Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-42826 Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
CVE-2026-41928 Vulnerability in CVE-2026-41928 (CVE-2026-41928)
vulnerability in CVE-2026-41928 (CVE-2026-41928). Risk of unauthorized operations or information disclosure.
CVE-2026-40214 Vulnerability in openstack-cyborg (CVE-2026-40214)
vulnerability in openstack-cyborg (CVE-2026-40214). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.0.1` or later.
CVE-2026-33823 Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
CVE-2026-34327 Vulnerability in microsoft (CVE-2026-34327)
vulnerability in microsoft (CVE-2026-34327). Confidential information can be exposed externally.
CVE-2026-40213 Authorization Flaw in openstack-cyborg (CVE-2026-40213)
vulnerability in openstack-cyborg (CVE-2026-40213). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.0.1` or later.
CVE-2026-33109 Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
CVE-2026-35435 Vulnerability in microsoft (CVE-2026-35435)
vulnerability in microsoft (CVE-2026-35435). Confidential information can be exposed externally.
CVE-2026-33111 Command Injection in microsoft (CVE-2026-33111)
command injection in microsoft (CVE-2026-33111). Confidential information can be exposed externally.
CVE-2026-35428 Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
CVE-2026-33844 Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
CVE-2026-32207 Cross-Site Scripting (XSS) in microsoft (CVE-2026-32207)
cross-site scripting in microsoft (CVE-2026-32207). Successful exploitation can lead to full system takeover.
CVE-2026-26164 Vulnerability in microsoft (CVE-2026-26164)
vulnerability in microsoft (CVE-2026-26164). Confidential information can be exposed externally.
CVE-2026-26129 Vulnerability in microsoft (CVE-2026-26129)
vulnerability in microsoft (CVE-2026-26129). Confidential information can be exposed externally.
CVE-2026-44742 Cross-Site Scripting (XSS) in postorius (CVE-2026-44742)
cross-site scripting in postorius (CVE-2026-44742). Risk of unauthorized operations or information disclosure.
CVE-2026-8097 Vulnerability in sqli (CVE-2026-8097)
vulnerability in sqli (CVE-2026-8097). Risk of unauthorized operations or information disclosure.
CVE-2026-8098 Vulnerability in sqli (CVE-2026-8098)
vulnerability in sqli (CVE-2026-8098). Risk of unauthorized operations or information disclosure.
CVE-2026-42449 SSRF (Server-Side Request Forgery) in n8n-mcp (CVE-2026-42449)
SSRF in n8n-mcp (CVE-2026-42449). Confidential information can be exposed externally. Exploitable via ``N8NDocumentationMCPServer``. Mitigation: upgrade to `2.47.14` or later.
CVE-2026-41691 Path Traversal in i18next-http-backend (CVE-2026-41691)
path traversal in i18next-http-backend (CVE-2026-41691). Risk of unauthorized operations or information disclosure. Exploitable via ``lng``. Mitigation: upgrade to `3.0.5` or later.
CVE-2026-42047 Information Disclosure in inngest (CVE-2026-42047)
vulnerability in inngest (CVE-2026-42047). Confidential information can be exposed externally. Exploitable via ``GET``. Mitigation: upgrade to `3.54.0` or later.
CVE-2026-41692 Cross-Site Scripting (XSS) in i18nextify (CVE-2026-41692)
cross-site scripting in i18nextify (CVE-2026-41692). Risk of unauthorized operations or information disclosure. Exploitable via ``i18nextify``. Mitigation: upgrade to `4.0.8` or later.
CVE-2026-8088 Buffer Overflow in GDAL (CVE-2026-8088)
vulnerability in GDAL (CVE-2026-8088). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
CVE-2026-8087 Buffer Overflow in GDAL (CVE-2026-8087)
vulnerability in GDAL (CVE-2026-8087). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
CVE-2026-42259 Open Redirect in @saltcorn/server (CVE-2026-42259)
vulnerability in @saltcorn/server (CVE-2026-42259). Risk of unauthorized operations or information disclosure. Exploitable via ``dest``. Mitigation: upgrade to `1.6.0-beta.5` or later.
CVE-2026-42501 Vulnerability in golang (CVE-2026-42501)
vulnerability in golang (CVE-2026-42501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-39819 Vulnerability in golang (CVE-2026-39819)
vulnerability in golang (CVE-2026-39819). Data can be tampered with by attackers. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-39826 Vulnerability in golang (CVE-2026-39826)
vulnerability in golang (CVE-2026-39826). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-39823 Cross-Site Scripting (XSS) in golang (CVE-2026-39823)
cross-site scripting in golang (CVE-2026-39823). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-39836 Vulnerability in golang (CVE-2026-39836)
vulnerability in golang (CVE-2026-39836). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-39820 Vulnerability in golang (CVE-2026-39820)
vulnerability in golang (CVE-2026-39820). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-42225 Vulnerability in c (CVE-2026-42225)
vulnerability in c (CVE-2026-42225). Data can be tampered with by attackers.
CVE-2026-39817 Out-of-Bounds Write in golang (CVE-2026-39817)
out-of-bounds write in golang (CVE-2026-39817). Data can be tampered with by attackers. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-33814 Vulnerability in golang (CVE-2026-33814)
vulnerability in golang (CVE-2026-33814). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-33811 Vulnerability in golang (CVE-2026-33811)
vulnerability in golang (CVE-2026-33811). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-42879 Unrestricted File Upload in facturascripts/facturascripts (CVE-2026-42879)
vulnerability in facturascripts/facturascripts (CVE-2026-42879). Risk of unauthorized operations or information disclosure. Exploitable via ``PHPSESSID``.
CVE-2026-8086 Buffer Overflow in gdal (CVE-2026-8086)
vulnerability in gdal (CVE-2026-8086). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
CVE-2026-8084 Buffer Overflow in gdal (CVE-2026-8084)
vulnerability in gdal (CVE-2026-8084). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
CVE-2026-42215 OS Command Injection in GitPython (CVE-2026-42215)
OS command injection in GitPython (CVE-2026-42215). Successful exploitation can lead to full system takeover. Exploitable via ``upload_pack``. Mitigation: upgrade to `3.1.47` or later.
CVE-2026-42284 Vulnerability in GitPython (CVE-2026-42284)
vulnerability in GitPython (CVE-2026-42284). Successful exploitation can lead to full system takeover. Exploitable via ``multi_options``. Mitigation: upgrade to `3.1.47` or later.
CVE-2026-42214 Code Injection in dail8859 (CVE-2026-42214)
code injection in dail8859 (CVE-2026-42214). Successful exploitation can lead to full system takeover.
CVE-2026-8081 SSRF (Server-Side Request Forgery) in router-for-me (CVE-2026-8081)
SSRF in router-for-me (CVE-2026-8081). Risk of unauthorized operations or information disclosure.
CVE-2026-7413 Vulnerability in yarbo (CVE-2026-7413)
vulnerability in yarbo (CVE-2026-7413). Successful exploitation can lead to full system takeover.
CVE-2026-7415 Vulnerability in yarbo (CVE-2026-7415)
vulnerability in yarbo (CVE-2026-7415). Successful exploitation can lead to full system takeover.
CVE-2026-7414 Vulnerability in yarbo (CVE-2026-7414)
vulnerability in yarbo (CVE-2026-7414). Successful exploitation can lead to full system takeover.
CVE-2026-36387 Unrestricted File Upload in CVE-2026-36387 (CVE-2026-36387)
vulnerability in CVE-2026-36387 (CVE-2026-36387). Risk of unauthorized operations or information disclosure.
CVE-2026-36388 Cross-Site Scripting (XSS) in CVE-2026-36388 (CVE-2026-36388)
cross-site scripting in CVE-2026-36388 (CVE-2026-36388). Risk of unauthorized operations or information disclosure.
CVE-2025-63703 Vulnerability in npm (CVE-2025-63703)
vulnerability in npm (CVE-2025-63703). Successful exploitation can lead to full system takeover.
CVE-2025-63704 Vulnerability in prototype-pollution (CVE-2025-63704)
vulnerability in prototype-pollution (CVE-2025-63704). Successful exploitation can lead to full system takeover.
CVE-2026-44349 SQL Injection in github.com/daptin/daptin (CVE-2026-44349)
SQL injection in github.com/daptin/daptin (CVE-2026-44349). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/`. Mitigation: upgrade to `0.11.5` or later.
CVE-2026-42011 Vulnerability in CVE-2026-42011 (CVE-2026-42011)
vulnerability in CVE-2026-42011 (CVE-2026-42011). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →