Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-4920 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4920)
cross-site scripting in wordpress (CVE-2026-4920). Risk of unauthorized operations or information disclosure.
CVE-2026-6237 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6237)
cross-site scripting in wordpress (CVE-2026-6237). Risk of unauthorized operations or information disclosure.
CVE-2026-5340 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5340)
cross-site scripting in wordpress (CVE-2026-5340). Risk of unauthorized operations or information disclosure.
CVE-2026-5715 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5715)
cross-site scripting in wordpress (CVE-2026-5715). Risk of unauthorized operations or information disclosure.
CVE-2026-6247 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6247)
cross-site scripting in wordpress (CVE-2026-6247). Risk of unauthorized operations or information disclosure.
CVE-2026-2993 SQL Injection in wordpress (CVE-2026-2993)
SQL injection in wordpress (CVE-2026-2993). Confidential information can be exposed externally.
CVE-2026-2300 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2300)
cross-site scripting in wordpress (CVE-2026-2300). Risk of unauthorized operations or information disclosure. Exploitable via ``preg_replace``.
CVE-2026-3604 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3604)
cross-site scripting in wordpress (CVE-2026-3604). Risk of unauthorized operations or information disclosure. Exploitable via ``_kcseo_ative_tab``.
CVE-2026-39432 Vulnerability in CVE-2026-39432 (CVE-2026-39432)
vulnerability in CVE-2026-39432 (CVE-2026-39432). Confidential information can be exposed externally.
CVE-2026-6402 Vulnerability in webpack-dev-server (CVE-2026-6402)
vulnerability in webpack-dev-server (CVE-2026-6402). Confidential information can be exposed externally. Mitigation: upgrade to `5.2.4` or later.
CVE-2026-25107 Vulnerability in jvn (CVE-2026-25107)
vulnerability in jvn (CVE-2026-25107). Data can be tampered with by attackers.
CVE-2026-20704 Cross-Site Request Forgery (CSRF) in jvn (CVE-2026-20704)
vulnerability in jvn (CVE-2026-20704). Risk of unauthorized operations or information disclosure.
CVE-2024-34577 Cross-Site Scripting (XSS) in jvn (CVE-2024-34577)
cross-site scripting in jvn (CVE-2024-34577). Risk of unauthorized operations or information disclosure.
CVE-2026-35227 Vulnerability in CVE-2026-35227 (CVE-2026-35227)
vulnerability in CVE-2026-35227 (CVE-2026-35227). Risk of unauthorized operations or information disclosure.
CVE-2026-0804 Vulnerability in path-traversal (CVE-2026-0804)
vulnerability in path-traversal (CVE-2026-0804). Successful exploitation can lead to full system takeover.
CVE-2026-0541 Vulnerability in privilege-escalation (CVE-2026-0541)
vulnerability in privilege-escalation (CVE-2026-0541). Successful exploitation can lead to full system takeover.
CVE-2026-1185 Vulnerability in privilege-escalation (CVE-2026-1185)
vulnerability in privilege-escalation (CVE-2026-1185). Risk of unauthorized operations or information disclosure.
CVE-2026-0802 Vulnerability in privilege-escalation (CVE-2026-0802)
vulnerability in privilege-escalation (CVE-2026-0802). Confidential information can be exposed externally.
CVE-2026-1681 Vulnerability in zephyrproject (CVE-2026-1681)
vulnerability in zephyrproject (CVE-2026-1681). Risk of unauthorized operations or information disclosure.
CVE-2026-7256 OS Command Injection in zyxel (CVE-2026-7256)
OS command injection in zyxel (CVE-2026-7256). Successful exploitation can lead to full system takeover.
CVE-2026-7287 Vulnerability in dos (CVE-2026-7287)
vulnerability in dos (CVE-2026-7287). Risk of unauthorized operations or information disclosure.
CVE-2026-45430 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-45430)
vulnerability in csrf (CVE-2026-45430). Confidential information can be exposed externally.
CVE-2026-40136 Vulnerability in CVE-2026-40136 (CVE-2026-40136)
vulnerability in CVE-2026-40136 (CVE-2026-40136). Risk of unauthorized operations or information disclosure.
CVE-2026-34263 Vulnerability in CVE-2026-34263 (CVE-2026-34263)
vulnerability in CVE-2026-34263 (CVE-2026-34263). Successful exploitation can lead to full system takeover.
CVE-2026-40129 Code Injection in CVE-2026-40129 (CVE-2026-40129)
code injection in CVE-2026-40129 (CVE-2026-40129). Risk of unauthorized operations or information disclosure.
CVE-2026-40132 Vulnerability in CVE-2026-40132 (CVE-2026-40132)
vulnerability in CVE-2026-40132 (CVE-2026-40132). Risk of unauthorized operations or information disclosure.
CVE-2026-40133 Vulnerability in CVE-2026-40133 (CVE-2026-40133)
vulnerability in CVE-2026-40133 (CVE-2026-40133). Risk of unauthorized operations or information disclosure.
CVE-2026-40134 Vulnerability in CVE-2026-40134 (CVE-2026-40134)
vulnerability in CVE-2026-40134 (CVE-2026-40134). Risk of unauthorized operations or information disclosure.
CVE-2026-40131 SQL Injection in sqli (CVE-2026-40131)
SQL injection in sqli (CVE-2026-40131). Risk of unauthorized operations or information disclosure.
CVE-2026-40135 Command Injection in sap (CVE-2026-40135)
command injection in sap (CVE-2026-40135). Data can be tampered with by attackers.
CVE-2026-40137 Cross-Site Scripting (XSS) in CVE-2026-40137 (CVE-2026-40137)
cross-site scripting in CVE-2026-40137 (CVE-2026-40137). Risk of unauthorized operations or information disclosure.
CVE-2026-34260 SQL Injection in sqli (CVE-2026-34260)
SQL injection in sqli (CVE-2026-34260). Confidential information can be exposed externally.
CVE-2026-34259 Command Injection in CVE-2026-34259 (CVE-2026-34259)
command injection in CVE-2026-34259 (CVE-2026-34259). Successful exploitation can lead to full system takeover.
CVE-2026-27682 Cross-Site Scripting (XSS) in sap (CVE-2026-27682)
cross-site scripting in sap (CVE-2026-27682). Risk of unauthorized operations or information disclosure.
CVE-2026-0502 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-0502)
vulnerability in csrf (CVE-2026-0502). Risk of unauthorized operations or information disclosure.
CVE-2026-34258 Vulnerability in CVE-2026-34258 (CVE-2026-34258)
vulnerability in CVE-2026-34258 (CVE-2026-34258). Risk of unauthorized operations or information disclosure.
CVE-2026-22796 Vulnerability in jvn (CVE-2026-22796)
vulnerability in jvn (CVE-2026-22796). Risk of unauthorized operations or information disclosure.
CVE-2026-45391 Reserved. Details will be published at disclosure.
Reserved. Details will be published at disclosure.
CVE-2026-45392 Reserved. Details will be published at disclosure.
Reserved. Details will be published at disclosure.
CVE-2026-45393 Reserved. Details will be published at disclosure.
Reserved. Details will be published at disclosure.
CVE-2026-45362 Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file.
Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file.
CVE-2026-8349 Buffer Overflow in github.com/omec-project/amf (CVE-2026-8349)
vulnerability in github.com/omec-project/amf (CVE-2026-8349). Risk of unauthorized operations or information disclosure.
CVE-2026-8345 Vulnerability in dlink (CVE-2026-8345)
vulnerability in dlink (CVE-2026-8345). Risk of unauthorized operations or information disclosure.
CVE-2026-8346 Vulnerability in dlink (CVE-2026-8346)
vulnerability in dlink (CVE-2026-8346). Risk of unauthorized operations or information disclosure.
CVE-2026-34963 Vulnerability in c (CVE-2026-34963)
vulnerability in c (CVE-2026-34963). Successful exploitation can lead to full system takeover.
CVE-2026-34962 Vulnerability in c (CVE-2026-34962)
vulnerability in c (CVE-2026-34962). Risk of unauthorized operations or information disclosure.
CVE-2026-45321 KEV [KEV] Vulnerability in @tanstack/arktype-adapter (CVE-2026-45321)
vulnerability in @tanstack/arktype-adapter (CVE-2026-45321). Successful exploitation can lead to full system takeover. Exploitable via ``pull_request_target``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.166.16` or later.
CVE-2026-43913 Authorization Flaw in dani-garcia (CVE-2026-43913)
vulnerability in dani-garcia (CVE-2026-43913). Data can be tampered with by attackers. Exploitable via `POST /api/ciphers/purge`. Mitigation: upgrade to `1.35.5` or later.
CVE-2026-43901 Path Traversal in wireshark-mcp (CVE-2026-43901)
path traversal in wireshark-mcp (CVE-2026-43901). Confidential information can be exposed externally. Exploitable via ``wireshark_export_objects``.
CVE-2026-43912 Vulnerability in dani-garcia (CVE-2026-43912)
vulnerability in dani-garcia (CVE-2026-43912). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.5` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →