Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8975 |
|
Buffer Overflow in mozilla (CVE-2026-8975)
vulnerability in mozilla (CVE-2026-8975). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8973 |
|
Buffer Overflow in c (CVE-2026-8973)
vulnerability in c (CVE-2026-8973). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8969 |
|
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
|
| CVE-2026-8968 |
|
Vulnerability in mozilla (CVE-2026-8968)
vulnerability in mozilla (CVE-2026-8968). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8974 |
|
Buffer Overflow in mozilla (CVE-2026-8974)
vulnerability in mozilla (CVE-2026-8974). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8966 |
|
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
|
| CVE-2026-8967 |
|
Information Disclosure in mozilla (CVE-2026-8967)
vulnerability in mozilla (CVE-2026-8967). Confidential information can be exposed externally.
|
| CVE-2026-8970 |
|
Privilege Escalation in privilege-escalation (CVE-2026-8970)
vulnerability in privilege-escalation (CVE-2026-8970). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8972 |
|
Privilege Escalation in privilege-escalation (CVE-2026-8972)
vulnerability in privilege-escalation (CVE-2026-8972). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8965 |
|
Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
|
| CVE-2026-8957 |
|
Privilege Escalation in privilege-escalation (CVE-2026-8957)
vulnerability in privilege-escalation (CVE-2026-8957). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8960 |
|
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
|
| CVE-2026-8961 |
|
Vulnerability in mozilla (CVE-2026-8961)
vulnerability in mozilla (CVE-2026-8961). Data can be tampered with by attackers.
|
| CVE-2026-8963 |
|
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
|
| CVE-2026-8964 |
|
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
|
| CVE-2026-8958 |
|
Vulnerability in mozilla (CVE-2026-8958)
vulnerability in mozilla (CVE-2026-8958). Confidential information can be exposed externally.
|
| CVE-2026-8962 |
|
Vulnerability in mozilla (CVE-2026-8962)
vulnerability in mozilla (CVE-2026-8962). Confidential information can be exposed externally.
|
| CVE-2026-8959 |
|
Vulnerability in mozilla (CVE-2026-8959)
vulnerability in mozilla (CVE-2026-8959). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8948 |
|
Vulnerability in mozilla (CVE-2026-8948)
vulnerability in mozilla (CVE-2026-8948). Confidential information can be exposed externally.
|
| CVE-2026-8949 |
|
Vulnerability in mozilla (CVE-2026-8949)
vulnerability in mozilla (CVE-2026-8949). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8956 |
|
Vulnerability in mozilla (CVE-2026-8956)
vulnerability in mozilla (CVE-2026-8956). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8953 |
|
Use-After-Free in mozilla (CVE-2026-8953)
vulnerability in mozilla (CVE-2026-8953). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8952 |
|
Privilege Escalation in privilege-escalation (CVE-2026-8952)
vulnerability in privilege-escalation (CVE-2026-8952). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8955 |
|
Privilege Escalation in privilege-escalation (CVE-2026-8955)
vulnerability in privilege-escalation (CVE-2026-8955). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8951 |
|
Vulnerability in mozilla (CVE-2026-8951)
vulnerability in mozilla (CVE-2026-8951). Data can be tampered with by attackers.
|
| CVE-2026-8954 |
|
Buffer Overflow in mozilla (CVE-2026-8954)
vulnerability in mozilla (CVE-2026-8954). Confidential information can be exposed externally.
|
| CVE-2026-8946 |
|
Buffer Overflow in mozilla (CVE-2026-8946)
vulnerability in mozilla (CVE-2026-8946). Confidential information can be exposed externally.
|
| CVE-2026-8945 |
|
Vulnerability in mozilla (CVE-2026-8945)
vulnerability in mozilla (CVE-2026-8945). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8947 |
|
Use-After-Free in mozilla (CVE-2026-8947)
vulnerability in mozilla (CVE-2026-8947). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47323 |
|
Vulnerability in org.apache.camel:camel-cxf-rest (CVE-2026-47323)
vulnerability in org.apache.camel:camel-cxf-rest (CVE-2026-47323). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.18.2` or later.
|
| CVE-2026-43633 |
|
Unsafe Deserialization in deserialization (CVE-2026-43633)
vulnerability in deserialization (CVE-2026-43633). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42099 |
|
Vulnerability in sparxsystems (CVE-2026-42099)
vulnerability in sparxsystems (CVE-2026-42099). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42096 |
|
Authorization Flaw in sparxsystems (CVE-2026-42096)
vulnerability in sparxsystems (CVE-2026-42096). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23558 |
|
Vulnerability in xen (CVE-2026-23558)
vulnerability in xen (CVE-2026-23558). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40903 |
|
Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40903)
cross-site scripting in nozominetworks (CVE-2025-40903). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40904 |
|
Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40904)
cross-site scripting in nozominetworks (CVE-2025-40904). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40901 |
|
Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40901)
cross-site scripting in nozominetworks (CVE-2025-40901). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40902 |
|
Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40902)
cross-site scripting in nozominetworks (CVE-2025-40902). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40900 |
|
Vulnerability in angular (CVE-2025-40900)
vulnerability in angular (CVE-2025-40900). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-14575 |
|
Vulnerability in CVE-2025-14575 (CVE-2025-14575)
vulnerability in CVE-2025-14575 (CVE-2025-14575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8912 |
|
SQL Injection in wordpress (CVE-2026-8912)
SQL injection in wordpress (CVE-2026-8912). Confidential information can be exposed externally.
|
| CVE-2026-4883 |
|
Unrestricted File Upload in wordpress (CVE-2026-4883)
vulnerability in wordpress (CVE-2026-4883). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7504 |
|
Open Redirect in org.keycloak:keycloak-services (CVE-2026-7504)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7504). Confidential information can be exposed externally. Mitigation: upgrade to `26.6.2` or later.
|
| CVE-2026-7507 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-7507)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7507). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `26.6.2` or later.
|
| CVE-2026-7860 |
|
Vulnerability in com.vaadin:flow-plugins (CVE-2026-7860)
vulnerability in com.vaadin:flow-plugins (CVE-2026-7860). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `25.1.5` or later.
|
| CVE-2026-7571 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-7571)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7571). Confidential information can be exposed externally. Mitigation: upgrade to `26.6.2` or later.
|
| CVE-2026-45442 |
|
Vulnerability in CVE-2026-45442 (CVE-2026-45442)
vulnerability in CVE-2026-45442 (CVE-2026-45442). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-37979 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-37979)
vulnerability in org.keycloak:keycloak-services (CVE-2026-37979). Confidential information can be exposed externally. Mitigation: upgrade to `26.6.2` or later.
|
| CVE-2026-37981 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-37981)
vulnerability in org.keycloak:keycloak-services (CVE-2026-37981). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.6.2` or later.
|
| CVE-2026-37982 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-37982)
vulnerability in org.keycloak:keycloak-services (CVE-2026-37982). Confidential information can be exposed externally. Exploitable via ``ExecuteActionsActionToken``. Mitigation: upgrade to `26.6.2` or later.
|