Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-5273 Use-After-Free in google (CVE-2026-5273)
vulnerability in google (CVE-2026-5273). Risk of unauthorized operations or information disclosure.
CVE-2026-4374 XXE (XML External Entity) in rti (CVE-2026-4374)
vulnerability in rti (CVE-2026-4374). Confidential information can be exposed externally.
CVE-2026-2394 Vulnerability in rti (CVE-2026-2394)
vulnerability in rti (CVE-2026-2394). Risk of unauthorized operations or information disclosure.
CVE-2026-5281 KEV [KEV] Use-After-Free in Google dawn (CVE-2026-5281)
vulnerability in Google dawn (CVE-2026-5281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-4800 Code Injection in lodash (CVE-2026-4800)
code injection in lodash (CVE-2026-4800). Successful exploitation can lead to full system takeover.
CVE-2026-30279 Path Traversal in c (CVE-2026-30279)
path traversal in c (CVE-2026-30279). Successful exploitation can lead to full system takeover.
CVE-2026-30282 Path Traversal in uxgroupllc (CVE-2026-30282)
path traversal in uxgroupllc (CVE-2026-30282). Successful exploitation can lead to full system takeover.
CVE-2026-30283 Path Traversal in peaksel (CVE-2026-30283)
path traversal in peaksel (CVE-2026-30283). Successful exploitation can lead to full system takeover.
CVE-2026-30277 Path Traversal in triumph-adler (CVE-2026-30277)
path traversal in triumph-adler (CVE-2026-30277). Successful exploitation can lead to full system takeover.
CVE-2026-30278 Path Traversal in funair (CVE-2026-30278)
path traversal in funair (CVE-2026-30278). Successful exploitation can lead to full system takeover.
CVE-2026-30284 Vulnerability in uxgroupllc (CVE-2026-30284)
vulnerability in uxgroupllc (CVE-2026-30284). Successful exploitation can lead to full system takeover.
CVE-2026-22561 Vulnerability in privilege-escalation (CVE-2026-22561)
vulnerability in privilege-escalation (CVE-2026-22561). Successful exploitation can lead to full system takeover.
CVE-2026-4317 SQL Injection in sqli (CVE-2026-4317)
SQL injection in sqli (CVE-2026-4317). Risk of unauthorized operations or information disclosure.
CVE-2026-5201 Vulnerability in dos (CVE-2026-5201)
vulnerability in dos (CVE-2026-5201). Risk of unauthorized operations or information disclosure.
CVE-2026-34881 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-34881)
SSRF in ssrf (CVE-2026-34881). Risk of unauthorized operations or information disclosure.
CVE-2026-34060 Code Injection in shopify (CVE-2026-34060)
code injection in shopify (CVE-2026-34060). Successful exploitation can lead to full system takeover.
CVE-2026-34070 Path Traversal in path-traversal (CVE-2026-34070)
path traversal in path-traversal (CVE-2026-34070). Confidential information can be exposed externally.
CVE-2026-33997 Vulnerability in docker (CVE-2026-33997)
vulnerability in docker (CVE-2026-33997). Confidential information can be exposed externally.
CVE-2026-33984 Vulnerability in c (CVE-2026-33984)
vulnerability in c (CVE-2026-33984). Successful exploitation can lead to full system takeover.
CVE-2026-33986 Vulnerability in c (CVE-2026-33986)
vulnerability in c (CVE-2026-33986). Successful exploitation can lead to full system takeover.
CVE-2026-33983 Vulnerability in dos (CVE-2026-33983)
vulnerability in dos (CVE-2026-33983). Risk of unauthorized operations or information disclosure.
CVE-2026-21710 Vulnerability in CVE-2026-21710 (CVE-2026-21710)
vulnerability in CVE-2026-21710 (CVE-2026-21710). Risk of unauthorized operations or information disclosure. Exploitable via ``TypeError``.
CVE-2026-21713 Vulnerability in CVE-2026-21713 (CVE-2026-21713)
vulnerability in CVE-2026-21713 (CVE-2026-21713). Confidential information can be exposed externally.
CVE-2026-34714 OS Command Injection in vim (CVE-2026-34714)
OS command injection in vim (CVE-2026-34714). Confidential information can be exposed externally.
CVE-2026-29597 Vulnerability in privilege-escalation (CVE-2026-29597)
vulnerability in privilege-escalation (CVE-2026-29597). Confidential information can be exposed externally.
CVE-2026-21712 Vulnerability in CVE-2026-21712 (CVE-2026-21712)
vulnerability in CVE-2026-21712 (CVE-2026-21712). Risk of unauthorized operations or information disclosure.
CVE-2026-30082 Cross-Site Scripting (XSS) in CVE-2026-30082 (CVE-2026-30082)
cross-site scripting in CVE-2026-30082 (CVE-2026-30082). Risk of unauthorized operations or information disclosure.
CVE-2026-28527 Out-of-Bounds Read in bluekitchen-gmbh (CVE-2026-28527)
vulnerability in bluekitchen-gmbh (CVE-2026-28527). Risk of unauthorized operations or information disclosure.
CVE-2026-28528 Out-of-Bounds Read in bluekitchen-gmbh (CVE-2026-28528)
vulnerability in bluekitchen-gmbh (CVE-2026-28528). Risk of unauthorized operations or information disclosure.
CVE-2026-28526 Out-of-Bounds Read in bluekitchen-gmbh (CVE-2026-28526)
vulnerability in bluekitchen-gmbh (CVE-2026-28526). Risk of unauthorized operations or information disclosure.
CVE-2026-5121 Vulnerability in libarchive (CVE-2026-5121)
vulnerability in libarchive (CVE-2026-5121). Confidential information can be exposed externally.
CVE-2025-15379 Command Injection in lfprojects (CVE-2025-15379)
command injection in lfprojects (CVE-2025-15379). Successful exploitation can lead to full system takeover. Exploitable via ``python_env.yaml``.
CVE-2025-15036 Vulnerability in path-traversal (CVE-2025-15036)
vulnerability in path-traversal (CVE-2025-15036). Successful exploitation can lead to full system takeover. Exploitable via ``extract_archive_to_dir``.
CVE-2026-3055 KEV [KEV] Out-of-Bounds Read in Citrix netscaler (CVE-2026-3055)
vulnerability in Citrix netscaler (CVE-2026-3055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-23399 Vulnerability in Kernel (CVE-2026-23399)
vulnerability in Kernel (CVE-2026-23399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.78, 6.18.20, 6.19.10` or later.
CVE-2026-33940 Code Injection in handlebarsjs (CVE-2026-33940)
code injection in handlebarsjs (CVE-2026-33940). Successful exploitation can lead to full system takeover. Exploitable via ``undefined``.
CVE-2026-33943 Code Injection in capricorn86 (CVE-2026-33943)
code injection in capricorn86 (CVE-2026-33943). Successful exploitation can lead to full system takeover. Exploitable via ``ECMAScriptModuleCompiler``.
CVE-2026-33941 Cross-Site Scripting (XSS) in handlebarsjs (CVE-2026-33941)
cross-site scripting in handlebarsjs (CVE-2026-33941). Successful exploitation can lead to full system takeover.
CVE-2026-33939 Vulnerability in dos (CVE-2026-33939)
vulnerability in dos (CVE-2026-33939). Risk of unauthorized operations or information disclosure. Exploitable via ``undefined``.
CVE-2026-33937 Code Injection in handlebarsjs (CVE-2026-33937)
code injection in handlebarsjs (CVE-2026-33937). Successful exploitation can lead to full system takeover. Exploitable via ``value``.
CVE-2026-33938 Code Injection in handlebarsjs (CVE-2026-33938)
code injection in handlebarsjs (CVE-2026-33938). Successful exploitation can lead to full system takeover.
CVE-2026-34046 Vulnerability in langflow (CVE-2026-34046)
vulnerability in langflow (CVE-2026-34046). Successful exploitation can lead to full system takeover. Exploitable via ``_read_flow``.
CVE-2026-33896 Vulnerability in digitalbazaar (CVE-2026-33896)
vulnerability in digitalbazaar (CVE-2026-33896). Confidential information can be exposed externally. Exploitable via ``basicConstraints``.
CVE-2026-33895 Vulnerability in digitalbazaar (CVE-2026-33895)
vulnerability in digitalbazaar (CVE-2026-33895). Data can be tampered with by attackers. Exploitable via ``crypto.verify``.
CVE-2026-33891 Vulnerability in dos (CVE-2026-33891)
vulnerability in dos (CVE-2026-33891). Risk of unauthorized operations or information disclosure.
CVE-2026-33894 Vulnerability in digitalbazaar (CVE-2026-33894)
vulnerability in digitalbazaar (CVE-2026-33894). Data can be tampered with by attackers.
CVE-2026-33870 Vulnerability in netty (CVE-2026-33870)
vulnerability in netty (CVE-2026-33870). Data can be tampered with by attackers.
CVE-2026-33871 Vulnerability in dos (CVE-2026-33871)
vulnerability in dos (CVE-2026-33871). Risk of unauthorized operations or information disclosure. Exploitable via ``CONTINUATION``.
CVE-2026-30567 Cross-Site Scripting (XSS) in ahsanriaz26gmailcom (CVE-2026-30567)
cross-site scripting in ahsanriaz26gmailcom (CVE-2026-30567). Risk of unauthorized operations or information disclosure.
CVE-2026-56358 Cross-Site Scripting (XSS) in n8n (CVE-2026-56358)
cross-site scripting in n8n (CVE-2026-56358). Risk of unauthorized operations or information disclosure. Exploitable via ``NODES_EXCLUDE``. Mitigation: upgrade to `1.123.25` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →