Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-2586 Code Injection in org.glassfish.main.admingui:console-common (CVE-2026-2586)
code injection in org.glassfish.main.admingui:console-common (CVE-2026-2586). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.0.2` or later.
CVE-2025-70950 Path Traversal in github.com/itang/gohttp (CVE-2025-70950)
path traversal in github.com/itang/gohttp (CVE-2025-70950). Risk of unauthorized operations or information disclosure.
CVE-2026-45570 Vulnerability in github.com/go-git/go-git/v5 (CVE-2026-45570)
vulnerability in github.com/go-git/go-git/v5 (CVE-2026-45570). Successful exploitation can lead to full system takeover. Exploitable via ``sq_quote_buf``. Mitigation: upgrade to `5.19.1` or later.
CVE-2026-46511 Vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46511)
vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46511). Risk of unauthorized operations or information disclosure. Exploitable via ``jwt``. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-46396 Cross-Site Scripting (XSS) in @haxtheweb/haxcms-nodejs (CVE-2026-46396)
cross-site scripting in @haxtheweb/haxcms-nodejs (CVE-2026-46396). Risk of unauthorized operations or information disclosure. Exploitable via ``src``. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-46395 Information Disclosure in @haxtheweb/haxcms-nodejs (CVE-2026-46395)
vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46395). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-46391 Vulnerability in @haxtheweb/open-apis (CVE-2026-46391)
vulnerability in @haxtheweb/open-apis (CVE-2026-46391). Risk of unauthorized operations or information disclosure. Exploitable via ``cloudflared``. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-46496 Vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46496)
vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46496). Risk of unauthorized operations or information disclosure. Exploitable via ``source``. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-46393 SSRF (Server-Side Request Forgery) in @haxtheweb/haxcms-nodejs (CVE-2026-46393)
SSRF in @haxtheweb/haxcms-nodejs (CVE-2026-46393). Risk of unauthorized operations or information disclosure. Exploitable via `POST /createSite`. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-45721 Vulnerability in github.com/xyproto/algernon (CVE-2026-45721)
vulnerability in github.com/xyproto/algernon (CVE-2026-45721). Successful exploitation can lead to full system takeover. Exploitable via ``DirPage``. Mitigation: upgrade to `1.17.7` or later.
CVE-2026-45728 Vulnerability in github.com/xyproto/algernon (CVE-2026-45728)
vulnerability in github.com/xyproto/algernon (CVE-2026-45728). Confidential information can be exposed externally. Exploitable via ``singleFileMode``. Mitigation: upgrade to `1.17.7` or later.
CVE-2026-8975 Buffer Overflow in mozilla (CVE-2026-8975)
vulnerability in mozilla (CVE-2026-8975). Successful exploitation can lead to full system takeover.
CVE-2026-8973 Buffer Overflow in c (CVE-2026-8973)
vulnerability in c (CVE-2026-8973). Successful exploitation can lead to full system takeover.
CVE-2026-8969 Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
CVE-2026-8968 Vulnerability in mozilla (CVE-2026-8968)
vulnerability in mozilla (CVE-2026-8968). Risk of unauthorized operations or information disclosure.
CVE-2026-8974 Buffer Overflow in mozilla (CVE-2026-8974)
vulnerability in mozilla (CVE-2026-8974). Successful exploitation can lead to full system takeover.
CVE-2026-8966 Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
CVE-2026-8967 Information Disclosure in mozilla (CVE-2026-8967)
vulnerability in mozilla (CVE-2026-8967). Confidential information can be exposed externally.
CVE-2026-8970 Privilege Escalation in privilege-escalation (CVE-2026-8970)
vulnerability in privilege-escalation (CVE-2026-8970). Successful exploitation can lead to full system takeover.
CVE-2026-8972 Privilege Escalation in privilege-escalation (CVE-2026-8972)
vulnerability in privilege-escalation (CVE-2026-8972). Successful exploitation can lead to full system takeover.
CVE-2026-8965 Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
CVE-2026-8957 Privilege Escalation in privilege-escalation (CVE-2026-8957)
vulnerability in privilege-escalation (CVE-2026-8957). Successful exploitation can lead to full system takeover.
CVE-2026-8960 Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
CVE-2026-8961 Vulnerability in mozilla (CVE-2026-8961)
vulnerability in mozilla (CVE-2026-8961). Data can be tampered with by attackers.
CVE-2026-8963 Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
CVE-2026-8964 Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
CVE-2026-8958 Vulnerability in mozilla (CVE-2026-8958)
vulnerability in mozilla (CVE-2026-8958). Confidential information can be exposed externally.
CVE-2026-8962 Vulnerability in mozilla (CVE-2026-8962)
vulnerability in mozilla (CVE-2026-8962). Confidential information can be exposed externally.
CVE-2026-8959 Vulnerability in mozilla (CVE-2026-8959)
vulnerability in mozilla (CVE-2026-8959). Successful exploitation can lead to full system takeover.
CVE-2026-8948 Vulnerability in mozilla (CVE-2026-8948)
vulnerability in mozilla (CVE-2026-8948). Confidential information can be exposed externally.
CVE-2026-8949 Vulnerability in mozilla (CVE-2026-8949)
vulnerability in mozilla (CVE-2026-8949). Risk of unauthorized operations or information disclosure.
CVE-2026-8956 Vulnerability in mozilla (CVE-2026-8956)
vulnerability in mozilla (CVE-2026-8956). Successful exploitation can lead to full system takeover.
CVE-2026-8953 Use-After-Free in mozilla (CVE-2026-8953)
vulnerability in mozilla (CVE-2026-8953). Successful exploitation can lead to full system takeover.
CVE-2026-8952 Privilege Escalation in privilege-escalation (CVE-2026-8952)
vulnerability in privilege-escalation (CVE-2026-8952). Successful exploitation can lead to full system takeover.
CVE-2026-8955 Privilege Escalation in privilege-escalation (CVE-2026-8955)
vulnerability in privilege-escalation (CVE-2026-8955). Successful exploitation can lead to full system takeover.
CVE-2026-8951 Vulnerability in mozilla (CVE-2026-8951)
vulnerability in mozilla (CVE-2026-8951). Data can be tampered with by attackers.
CVE-2026-8954 Buffer Overflow in mozilla (CVE-2026-8954)
vulnerability in mozilla (CVE-2026-8954). Confidential information can be exposed externally.
CVE-2026-8946 Buffer Overflow in mozilla (CVE-2026-8946)
vulnerability in mozilla (CVE-2026-8946). Confidential information can be exposed externally.
CVE-2026-8945 Vulnerability in mozilla (CVE-2026-8945)
vulnerability in mozilla (CVE-2026-8945). Successful exploitation can lead to full system takeover.
CVE-2026-8947 Use-After-Free in mozilla (CVE-2026-8947)
vulnerability in mozilla (CVE-2026-8947). Risk of unauthorized operations or information disclosure.
CVE-2026-47323 Vulnerability in org.apache.camel:camel-cxf-rest (CVE-2026-47323)
vulnerability in org.apache.camel:camel-cxf-rest (CVE-2026-47323). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.18.2` or later.
CVE-2026-43633 Unsafe Deserialization in deserialization (CVE-2026-43633)
vulnerability in deserialization (CVE-2026-43633). Successful exploitation can lead to full system takeover.
CVE-2026-42099 Vulnerability in sparxsystems (CVE-2026-42099)
vulnerability in sparxsystems (CVE-2026-42099). Successful exploitation can lead to full system takeover.
CVE-2026-42096 Authorization Flaw in sparxsystems (CVE-2026-42096)
vulnerability in sparxsystems (CVE-2026-42096). Successful exploitation can lead to full system takeover.
CVE-2026-23558 Vulnerability in xen (CVE-2026-23558)
vulnerability in xen (CVE-2026-23558). Successful exploitation can lead to full system takeover.
CVE-2025-40903 Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40903)
cross-site scripting in nozominetworks (CVE-2025-40903). Risk of unauthorized operations or information disclosure.
CVE-2025-40904 Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40904)
cross-site scripting in nozominetworks (CVE-2025-40904). Risk of unauthorized operations or information disclosure.
CVE-2025-40901 Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40901)
cross-site scripting in nozominetworks (CVE-2025-40901). Risk of unauthorized operations or information disclosure.
CVE-2025-40902 Cross-Site Scripting (XSS) in nozominetworks (CVE-2025-40902)
cross-site scripting in nozominetworks (CVE-2025-40902). Risk of unauthorized operations or information disclosure.
CVE-2025-40900 Vulnerability in angular (CVE-2025-40900)
vulnerability in angular (CVE-2025-40900). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →