Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-20887 |
|
Vulnerability in dos (CVE-2026-20887)
vulnerability in dos (CVE-2026-20887). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20905 |
|
Vulnerability in dos (CVE-2026-20905)
vulnerability in dos (CVE-2026-20905). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20794 |
|
Vulnerability in CVE-2026-20794 (CVE-2026-20794)
vulnerability in CVE-2026-20794 (CVE-2026-20794). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20782 |
|
Vulnerability in dos (CVE-2026-20782)
vulnerability in dos (CVE-2026-20782). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20771 |
|
Vulnerability in dos (CVE-2026-20771)
vulnerability in dos (CVE-2026-20771). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20772 |
|
Vulnerability in CVE-2026-20772 (CVE-2026-20772)
vulnerability in CVE-2026-20772 (CVE-2026-20772). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20754 |
|
Vulnerability in dos (CVE-2026-20754)
vulnerability in dos (CVE-2026-20754). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20751 |
|
Out-of-Bounds Read in dos (CVE-2026-20751)
vulnerability in dos (CVE-2026-20751). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20753 |
|
Vulnerability in CVE-2026-20753 (CVE-2026-20753)
vulnerability in CVE-2026-20753 (CVE-2026-20753). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20718 |
|
Vulnerability in CVE-2026-20718 (CVE-2026-20718)
vulnerability in CVE-2026-20718 (CVE-2026-20718). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20738 |
|
Vulnerability in CVE-2026-20738 (CVE-2026-20738)
vulnerability in CVE-2026-20738 (CVE-2026-20738). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20717 |
|
Vulnerability in dos (CVE-2026-20717)
vulnerability in dos (CVE-2026-20717). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65719 |
|
Code Injection in kubectl-mcp-server (CVE-2025-65719)
code injection in kubectl-mcp-server (CVE-2025-65719). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.2.0` or later.
|
| CVE-2025-36515 |
|
Vulnerability in CVE-2025-36515 (CVE-2025-36515)
vulnerability in CVE-2025-36515 (CVE-2025-36515). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-35969 |
|
Vulnerability in CVE-2025-35969 (CVE-2025-35969)
vulnerability in CVE-2025-35969 (CVE-2025-35969). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36510 |
|
Buffer Overflow in dos (CVE-2025-36510)
vulnerability in dos (CVE-2025-36510). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-35991 |
|
Vulnerability in CVE-2025-35991 (CVE-2025-35991)
vulnerability in CVE-2025-35991 (CVE-2025-35991). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-35990 |
|
Vulnerability in CVE-2025-35990 (CVE-2025-35990)
vulnerability in CVE-2025-35990 (CVE-2025-35990). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-27723 |
|
Use-After-Free in dos (CVE-2025-27723)
vulnerability in dos (CVE-2025-27723). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42074 |
|
Vulnerability in openclaude (CVE-2026-42074)
vulnerability in openclaude (CVE-2026-42074). Successful exploitation can lead to full system takeover. Exploitable via ``dangerouslyDisableSandbox``. Mitigation: upgrade to `0.5.1` or later.
|
| CVE-2026-43515 |
|
Vulnerability in tomcat (CVE-2026-43515)
vulnerability in tomcat (CVE-2026-43515). Confidential information can be exposed externally. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-43514 |
|
Vulnerability in tomcat (CVE-2026-43514)
vulnerability in tomcat (CVE-2026-43514). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-43513 |
|
Vulnerability in tomcat (CVE-2026-43513)
vulnerability in tomcat (CVE-2026-43513). Confidential information can be exposed externally. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-42498 |
|
Information Disclosure in tomcat (CVE-2026-42498)
vulnerability in tomcat (CVE-2026-42498). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-41293 |
|
Vulnerability in tomcat (CVE-2026-41293)
vulnerability in tomcat (CVE-2026-41293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-41284 |
|
Vulnerability in tomcat (CVE-2026-41284)
vulnerability in tomcat (CVE-2026-41284). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-31225 |
|
Code Injection in superduper-framework (CVE-2026-31225)
code injection in superduper-framework (CVE-2026-31225). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31228 |
|
Code Injection in CVE-2026-31228 (CVE-2026-31228)
code injection in CVE-2026-31228 (CVE-2026-31228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31221 |
|
Unsafe Deserialization in pytorch-lightning (CVE-2026-31221)
vulnerability in pytorch-lightning (CVE-2026-31221). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31222 |
|
Unsafe Deserialization in snorkel (CVE-2026-31222)
vulnerability in snorkel (CVE-2026-31222). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31223 |
|
Unsafe Deserialization in snorkel (CVE-2026-31223)
vulnerability in snorkel (CVE-2026-31223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31224 |
|
Unsafe Deserialization in snorkel (CVE-2026-31224)
vulnerability in snorkel (CVE-2026-31224). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34187 |
|
SQL Injection in sqli (CVE-2026-34187)
SQL injection in sqli (CVE-2026-34187). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31226 |
|
OS Command Injection in CVE-2026-31226 (CVE-2026-31226)
OS command injection in CVE-2026-31226 (CVE-2026-31226). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31217 |
|
Code Injection in nebuly (CVE-2026-31217)
code injection in nebuly (CVE-2026-31217). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31220 |
|
Code Injection in syft (CVE-2026-31220)
code injection in syft (CVE-2026-31220). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31214 |
|
Unsafe Deserialization in deserialization (CVE-2026-31214)
vulnerability in deserialization (CVE-2026-31214). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31218 |
|
Unsafe Deserialization in deserialization (CVE-2026-31218)
vulnerability in deserialization (CVE-2026-31218). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31219 |
|
Unsafe Deserialization in deserialization (CVE-2026-31219)
vulnerability in deserialization (CVE-2026-31219). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30810 |
|
SSRF (Server-Side Request Forgery) in privilege-escalation (CVE-2026-30810)
SSRF in privilege-escalation (CVE-2026-30810). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31215 |
|
Vulnerability in dos (CVE-2026-31215)
vulnerability in dos (CVE-2026-31215). Data can be tampered with by attackers. Exploitable via `DELETE /{index_name}/documents`.
|
| CVE-2026-31216 |
|
Vulnerability in dos (CVE-2026-31216)
vulnerability in dos (CVE-2026-31216). Data can be tampered with by attackers. Exploitable via `DELETE /storage/{object_name`.
|
| CVE-2026-30805 |
|
Vulnerability in artica (CVE-2026-30805)
vulnerability in artica (CVE-2026-30805). Confidential information can be exposed externally.
|
| CVE-2026-30807 |
|
Cross-Site Request Forgery (CSRF) in artica (CVE-2026-30807)
vulnerability in artica (CVE-2026-30807). Successful exploitation can lead to full system takeover.
|
| CVE-2023-27753 |
|
Unrestricted File Upload in CVE-2023-27753 (CVE-2023-27753)
vulnerability in CVE-2023-27753 (CVE-2023-27753). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42073 |
|
Cross-Site Request Forgery (CSRF) in @gitlawb/openclaude (CVE-2026-42073)
vulnerability in @gitlawb/openclaude (CVE-2026-42073). Risk of unauthorized operations or information disclosure. Exploitable via ``error``. Mitigation: upgrade to `0.5.1` or later.
|
| CVE-2026-8108 |
|
Vulnerability in cisa (CVE-2026-8108)
vulnerability in cisa (CVE-2026-8108). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8401 |
|
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
|
| CVE-2026-8368 |
|
Vulnerability in CVE-2026-8368 (CVE-2026-8368)
vulnerability in CVE-2026-8368 (CVE-2026-8368). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2026-8111 |
|
SQL Injection in sqli (CVE-2026-8111)
SQL injection in sqli (CVE-2026-8111). Successful exploitation can lead to full system takeover.
|