Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-44700 Vulnerability in ex_webrtc (CVE-2026-44700)
vulnerability in ex_webrtc (CVE-2026-44700). Risk of unauthorized operations or information disclosure. Exploitable via ``ex_webrtc``. Mitigation: upgrade to `0.16.1` or later.
CVE-2026-44428 SSRF (Server-Side Request Forgery) in github.com/modelcontextprotocol/registry (CVE-2026-44428)
SSRF in github.com/modelcontextprotocol/registry (CVE-2026-44428). Risk of unauthorized operations or information disclosure. Exploitable via ``c5c4b9e8890dd5754bee889b2f1417f4fe3b5ce5``. Mitigation: upgrade to `1.7.6` or later.
CVE-2026-44427 Open Redirect in github.com/modelcontextprotocol/registry (CVE-2026-44427)
vulnerability in github.com/modelcontextprotocol/registry (CVE-2026-44427). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.5` or later.
CVE-2026-44212 Cross-Site Scripting (XSS) in prestashop/prestashop (CVE-2026-44212)
cross-site scripting in prestashop/prestashop (CVE-2026-44212). Confidential information can be exposed externally. Mitigation: upgrade to `9.1.1` or later.
CVE-2026-44670 Vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-44670)
vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-44670). Risk of unauthorized operations or information disclosure. Exploitable via ``outerHTML``. Mitigation: upgrade to `0.0.0-20260512140701-d7b77d945e0d` or later.
CVE-2026-44665 Vulnerability in fast-xml-builder (CVE-2026-44665)
vulnerability in fast-xml-builder (CVE-2026-44665). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.7` or later.
CVE-2026-44664 Vulnerability in fast-xml-builder (CVE-2026-44664)
vulnerability in fast-xml-builder (CVE-2026-44664). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.6` or later.
CVE-2026-44009 Vulnerability in vm2 (CVE-2026-44009)
vulnerability in vm2 (CVE-2026-44009). Successful exploitation can lead to full system takeover. Exploitable via ``handleException``. Mitigation: upgrade to `3.11.2` or later.
CVE-2026-44499 Vulnerability in zebrad (CVE-2026-44499)
vulnerability in zebrad (CVE-2026-44499). Risk of unauthorized operations or information disclosure. Exploitable via ``inv``. Mitigation: upgrade to `4.4.0` or later.
CVE-2026-42793 Vulnerability in absinthe (CVE-2026-42793)
vulnerability in absinthe (CVE-2026-42793). Risk of unauthorized operations or information disclosure. Exploitable via ``node.name``. Mitigation: upgrade to `1.10.2` or later.
CVE-2026-42353 Path Traversal in i18next-http-middleware (CVE-2026-42353)
path traversal in i18next-http-middleware (CVE-2026-42353). Confidential information can be exposed externally. Exploitable via `GET /locales/resources.json`. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-41886 Vulnerability in locize (CVE-2026-41886)
vulnerability in locize (CVE-2026-41886). Data can be tampered with by attackers. Exploitable via ``locize``. Mitigation: upgrade to `4.0.21` or later.
CVE-2026-42794 Cross-Site Scripting (XSS) in absinthe_plug (CVE-2026-42794)
cross-site scripting in absinthe_plug (CVE-2026-42794). Risk of unauthorized operations or information disclosure.
CVE-2026-41591 Cross-Site Scripting (XSS) in marko (CVE-2026-41591)
cross-site scripting in marko (CVE-2026-41591). Risk of unauthorized operations or information disclosure. Exploitable via ``_escape_script``. Mitigation: upgrade to `5.38.36` or later.
CVE-2026-41683 Vulnerability in i18next-http-middleware (CVE-2026-41683)
vulnerability in i18next-http-middleware (CVE-2026-41683). Data can be tampered with by attackers. Exploitable via ``i18next``. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-41883 Vulnerability in org.omnifaces:omnifaces (CVE-2026-41883)
vulnerability in org.omnifaces:omnifaces (CVE-2026-41883). Successful exploitation can lead to full system takeover. Exploitable via ``CDNResourceHandler``. Mitigation: upgrade to `5.2.3` or later.
CVE-2026-41690 Vulnerability in i18next-http-middleware (CVE-2026-41690)
vulnerability in i18next-http-middleware (CVE-2026-41690). Data can be tampered with by attackers. Exploitable via `GET /locales/resources.json`. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-41693 Path Traversal in i18next-fs-backend (CVE-2026-41693)
path traversal in i18next-fs-backend (CVE-2026-41693). Confidential information can be exposed externally. Exploitable via ``lng``. Mitigation: upgrade to `2.6.4` or later.
CVE-2026-41885 Path Traversal in i18next-locize-backend (CVE-2026-41885)
path traversal in i18next-locize-backend (CVE-2026-41885). Risk of unauthorized operations or information disclosure. Exploitable via ``lng``. Mitigation: upgrade to `9.0.2` or later.
CVE-2026-41070 Authentication Bypass in openvpn (CVE-2026-41070)
authentication bypass in openvpn (CVE-2026-41070). Confidential information can be exposed externally. Exploitable via ``plugin``.
CVE-2026-34354 Vulnerability in privilege-escalation (CVE-2026-34354)
vulnerability in privilege-escalation (CVE-2026-34354). Successful exploitation can lead to full system takeover.
CVE-2026-29974 Vulnerability in CVE-2026-29974 (CVE-2026-29974)
vulnerability in CVE-2026-29974 (CVE-2026-29974). Risk of unauthorized operations or information disclosure.
CVE-2026-29975 Vulnerability in c (CVE-2026-29975)
vulnerability in c (CVE-2026-29975). Risk of unauthorized operations or information disclosure.
CVE-2026-29972 Vulnerability in c (CVE-2026-29972)
vulnerability in c (CVE-2026-29972). Risk of unauthorized operations or information disclosure.
CVE-2026-44008 Vulnerability in vm2 (CVE-2026-44008)
vulnerability in vm2 (CVE-2026-44008). Successful exploitation can lead to full system takeover. Exploitable via ``neutralizeArraySpeciesBatch``. Mitigation: upgrade to `3.11.2` or later.
CVE-2026-40295 Open Redirect in devise (CVE-2026-40295)
vulnerability in devise (CVE-2026-40295). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`. Mitigation: upgrade to `5.0.4` or later.
CVE-2026-44497 Vulnerability in zfnd (CVE-2026-44497)
vulnerability in zfnd (CVE-2026-44497). Data can be tampered with by attackers. Exploitable via ``zcashd``. Mitigation: upgrade to `4.4.0` or later.
CVE-2026-44500 Vulnerability in zebra-network (CVE-2026-44500)
vulnerability in zebra-network (CVE-2026-44500). Risk of unauthorized operations or information disclosure. Exploitable via ``headers``. Mitigation: upgrade to `6.0.0` or later.
CVE-2026-43471 Vulnerability in linux (CVE-2026-43471)
vulnerability in linux (CVE-2026-43471). Risk of unauthorized operations or information disclosure.
CVE-2026-43473 Vulnerability in linux (CVE-2026-43473)
vulnerability in linux (CVE-2026-43473). Risk of unauthorized operations or information disclosure.
CVE-2026-43472 Vulnerability in linux (CVE-2026-43472)
vulnerability in linux (CVE-2026-43472). Risk of unauthorized operations or information disclosure.
CVE-2026-43474 Vulnerability in c (CVE-2026-43474)
vulnerability in c (CVE-2026-43474). Risk of unauthorized operations or information disclosure.
CVE-2026-43468 Vulnerability in linux (CVE-2026-43468)
vulnerability in linux (CVE-2026-43468). Risk of unauthorized operations or information disclosure.
CVE-2026-43457 Vulnerability in linux (CVE-2026-43457)
vulnerability in linux (CVE-2026-43457). Risk of unauthorized operations or information disclosure.
CVE-2026-43456 Vulnerability in c (CVE-2026-43456)
vulnerability in c (CVE-2026-43456). Successful exploitation can lead to full system takeover.
CVE-2026-43453 Out-of-Bounds Read in linux (CVE-2026-43453)
vulnerability in linux (CVE-2026-43453). Confidential information can be exposed externally.
CVE-2026-43460 Vulnerability in linux (CVE-2026-43460)
vulnerability in linux (CVE-2026-43460). Successful exploitation can lead to full system takeover.
CVE-2026-43458 Use-After-Free in linux (CVE-2026-43458)
vulnerability in linux (CVE-2026-43458). Successful exploitation can lead to full system takeover.
CVE-2026-43459 Use-After-Free in linux (CVE-2026-43459)
vulnerability in linux (CVE-2026-43459). Successful exploitation can lead to full system takeover.
CVE-2026-43449 Out-of-Bounds Read in c (CVE-2026-43449)
vulnerability in c (CVE-2026-43449). Confidential information can be exposed externally.
CVE-2026-43450 Out-of-Bounds Read in linux (CVE-2026-43450)
vulnerability in linux (CVE-2026-43450). Confidential information can be exposed externally.
CVE-2026-43447 Use-After-Free in linux (CVE-2026-43447)
vulnerability in linux (CVE-2026-43447). Successful exploitation can lead to full system takeover.
CVE-2026-43446 Vulnerability in linux (CVE-2026-43446)
vulnerability in linux (CVE-2026-43446). Risk of unauthorized operations or information disclosure.
CVE-2026-43451 Vulnerability in linux (CVE-2026-43451)
vulnerability in linux (CVE-2026-43451). Risk of unauthorized operations or information disclosure.
CVE-2026-43448 Vulnerability in c (CVE-2026-43448)
vulnerability in c (CVE-2026-43448). Risk of unauthorized operations or information disclosure.
CVE-2026-43441 Vulnerability in linux (CVE-2026-43441)
vulnerability in linux (CVE-2026-43441). Risk of unauthorized operations or information disclosure.
CVE-2026-43443 Vulnerability in linux (CVE-2026-43443)
vulnerability in linux (CVE-2026-43443). Risk of unauthorized operations or information disclosure.
CVE-2026-43444 Vulnerability in c (CVE-2026-43444)
vulnerability in c (CVE-2026-43444). Risk of unauthorized operations or information disclosure.
CVE-2026-43445 Vulnerability in linux (CVE-2026-43445)
vulnerability in linux (CVE-2026-43445). Risk of unauthorized operations or information disclosure.
CVE-2026-43439 Vulnerability in linux (CVE-2026-43439)
vulnerability in linux (CVE-2026-43439). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →