Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2025-7024 Vulnerability in airbus (CVE-2025-7024)
vulnerability in airbus (CVE-2025-7024). Successful exploitation can lead to full system takeover.
CVE-2026-5463 Command Injection in pymetasploit3 (CVE-2026-5463)
command injection in pymetasploit3 (CVE-2026-5463). Data can be tampered with by attackers.
CVE-2026-47099 Cross-Site Scripting (XSS) in telejson (CVE-2026-47099)
cross-site scripting in telejson (CVE-2026-47099). Risk of unauthorized operations or information disclosure. Exploitable via ``postMessage``. Mitigation: upgrade to `6.0.0` or later.
CVE-2022-4986 Vulnerability in beldan (CVE-2022-4986)
vulnerability in beldan (CVE-2022-4986). Risk of unauthorized operations or information disclosure.
CVE-2026-35466 Cross-Site Scripting (XSS) in cmu (CVE-2026-35466)
cross-site scripting in cmu (CVE-2026-35466). Risk of unauthorized operations or information disclosure.
CVE-2025-15620 Vulnerability in belden (CVE-2025-15620)
vulnerability in belden (CVE-2025-15620). Risk of unauthorized operations or information disclosure.
CVE-2026-35467 Vulnerability in cmu (CVE-2026-35467)
vulnerability in cmu (CVE-2026-35467). Confidential information can be exposed externally.
CVE-2024-14033 Vulnerability in CVE-2024-14033 (CVE-2024-14033)
vulnerability in CVE-2024-14033 (CVE-2024-14033). Risk of unauthorized operations or information disclosure.
CVE-2026-41365 Authorization Flaw in openclaw (CVE-2026-41365)
vulnerability in openclaw (CVE-2026-41365). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.3.31` or later.
CVE-2026-34829 Vulnerability in rack (CVE-2026-34829)
vulnerability in rack (CVE-2026-34829). Risk of unauthorized operations or information disclosure. Exploitable via ``BoundedIO``. Mitigation: upgrade to `3.2.6` or later.
CVE-2026-34827 Vulnerability in rack (CVE-2026-34827)
vulnerability in rack (CVE-2026-34827). Risk of unauthorized operations or information disclosure. Exploitable via ``name``. Mitigation: upgrade to `3.2.6` or later.
CVE-2026-34760 Vulnerability in vllm (CVE-2026-34760)
vulnerability in vllm (CVE-2026-34760). Data can be tampered with by attackers.
CVE-2023-7343 Privilege Escalation in privilege-escalation (CVE-2023-7343)
vulnerability in privilege-escalation (CVE-2023-7343). Successful exploitation can lead to full system takeover.
CVE-2026-34742 Vulnerability in lfprojects (CVE-2026-34742)
vulnerability in lfprojects (CVE-2026-34742). Confidential information can be exposed externally.
CVE-2026-34785 Vulnerability in rack (CVE-2026-34785)
vulnerability in rack (CVE-2026-34785). Confidential information can be exposed externally. Mitigation: upgrade to `3.2.6` or later.
CVE-2026-35385 Vulnerability in openbsd (CVE-2026-35385)
vulnerability in openbsd (CVE-2026-35385). Successful exploitation can lead to full system takeover.
CVE-2026-34601 Vulnerability in CVE-2026-34601 (CVE-2026-34601)
vulnerability in CVE-2026-34601 (CVE-2026-34601). Data can be tampered with by attackers. Exploitable via ``DOMParser``.
CVE-2026-34877 Vulnerability in arm (CVE-2026-34877)
vulnerability in arm (CVE-2026-34877). Successful exploitation can lead to full system takeover.
CVE-2026-30603 Vulnerability in CVE-2026-30603 (CVE-2026-30603)
vulnerability in CVE-2026-30603 (CVE-2026-30603). Successful exploitation can lead to full system takeover.
CVE-2026-26895 Vulnerability in enhancesoft (CVE-2026-26895)
vulnerability in enhancesoft (CVE-2026-26895). Risk of unauthorized operations or information disclosure.
CVE-2026-34876 Out-of-Bounds Read in c (CVE-2026-34876)
vulnerability in c (CVE-2026-34876). Confidential information can be exposed externally.
CVE-2026-35002 Vulnerability in agno (CVE-2026-35002)
vulnerability in agno (CVE-2026-35002). Successful exploitation can lead to full system takeover.
CVE-2026-32871 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-32871)
SSRF in ssrf (CVE-2026-32871). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`.
CVE-2026-3692 OS Command Injection in progress (CVE-2026-3692)
OS command injection in progress (CVE-2026-3692). Successful exploitation can lead to full system takeover.
CVE-2026-2737 Cross-Site Scripting (XSS) in progress (CVE-2026-2737)
cross-site scripting in progress (CVE-2026-2737). Risk of unauthorized operations or information disclosure.
CVE-2026-3872 Open Redirect in redhat (CVE-2026-3872)
vulnerability in redhat (CVE-2026-3872). Confidential information can be exposed externally.
CVE-2026-4282 Vulnerability in privilege-escalation (CVE-2026-4282)
vulnerability in privilege-escalation (CVE-2026-4282). Confidential information can be exposed externally.
CVE-2026-23414 Vulnerability in linux (CVE-2026-23414)
vulnerability in linux (CVE-2026-23414). Risk of unauthorized operations or information disclosure.
CVE-2026-32145 Vulnerability in dos (CVE-2026-32145)
vulnerability in dos (CVE-2026-32145). Risk of unauthorized operations or information disclosure.
CVE-2026-3502 KEV [KEV] Vulnerability in Trueconf client (CVE-2026-3502)
vulnerability in Trueconf client (CVE-2026-3502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-34531 Authentication Bypass in Flask-HTTPAuth (CVE-2026-34531)
authentication bypass in Flask-HTTPAuth (CVE-2026-34531). Data can be tampered with by attackers. Exploitable via ``token``. Mitigation: upgrade to `4.8.1` or later.
CVE-2026-34873 Authentication Bypass in trustedfirmware (CVE-2026-34873)
authentication bypass in trustedfirmware (CVE-2026-34873). Confidential information can be exposed externally.
CVE-2026-34545 Vulnerability in openexr (CVE-2026-34545)
vulnerability in openexr (CVE-2026-34545). Successful exploitation can lead to full system takeover.
CVE-2026-35000 Vulnerability in webtechnologies (CVE-2026-35000)
vulnerability in webtechnologies (CVE-2026-35000). Confidential information can be exposed externally.
CVE-2026-34874 Vulnerability in trustedfirmware (CVE-2026-34874)
vulnerability in trustedfirmware (CVE-2026-34874). Risk of unauthorized operations or information disclosure.
CVE-2026-25833 Vulnerability in trustedfirmware (CVE-2026-25833)
vulnerability in trustedfirmware (CVE-2026-25833). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.6.6` or later.
CVE-2026-34875 Vulnerability in trustedfirmware (CVE-2026-34875)
vulnerability in trustedfirmware (CVE-2026-34875). Successful exploitation can lead to full system takeover.
CVE-2026-34072 Authentication Bypass in fccview (CVE-2026-34072)
authentication bypass in fccview (CVE-2026-34072). Confidential information can be exposed externally.
CVE-2026-27489 Vulnerability in path-traversal (CVE-2026-27489)
vulnerability in path-traversal (CVE-2026-27489). Confidential information can be exposed externally.
CVE-2026-25834 Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.
Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.
CVE-2025-67805 Information Disclosure in sagedpw (CVE-2025-67805)
vulnerability in sagedpw (CVE-2025-67805). Confidential information can be exposed externally.
CVE-2025-67806 Vulnerability in sagedpw (CVE-2025-67806)
vulnerability in sagedpw (CVE-2025-67806). Risk of unauthorized operations or information disclosure.
CVE-2026-35093 Code Injection in freedesktop (CVE-2026-35093)
code injection in freedesktop (CVE-2026-35093). Successful exploitation can lead to full system takeover.
CVE-2026-30526 Cross-Site Scripting (XSS) in pushpam02 (CVE-2026-30526)
cross-site scripting in pushpam02 (CVE-2026-30526). Risk of unauthorized operations or information disclosure.
CVE-2026-29598 Cross-Site Scripting (XSS) in CVE-2026-29598 (CVE-2026-29598)
cross-site scripting in CVE-2026-29598 (CVE-2026-29598). Risk of unauthorized operations or information disclosure.
CVE-2026-35092 Vulnerability in dos (CVE-2026-35092)
vulnerability in dos (CVE-2026-35092). Risk of unauthorized operations or information disclosure.
CVE-2026-34999 Vulnerability in volcengine (CVE-2026-34999)
vulnerability in volcengine (CVE-2026-34999). Risk of unauthorized operations or information disclosure. Exploitable via `POST /bot/v1/chat`.
CVE-2026-34430 Vulnerability in deerflow (CVE-2026-34430)
vulnerability in deerflow (CVE-2026-34430). Successful exploitation can lead to full system takeover.
CVE-2026-23401 Use-After-Free in c (CVE-2026-23401)
vulnerability in c (CVE-2026-23401). Risk of unauthorized operations or information disclosure.
CVE-2026-5272 Vulnerability in google (CVE-2026-5272)
vulnerability in google (CVE-2026-5272). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →