Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-31727 Vulnerability in linux (CVE-2026-31727)
vulnerability in linux (CVE-2026-31727). Risk of unauthorized operations or information disclosure.
CVE-2026-31711 Vulnerability in linux (CVE-2026-31711)
vulnerability in linux (CVE-2026-31711). Risk of unauthorized operations or information disclosure.
CVE-2026-31712 Out-of-Bounds Write in linux (CVE-2026-31712)
out-of-bounds write in linux (CVE-2026-31712). Confidential information can be exposed externally.
CVE-2026-31716 Out-of-Bounds Write in linux (CVE-2026-31716)
out-of-bounds write in linux (CVE-2026-31716). Successful exploitation can lead to full system takeover.
CVE-2026-31715 Use-After-Free in linux (CVE-2026-31715)
vulnerability in linux (CVE-2026-31715). Successful exploitation can lead to full system takeover.
CVE-2026-31718 Use-After-Free in linux (CVE-2026-31718)
vulnerability in linux (CVE-2026-31718). Successful exploitation can lead to full system takeover.
CVE-2026-31708 Out-of-Bounds Read in linux (CVE-2026-31708)
vulnerability in linux (CVE-2026-31708). Confidential information can be exposed externally.
CVE-2026-31702 Use-After-Free in c (CVE-2026-31702)
vulnerability in c (CVE-2026-31702). Successful exploitation can lead to full system takeover.
CVE-2026-31703 Use-After-Free in linux (CVE-2026-31703)
vulnerability in linux (CVE-2026-31703). Successful exploitation can lead to full system takeover.
CVE-2026-31707 Out-of-Bounds Write in c (CVE-2026-31707)
out-of-bounds write in c (CVE-2026-31707). Confidential information can be exposed externally.
CVE-2026-31705 Out-of-Bounds Write in linux (CVE-2026-31705)
out-of-bounds write in linux (CVE-2026-31705). Successful exploitation can lead to full system takeover.
CVE-2026-31700 Vulnerability in c (CVE-2026-31700)
vulnerability in c (CVE-2026-31700). Successful exploitation can lead to full system takeover.
CVE-2026-31696 Out-of-Bounds Write in c (CVE-2026-31696)
out-of-bounds write in c (CVE-2026-31696). Successful exploitation can lead to full system takeover.
CVE-2026-31697 Out-of-Bounds Write in c (CVE-2026-31697)
out-of-bounds write in c (CVE-2026-31697). Confidential information can be exposed externally.
CVE-2026-31698 Out-of-Bounds Write in c (CVE-2026-31698)
out-of-bounds write in c (CVE-2026-31698). Confidential information can be exposed externally.
CVE-2026-31699 Out-of-Bounds Write in c (CVE-2026-31699)
out-of-bounds write in c (CVE-2026-31699). Confidential information can be exposed externally.
CVE-2026-43001 Authorization Flaw in keystone (CVE-2026-43001)
vulnerability in keystone (CVE-2026-43001). Confidential information can be exposed externally. Exploitable via `POST /v3/credentials`.
CVE-2026-43003 OS Command Injection in ironic-python-agent (CVE-2026-43003)
OS command injection in ironic-python-agent (CVE-2026-43003). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `11.6.0` or later.
CVE-2026-5405 Vulnerability in dos (CVE-2026-5405)
vulnerability in dos (CVE-2026-5405). Successful exploitation can lead to full system takeover.
CVE-2026-5403 Vulnerability in dos (CVE-2026-5403)
vulnerability in dos (CVE-2026-5403). Successful exploitation can lead to full system takeover.
CVE-2026-5656 Path Traversal in path-traversal (CVE-2026-5656)
path traversal in path-traversal (CVE-2026-5656). Successful exploitation can lead to full system takeover.
CVE-2026-31431 KEV [KEV] Vulnerability in Linux redhat (CVE-2026-31431)
vulnerability in Linux redhat (CVE-2026-31431). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-6543 Code Injection in langflow (CVE-2026-6543)
code injection in langflow (CVE-2026-6543). Successful exploitation can lead to full system takeover.
CVE-2026-3345 Path Traversal in langflow (CVE-2026-3345)
path traversal in langflow (CVE-2026-3345). Confidential information can be exposed externally.
CVE-2026-1577 Vulnerability in dos (CVE-2026-1577)
vulnerability in dos (CVE-2026-1577). Risk of unauthorized operations or information disclosure.
CVE-2025-36180 Vulnerability in ibm (CVE-2025-36180)
vulnerability in ibm (CVE-2025-36180). Data can be tampered with by attackers.
CVE-2026-4502 Path Traversal in langflow (CVE-2026-4502)
path traversal in langflow (CVE-2026-4502). Data can be tampered with by attackers.
CVE-2026-3340 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-3340)
SSRF in ssrf (CVE-2026-3340). Risk of unauthorized operations or information disclosure.
CVE-2026-40912 Vulnerability in traefik (CVE-2026-40912)
vulnerability in traefik (CVE-2026-40912). Confidential information can be exposed externally.
CVE-2026-39858 Vulnerability in traefik (CVE-2026-39858)
vulnerability in traefik (CVE-2026-39858). Confidential information can be exposed externally.
CVE-2026-3346 SQL Injection in langflow (CVE-2026-3346)
SQL injection in langflow (CVE-2026-3346). Risk of unauthorized operations or information disclosure.
CVE-2026-3833 Vulnerability in gnu (CVE-2026-3833)
vulnerability in gnu (CVE-2026-3833). Risk of unauthorized operations or information disclosure. Exploitable via ``nameConstraints``.
CVE-2026-33845 A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero...
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero...
CVE-2026-41654 Vulnerability in weblate (CVE-2026-41654)
vulnerability in weblate (CVE-2026-41654). Confidential information can be exposed externally. Exploitable via ``project.add``. Mitigation: upgrade to `5.17.1` or later.
CVE-2026-40281 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281). Data can be tampered with by attackers. Exploitable via ``WriteMetadata``. Mitigation: upgrade to `8.31.0` or later.
CVE-2026-36960 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-36960)
vulnerability in csrf (CVE-2026-36960). Successful exploitation can lead to full system takeover.
CVE-2025-14543 XXE (XML External Entity) in rti (CVE-2025-14543)
vulnerability in rti (CVE-2025-14543). Confidential information can be exposed externally.
CVE-2025-14576 Vulnerability in dos (CVE-2025-14576)
vulnerability in dos (CVE-2025-14576). Successful exploitation can lead to full system takeover.
CVE-2026-7163 Vulnerability in redhat (CVE-2026-7163)
vulnerability in redhat (CVE-2026-7163). Confidential information can be exposed externally. Exploitable via `GET /v2/clusters/{cluster_id}/credentials`.
CVE-2026-7500 Vulnerability in org.keycloak:keycloak-services (CVE-2026-7500)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7500). Risk of unauthorized operations or information disclosure.
CVE-2026-36956 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-36956)
vulnerability in csrf (CVE-2026-36956). Successful exploitation can lead to full system takeover.
CVE-2026-36957 Vulnerability in dos (CVE-2026-36957)
vulnerability in dos (CVE-2026-36957). Risk of unauthorized operations or information disclosure.
CVE-2026-36958 Vulnerability in u-speed (CVE-2026-36958)
vulnerability in u-speed (CVE-2026-36958). Risk of unauthorized operations or information disclosure.
CVE-2026-7246 Command Injection in palletsprojects (CVE-2026-7246)
command injection in palletsprojects (CVE-2026-7246). Successful exploitation can lead to full system takeover.
CVE-2026-7382 Information Disclosure in CVE-2026-7382 (CVE-2026-7382)
vulnerability in CVE-2026-7382 (CVE-2026-7382). Confidential information can be exposed externally.
CVE-2024-13971 XXE (XML External Entity) in lobster-world (CVE-2024-13971)
vulnerability in lobster-world (CVE-2024-13971). Confidential information can be exposed externally.
CVE-2026-5402 Vulnerability in dos (CVE-2026-5402)
vulnerability in dos (CVE-2026-5402). Successful exploitation can lead to full system takeover.
CVE-2026-7270 Vulnerability in freebsd (CVE-2026-7270)
vulnerability in freebsd (CVE-2026-7270). Successful exploitation can lead to full system takeover.
CVE-2024-39847 XXE (XML External Entity) in 4d (CVE-2024-39847)
vulnerability in 4d (CVE-2024-39847). Confidential information can be exposed externally.
CVE-2026-41940 KEV [KEV] Vulnerability in Webpros cpanel-whm-and-wp2-wordpress-squared (CVE-2026-41940)
vulnerability in Webpros cpanel-whm-and-wp2-wordpress-squared (CVE-2026-41940). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →