Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2018-25311 |
|
Path Traversal in path-traversal (CVE-2018-25311)
path traversal in path-traversal (CVE-2018-25311). Confidential information can be exposed externally.
|
| CVE-2018-25304 |
|
Vulnerability in CVE-2018-25304 (CVE-2018-25304)
vulnerability in CVE-2018-25304 (CVE-2018-25304). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37555 |
|
Vulnerability in dos (CVE-2026-37555)
vulnerability in dos (CVE-2026-37555). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41483 |
|
Vulnerability in OpenTelemetry.Resources.Azure (CVE-2026-41483)
vulnerability in OpenTelemetry.Resources.Azure (CVE-2026-41483). Risk of unauthorized operations or information disclosure. Exploitable via ``OpenTelemetry.Resources.Azure``. Mitigation: upgrade to `1.15.1-beta.1` or later.
|
| CVE-2026-6849 |
|
Improper neutralization of special elements used in an OS command ('OS command injection')...
Improper neutralization of special elements used in an OS command ('OS command injection')...
|
| CVE-2026-5166 |
|
Path Traversal in path-traversal (CVE-2026-5166)
path traversal in path-traversal (CVE-2026-5166). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42198 |
|
Vulnerability in dos (CVE-2026-42198)
vulnerability in dos (CVE-2026-42198). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-38993 |
|
Path Traversal in path-traversal (CVE-2026-38993)
path traversal in path-traversal (CVE-2026-38993). Data can be tampered with by attackers.
|
| CVE-2026-7111 |
|
Use-After-Free in hmbrand (CVE-2026-7111)
vulnerability in hmbrand (CVE-2026-7111). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5161 |
|
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM...
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM...
|
| CVE-2026-5141 |
|
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
|
| CVE-2026-41952 |
|
Vulnerability in privilege-escalation (CVE-2026-41952)
vulnerability in privilege-escalation (CVE-2026-41952). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41220 |
|
Out-of-Bounds Write in privilege-escalation (CVE-2026-41220)
out-of-bounds write in privilege-escalation (CVE-2026-41220). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25852 |
|
Vulnerability in privilege-escalation (CVE-2026-25852)
vulnerability in privilege-escalation (CVE-2026-25852). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5140 |
|
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM...
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM...
|
| CVE-2026-42249 |
|
Path Traversal in path-traversal (CVE-2026-42249)
path traversal in path-traversal (CVE-2026-42249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42248 |
|
Vulnerability in ollama (CVE-2026-42248)
vulnerability in ollama (CVE-2026-42248). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3325 |
|
SQL Injection in sqli (CVE-2026-3325)
SQL injection in sqli (CVE-2026-3325). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41310 |
|
Vulnerability in OpenTelemetry.Exporter.Zipkin (CVE-2026-41310)
vulnerability in OpenTelemetry.Exporter.Zipkin (CVE-2026-41310). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.15.3` or later.
|
| CVE-2026-42167 |
|
SQL Injection in proftpd (CVE-2026-42167)
SQL injection in proftpd (CVE-2026-42167). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40296 |
|
Cross-Site Scripting (XSS) in phpoffice/phpspreadsheet (CVE-2026-40296)
cross-site scripting in phpoffice/phpspreadsheet (CVE-2026-40296). Risk of unauthorized operations or information disclosure. Exploitable via ``General``. Mitigation: upgrade to `1.30.4` or later.
|
| CVE-2026-30246 |
|
Vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-30246)
vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-30246). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.2.0` or later.
|
| CVE-2026-42432 |
|
Vulnerability in openclaw (CVE-2026-42432)
vulnerability in openclaw (CVE-2026-42432). Successful exploitation can lead to full system takeover. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.8` or later.
|
| CVE-2026-42429 |
|
Privilege Escalation in openclaw (CVE-2026-42429)
vulnerability in openclaw (CVE-2026-42429). Data can be tampered with by attackers. Exploitable via ``operator.read``. Mitigation: upgrade to `2026.4.8` or later.
|
| CVE-2026-3893 |
|
Vulnerability in CVE-2026-3893 (CVE-2026-3893)
vulnerability in CVE-2026-3893 (CVE-2026-3893). Data can be tampered with by attackers.
|
| CVE-2026-38949 |
|
Cross-Site Scripting (XSS) in CVE-2026-38949 (CVE-2026-38949)
cross-site scripting in CVE-2026-38949 (CVE-2026-38949). Confidential information can be exposed externally.
|
| CVE-2026-38651 |
|
Vulnerability in netmaker (CVE-2026-38651)
vulnerability in netmaker (CVE-2026-38651). Confidential information can be exposed externally.
|
| CVE-2025-60889 |
|
Unsafe Deserialization in deserialization (CVE-2025-60889)
vulnerability in deserialization (CVE-2025-60889). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60887 |
|
Unsafe Deserialization in deserialization (CVE-2025-60887)
vulnerability in deserialization (CVE-2025-60887). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7322 |
|
Buffer Overflow in mozilla (CVE-2026-7322)
vulnerability in mozilla (CVE-2026-7322). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7323 |
|
Buffer Overflow in mozilla (CVE-2026-7323)
vulnerability in mozilla (CVE-2026-7323). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7324 |
|
Buffer Overflow in mozilla (CVE-2026-7324)
vulnerability in mozilla (CVE-2026-7324). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7320 |
|
Buffer Overflow in mozilla (CVE-2026-7320)
vulnerability in mozilla (CVE-2026-7320). Confidential information can be exposed externally.
|
| CVE-2026-27760 |
|
Code Injection in CVE-2026-27760 (CVE-2026-27760)
code injection in CVE-2026-27760 (CVE-2026-27760). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5944 |
|
Vulnerability in cisco (CVE-2026-5944)
vulnerability in cisco (CVE-2026-5944). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5435 |
|
Out-of-Bounds Write in c (CVE-2026-5435)
out-of-bounds write in c (CVE-2026-5435). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5781 |
|
Vulnerability in agilonhealth (CVE-2026-5781)
vulnerability in agilonhealth (CVE-2026-5781). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41604 |
|
Out-of-Bounds Read in apache (CVE-2026-41604)
vulnerability in apache (CVE-2026-41604). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41607 |
|
Out-of-Bounds Read in apache (CVE-2026-41607)
vulnerability in apache (CVE-2026-41607). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41605 |
|
Vulnerability in apache (CVE-2026-41605)
vulnerability in apache (CVE-2026-41605). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41603 |
|
Vulnerability in apache (CVE-2026-41603)
vulnerability in apache (CVE-2026-41603). Confidential information can be exposed externally.
|
| CVE-2026-3323 |
|
Vulnerability in vega (CVE-2026-3323)
vulnerability in vega (CVE-2026-3323). Confidential information can be exposed externally.
|
| CVE-2026-41602 |
|
Vulnerability in apache (CVE-2026-41602)
vulnerability in apache (CVE-2026-41602). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-54011 |
|
Vulnerability in hanwhavision (CVE-2024-54011)
vulnerability in hanwhavision (CVE-2024-54011). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-54012 |
|
OS Command Injection in hanwhavision (CVE-2024-54012)
OS command injection in hanwhavision (CVE-2024-54012). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-54013 |
|
Vulnerability in hanwhavision (CVE-2024-54013)
vulnerability in hanwhavision (CVE-2024-54013). Successful exploitation can lead to full system takeover.
|
| CVE-2025-10539 |
|
Vulnerability in draugiemgroup (CVE-2025-10539)
vulnerability in draugiemgroup (CVE-2025-10539). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41525 |
|
Vulnerability in CVE-2026-41525 (CVE-2026-41525)
vulnerability in CVE-2026-41525 (CVE-2026-41525). Confidential information can be exposed externally.
|
| CVE-2026-40356 |
|
Vulnerability in mit (CVE-2026-40356)
vulnerability in mit (CVE-2026-40356). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42510 |
|
Vulnerability in ironic (CVE-2026-42510)
vulnerability in ironic (CVE-2026-42510). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `35.0.1` or later.
|