Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-25083 |
|
Vulnerability in CVE-2026-25083 (CVE-2026-25083)
vulnerability in CVE-2026-25083 (CVE-2026-25083). Confidential information can be exposed externally.
|
| CVE-2026-20994 |
|
Open Redirect in samsung (CVE-2026-20994)
vulnerability in samsung (CVE-2026-20994). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-15587 |
|
Vulnerability in CVE-2025-15587 (CVE-2025-15587)
vulnerability in CVE-2025-15587 (CVE-2025-15587). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-14287 |
|
Code Injection in lfprojects (CVE-2025-14287)
code injection in lfprojects (CVE-2025-14287). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20032 |
|
Cross-Site Scripting (XSS) in CVE-2016-20032 (CVE-2016-20032)
cross-site scripting in CVE-2016-20032 (CVE-2016-20032). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20027 |
|
Cross-Site Scripting (XSS) in CVE-2016-20027 (CVE-2016-20027)
cross-site scripting in CVE-2016-20027 (CVE-2016-20027). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20029 |
|
Vulnerability in CVE-2016-20029 (CVE-2016-20029)
vulnerability in CVE-2016-20029 (CVE-2016-20029). Confidential information can be exposed externally.
|
| CVE-2016-20031 |
|
Vulnerability in c (CVE-2016-20031)
vulnerability in c (CVE-2016-20031). Confidential information can be exposed externally.
|
| CVE-2016-20028 |
|
Cross-Site Request Forgery (CSRF) in CVE-2016-20028 (CVE-2016-20028)
vulnerability in CVE-2016-20028 (CVE-2016-20028). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20026 |
|
Vulnerability in apache (CVE-2016-20026)
vulnerability in apache (CVE-2016-20026). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20025 |
|
Vulnerability in privilege-escalation (CVE-2016-20025)
vulnerability in privilege-escalation (CVE-2016-20025). Successful exploitation can lead to full system takeover.
|
| CVE-2025-47813 KEV |
|
[KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-32640 |
|
Code Injection in simpleeval (CVE-2026-32640)
code injection in simpleeval (CVE-2026-32640). Successful exploitation can lead to full system takeover. Exploitable via ``names``. Mitigation: upgrade to `1.0.5` or later.
|
| CVE-2026-4111 |
|
Vulnerability in CVE-2026-4111 (CVE-2026-4111)
vulnerability in CVE-2026-4111 (CVE-2026-4111). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3873 |
|
Vulnerability in CVE-2026-3873 (CVE-2026-3873)
vulnerability in CVE-2026-3873 (CVE-2026-3873). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32304 |
|
Code Injection in locutus (CVE-2026-32304)
code injection in locutus (CVE-2026-32304). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0.14` or later.
|
| CVE-2026-31806 |
|
Vulnerability in freerdp (CVE-2026-31806)
vulnerability in freerdp (CVE-2026-31806). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.24.0` or later.
|
| CVE-2026-23941 |
|
Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
|
| CVE-2026-23942 |
|
Path Traversal in path-traversal (CVE-2026-23942)
path traversal in path-traversal (CVE-2026-23942). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-8766 |
|
Vulnerability in privilege-escalation (CVE-2025-8766)
vulnerability in privilege-escalation (CVE-2025-8766). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71263 |
|
Vulnerability in opengroup (CVE-2025-71263)
vulnerability in opengroup (CVE-2025-71263). Successful exploitation can lead to full system takeover.
|
| CVE-2025-57849 |
|
Vulnerability in privilege-escalation (CVE-2025-57849)
vulnerability in privilege-escalation (CVE-2025-57849). Successful exploitation can lead to full system takeover.
|
| CVE-2025-15515 |
|
Vulnerability in vivo (CVE-2025-15515)
vulnerability in vivo (CVE-2025-15515). Confidential information can be exposed externally.
|
| CVE-2025-13778 |
|
Vulnerability in CVE-2025-13778 (CVE-2025-13778)
vulnerability in CVE-2025-13778 (CVE-2025-13778). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13779 |
|
Vulnerability in CVE-2025-13779 (CVE-2025-13779)
vulnerability in CVE-2025-13779 (CVE-2025-13779). Confidential information can be exposed externally.
|
| CVE-2025-13702 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-13702)
cross-site scripting in ibm (CVE-2025-13702). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3909 KEV |
|
[KEV] Out-of-Bounds Write in Google skia (CVE-2026-3909)
out-of-bounds write in Google skia (CVE-2026-3909). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-3910 KEV |
|
[KEV] Buffer Overflow in Google chromium-v8 (CVE-2026-3910)
vulnerability in Google chromium-v8 (CVE-2026-3910). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-32597 |
|
Vulnerability in pyjwt (CVE-2026-32597)
vulnerability in pyjwt (CVE-2026-32597). Data can be tampered with by attackers. Exploitable via ``crit``. Mitigation: upgrade to `2.12.0` or later.
|
| CVE-2026-3611 |
|
Vulnerability in honeywell (CVE-2026-3611)
vulnerability in honeywell (CVE-2026-3611). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1526 |
|
Vulnerability in nodejs (CVE-2026-1526)
vulnerability in nodejs (CVE-2026-1526). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32274 |
|
Path Traversal in black (CVE-2026-32274)
path traversal in black (CVE-2026-32274). Data can be tampered with by attackers.
|
| CVE-2026-3497 |
|
Vulnerability in canonical (CVE-2026-3497)
vulnerability in canonical (CVE-2026-3497). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2376 |
|
Open Redirect in redhat (CVE-2026-2376)
vulnerability in redhat (CVE-2026-2376). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66955 |
|
Vulnerability in asseco (CVE-2025-66955)
vulnerability in asseco (CVE-2025-66955). Confidential information can be exposed externally.
|
| CVE-2025-61154 |
|
Vulnerability in c (CVE-2025-61154)
vulnerability in c (CVE-2025-61154). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13913 |
|
Unsafe Deserialization in inductiveautomation (CVE-2025-13913)
vulnerability in inductiveautomation (CVE-2025-13913). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13462 |
|
Vulnerability in CVE-2025-13462 (CVE-2025-13462)
vulnerability in CVE-2025-13462 (CVE-2025-13462). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32141 |
|
Vulnerability in webreflection (CVE-2026-32141)
vulnerability in webreflection (CVE-2026-32141). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.4.0` or later.
|
| CVE-2026-21708 |
|
SQL Injection in veeam (CVE-2026-21708)
SQL injection in veeam (CVE-2026-21708). Confidential information can be exposed externally.
|
| CVE-2026-21669 |
|
Code Injection in veeam (CVE-2026-21669)
code injection in veeam (CVE-2026-21669). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21671 |
|
Code Injection in veeam (CVE-2026-21671)
code injection in veeam (CVE-2026-21671). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21668 |
|
Vulnerability in veeam (CVE-2026-21668)
vulnerability in veeam (CVE-2026-21668). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21670 |
|
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
|
| CVE-2023-43010 |
|
Out-of-Bounds Write in apple (CVE-2023-43010)
out-of-bounds write in apple (CVE-2023-43010). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66956 |
|
Vulnerability in CVE-2025-66956 (CVE-2025-66956)
vulnerability in CVE-2025-66956 (CVE-2025-66956). Successful exploitation can lead to full system takeover.
|
| CVE-2025-70041 |
|
Vulnerability in CVE-2025-70041 (CVE-2025-70041)
vulnerability in CVE-2025-70041 (CVE-2025-70041). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20046 |
|
Vulnerability in cisco (CVE-2026-20046)
vulnerability in cisco (CVE-2026-20046). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20117 |
|
Cross-Site Scripting (XSS) in express (CVE-2026-20117)
cross-site scripting in express (CVE-2026-20117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1471 |
|
Authorization Flaw in neo4j (CVE-2026-1471)
vulnerability in neo4j (CVE-2026-1471). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.26.22, 2026.1.4` or later.
|