Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44700 |
|
Vulnerability in ex_webrtc (CVE-2026-44700)
vulnerability in ex_webrtc (CVE-2026-44700). Risk of unauthorized operations or information disclosure. Exploitable via ``ex_webrtc``. Mitigation: upgrade to `0.16.1` or later.
|
| CVE-2026-44428 |
|
SSRF (Server-Side Request Forgery) in github.com/modelcontextprotocol/registry (CVE-2026-44428)
SSRF in github.com/modelcontextprotocol/registry (CVE-2026-44428). Risk of unauthorized operations or information disclosure. Exploitable via ``c5c4b9e8890dd5754bee889b2f1417f4fe3b5ce5``. Mitigation: upgrade to `1.7.6` or later.
|
| CVE-2026-44427 |
|
Open Redirect in github.com/modelcontextprotocol/registry (CVE-2026-44427)
vulnerability in github.com/modelcontextprotocol/registry (CVE-2026-44427). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.5` or later.
|
| CVE-2026-44212 |
|
Cross-Site Scripting (XSS) in prestashop/prestashop (CVE-2026-44212)
cross-site scripting in prestashop/prestashop (CVE-2026-44212). Confidential information can be exposed externally. Mitigation: upgrade to `9.1.1` or later.
|
| CVE-2026-44670 |
|
Vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-44670)
vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-44670). Risk of unauthorized operations or information disclosure. Exploitable via ``outerHTML``. Mitigation: upgrade to `0.0.0-20260512140701-d7b77d945e0d` or later.
|
| CVE-2026-44665 |
|
Vulnerability in fast-xml-builder (CVE-2026-44665)
vulnerability in fast-xml-builder (CVE-2026-44665). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.7` or later.
|
| CVE-2026-44664 |
|
Vulnerability in fast-xml-builder (CVE-2026-44664)
vulnerability in fast-xml-builder (CVE-2026-44664). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2026-44009 |
|
Vulnerability in vm2 (CVE-2026-44009)
vulnerability in vm2 (CVE-2026-44009). Successful exploitation can lead to full system takeover. Exploitable via ``handleException``. Mitigation: upgrade to `3.11.2` or later.
|
| CVE-2026-44499 |
|
Vulnerability in zebrad (CVE-2026-44499)
vulnerability in zebrad (CVE-2026-44499). Risk of unauthorized operations or information disclosure. Exploitable via ``inv``. Mitigation: upgrade to `4.4.0` or later.
|
| CVE-2026-42793 |
|
Vulnerability in absinthe (CVE-2026-42793)
vulnerability in absinthe (CVE-2026-42793). Risk of unauthorized operations or information disclosure. Exploitable via ``node.name``. Mitigation: upgrade to `1.10.2` or later.
|
| CVE-2026-42353 |
|
Path Traversal in i18next-http-middleware (CVE-2026-42353)
path traversal in i18next-http-middleware (CVE-2026-42353). Confidential information can be exposed externally. Exploitable via `GET /locales/resources.json`. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-41886 |
|
Vulnerability in locize (CVE-2026-41886)
vulnerability in locize (CVE-2026-41886). Data can be tampered with by attackers. Exploitable via ``locize``. Mitigation: upgrade to `4.0.21` or later.
|
| CVE-2026-42794 |
|
Cross-Site Scripting (XSS) in absinthe_plug (CVE-2026-42794)
cross-site scripting in absinthe_plug (CVE-2026-42794). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41591 |
|
Cross-Site Scripting (XSS) in marko (CVE-2026-41591)
cross-site scripting in marko (CVE-2026-41591). Risk of unauthorized operations or information disclosure. Exploitable via ``_escape_script``. Mitigation: upgrade to `5.38.36` or later.
|
| CVE-2026-41683 |
|
Vulnerability in i18next-http-middleware (CVE-2026-41683)
vulnerability in i18next-http-middleware (CVE-2026-41683). Data can be tampered with by attackers. Exploitable via ``i18next``. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-41883 |
|
Vulnerability in org.omnifaces:omnifaces (CVE-2026-41883)
vulnerability in org.omnifaces:omnifaces (CVE-2026-41883). Successful exploitation can lead to full system takeover. Exploitable via ``CDNResourceHandler``. Mitigation: upgrade to `5.2.3` or later.
|
| CVE-2026-41690 |
|
Vulnerability in i18next-http-middleware (CVE-2026-41690)
vulnerability in i18next-http-middleware (CVE-2026-41690). Data can be tampered with by attackers. Exploitable via `GET /locales/resources.json`. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-41693 |
|
Path Traversal in i18next-fs-backend (CVE-2026-41693)
path traversal in i18next-fs-backend (CVE-2026-41693). Confidential information can be exposed externally. Exploitable via ``lng``. Mitigation: upgrade to `2.6.4` or later.
|
| CVE-2026-41885 |
|
Path Traversal in i18next-locize-backend (CVE-2026-41885)
path traversal in i18next-locize-backend (CVE-2026-41885). Risk of unauthorized operations or information disclosure. Exploitable via ``lng``. Mitigation: upgrade to `9.0.2` or later.
|
| CVE-2026-41070 |
|
Authentication Bypass in openvpn (CVE-2026-41070)
authentication bypass in openvpn (CVE-2026-41070). Confidential information can be exposed externally. Exploitable via ``plugin``.
|
| CVE-2026-34354 |
|
Vulnerability in privilege-escalation (CVE-2026-34354)
vulnerability in privilege-escalation (CVE-2026-34354). Successful exploitation can lead to full system takeover.
|
| CVE-2026-29974 |
|
Vulnerability in CVE-2026-29974 (CVE-2026-29974)
vulnerability in CVE-2026-29974 (CVE-2026-29974). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29975 |
|
Vulnerability in c (CVE-2026-29975)
vulnerability in c (CVE-2026-29975). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29972 |
|
Vulnerability in c (CVE-2026-29972)
vulnerability in c (CVE-2026-29972). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44008 |
|
Vulnerability in vm2 (CVE-2026-44008)
vulnerability in vm2 (CVE-2026-44008). Successful exploitation can lead to full system takeover. Exploitable via ``neutralizeArraySpeciesBatch``. Mitigation: upgrade to `3.11.2` or later.
|
| CVE-2026-40295 |
|
Open Redirect in devise (CVE-2026-40295)
vulnerability in devise (CVE-2026-40295). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`. Mitigation: upgrade to `5.0.4` or later.
|
| CVE-2026-44497 |
|
Vulnerability in zfnd (CVE-2026-44497)
vulnerability in zfnd (CVE-2026-44497). Data can be tampered with by attackers. Exploitable via ``zcashd``. Mitigation: upgrade to `4.4.0` or later.
|
| CVE-2026-44500 |
|
Vulnerability in zebra-network (CVE-2026-44500)
vulnerability in zebra-network (CVE-2026-44500). Risk of unauthorized operations or information disclosure. Exploitable via ``headers``. Mitigation: upgrade to `6.0.0` or later.
|
| CVE-2026-43471 |
|
Vulnerability in linux (CVE-2026-43471)
vulnerability in linux (CVE-2026-43471). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43473 |
|
Vulnerability in linux (CVE-2026-43473)
vulnerability in linux (CVE-2026-43473). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43472 |
|
Vulnerability in linux (CVE-2026-43472)
vulnerability in linux (CVE-2026-43472). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43474 |
|
Vulnerability in c (CVE-2026-43474)
vulnerability in c (CVE-2026-43474). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43468 |
|
Vulnerability in linux (CVE-2026-43468)
vulnerability in linux (CVE-2026-43468). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43457 |
|
Vulnerability in linux (CVE-2026-43457)
vulnerability in linux (CVE-2026-43457). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43456 |
|
Vulnerability in c (CVE-2026-43456)
vulnerability in c (CVE-2026-43456). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43453 |
|
Out-of-Bounds Read in linux (CVE-2026-43453)
vulnerability in linux (CVE-2026-43453). Confidential information can be exposed externally.
|
| CVE-2026-43460 |
|
Vulnerability in linux (CVE-2026-43460)
vulnerability in linux (CVE-2026-43460). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43458 |
|
Use-After-Free in linux (CVE-2026-43458)
vulnerability in linux (CVE-2026-43458). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43459 |
|
Use-After-Free in linux (CVE-2026-43459)
vulnerability in linux (CVE-2026-43459). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43449 |
|
Out-of-Bounds Read in c (CVE-2026-43449)
vulnerability in c (CVE-2026-43449). Confidential information can be exposed externally.
|
| CVE-2026-43450 |
|
Out-of-Bounds Read in linux (CVE-2026-43450)
vulnerability in linux (CVE-2026-43450). Confidential information can be exposed externally.
|
| CVE-2026-43447 |
|
Use-After-Free in linux (CVE-2026-43447)
vulnerability in linux (CVE-2026-43447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43446 |
|
Vulnerability in linux (CVE-2026-43446)
vulnerability in linux (CVE-2026-43446). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43451 |
|
Vulnerability in linux (CVE-2026-43451)
vulnerability in linux (CVE-2026-43451). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43448 |
|
Vulnerability in c (CVE-2026-43448)
vulnerability in c (CVE-2026-43448). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43441 |
|
Vulnerability in linux (CVE-2026-43441)
vulnerability in linux (CVE-2026-43441). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43443 |
|
Vulnerability in linux (CVE-2026-43443)
vulnerability in linux (CVE-2026-43443). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43444 |
|
Vulnerability in c (CVE-2026-43444)
vulnerability in c (CVE-2026-43444). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43445 |
|
Vulnerability in linux (CVE-2026-43445)
vulnerability in linux (CVE-2026-43445). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43439 |
|
Vulnerability in linux (CVE-2026-43439)
vulnerability in linux (CVE-2026-43439). Risk of unauthorized operations or information disclosure.
|