Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43492 |
|
Vulnerability in dos (CVE-2026-43492)
vulnerability in dos (CVE-2026-43492). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8726 |
|
SQL Injection in georgringer/news (CVE-2026-8726)
SQL injection in georgringer/news (CVE-2026-8726). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.4` or later.
|
| CVE-2026-8827 |
|
SQL Injection in friendsoftypo3/tt-address (CVE-2026-8827)
SQL injection in friendsoftypo3/tt-address (CVE-2026-8827). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_address``. Mitigation: upgrade to `8.1.2` or later.
|
| CVE-2026-46722 |
|
XXE (XML External Entity) in tpwd/ke_search (CVE-2026-46722)
vulnerability in tpwd/ke_search (CVE-2026-46722). Risk of unauthorized operations or information disclosure. Exploitable via ``ke_search``. Mitigation: upgrade to `4.6.7` or later.
|
| CVE-2026-46725 |
|
Unsafe Deserialization in mmc/ceselector (CVE-2026-46725)
vulnerability in mmc/ceselector (CVE-2026-46725). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.3` or later.
|
| CVE-2026-8727 |
|
Unsafe Deserialization in tomasnorre/crawler (CVE-2026-8727)
vulnerability in tomasnorre/crawler (CVE-2026-8727). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.13` or later.
|
| CVE-2026-46724 |
|
Path Traversal in tpwd/ke_search (CVE-2026-46724)
path traversal in tpwd/ke_search (CVE-2026-46724). Risk of unauthorized operations or information disclosure. Exploitable via ``ke_search``. Mitigation: upgrade to `4.6.7` or later.
|
| CVE-2026-46723 |
|
Vulnerability in tpwd/ke_search (CVE-2026-46723)
vulnerability in tpwd/ke_search (CVE-2026-46723). Risk of unauthorized operations or information disclosure. Exploitable via ``ke_search``. Mitigation: upgrade to `4.6.7` or later.
|
| CVE-2026-31986 |
|
Vulnerability in apache (CVE-2026-31986)
vulnerability in apache (CVE-2026-31986). Confidential information can be exposed externally.
|
| CVE-2026-35086 |
|
Code Injection in apache (CVE-2026-35086)
code injection in apache (CVE-2026-35086). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46586 |
|
Code Injection in apache (CVE-2026-46586)
code injection in apache (CVE-2026-46586). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31910 |
|
SSRF (Server-Side Request Forgery) in apache (CVE-2026-31910)
SSRF in apache (CVE-2026-31910). Confidential information can be exposed externally.
|
| CVE-2026-45434 |
|
Authentication Bypass in apache (CVE-2026-45434)
authentication bypass in apache (CVE-2026-45434). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45187 |
|
Vulnerability in apache (CVE-2026-45187)
vulnerability in apache (CVE-2026-45187). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31387 |
|
Authentication Bypass in apache (CVE-2026-31387)
authentication bypass in apache (CVE-2026-31387). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31388 |
|
Vulnerability in apache (CVE-2026-31388)
vulnerability in apache (CVE-2026-31388). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31378 |
|
Vulnerability in apache (CVE-2026-31378)
vulnerability in apache (CVE-2026-31378). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31379 |
|
Path Traversal in apache (CVE-2026-31379)
path traversal in apache (CVE-2026-31379). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31906 |
|
Cross-Site Scripting (XSS) in apache (CVE-2026-31906)
cross-site scripting in apache (CVE-2026-31906). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31909 |
|
Information Disclosure in apache (CVE-2026-31909)
vulnerability in apache (CVE-2026-31909). Confidential information can be exposed externally.
|
| CVE-2026-31380 |
|
Vulnerability in apache (CVE-2026-31380)
vulnerability in apache (CVE-2026-31380). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29207 |
|
Vulnerability in apache (CVE-2026-29207)
vulnerability in apache (CVE-2026-29207). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2611 |
|
Vulnerability in mlflow (CVE-2026-2611)
vulnerability in mlflow (CVE-2026-2611). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.10.0` or later.
|
| CVE-2026-29226 |
|
SSRF (Server-Side Request Forgery) in apache (CVE-2026-29226)
SSRF in apache (CVE-2026-29226). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29220 |
|
Path Traversal in apache (CVE-2026-29220)
path traversal in apache (CVE-2026-29220). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44408 |
|
Information Disclosure in CVE-2026-44408 (CVE-2026-44408)
vulnerability in CVE-2026-44408 (CVE-2026-44408). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8922 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-8922)
vulnerability in org.keycloak:keycloak-services (CVE-2026-8922). Risk of unauthorized operations or information disclosure. Exploitable via ``notBefore``.
|
| CVE-2026-4885 |
|
Unrestricted File Upload in wordpress (CVE-2026-4885)
vulnerability in wordpress (CVE-2026-4885). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47316 |
|
Vulnerability in samsung (CVE-2026-47316)
vulnerability in samsung (CVE-2026-47316). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47314 |
|
Out-of-Bounds Write in samsung (CVE-2026-47314)
out-of-bounds write in samsung (CVE-2026-47314). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47315 |
|
Vulnerability in samsung (CVE-2026-47315)
vulnerability in samsung (CVE-2026-47315). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47311 |
|
Vulnerability in samsung (CVE-2026-47311)
vulnerability in samsung (CVE-2026-47311). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47310 |
|
Use-After-Free in samsung (CVE-2026-47310)
vulnerability in samsung (CVE-2026-47310). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47308 |
|
Vulnerability in samsung (CVE-2026-47308)
vulnerability in samsung (CVE-2026-47308). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32994 |
|
Vulnerability in CVE-2026-32994 (CVE-2026-32994)
vulnerability in CVE-2026-32994 (CVE-2026-32994). Confidential information can be exposed externally.
|
| CVE-2026-47307 |
|
Vulnerability in dos (CVE-2026-47307)
vulnerability in dos (CVE-2026-47307). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28751 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
|
| CVE-2026-28733 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.
|
| CVE-2026-27781 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
|
| CVE-2026-25850 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak
|
| CVE-2026-25110 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
|
| CVE-2026-25781 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.
|
| CVE-2026-27648 |
|
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
|
| CVE-2026-33514 |
|
Vulnerability in discourse (CVE-2026-33514)
vulnerability in discourse (CVE-2026-33514). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.1.4, 2026.3.1, 2026.4.1` or later.
|
| CVE-2026-33234 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-33234)
SSRF in ssrf (CVE-2026-33234). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33233 |
|
Code Injection in deserialization (CVE-2026-33233)
code injection in deserialization (CVE-2026-33233). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33232 |
|
Vulnerability in dos (CVE-2026-33232)
vulnerability in dos (CVE-2026-33232). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32323 |
|
Privilege Escalation in privilege-escalation (CVE-2026-32323)
vulnerability in privilege-escalation (CVE-2026-32323). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32312 |
|
Vulnerability in glpi-project (CVE-2026-32312)
vulnerability in glpi-project (CVE-2026-32312). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32244 |
|
Information Disclosure in discourse (CVE-2026-32244)
vulnerability in discourse (CVE-2026-32244). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.1.4, 2026.3.1, 2026.4.1` or later.
|