Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-6737 |
|
Vulnerability in CVE-2026-6737 (CVE-2026-6737)
vulnerability in CVE-2026-6737 (CVE-2026-6737). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8124 |
|
Vulnerability in c (CVE-2026-8124)
vulnerability in c (CVE-2026-8124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8125 |
|
Vulnerability in sqli (CVE-2026-8125)
vulnerability in sqli (CVE-2026-8125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8123 |
|
Vulnerability in c (CVE-2026-8123)
vulnerability in c (CVE-2026-8123). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8122 |
|
Vulnerability in c (CVE-2026-8122)
vulnerability in c (CVE-2026-8122). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8120 |
|
Vulnerability in c (CVE-2026-8120)
vulnerability in c (CVE-2026-8120). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8121 |
|
Vulnerability in c (CVE-2026-8121)
vulnerability in c (CVE-2026-8121). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8119 |
|
Vulnerability in c (CVE-2026-8119)
vulnerability in c (CVE-2026-8119). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8117 |
|
Cross-Site Scripting (XSS) in CVE-2026-8117 (CVE-2026-8117)
cross-site scripting in CVE-2026-8117 (CVE-2026-8117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8116 |
|
Path Traversal in path-traversal (CVE-2026-8116)
path traversal in path-traversal (CVE-2026-8116). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42208 KEV |
|
[KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
|
| CVE-2026-8115 |
|
Path Traversal in short-video-maker (CVE-2026-8115)
path traversal in short-video-maker (CVE-2026-8115). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42880 |
|
Information Disclosure in argo-cd (CVE-2026-42880)
vulnerability in argo-cd (CVE-2026-42880). Confidential information can be exposed externally.
|
| CVE-2026-44662 |
|
Vulnerability in openssl (CVE-2026-44662)
vulnerability in openssl (CVE-2026-44662). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.10.79` or later.
|
| CVE-2026-8034 |
|
Vulnerability in ssrf (CVE-2026-8034)
vulnerability in ssrf (CVE-2026-8034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8113 |
|
Path Traversal in path-traversal (CVE-2026-8113)
path traversal in path-traversal (CVE-2026-8113). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8114 |
|
Vulnerability in sqli (CVE-2026-8114)
vulnerability in sqli (CVE-2026-8114). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8112 |
|
Command Injection in 8421bit (CVE-2026-8112)
command injection in 8421bit (CVE-2026-8112). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8106 |
|
Cross-Site Scripting (XSS) in github (CVE-2026-8106)
cross-site scripting in github (CVE-2026-8106). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6736 |
|
Vulnerability in github (CVE-2026-6736)
vulnerability in github (CVE-2026-6736). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7541 |
|
Vulnerability in dos (CVE-2026-7541)
vulnerability in dos (CVE-2026-7541). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41105 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-41105)
SSRF in ssrf (CVE-2026-41105). Confidential information can be exposed externally.
|
| CVE-2026-41929 |
|
Cross-Site Scripting (XSS) in CVE-2026-41929 (CVE-2026-41929)
cross-site scripting in CVE-2026-41929 (CVE-2026-41929). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42826 |
|
Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41928 |
|
Vulnerability in CVE-2026-41928 (CVE-2026-41928)
vulnerability in CVE-2026-41928 (CVE-2026-41928). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40214 |
|
Vulnerability in openstack-cyborg (CVE-2026-40214)
vulnerability in openstack-cyborg (CVE-2026-40214). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.0.1` or later.
|
| CVE-2026-33823 |
|
Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
|
| CVE-2026-34327 |
|
Vulnerability in microsoft (CVE-2026-34327)
vulnerability in microsoft (CVE-2026-34327). Confidential information can be exposed externally.
|
| CVE-2026-40213 |
|
Authorization Flaw in openstack-cyborg (CVE-2026-40213)
vulnerability in openstack-cyborg (CVE-2026-40213). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.0.1` or later.
|
| CVE-2026-33109 |
|
Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35435 |
|
Vulnerability in microsoft (CVE-2026-35435)
vulnerability in microsoft (CVE-2026-35435). Confidential information can be exposed externally.
|
| CVE-2026-33111 |
|
Command Injection in microsoft (CVE-2026-33111)
command injection in microsoft (CVE-2026-33111). Confidential information can be exposed externally.
|
| CVE-2026-35428 |
|
Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32207 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2026-32207)
cross-site scripting in microsoft (CVE-2026-32207). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26164 |
|
Vulnerability in microsoft (CVE-2026-26164)
vulnerability in microsoft (CVE-2026-26164). Confidential information can be exposed externally.
|
| CVE-2026-26129 |
|
Vulnerability in microsoft (CVE-2026-26129)
vulnerability in microsoft (CVE-2026-26129). Confidential information can be exposed externally.
|
| CVE-2026-44742 |
|
Cross-Site Scripting (XSS) in postorius (CVE-2026-44742)
cross-site scripting in postorius (CVE-2026-44742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8097 |
|
Vulnerability in sqli (CVE-2026-8097)
vulnerability in sqli (CVE-2026-8097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8098 |
|
Vulnerability in sqli (CVE-2026-8098)
vulnerability in sqli (CVE-2026-8098). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42449 |
|
SSRF (Server-Side Request Forgery) in n8n-mcp (CVE-2026-42449)
SSRF in n8n-mcp (CVE-2026-42449). Confidential information can be exposed externally. Exploitable via ``N8NDocumentationMCPServer``. Mitigation: upgrade to `2.47.14` or later.
|
| CVE-2026-41691 |
|
Path Traversal in i18next-http-backend (CVE-2026-41691)
path traversal in i18next-http-backend (CVE-2026-41691). Risk of unauthorized operations or information disclosure. Exploitable via ``lng``. Mitigation: upgrade to `3.0.5` or later.
|
| CVE-2026-42047 |
|
Information Disclosure in inngest (CVE-2026-42047)
vulnerability in inngest (CVE-2026-42047). Confidential information can be exposed externally. Exploitable via ``GET``. Mitigation: upgrade to `3.54.0` or later.
|
| CVE-2026-41692 |
|
Cross-Site Scripting (XSS) in i18nextify (CVE-2026-41692)
cross-site scripting in i18nextify (CVE-2026-41692). Risk of unauthorized operations or information disclosure. Exploitable via ``i18nextify``. Mitigation: upgrade to `4.0.8` or later.
|
| CVE-2026-8088 |
|
Buffer Overflow in GDAL (CVE-2026-8088)
vulnerability in GDAL (CVE-2026-8088). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-8087 |
|
Buffer Overflow in GDAL (CVE-2026-8087)
vulnerability in GDAL (CVE-2026-8087). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-42259 |
|
Open Redirect in @saltcorn/server (CVE-2026-42259)
vulnerability in @saltcorn/server (CVE-2026-42259). Risk of unauthorized operations or information disclosure. Exploitable via ``dest``. Mitigation: upgrade to `1.6.0-beta.5` or later.
|
| CVE-2026-42501 |
|
Vulnerability in golang (CVE-2026-42501)
vulnerability in golang (CVE-2026-42501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
|
| CVE-2026-39819 |
|
Vulnerability in golang (CVE-2026-39819)
vulnerability in golang (CVE-2026-39819). Data can be tampered with by attackers. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
|
| CVE-2026-39826 |
|
Vulnerability in golang (CVE-2026-39826)
vulnerability in golang (CVE-2026-39826). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
|