Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-25204 |
|
Unsafe Deserialization in dos (CVE-2026-25204)
vulnerability in dos (CVE-2026-25204). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-21529 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2023-21529)
vulnerability in Microsoft exchange-server (CVE-2023-21529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21643 KEV |
|
[KEV] SQL Injection in Fortinet forticlient-ems (CVE-2026-21643)
SQL injection in Fortinet forticlient-ems (CVE-2026-21643). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-1854 KEV |
|
[KEV] Vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854)
vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36424 KEV |
|
[KEV] Out-of-Bounds Read in Microsoft windows (CVE-2023-36424)
vulnerability in Microsoft windows (CVE-2023-36424). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-9715 KEV |
|
[KEV] Use-After-Free in Adobe acrobat (CVE-2020-9715)
vulnerability in Adobe acrobat (CVE-2020-9715). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34621 KEV |
|
[KEV] Vulnerability in Adobe acrobat-and-reader (CVE-2026-34621)
vulnerability in Adobe acrobat-and-reader (CVE-2026-34621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-60710 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-60710)
vulnerability in Microsoft windows (CVE-2025-60710). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-40393 |
|
Out-of-Bounds Write in mesa3d (CVE-2026-40393)
out-of-bounds write in mesa3d (CVE-2026-40393). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25695 |
|
Out-of-Bounds Write in CVE-2019-25695 (CVE-2019-25695)
out-of-bounds write in CVE-2019-25695 (CVE-2019-25695). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31413 |
|
Out-of-Bounds Read in linux (CVE-2026-31413)
vulnerability in linux (CVE-2026-31413). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31845 |
|
Cross-Site Scripting (XSS) in CVE-2026-31845 (CVE-2026-31845)
cross-site scripting in CVE-2026-31845 (CVE-2026-31845). Confidential information can be exposed externally.
|
| CVE-2026-32146 |
|
Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
|
| CVE-2026-4153 |
|
Vulnerability in gimp (CVE-2026-4153)
vulnerability in gimp (CVE-2026-4153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4154 |
|
Vulnerability in gimp (CVE-2026-4154)
vulnerability in gimp (CVE-2026-4154). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4150 |
|
Vulnerability in gimp (CVE-2026-4150)
vulnerability in gimp (CVE-2026-4150). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4151 |
|
Vulnerability in gimp (CVE-2026-4151)
vulnerability in gimp (CVE-2026-4151). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4152 |
|
Vulnerability in gimp (CVE-2026-4152)
vulnerability in gimp (CVE-2026-4152). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33118 |
|
Vulnerability in microsoft (CVE-2026-33118)
vulnerability in microsoft (CVE-2026-33118). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5724 |
|
Vulnerability in CVE-2026-5724 (CVE-2026-5724)
vulnerability in CVE-2026-5724 (CVE-2026-5724). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40194 |
|
Vulnerability in phpseclib/phpseclib (CVE-2026-40194)
vulnerability in phpseclib/phpseclib (CVE-2026-40194). Risk of unauthorized operations or information disclosure. Exploitable via ``e819a163c``. Mitigation: upgrade to `1.0.28` or later.
|
| CVE-2026-40190 |
|
Vulnerability in langchain (CVE-2026-40190)
vulnerability in langchain (CVE-2026-40190). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.5.18` or later.
|
| CVE-2026-40175 |
|
Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
|
| CVE-2026-39922 |
|
SSRF (Server-Side Request Forgery) in geonode (CVE-2026-39922)
SSRF in geonode (CVE-2026-39922). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.0.2` or later.
|
| CVE-2026-39921 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-39921)
SSRF in ssrf (CVE-2026-39921). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1502 |
|
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
|
| CVE-2026-34481 |
|
Vulnerability in apache (CVE-2026-34481)
vulnerability in apache (CVE-2026-34481). Data can be tampered with by attackers.
|
| CVE-2026-6068 |
|
Use-After-Free in nasm (CVE-2026-6068)
vulnerability in nasm (CVE-2026-6068). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5777 |
|
Vulnerability in CVE-2026-5777 (CVE-2026-5777)
vulnerability in CVE-2026-5777 (CVE-2026-5777). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39304 |
|
Vulnerability in apache (CVE-2026-39304)
vulnerability in apache (CVE-2026-39304). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31412 |
|
Vulnerability in linux (CVE-2026-31412)
vulnerability in linux (CVE-2026-31412). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6057 |
|
Path Traversal in path-traversal (CVE-2026-6057)
path traversal in path-traversal (CVE-2026-6057). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47960 |
|
Vulnerability in synology (CVE-2021-47960)
vulnerability in synology (CVE-2021-47960). Confidential information can be exposed externally.
|
| CVE-2026-5525 |
|
Vulnerability in notepad-plus-plus (CVE-2026-5525)
vulnerability in notepad-plus-plus (CVE-2026-5525). Confidential information can be exposed externally.
|
| CVE-2026-28704 |
|
Vulnerability in jpcert (CVE-2026-28704)
vulnerability in jpcert (CVE-2026-28704). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4482 |
|
Vulnerability in rapid7 (CVE-2026-4482)
vulnerability in rapid7 (CVE-2026-4482). Confidential information can be exposed externally.
|
| CVE-2026-33551 |
|
Authorization Flaw in keystone (CVE-2026-33551)
vulnerability in keystone (CVE-2026-33551). Confidential information can be exposed externally. Mitigation: upgrade to `26.1.1` or later.
|
| CVE-2026-5263 |
|
Vulnerability in c (CVE-2026-5263)
vulnerability in c (CVE-2026-5263). Confidential information can be exposed externally.
|
| CVE-2026-21915 |
|
Vulnerability in juniper (CVE-2026-21915)
vulnerability in juniper (CVE-2026-21915). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39848 |
|
Vulnerability in csrf (CVE-2026-39848)
vulnerability in csrf (CVE-2026-39848). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.0` or later.
|
| CVE-2026-33788 |
|
Vulnerability in juniper (CVE-2026-33788)
vulnerability in juniper (CVE-2026-33788). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33784 |
|
Vulnerability in juniper (CVE-2026-33784)
vulnerability in juniper (CVE-2026-33784). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33771 |
|
Vulnerability in juniper (CVE-2026-33771)
vulnerability in juniper (CVE-2026-33771). Confidential information can be exposed externally.
|
| CVE-2026-33774 |
|
Vulnerability in juniper (CVE-2026-33774)
vulnerability in juniper (CVE-2026-33774). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21904 |
|
Cross-Site Scripting (XSS) in juniper (CVE-2026-21904)
cross-site scripting in juniper (CVE-2026-21904). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5194 |
|
Vulnerability in wolfssl (CVE-2026-5194)
vulnerability in wolfssl (CVE-2026-5194). Confidential information can be exposed externally.
|
| CVE-2026-40089 |
|
SSRF (Server-Side Request Forgery) in c (CVE-2026-40089)
SSRF in c (CVE-2026-40089). Confidential information can be exposed externally.
|
| CVE-2026-34734 |
|
Use-After-Free in hdfgroup (CVE-2026-34734)
vulnerability in hdfgroup (CVE-2026-34734). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34486 |
|
Vulnerability in tomcat (CVE-2026-34486)
vulnerability in tomcat (CVE-2026-34486). Confidential information can be exposed externally. Mitigation: upgrade to `9.0.117, 10.1.54, 11.0.21` or later.
|
| CVE-2026-29146 |
|
Vulnerability in apache (CVE-2026-29146)
vulnerability in apache (CVE-2026-29146). Confidential information can be exposed externally.
|