Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-8076 Vulnerability in CVE-2026-8076 (CVE-2026-8076)
vulnerability in CVE-2026-8076 (CVE-2026-8076). Risk of unauthorized operations or information disclosure.
CVE-2026-8153 OS Command Injection in iot-embedded (CVE-2026-8153)
OS command injection in iot-embedded (CVE-2026-8153). Successful exploitation can lead to full system takeover.
CVE-2026-3318 Open Redirect in CVE-2026-3318 (CVE-2026-3318)
vulnerability in CVE-2026-3318 (CVE-2026-3318). Risk of unauthorized operations or information disclosure.
CVE-2025-13836 Vulnerability in python (CVE-2025-13836)
vulnerability in python (CVE-2025-13836). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.10.20, 3.11.15, 3.12.13, 3.13.11, 3.14.1` or later.
CVE-2026-7475 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7475)
cross-site scripting in wordpress (CVE-2026-7475). Risk of unauthorized operations or information disclosure. Exploitable via ``sky_script_content``.
CVE-2026-7650 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7650)
cross-site scripting in wordpress (CVE-2026-7650). Risk of unauthorized operations or information disclosure.
CVE-2026-6213 Vulnerability in CVE-2026-6213 (CVE-2026-6213)
vulnerability in CVE-2026-6213 (CVE-2026-6213). Risk of unauthorized operations or information disclosure.
CVE-2026-5341 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5341)
cross-site scripting in wordpress (CVE-2026-5341). Risk of unauthorized operations or information disclosure. Exploitable via ``strava_nmr_connect``.
CVE-2026-7330 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7330)
cross-site scripting in wordpress (CVE-2026-7330). Risk of unauthorized operations or information disclosure.
CVE-2026-5127 Unsafe Deserialization in wordpress (CVE-2026-5127)
vulnerability in wordpress (CVE-2026-5127). Successful exploitation can lead to full system takeover.
CVE-2026-32178 Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
CVE-2026-26171 Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
CVE-2026-44928 Vulnerability in CVE-2026-44928 (CVE-2026-44928)
vulnerability in CVE-2026-44928 (CVE-2026-44928). Risk of unauthorized operations or information disclosure.
CVE-2026-43284 Vulnerability in Google linux (CVE-2026-43284)
vulnerability in Google linux (CVE-2026-43284). Successful exploitation can lead to full system takeover.
CVE-2026-44927 Vulnerability in CVE-2026-44927 (CVE-2026-44927)
vulnerability in CVE-2026-44927 (CVE-2026-44927). Risk of unauthorized operations or information disclosure.
CVE-2026-44916 Vulnerability in CVE-2026-44916 (CVE-2026-44916)
vulnerability in CVE-2026-44916 (CVE-2026-44916). Risk of unauthorized operations or information disclosure.
CVE-2026-8149 Vulnerability in org.bouncycastle:bc-fips (CVE-2026-8149)
vulnerability in org.bouncycastle:bc-fips (CVE-2026-8149). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.73.11` or later.
CVE-2026-4935 SQL Injection in wordpress (CVE-2026-4935)
SQL injection in wordpress (CVE-2026-4935). Confidential information can be exposed externally.
CVE-2026-8069 Path Traversal in privilege-escalation (CVE-2026-8069)
path traversal in privilege-escalation (CVE-2026-8069). Risk of unauthorized operations or information disclosure.
CVE-2025-67887 Code Injection in CVE-2025-67887 (CVE-2025-67887)
code injection in CVE-2025-67887 (CVE-2025-67887). Successful exploitation can lead to full system takeover.
CVE-2025-69690 Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
CVE-2025-69691 Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
CVE-2025-69599 Vulnerability in CVE-2025-69599 (CVE-2025-69599)
vulnerability in CVE-2025-69599 (CVE-2025-69599). Successful exploitation can lead to full system takeover.
CVE-2025-55449 Vulnerability in astrbot (CVE-2025-55449)
vulnerability in astrbot (CVE-2025-55449). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.5.18` or later.
CVE-2025-67886 Unrestricted File Upload in CVE-2025-67886 (CVE-2025-67886)
vulnerability in CVE-2025-67886 (CVE-2025-67886). Risk of unauthorized operations or information disclosure.
CVE-2025-67888 OS Command Injection in CVE-2025-67888 (CVE-2025-67888)
OS command injection in CVE-2025-67888 (CVE-2025-67888). Risk of unauthorized operations or information disclosure.
CVE-2023-46453 SQL Injection in network-device (CVE-2023-46453)
SQL injection in network-device (CVE-2023-46453). Successful exploitation can lead to full system takeover.
CVE-2024-51092 OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
CVE-2024-53326 Unsafe Deserialization in deserialization (CVE-2024-53326)
vulnerability in deserialization (CVE-2024-53326). Successful exploitation can lead to full system takeover.
CVE-2024-46507 Code Injection in yeti-platform (CVE-2024-46507)
code injection in yeti-platform (CVE-2024-46507). Risk of unauthorized operations or information disclosure.
CVE-2024-27686 Vulnerability in dos (CVE-2024-27686)
vulnerability in dos (CVE-2024-27686). Risk of unauthorized operations or information disclosure.
CVE-2024-33288 SQL Injection in sqli (CVE-2024-33288)
SQL injection in sqli (CVE-2024-33288). Risk of unauthorized operations or information disclosure.
CVE-2024-33722 SQL Injection in sqli (CVE-2024-33722)
SQL injection in sqli (CVE-2024-33722). Risk of unauthorized operations or information disclosure.
CVE-2024-30167 Command Injection in CVE-2024-30167 (CVE-2024-30167)
command injection in CVE-2024-30167 (CVE-2024-30167). Risk of unauthorized operations or information disclosure.
CVE-2024-45257 Command Injection in CVE-2024-45257 (CVE-2024-45257)
command injection in CVE-2024-45257 (CVE-2024-45257). Risk of unauthorized operations or information disclosure.
CVE-2024-33724 Cross-Site Scripting (XSS) in CVE-2024-33724 (CVE-2024-33724)
cross-site scripting in CVE-2024-33724 (CVE-2024-33724). Risk of unauthorized operations or information disclosure.
CVE-2024-46508 Vulnerability in yeti-platform (CVE-2024-46508)
vulnerability in yeti-platform (CVE-2024-46508). Confidential information can be exposed externally.
CVE-2023-47268 Command Injection in cpp (CVE-2023-47268)
command injection in cpp (CVE-2023-47268). Risk of unauthorized operations or information disclosure.
CVE-2026-8137 Buffer Overflow in CVE-2026-8137 (CVE-2026-8137)
vulnerability in CVE-2026-8137 (CVE-2026-8137). Successful exploitation can lead to full system takeover.
CVE-2026-8138 Buffer Overflow in tenda (CVE-2026-8138)
vulnerability in tenda (CVE-2026-8138). Successful exploitation can lead to full system takeover.
CVE-2026-42278 Vulnerability in CVE-2026-42278 (CVE-2026-42278)
vulnerability in CVE-2026-42278 (CVE-2026-42278). Risk of unauthorized operations or information disclosure.
CVE-2022-26523 Vulnerability in dos (CVE-2022-26523)
vulnerability in dos (CVE-2022-26523). Risk of unauthorized operations or information disclosure.
CVE-2023-42344 XXE (XML External Entity) in org.opencms:opencms-core (CVE-2023-42344)
vulnerability in org.opencms:opencms-core (CVE-2023-42344). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.5.1` or later.
CVE-2023-42346 Vulnerability in CVE-2023-42346 (CVE-2023-42346)
vulnerability in CVE-2023-42346 (CVE-2023-42346). Risk of unauthorized operations or information disclosure.
CVE-2023-42343 Cross-Site Scripting (XSS) in CVE-2023-42343 (CVE-2023-42343)
cross-site scripting in CVE-2023-42343 (CVE-2023-42343). Risk of unauthorized operations or information disclosure.
CVE-2023-42345 Cross-Site Scripting (XSS) in CVE-2023-42345 (CVE-2023-42345)
cross-site scripting in CVE-2023-42345 (CVE-2023-42345). Risk of unauthorized operations or information disclosure.
CVE-2022-45899 OS Command Injection in CVE-2022-45899 (CVE-2022-45899)
OS command injection in CVE-2022-45899 (CVE-2022-45899). Risk of unauthorized operations or information disclosure.
CVE-2022-23961 Cross-Site Scripting (XSS) in CVE-2022-23961 (CVE-2022-23961)
cross-site scripting in CVE-2022-23961 (CVE-2022-23961). Risk of unauthorized operations or information disclosure.
CVE-2022-26522 Vulnerability in dos (CVE-2022-26522)
vulnerability in dos (CVE-2022-26522). Successful exploitation can lead to full system takeover.
CVE-2026-8133 Vulnerability in sqli (CVE-2026-8133)
vulnerability in sqli (CVE-2026-8133). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →