Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-0245 |
|
Information Disclosure in CVE-2026-0245 (CVE-2026-0245)
vulnerability in CVE-2026-0245 (CVE-2026-0245). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0247 |
|
Vulnerability in CVE-2026-0247 (CVE-2026-0247)
vulnerability in CVE-2026-0247 (CVE-2026-0247). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0239 |
|
Vulnerability in paloaltonetworks (CVE-2026-0239)
vulnerability in paloaltonetworks (CVE-2026-0239). Confidential information can be exposed externally.
|
| CVE-2026-0240 |
|
Vulnerability in paloaltonetworks (CVE-2026-0240)
vulnerability in paloaltonetworks (CVE-2026-0240). Confidential information can be exposed externally.
|
| CVE-2026-0236 |
|
Code Injection in paloaltonetworks (CVE-2026-0236)
code injection in paloaltonetworks (CVE-2026-0236). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0241 |
|
Vulnerability in paloaltonetworks (CVE-2026-0241)
vulnerability in paloaltonetworks (CVE-2026-0241). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0238 |
|
Vulnerability in paloaltonetworks (CVE-2026-0238)
vulnerability in paloaltonetworks (CVE-2026-0238). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0235 |
|
Vulnerability in CVE-2026-0235 (CVE-2026-0235)
vulnerability in CVE-2026-0235 (CVE-2026-0235). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0263 |
|
Out-of-Bounds Write in dos (CVE-2026-0263)
out-of-bounds write in dos (CVE-2026-0263). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0264 |
|
Vulnerability in dos (CVE-2026-0264)
vulnerability in dos (CVE-2026-0264). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0265 |
|
Vulnerability in CVE-2026-0265 (CVE-2026-0265)
vulnerability in CVE-2026-0265 (CVE-2026-0265). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0237 |
|
Vulnerability in CVE-2026-0237 (CVE-2026-0237)
vulnerability in CVE-2026-0237 (CVE-2026-0237). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2695 |
|
Vulnerability in CVE-2026-2695 (CVE-2026-2695)
vulnerability in CVE-2026-2695 (CVE-2026-2695). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-48519 |
|
Vulnerability in cpp (CVE-2024-48519)
vulnerability in cpp (CVE-2024-48519). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8463 |
|
Vulnerability in leont (CVE-2026-8463)
vulnerability in leont (CVE-2026-8463). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-51394 |
|
Buffer Overflow in cpp (CVE-2024-51394)
vulnerability in cpp (CVE-2024-51394). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5773 |
|
SSRF (Server-Side Request Forgery) in haxx (CVE-2026-5773)
SSRF in haxx (CVE-2026-5773). Confidential information can be exposed externally.
|
| CVE-2026-6253 |
|
Vulnerability in haxx (CVE-2026-6253)
vulnerability in haxx (CVE-2026-6253). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21015 |
|
Vulnerability in samsung (CVE-2026-21015)
vulnerability in samsung (CVE-2026-21015). Confidential information can be exposed externally.
|
| CVE-2026-45411 |
|
Vulnerability in vm2 (CVE-2026-45411)
vulnerability in vm2 (CVE-2026-45411). Successful exploitation can lead to full system takeover. Exploitable via ``return``. Mitigation: upgrade to `3.11.3` or later.
|
| CVE-2026-44005 |
|
Code Injection in vm2 (CVE-2026-44005)
code injection in vm2 (CVE-2026-44005). Data can be tampered with by attackers. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-44006 |
|
Code Injection in vm2 (CVE-2026-44006)
code injection in vm2 (CVE-2026-44006). Successful exploitation can lead to full system takeover. Exploitable via ``BaseHandler.getPrototypeOf``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-44004 |
|
Vulnerability in vm2 (CVE-2026-44004)
vulnerability in vm2 (CVE-2026-44004). Risk of unauthorized operations or information disclosure. Exploitable via ``Buffer.alloc``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-44007 |
|
Vulnerability in vm2 (CVE-2026-44007)
vulnerability in vm2 (CVE-2026-44007). Successful exploitation can lead to full system takeover. Exploitable via ``NodeVM``. Mitigation: upgrade to `3.11.1` or later.
|
| CVE-2026-43997 |
|
Code Injection in vm2 (CVE-2026-43997)
code injection in vm2 (CVE-2026-43997). Successful exploitation can lead to full system takeover. Exploitable via ``Object``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-44000 |
|
Vulnerability in vm2 (CVE-2026-44000)
vulnerability in vm2 (CVE-2026-44000). Risk of unauthorized operations or information disclosure. Exploitable via ``WeakMap``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-44003 |
|
Vulnerability in vm2 (CVE-2026-44003)
vulnerability in vm2 (CVE-2026-44003). Risk of unauthorized operations or information disclosure. Exploitable via ``catch``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-43999 |
|
Authorization Flaw in vm2 (CVE-2026-43999)
vulnerability in vm2 (CVE-2026-43999). Successful exploitation can lead to full system takeover. Exploitable via ``builtin``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-43998 |
|
Vulnerability in vm2 (CVE-2026-43998)
vulnerability in vm2 (CVE-2026-43998). Successful exploitation can lead to full system takeover. Exploitable via ``require.root``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-44002 |
|
Vulnerability in vm2 (CVE-2026-44002)
vulnerability in vm2 (CVE-2026-44002). Risk of unauthorized operations or information disclosure. Exploitable via ``CallSite``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-8495 |
|
Vulnerability in drupal/date_ical (CVE-2026-8495)
vulnerability in drupal/date_ical (CVE-2026-8495). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.15` or later.
|
| CVE-2026-8493 |
|
Cross-Site Scripting (XSS) in drupal/colorbox_inline (CVE-2026-8493)
cross-site scripting in drupal/colorbox_inline (CVE-2026-8493). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.1.1` or later.
|
| CVE-2026-8491 |
|
Vulnerability in drupal/node_view_permissions (CVE-2026-8491)
vulnerability in drupal/node_view_permissions (CVE-2026-8491). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 2.0.1` or later.
|
| CVE-2026-8367 |
|
Vulnerability in CVE-2026-8367 (CVE-2026-8367)
vulnerability in CVE-2026-8367 (CVE-2026-8367). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6282 |
|
Path Traversal in CVE-2026-6282 (CVE-2026-6282)
path traversal in CVE-2026-6282 (CVE-2026-6282). Confidential information can be exposed externally.
|
| CVE-2026-6281 |
|
OS Command Injection in CVE-2026-6281 (CVE-2026-6281)
OS command injection in CVE-2026-6281 (CVE-2026-6281). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44479 |
|
Information Disclosure in vercel (CVE-2026-44479)
vulnerability in vercel (CVE-2026-44479). Confidential information can be exposed externally. Exploitable via ``VERCEL_TOKEN``. Mitigation: upgrade to `52.0.1` or later.
|
| CVE-2026-44470 |
|
Vulnerability in privilege-escalation (CVE-2026-44470)
vulnerability in privilege-escalation (CVE-2026-44470). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.3834.0` or later.
|
| CVE-2026-44455 |
|
Vulnerability in hono (CVE-2026-44455)
vulnerability in hono (CVE-2026-44455). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.12.16` or later.
|
| CVE-2026-44456 |
|
Vulnerability in hono (CVE-2026-44456)
vulnerability in hono (CVE-2026-44456). Risk of unauthorized operations or information disclosure. Exploitable via ``maxSize``. Mitigation: upgrade to `4.12.16` or later.
|
| CVE-2026-43480 |
|
Vulnerability in linux (CVE-2026-43480)
vulnerability in linux (CVE-2026-43480). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43486 |
|
Vulnerability in linux (CVE-2026-43486)
vulnerability in linux (CVE-2026-43486). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42945 |
|
Vulnerability in nginx (CVE-2026-42945)
vulnerability in nginx (CVE-2026-42945). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.30.1` or later.
|
| CVE-2026-42937 |
|
Vulnerability in f5 (CVE-2026-42937)
vulnerability in f5 (CVE-2026-42937). Confidential information can be exposed externally.
|
| CVE-2026-42946 |
|
Vulnerability in nginx (CVE-2026-42946)
vulnerability in nginx (CVE-2026-42946). Confidential information can be exposed externally. Mitigation: upgrade to `1.30.1` or later.
|
| CVE-2026-42930 |
|
Vulnerability in f5 (CVE-2026-42930)
vulnerability in f5 (CVE-2026-42930). Confidential information can be exposed externally.
|
| CVE-2026-42919 |
|
Vulnerability in f5 (CVE-2026-42919)
vulnerability in f5 (CVE-2026-42919). Data can be tampered with by attackers.
|
| CVE-2026-42920 |
|
Vulnerability in f5 (CVE-2026-42920)
vulnerability in f5 (CVE-2026-42920). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42934 |
|
Out-of-Bounds Read in nginx (CVE-2026-42934)
vulnerability in nginx (CVE-2026-42934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.30.1` or later.
|
| CVE-2026-42924 |
|
OS Command Injection in privilege-escalation (CVE-2026-42924)
OS command injection in privilege-escalation (CVE-2026-42924). Confidential information can be exposed externally.
|