Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-44183 Vulnerability in CVE-2026-44183 (CVE-2026-44183)
vulnerability in CVE-2026-44183 (CVE-2026-44183). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.9.10` or later.
CVE-2026-44166 Authentication Bypass in github.com/pocketbase/pocketbase (CVE-2026-44166)
authentication bypass in github.com/pocketbase/pocketbase (CVE-2026-44166). Data can be tampered with by attackers. Mitigation: upgrade to `0.37.4` or later.
CVE-2026-44196 Authentication Bypass in CVE-2026-44196 (CVE-2026-44196)
authentication bypass in CVE-2026-44196 (CVE-2026-44196). Confidential information can be exposed externally. Mitigation: upgrade to `1.16.3` or later.
CVE-2026-43929 Vulnerability in ssrfcheck (CVE-2026-43929)
vulnerability in ssrfcheck (CVE-2026-43929). Confidential information can be exposed externally. Exploitable via ``ssrfcheck``.
CVE-2026-43892 Cross-Site Scripting (XSS) in CVE-2026-43892 (CVE-2026-43892)
cross-site scripting in CVE-2026-43892 (CVE-2026-43892). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.1.16` or later.
CVE-2026-43891 Vulnerability in changedetection.io (CVE-2026-43891)
vulnerability in changedetection.io (CVE-2026-43891). Confidential information can be exposed externally. Exploitable via ``history.txt``. Mitigation: upgrade to `0.55.1` or later.
CVE-2026-42899 Vulnerability in dotnet (CVE-2026-42899)
vulnerability in dotnet (CVE-2026-42899). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.27, 9.0.16, 10.0.8` or later.
CVE-2026-42303 Vulnerability in ethyca-fides (CVE-2026-42303)
vulnerability in ethyca-fides (CVE-2026-42303). Risk of unauthorized operations or information disclosure. Exploitable via ``true``. Mitigation: upgrade to `2.83.2` or later.
CVE-2026-42300 Vulnerability in github.com/l3montree-dev/devguard (CVE-2026-42300)
vulnerability in github.com/l3montree-dev/devguard (CVE-2026-42300). Risk of unauthorized operations or information disclosure. Exploitable via ``SessionMiddleware``. Mitigation: upgrade to `1.2.2` or later.
CVE-2026-42541 Vulnerability in github.com/kubewarden/kubewarden-controller (CVE-2026-42541)
vulnerability in github.com/kubewarden/kubewarden-controller (CVE-2026-42541). Risk of unauthorized operations or information disclosure. Exploitable via ``can_i``. Mitigation: upgrade to `1.35.0` or later.
CVE-2026-42175 SSRF (Server-Side Request Forgery) in requests-hardened (CVE-2026-42175)
SSRF in requests-hardened (CVE-2026-42175). Confidential information can be exposed externally. Mitigation: upgrade to `1.2.1` or later.
CVE-2026-42177 Vulnerability in CVE-2026-42177 (CVE-2026-42177)
vulnerability in CVE-2026-42177 (CVE-2026-42177). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.1` or later.
CVE-2026-41612 Path Traversal in path-traversal (CVE-2026-41612)
path traversal in path-traversal (CVE-2026-41612). Confidential information can be exposed externally.
CVE-2026-42141 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42141)
SSRF in ssrf (CVE-2026-42141). Confidential information can be exposed externally. Mitigation: upgrade to `4.4.1` or later.
CVE-2026-42048 Path Traversal in langflow (CVE-2026-42048)
path traversal in langflow (CVE-2026-42048). Data can be tampered with by attackers. Exploitable via `DELETE /api/v1/knowledge_bases`. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-42045 Cross-Site Scripting (XSS) in @lobehub/lobehub (CVE-2026-42045)
cross-site scripting in @lobehub/lobehub (CVE-2026-42045). Confidential information can be exposed externally. Exploitable via ``runCommand``.
CVE-2026-41613 OS Command Injection in microsoft (CVE-2026-41613)
OS command injection in microsoft (CVE-2026-41613). Successful exploitation can lead to full system takeover.
CVE-2026-41611 Command Injection in microsoft (CVE-2026-41611)
command injection in microsoft (CVE-2026-41611). Successful exploitation can lead to full system takeover.
CVE-2026-41610 Vulnerability in microsoft (CVE-2026-41610)
vulnerability in microsoft (CVE-2026-41610). Confidential information can be exposed externally.
CVE-2026-41513 Open Redirect in CVE-2026-41513 (CVE-2026-41513)
vulnerability in CVE-2026-41513 (CVE-2026-41513). Risk of unauthorized operations or information disclosure.
CVE-2026-41109 Vulnerability in microsoft (CVE-2026-41109)
vulnerability in microsoft (CVE-2026-41109). Successful exploitation can lead to full system takeover.
CVE-2026-35433 Vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433)
vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433). Confidential information can be exposed externally. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-32177 Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32175 Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-8407 Vulnerability in devolutions (CVE-2026-8407)
vulnerability in devolutions (CVE-2026-8407). Risk of unauthorized operations or information disclosure.
CVE-2026-43993 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43993)
SSRF in ssrf (CVE-2026-43993). Confidential information can be exposed externally. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-43992 Information Disclosure in CVE-2026-43992 (CVE-2026-43992)
vulnerability in CVE-2026-43992 (CVE-2026-43992). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-5089 Vulnerability in CVE-2026-5089 (CVE-2026-5089)
vulnerability in CVE-2026-5089 (CVE-2026-5089). Risk of unauthorized operations or information disclosure.
CVE-2026-43991 OS Command Injection in CVE-2026-43991 (CVE-2026-43991)
OS command injection in CVE-2026-43991 (CVE-2026-43991). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-43990 Command Injection in c (CVE-2026-43990)
command injection in c (CVE-2026-43990). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-43989 Vulnerability in CVE-2026-43989 (CVE-2026-43989)
vulnerability in CVE-2026-43989 (CVE-2026-43989). Confidential information can be exposed externally. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-25431 Vulnerability in CVE-2026-25431 (CVE-2026-25431)
vulnerability in CVE-2026-25431 (CVE-2026-25431). Risk of unauthorized operations or information disclosure.
CVE-2026-40300 Vulnerability in zulip (CVE-2026-40300)
vulnerability in zulip (CVE-2026-40300). Confidential information can be exposed externally. Mitigation: upgrade to `12.0` or later.
CVE-2026-20914 Vulnerability in dos (CVE-2026-20914)
vulnerability in dos (CVE-2026-20914). Risk of unauthorized operations or information disclosure.
CVE-2026-20879 Out-of-Bounds Write in dos (CVE-2026-20879)
out-of-bounds write in dos (CVE-2026-20879). Risk of unauthorized operations or information disclosure.
CVE-2026-20887 Vulnerability in dos (CVE-2026-20887)
vulnerability in dos (CVE-2026-20887). Risk of unauthorized operations or information disclosure.
CVE-2026-20905 Vulnerability in dos (CVE-2026-20905)
vulnerability in dos (CVE-2026-20905). Risk of unauthorized operations or information disclosure.
CVE-2026-20794 Vulnerability in CVE-2026-20794 (CVE-2026-20794)
vulnerability in CVE-2026-20794 (CVE-2026-20794). Risk of unauthorized operations or information disclosure.
CVE-2026-20782 Vulnerability in dos (CVE-2026-20782)
vulnerability in dos (CVE-2026-20782). Risk of unauthorized operations or information disclosure.
CVE-2026-20771 Vulnerability in dos (CVE-2026-20771)
vulnerability in dos (CVE-2026-20771). Risk of unauthorized operations or information disclosure.
CVE-2026-20772 Vulnerability in CVE-2026-20772 (CVE-2026-20772)
vulnerability in CVE-2026-20772 (CVE-2026-20772). Risk of unauthorized operations or information disclosure.
CVE-2026-20754 Vulnerability in dos (CVE-2026-20754)
vulnerability in dos (CVE-2026-20754). Risk of unauthorized operations or information disclosure.
CVE-2026-20751 Out-of-Bounds Read in dos (CVE-2026-20751)
vulnerability in dos (CVE-2026-20751). Risk of unauthorized operations or information disclosure.
CVE-2026-20753 Vulnerability in CVE-2026-20753 (CVE-2026-20753)
vulnerability in CVE-2026-20753 (CVE-2026-20753). Risk of unauthorized operations or information disclosure.
CVE-2026-20718 Vulnerability in CVE-2026-20718 (CVE-2026-20718)
vulnerability in CVE-2026-20718 (CVE-2026-20718). Risk of unauthorized operations or information disclosure.
CVE-2026-20738 Vulnerability in CVE-2026-20738 (CVE-2026-20738)
vulnerability in CVE-2026-20738 (CVE-2026-20738). Risk of unauthorized operations or information disclosure.
CVE-2026-20717 Vulnerability in dos (CVE-2026-20717)
vulnerability in dos (CVE-2026-20717). Risk of unauthorized operations or information disclosure.
CVE-2025-65719 Code Injection in kubectl-mcp-server (CVE-2025-65719)
code injection in kubectl-mcp-server (CVE-2025-65719). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.2.0` or later.
CVE-2025-36515 Vulnerability in CVE-2025-36515 (CVE-2025-36515)
vulnerability in CVE-2025-36515 (CVE-2025-36515). Risk of unauthorized operations or information disclosure.
CVE-2025-35969 Vulnerability in CVE-2025-35969 (CVE-2025-35969)
vulnerability in CVE-2025-35969 (CVE-2025-35969). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →