Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8192 |
|
Command Injection in wavlink (CVE-2026-8192)
command injection in wavlink (CVE-2026-8192). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8193 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-8193 (CVE-2026-8193)
SSRF in CVE-2026-8193 (CVE-2026-8193). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8191 |
|
Command Injection in c (CVE-2026-8191)
command injection in c (CVE-2026-8191). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8190 |
|
Command Injection in wavlink (CVE-2026-8190)
command injection in wavlink (CVE-2026-8190). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8189 |
|
Command Injection in wavlink (CVE-2026-8189)
command injection in wavlink (CVE-2026-8189). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8188 |
|
Command Injection in wavlink (CVE-2026-8188)
command injection in wavlink (CVE-2026-8188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5747 |
|
Vulnerability in Amazon aws (CVE-2026-5747)
vulnerability in Amazon aws (CVE-2026-5747). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4270 |
|
Vulnerability in Amazon awslabs-aws-api-mcp-server (CVE-2026-4270)
vulnerability in Amazon awslabs-aws-api-mcp-server (CVE-2026-4270). Confidential information can be exposed externally. Mitigation: upgrade to `1.3.9` or later.
|
| CVE-2026-6437 |
|
Vulnerability in Amazon aws (CVE-2026-6437)
vulnerability in Amazon aws (CVE-2026-6437). Confidential information can be exposed externally.
|
| CVE-2026-3336 |
|
Vulnerability in Amazon aws (CVE-2026-3336)
vulnerability in Amazon aws (CVE-2026-3336). Data can be tampered with by attackers.
|
| CVE-2026-20040 |
|
OS Command Injection in Cisco ios-xr (CVE-2026-20040)
OS command injection in Cisco ios-xr (CVE-2026-20040). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20108 |
|
Cross-Site Scripting (XSS) in Cisco catalyst-sd-wan-manager (CVE-2026-20108)
cross-site scripting in Cisco catalyst-sd-wan-manager (CVE-2026-20108). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20155 |
|
Vulnerability in Cisco evolved-programmable-network-manager (CVE-2026-20155)
vulnerability in Cisco evolved-programmable-network-manager (CVE-2026-20155). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20174 |
|
Path Traversal in Cisco nexus-dashboard-insights (CVE-2026-20174)
path traversal in Cisco nexus-dashboard-insights (CVE-2026-20174). Data can be tampered with by attackers.
|
| CVE-2026-20042 |
|
Vulnerability in Cisco nexus-dashboard (CVE-2026-20042)
vulnerability in Cisco nexus-dashboard (CVE-2026-20042). Confidential information can be exposed externally.
|
| CVE-2026-20160 |
|
Vulnerability in Cisco smart-software-manager-on-prem (CVE-2026-20160)
vulnerability in Cisco smart-software-manager-on-prem (CVE-2026-20160). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20170 |
|
Vulnerability in Cisco webex-contact-center (CVE-2026-20170)
vulnerability in Cisco webex-contact-center (CVE-2026-20170). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20136 |
|
Vulnerability in Cisco identity-services-engine (CVE-2026-20136)
vulnerability in Cisco identity-services-engine (CVE-2026-20136). Confidential information can be exposed externally.
|
| CVE-2026-20147 |
|
Command Injection in Cisco dos (CVE-2026-20147)
command injection in Cisco dos (CVE-2026-20147). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20132 |
|
Cross-Site Scripting (XSS) in Cisco identity-services-engine (CVE-2026-20132)
cross-site scripting in Cisco identity-services-engine (CVE-2026-20132). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20188 |
|
Vulnerability in Cisco dos (CVE-2026-20188)
vulnerability in Cisco dos (CVE-2026-20188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20180 |
|
Path Traversal in Cisco dos (CVE-2026-20180)
path traversal in Cisco dos (CVE-2026-20180). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20193 |
|
Vulnerability in Cisco identity-services-engine (CVE-2026-20193)
vulnerability in Cisco identity-services-engine (CVE-2026-20193). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20189 |
|
Vulnerability in Cisco prime-infrastructure (CVE-2026-20189)
vulnerability in Cisco prime-infrastructure (CVE-2026-20189). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20167 |
|
Vulnerability in Cisco dos (CVE-2026-20167)
vulnerability in Cisco dos (CVE-2026-20167). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20034 |
|
Vulnerability in Cisco unity-connection (CVE-2026-20034)
vulnerability in Cisco unity-connection (CVE-2026-20034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6297 |
|
Use-After-Free in Google chrome (CVE-2026-6297)
vulnerability in Google chrome (CVE-2026-6297). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65856 |
|
Vulnerability in cisa (CVE-2025-65856)
vulnerability in cisa (CVE-2025-65856). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6074 |
|
Vulnerability in cisa (CVE-2026-6074)
vulnerability in cisa (CVE-2026-6074). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13777 |
|
Vulnerability in cisa (CVE-2025-13777)
vulnerability in cisa (CVE-2025-13777). Confidential information can be exposed externally.
|
| CVE-2026-20074 |
|
Vulnerability in Cisco dos (CVE-2026-20074)
vulnerability in Cisco dos (CVE-2026-20074). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8198 |
|
Information Disclosure in wordpress (CVE-2026-8198)
vulnerability in wordpress (CVE-2026-8198). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
|
| CVE-2026-8186 |
|
Buffer Overflow in c (CVE-2026-8186)
vulnerability in c (CVE-2026-8186). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8187 |
|
Vulnerability in c (CVE-2026-8187)
vulnerability in c (CVE-2026-8187). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8185 |
|
Authentication Bypass in CVE-2026-8185 (CVE-2026-8185)
authentication bypass in CVE-2026-8185 (CVE-2026-8185). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3828 |
|
OS Command Injection in CVE-2026-3828 (CVE-2026-3828)
OS command injection in CVE-2026-3828 (CVE-2026-3828). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1749 |
|
Vulnerability in CVE-2026-1749 (CVE-2026-1749)
vulnerability in CVE-2026-1749 (CVE-2026-1749). Confidential information can be exposed externally.
|
| CVE-2025-15634 |
|
Vulnerability in hcltech (CVE-2025-15634)
vulnerability in hcltech (CVE-2025-15634). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-15633 |
|
Authorization Flaw in hcltech (CVE-2025-15633)
vulnerability in hcltech (CVE-2025-15633). Confidential information can be exposed externally.
|
| CVE-2026-42560 |
|
Authentication Bypass in oauth (CVE-2026-42560)
authentication bypass in oauth (CVE-2026-42560). Confidential information can be exposed externally. Exploitable via ``user.ID``.
|
| CVE-2026-42311 |
|
Vulnerability in pillow (CVE-2026-42311)
vulnerability in pillow (CVE-2026-42311). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `12.2.0` or later.
|
| CVE-2026-42309 |
|
Vulnerability in pillow (CVE-2026-42309)
vulnerability in pillow (CVE-2026-42309). Risk of unauthorized operations or information disclosure. Exploitable via ``ImagePath.Path``. Mitigation: upgrade to `12.2.0` or later.
|
| CVE-2026-42310 |
|
Vulnerability in pillow (CVE-2026-42310)
vulnerability in pillow (CVE-2026-42310). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `12.2.0` or later.
|
| CVE-2026-42308 |
|
Vulnerability in pillow (CVE-2026-42308)
vulnerability in pillow (CVE-2026-42308). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `12.2.0` or later.
|
| CVE-2026-8209 |
|
Vulnerability in path-traversal (CVE-2026-8209)
vulnerability in path-traversal (CVE-2026-8209). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8208 |
|
Vulnerability in CVE-2026-8208 (CVE-2026-8208)
vulnerability in CVE-2026-8208 (CVE-2026-8208). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42461 |
|
Vulnerability in github.com/getarcaneapp/arcane/backend (CVE-2026-42461)
vulnerability in github.com/getarcaneapp/arcane/backend (CVE-2026-42461). Confidential information can be exposed externally. Exploitable via `GET /api/templates`. Mitigation: upgrade to `1.18.0` or later.
|
| CVE-2026-42297 |
|
Vulnerability in argo-workflows (CVE-2026-42297)
vulnerability in argo-workflows (CVE-2026-42297). Data can be tampered with by attackers. Exploitable via ``auth.CanI``. Mitigation: upgrade to `4.0.5` or later.
|
| CVE-2026-42296 |
|
Authorization Flaw in argo-workflows (CVE-2026-42296)
vulnerability in argo-workflows (CVE-2026-42296). Confidential information can be exposed externally. Exploitable via ``podSpecPatch``. Mitigation: upgrade to `3.7.14, 4.0.5` or later.
|
| CVE-2026-42301 |
|
Vulnerability in pyp2spec (CVE-2026-42301)
vulnerability in pyp2spec (CVE-2026-42301). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
|