 367 Cwe 918	1 day ago
CVE-2026-42181	SSRF (Server-Side Request Forgery) in CVE-2026-42181 (CVE-2026-42181) SSRF in CVE-2026-42181 (CVE-2026-42181). Confidential information can be exposed externally.	Medium	Cwe 918	1 day ago
CVE-2026-41495	Vulnerability in CVE-2026-41495 (CVE-2026-41495) vulnerability in CVE-2026-41495 (CVE-2026-41495). Risk of unauthorized operations or information disclosure. Exploitable via `POST /mcp`.	Medium	Cwe 532	1 day ago
CVE-2026-42160	Vulnerability in CVE-2026-42160 (CVE-2026-42160) vulnerability in CVE-2026-42160 (CVE-2026-42160). Risk of unauthorized operations or information disclosure.		Cwe 602 Cwe 863	1 day ago
CVE-2026-42176	Vulnerability in CVE-2026-42176 (CVE-2026-42176) vulnerability in CVE-2026-42176 (CVE-2026-42176). Confidential information can be exposed externally.	Medium	Cwe 306	1 day ago
CVE-2026-41511	Vulnerability in c (CVE-2026-41511) vulnerability in c (CVE-2026-41511). Risk of unauthorized operations or information disclosure.	Medium	C C# Cwe 835	1 day ago
CVE-2026-8178	Vulnerability in Amazon aws (CVE-2026-8178) vulnerability in Amazon aws (CVE-2026-8178). Successful exploitation can lead to full system takeover.	High	Cwe 470 AWS Amazon Cloud	1 day ago
CVE-2026-29202	Vulnerability in CVE-2026-29202 (CVE-2026-29202) vulnerability in CVE-2026-29202 (CVE-2026-29202). Successful exploitation can lead to full system takeover. Exploitable via ``plugin``.	High	Cwe 20	1 day ago
CVE-2026-29201	Vulnerability in CVE-2026-29201 (CVE-2026-29201) vulnerability in CVE-2026-29201 (CVE-2026-29201). Risk of unauthorized operations or information disclosure.	Medium	Cwe 20	1 day ago
CVE-2026-42028	Path Traversal in path-traversal (CVE-2026-42028) path traversal in path-traversal (CVE-2026-42028). Risk of unauthorized operations or information disclosure.	Medium	PHP Path Traversal Cwe 22	1 day ago
CVE-2026-41889	SQL Injection in sqli (CVE-2026-41889) SQL injection in sqli (CVE-2026-41889). Risk of unauthorized operations or information disclosure.		SQL Injection Cwe 89	1 day ago
CVE-2026-42030	Vulnerability in CVE-2026-42030 (CVE-2026-42030) vulnerability in CVE-2026-42030 (CVE-2026-42030). Risk of unauthorized operations or information disclosure.	Medium	JavaScript Cross-Site Scripting Cwe 80	1 day ago
CVE-2026-38360	Path Traversal in path-traversal (CVE-2026-38360) path traversal in path-traversal (CVE-2026-38360). Successful exploitation can lead to full system takeover.	Critical	Path Traversal Cwe 22 Python PyPI +11	1 day ago
CVE-2026-41887	Path Traversal in CVE-2026-41887 (CVE-2026-41887) path traversal in CVE-2026-41887 (CVE-2026-41887). Confidential information can be exposed externally.	Medium	PHP Cwe 22 Cwe 918	1 day ago
CVE-2026-44499	Vulnerability in zebrad (CVE-2026-44499) vulnerability in zebrad (CVE-2026-44499). Risk of unauthorized operations or information disclosure. Exploitable via ``inv``. Mitigation: upgrade to `4.4.0` or later.		Rust Cwe 770	1 day ago
CVE-2026-42794	Cross-Site Scripting (XSS) in CVE-2026-42794 (CVE-2026-42794) cross-site scripting in CVE-2026-42794 (CVE-2026-42794). Risk of unauthorized operations or information disclosure.		JavaScript Cross-Site Scripting Cwe 79	1 day ago
CVE-2026-41886	Cross-Site Scripting (XSS) in CVE-2026-41886 (CVE-2026-41886) cross-site scripting in CVE-2026-41886 (CVE-2026-41886). Data can be tampered with by attackers.	High	JavaScript Cwe 79 Cwe 346	1 day ago

Vulnerabilities

🍪 About cookies