Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41712 |
|
Vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41712)
vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41712). Confidential information can be exposed externally. Mitigation: upgrade to `2.0.0-M6` or later.
|
| CVE-2026-41713 |
|
Vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41713)
vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41713). Data can be tampered with by attackers. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2026-32684 |
|
Vulnerability in CVE-2026-32684 (CVE-2026-32684)
vulnerability in CVE-2026-32684 (CVE-2026-32684). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8162 |
|
Vulnerability in multiparty (CVE-2026-8162)
vulnerability in multiparty (CVE-2026-8162). Risk of unauthorized operations or information disclosure. Exploitable via ``decodeURI``. Mitigation: upgrade to `4.3.0` or later.
|
| CVE-2026-8161 |
|
Vulnerability in multiparty (CVE-2026-8161)
vulnerability in multiparty (CVE-2026-8161). Risk of unauthorized operations or information disclosure. Exploitable via ``Object.prototype``. Mitigation: upgrade to `4.3.0` or later.
|
| CVE-2026-6800 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6800)
cross-site scripting in wordpress (CVE-2026-6800). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6813 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6813)
cross-site scripting in wordpress (CVE-2026-6813). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5029 |
|
Vulnerability in CVE-2026-5029 (CVE-2026-5029)
vulnerability in CVE-2026-5029 (CVE-2026-5029). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44412 |
|
Vulnerability in CVE-2026-44412 (CVE-2026-44412)
vulnerability in CVE-2026-44412 (CVE-2026-44412). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44411 |
|
Vulnerability in siemens (CVE-2026-44411)
vulnerability in siemens (CVE-2026-44411). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41551 |
|
Vulnerability in path-traversal (CVE-2026-41551)
vulnerability in path-traversal (CVE-2026-41551). Confidential information can be exposed externally.
|
| CVE-2026-41125 |
|
SQL Injection in sqli (CVE-2026-41125)
SQL injection in sqli (CVE-2026-41125). Data can be tampered with by attackers.
|
| CVE-2026-25789 |
|
Cross-Site Scripting (XSS) in CVE-2026-25789 (CVE-2026-25789)
cross-site scripting in CVE-2026-25789 (CVE-2026-25789). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33862 |
|
Cross-Site Scripting (XSS) in siemens (CVE-2026-33862)
cross-site scripting in siemens (CVE-2026-33862). Confidential information can be exposed externally.
|
| CVE-2026-33893 |
|
Vulnerability in siemens (CVE-2026-33893)
vulnerability in siemens (CVE-2026-33893). Confidential information can be exposed externally.
|
| CVE-2026-27662 |
|
Vulnerability in CVE-2026-27662 (CVE-2026-27662)
vulnerability in CVE-2026-27662 (CVE-2026-27662). Data can be tampered with by attackers.
|
| CVE-2026-25786 |
|
Cross-Site Scripting (XSS) in CVE-2026-25786 (CVE-2026-25786)
cross-site scripting in CVE-2026-25786 (CVE-2026-25786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25787 |
|
Cross-Site Scripting (XSS) in CVE-2026-25787 (CVE-2026-25787)
cross-site scripting in CVE-2026-25787 (CVE-2026-25787). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22925 |
|
Vulnerability in siemens (CVE-2026-22925)
vulnerability in siemens (CVE-2026-22925). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1934 |
|
Vulnerability in wordpress (CVE-2026-1934)
vulnerability in wordpress (CVE-2026-1934). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22924 |
|
Vulnerability in siemens (CVE-2026-22924)
vulnerability in siemens (CVE-2026-22924). Data can be tampered with by attackers.
|
| CVE-2025-6577 |
|
SQL Injection in sqli (CVE-2025-6577)
SQL injection in sqli (CVE-2025-6577). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40947 |
|
OS Command Injection in siemens (CVE-2025-40947)
OS command injection in siemens (CVE-2025-40947). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40949 |
|
OS Command Injection in siemens (CVE-2025-40949)
OS command injection in siemens (CVE-2025-40949). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40948 |
|
Vulnerability in siemens (CVE-2025-40948)
vulnerability in siemens (CVE-2025-40948). Confidential information can be exposed externally.
|
| CVE-2025-40946 |
|
Vulnerability in CVE-2025-40946 (CVE-2025-40946)
vulnerability in CVE-2025-40946 (CVE-2025-40946). Data can be tampered with by attackers.
|
| CVE-2025-40833 |
|
Vulnerability in dos (CVE-2025-40833)
vulnerability in dos (CVE-2025-40833). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7661 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7661)
cross-site scripting in wordpress (CVE-2026-7661). Risk of unauthorized operations or information disclosure. Exploitable via ``box``.
|
| CVE-2026-6256 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6256)
cross-site scripting in wordpress (CVE-2026-6256). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6690 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6690)
cross-site scripting in wordpress (CVE-2026-6690). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_nopriv_lp_update_mds``.
|
| CVE-2026-7437 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7437)
cross-site scripting in wordpress (CVE-2026-7437). Risk of unauthorized operations or information disclosure. Exploitable via ``editpos_hidden``.
|
| CVE-2026-6808 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6808)
cross-site scripting in wordpress (CVE-2026-6808). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7464 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7464)
cross-site scripting in wordpress (CVE-2026-7464). Risk of unauthorized operations or information disclosure. Exploitable via ``page``.
|
| CVE-2026-7659 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7659)
cross-site scripting in wordpress (CVE-2026-7659). Risk of unauthorized operations or information disclosure. Exploitable via ``social``.
|
| CVE-2026-6913 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6913)
cross-site scripting in wordpress (CVE-2026-6913). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7626 |
|
Information Disclosure in wordpress (CVE-2026-7626)
vulnerability in wordpress (CVE-2026-7626). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6932 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6932)
vulnerability in wordpress (CVE-2026-6932). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6710 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6710)
vulnerability in wordpress (CVE-2026-6710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7562 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7562)
vulnerability in wordpress (CVE-2026-7562). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7616 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7616)
vulnerability in wordpress (CVE-2026-7616). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7561 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7561)
vulnerability in wordpress (CVE-2026-7561). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6708 |
|
Vulnerability in wordpress (CVE-2026-6708)
vulnerability in wordpress (CVE-2026-6708). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6663 |
|
Vulnerability in wordpress (CVE-2026-6663)
vulnerability in wordpress (CVE-2026-6663). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7050 |
|
Vulnerability in wordpress (CVE-2026-7050)
vulnerability in wordpress (CVE-2026-7050). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6709 |
|
Vulnerability in wordpress (CVE-2026-6709)
vulnerability in wordpress (CVE-2026-6709). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4663 |
|
Vulnerability in wordpress (CVE-2026-4663)
vulnerability in wordpress (CVE-2026-4663). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4301 |
|
Vulnerability in wordpress (CVE-2026-4301)
vulnerability in wordpress (CVE-2026-4301). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5693 |
|
Vulnerability in wordpress (CVE-2026-5693)
vulnerability in wordpress (CVE-2026-5693). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5028 |
|
SQL Injection in wordpress (CVE-2026-5028)
SQL injection in wordpress (CVE-2026-5028). Confidential information can be exposed externally.
|
| CVE-2026-4859 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4859)
cross-site scripting in wordpress (CVE-2026-4859). Risk of unauthorized operations or information disclosure. Exploitable via ``wpsbd_post_carousel``.
|