Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56226 |
|
Information Disclosure in CVE-2026-56226 (CVE-2026-56226)
vulnerability in CVE-2026-56226 (CVE-2026-56226). Confidential information can be exposed externally. Exploitable via `POST /rest/v1/rpc/get_orgs_v6`.
|
| CVE-2026-56284 |
|
Information Disclosure in CVE-2026-56284 (CVE-2026-56284)
vulnerability in CVE-2026-56284 (CVE-2026-56284). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53480 |
|
Path Traversal in path-traversal (CVE-2026-53480)
path traversal in path-traversal (CVE-2026-53480). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56086 |
|
Authorization Flaw in CVE-2026-56086 (CVE-2026-56086)
vulnerability in CVE-2026-56086 (CVE-2026-56086). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56293 |
|
Vulnerability in CVE-2026-56293 (CVE-2026-56293)
vulnerability in CVE-2026-56293 (CVE-2026-56293). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56298 |
|
Information Disclosure in CVE-2026-56298 (CVE-2026-56298)
vulnerability in CVE-2026-56298 (CVE-2026-56298). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56283 |
|
Cross-Site Scripting (XSS) in CVE-2026-56283 (CVE-2026-56283)
cross-site scripting in CVE-2026-56283 (CVE-2026-56283). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53482 |
|
Vulnerability in dos (CVE-2026-53482)
vulnerability in dos (CVE-2026-53482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22927 |
|
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
|
| CVE-2026-59703 |
|
Vulnerability in c (CVE-2026-59703)
vulnerability in c (CVE-2026-59703). Confidential information can be exposed externally.
|
| CVE-2026-55668 |
|
Path Traversal in CVE-2026-55668 (CVE-2026-55668)
path traversal in CVE-2026-55668 (CVE-2026-55668). Data can be tampered with by attackers.
|
| CVE-2026-55873 |
|
Authorization Flaw in CVE-2026-55873 (CVE-2026-55873)
vulnerability in CVE-2026-55873 (CVE-2026-55873). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55874 |
|
Path Traversal in CVE-2026-55874 (CVE-2026-55874)
path traversal in CVE-2026-55874 (CVE-2026-55874). Confidential information can be exposed externally.
|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-49146 |
|
Vulnerability in c (CVE-2026-49146)
vulnerability in c (CVE-2026-49146). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24700 |
|
OS Command Injection in CVE-2026-24700 (CVE-2026-24700)
OS command injection in CVE-2026-24700 (CVE-2026-24700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24699 |
|
OS Command Injection in CVE-2026-24699 (CVE-2026-24699)
OS command injection in CVE-2026-24699 (CVE-2026-24699). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24697 |
|
OS Command Injection in CVE-2026-24697 (CVE-2026-24697)
OS command injection in CVE-2026-24697 (CVE-2026-24697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24698 |
|
OS Command Injection in CVE-2026-24698 (CVE-2026-24698)
OS command injection in CVE-2026-24698 (CVE-2026-24698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15067 |
|
SQL Injection in sqli (CVE-2026-15067)
SQL injection in sqli (CVE-2026-15067). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15062 |
|
SQL Injection in sqli (CVE-2026-15062)
SQL injection in sqli (CVE-2026-15062). Confidential information can be exposed externally.
|
| CVE-2026-15036 |
|
Vulnerability in CVE-2026-15036 (CVE-2026-15036)
vulnerability in CVE-2026-15036 (CVE-2026-15036). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10699 |
|
Vulnerability in CVE-2026-10699 (CVE-2026-10699)
vulnerability in CVE-2026-10699 (CVE-2026-10699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11903 |
|
Cross-Site Scripting (XSS) in CVE-2026-11903 (CVE-2026-11903)
cross-site scripting in CVE-2026-11903 (CVE-2026-11903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-60092 |
|
Cross-Site Scripting (XSS) in CVE-2026-60092 (CVE-2026-60092)
cross-site scripting in CVE-2026-60092 (CVE-2026-60092). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
|
| CVE-2026-60125 |
|
Authorization Flaw in CVE-2026-60125 (CVE-2026-60125)
vulnerability in CVE-2026-60125 (CVE-2026-60125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60124 |
|
Vulnerability in CVE-2026-60124 (CVE-2026-60124)
vulnerability in CVE-2026-60124 (CVE-2026-60124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59257 |
|
SQL Injection in sqli (CVE-2026-59257)
SQL injection in sqli (CVE-2026-59257). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58654 |
|
Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2026-58657 |
|
Cross-Site Scripting (XSS) in CVE-2026-58657 (CVE-2026-58657)
cross-site scripting in CVE-2026-58657 (CVE-2026-58657). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.0` or later.
|
| CVE-2026-58480 |
|
Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56775 |
|
Authorization Flaw in CVE-2026-56775 (CVE-2026-56775)
vulnerability in CVE-2026-56775 (CVE-2026-56775). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56778 |
|
Authorization Flaw in CVE-2026-56778 (CVE-2026-56778)
vulnerability in CVE-2026-56778 (CVE-2026-56778). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56401 |
|
Vulnerability in dos (CVE-2026-56401)
vulnerability in dos (CVE-2026-56401). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54061 |
|
Vulnerability in CVE-2026-54061 (CVE-2026-54061)
vulnerability in CVE-2026-54061 (CVE-2026-54061). Data can be tampered with by attackers. Exploitable via ``StreamExtSnapshot``.
|
| CVE-2026-8315 |
|
Cross-Site Scripting (XSS) in CVE-2026-8315 (CVE-2026-8315)
cross-site scripting in CVE-2026-8315 (CVE-2026-8315). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8310 |
|
Cross-Site Scripting (XSS) in CVE-2026-8310 (CVE-2026-8310)
cross-site scripting in CVE-2026-8310 (CVE-2026-8310). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8307 |
|
SQL Injection in sqli (CVE-2026-8307)
SQL injection in sqli (CVE-2026-8307). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6459 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6459)
cross-site scripting in wordpress (CVE-2026-6459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6820 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6740 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6740)
cross-site scripting in wordpress (CVE-2026-6740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5356 |
|
Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
|
| CVE-2026-12002 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6742 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6742)
cross-site scripting in wordpress (CVE-2026-6742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6371 |
|
Cross-Site Scripting (XSS) in CVE-2026-6371 (CVE-2026-6371)
cross-site scripting in CVE-2026-6371 (CVE-2026-6371). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6818 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6854 |
|
SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
|
| CVE-2026-6230 |
|
SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
|
| CVE-2026-12936 |
|
SQL Injection in wordpress (CVE-2026-12936)
SQL injection in wordpress (CVE-2026-12936). Confidential information can be exposed externally.
|
| CVE-2026-41042 |
|
Vulnerability in apache (CVE-2026-41042)
vulnerability in apache (CVE-2026-41042). Confidential information can be exposed externally.
|