Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-2515 Vulnerability in wordpress (CVE-2026-2515)
vulnerability in wordpress (CVE-2026-2515). Data can be tampered with by attackers.
CVE-2026-25710 Vulnerability in CVE-2026-25710 (CVE-2026-25710)
vulnerability in CVE-2026-25710 (CVE-2026-25710). Risk of unauthorized operations or information disclosure.
CVE-2024-47091 Vulnerability in privilege-escalation (CVE-2024-47091)
vulnerability in privilege-escalation (CVE-2024-47091). Risk of unauthorized operations or information disclosure.
CVE-2026-44612 Vulnerability in jvn (CVE-2026-44612)
vulnerability in jvn (CVE-2026-44612). Successful exploitation can lead to full system takeover.
CVE-2026-32661 Vulnerability in jvn (CVE-2026-32661)
vulnerability in jvn (CVE-2026-32661). Successful exploitation can lead to full system takeover.
CVE-2026-25705 Vulnerability in github.com/rancher/rancher (CVE-2026-25705)
vulnerability in github.com/rancher/rancher (CVE-2026-25705). Successful exploitation can lead to full system takeover. Exploitable via ``compressedEndpoint``. Mitigation: upgrade to `2.11.13` or later.
CVE-2026-41050 Authorization Flaw in github.com/rancher/fleet (CVE-2026-41050)
vulnerability in github.com/rancher/fleet (CVE-2026-41050). Successful exploitation can lead to full system takeover. Exploitable via ``GitRepo``. Mitigation: upgrade to `0.11.13` or later.
CVE-2026-3004 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3004)
cross-site scripting in wordpress (CVE-2026-3004). Risk of unauthorized operations or information disclosure.
CVE-2025-14767 Cross-Site Scripting (XSS) in wordpress (CVE-2025-14767)
cross-site scripting in wordpress (CVE-2025-14767). Risk of unauthorized operations or information disclosure. Exploitable via ``wpcbm_best_seller``.
CVE-2026-6929 SQL Injection in wordpress (CVE-2026-6929)
SQL injection in wordpress (CVE-2026-6929). Confidential information can be exposed externally.
CVE-2026-2725 Authorization Flaw in google (CVE-2026-2725)
vulnerability in google (CVE-2026-2725). Data can be tampered with by attackers.
CVE-2026-21018 Out-of-Bounds Write in samsung (CVE-2026-21018)
out-of-bounds write in samsung (CVE-2026-21018). Successful exploitation can lead to full system takeover.
CVE-2026-7051 Vulnerability in wordpress (CVE-2026-7051)
vulnerability in wordpress (CVE-2026-7051). Risk of unauthorized operations or information disclosure.
CVE-2026-7635 Unsafe Deserialization in wordpress (CVE-2026-7635)
vulnerability in wordpress (CVE-2026-7635). Successful exploitation can lead to full system takeover. Exploitable via `User-Agent header`.
CVE-2026-7619 SQL Injection in wordpress (CVE-2026-7619)
SQL injection in wordpress (CVE-2026-7619). Confidential information can be exposed externally.
CVE-2026-6828 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6828)
cross-site scripting in wordpress (CVE-2026-6828). Risk of unauthorized operations or information disclosure.
CVE-2026-6962 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6962)
cross-site scripting in wordpress (CVE-2026-6962). Risk of unauthorized operations or information disclosure.
CVE-2025-9989 Cross-Site Scripting (XSS) in wordpress (CVE-2025-9989)
cross-site scripting in wordpress (CVE-2025-9989). Risk of unauthorized operations or information disclosure.
CVE-2025-9987 Information Disclosure in wordpress (CVE-2025-9987)
vulnerability in wordpress (CVE-2025-9987). Risk of unauthorized operations or information disclosure.
CVE-2025-9988 Vulnerability in wordpress (CVE-2025-9988)
vulnerability in wordpress (CVE-2025-9988). Risk of unauthorized operations or information disclosure.
CVE-2025-14755 Vulnerability in wordpress (CVE-2025-14755)
vulnerability in wordpress (CVE-2025-14755). Risk of unauthorized operations or information disclosure.
CVE-2026-8202 Vulnerability in mongodb (CVE-2026-8202)
vulnerability in mongodb (CVE-2026-8202). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2026-8336 Use-After-Free in mongodb (CVE-2026-8336)
vulnerability in mongodb (CVE-2026-8336). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.9, 8.3.2` or later.
CVE-2026-6888 SQL Injection in sqli (CVE-2026-6888)
SQL injection in sqli (CVE-2026-6888). Successful exploitation can lead to full system takeover.
CVE-2026-8201 Use-After-Free in mongodb (CVE-2026-8201)
vulnerability in mongodb (CVE-2026-8201). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2026-8053 Out-of-Bounds Write in mongodb (CVE-2026-8053)
out-of-bounds write in mongodb (CVE-2026-8053). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0.33, 6.0.28, 7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2026-8200 Vulnerability in mongodb (CVE-2026-8200)
vulnerability in mongodb (CVE-2026-8200). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2025-62624 Vulnerability in privilege-escalation (CVE-2025-62624)
vulnerability in privilege-escalation (CVE-2025-62624). Risk of unauthorized operations or information disclosure.
CVE-2025-62627 Vulnerability in CVE-2025-62627 (CVE-2025-62627)
vulnerability in CVE-2025-62627 (CVE-2025-62627). Risk of unauthorized operations or information disclosure.
CVE-2025-62623 Buffer Overflow in privilege-escalation (CVE-2025-62623)
vulnerability in privilege-escalation (CVE-2025-62623). Risk of unauthorized operations or information disclosure.
CVE-2024-36315 Vulnerability in CVE-2024-36315 (CVE-2024-36315)
vulnerability in CVE-2024-36315 (CVE-2024-36315). Risk of unauthorized operations or information disclosure.
CVE-2026-44720 Authentication Bypass in openlearnx (CVE-2026-44720)
authentication bypass in openlearnx (CVE-2026-44720). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.4` or later.
CVE-2026-45028 Vulnerability in astro (CVE-2026-45028)
vulnerability in astro (CVE-2026-45028). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.10` or later.
CVE-2026-44697 Vulnerability in github.com/klever-io/klever-go (CVE-2026-44697)
vulnerability in github.com/klever-io/klever-go (CVE-2026-44697). Risk of unauthorized operations or information disclosure. Exploitable via ``Batch.Decompress``.
CVE-2026-44681 Open Redirect in authlib (CVE-2026-44681)
vulnerability in authlib (CVE-2026-44681). Risk of unauthorized operations or information disclosure. Exploitable via `GET /oauth/authorize`. Mitigation: upgrade to `3be08468` or later.
CVE-2026-44672 Code Injection in org.mapfish.print:print-lib (CVE-2026-44672)
code injection in org.mapfish.print:print-lib (CVE-2026-44672). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.3` or later.
CVE-2026-5371 Vulnerability in wordpress (CVE-2026-5371)
vulnerability in wordpress (CVE-2026-5371). Confidential information can be exposed externally.
CVE-2026-44547 Authentication Bypass in CVE-2026-44547 (CVE-2026-44547)
authentication bypass in CVE-2026-44547 (CVE-2026-44547). Confidential information can be exposed externally. Mitigation: upgrade to `7.3.1` or later.
CVE-2026-44341 Vulnerability in CVE-2026-44341 (CVE-2026-44341)
vulnerability in CVE-2026-44341 (CVE-2026-44341). Risk of unauthorized operations or information disclosure.
CVE-2026-44352 Vulnerability in CVE-2026-44352 (CVE-2026-44352)
vulnerability in CVE-2026-44352 (CVE-2026-44352). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.3` or later.
CVE-2026-44245 Cross-Site Scripting (XSS) in github.com/kyverno/policy-reporter-ui (CVE-2026-44245)
cross-site scripting in github.com/kyverno/policy-reporter-ui (CVE-2026-44245). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.5.2` or later.
CVE-2026-44347 Cross-Site Request Forgery (CSRF) in warpgate-project (CVE-2026-44347)
vulnerability in warpgate-project (CVE-2026-44347). Data can be tampered with by attackers. Mitigation: upgrade to `0.23.3` or later.
CVE-2026-44548 Cross-Site Request Forgery (CSRF) in CVE-2026-44548 (CVE-2026-44548)
vulnerability in CVE-2026-44548 (CVE-2026-44548). Data can be tampered with by attackers. Mitigation: upgrade to `7.3.2` or later.
CVE-2026-42289 Privilege Escalation in csrf (CVE-2026-42289)
vulnerability in csrf (CVE-2026-42289). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.3.2` or later.
CVE-2026-41901 Vulnerability in org.thymeleaf:thymeleaf (CVE-2026-41901)
vulnerability in org.thymeleaf:thymeleaf (CVE-2026-41901). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.1.5.RELEASE` or later.
CVE-2026-42288 Code Injection in CVE-2026-42288 (CVE-2026-42288)
code injection in CVE-2026-42288 (CVE-2026-42288). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.3.2` or later.
CVE-2026-43680 Code Injection in claris (CVE-2026-43680)
code injection in claris (CVE-2026-43680). Successful exploitation can lead to full system takeover.
CVE-2026-42158 Vulnerability in CVE-2026-42158 (CVE-2026-42158)
vulnerability in CVE-2026-42158 (CVE-2026-42158). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.3` or later.
CVE-2026-42157 Cross-Site Scripting (XSS) in CVE-2026-42157 (CVE-2026-42157)
cross-site scripting in CVE-2026-42157 (CVE-2026-42157). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.3` or later.
CVE-2026-43685 OS Command Injection in claris (CVE-2026-43685)
OS command injection in claris (CVE-2026-43685). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →