Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-1524 |
|
Authentication Bypass in neo4j (CVE-2026-1524)
authentication bypass in neo4j (CVE-2026-1524). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.26.22, 2026.2.0` or later.
|
| CVE-2025-70082 |
|
OS Command Injection in lantronix (CVE-2025-70082)
OS command injection in lantronix (CVE-2025-70082). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67041 |
|
OS Command Injection in lantronix (CVE-2025-67041)
OS command injection in lantronix (CVE-2025-67041). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67039 |
|
Vulnerability in lantronix (CVE-2025-67039)
vulnerability in lantronix (CVE-2025-67039). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2025-67035 |
|
Code Injection in lantronix (CVE-2025-67035)
code injection in lantronix (CVE-2025-67035). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67036 |
|
Code Injection in lantronix (CVE-2025-67036)
code injection in lantronix (CVE-2025-67036). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67037 |
|
Code Injection in lantronix (CVE-2025-67037)
code injection in lantronix (CVE-2025-67037). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67034 |
|
Code Injection in lantronix (CVE-2025-67034)
code injection in lantronix (CVE-2025-67034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31892 |
|
Authorization Flaw in argoproj (CVE-2026-31892)
vulnerability in argoproj (CVE-2026-31892). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.2` or later.
|
| CVE-2026-1497 |
|
Authorization Flaw in neo4j (CVE-2026-1497)
vulnerability in neo4j (CVE-2026-1497). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.26.22, 2026.2.0` or later.
|
| CVE-2026-30903 |
|
Vulnerability in zoom (CVE-2026-30903)
vulnerability in zoom (CVE-2026-30903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30902 |
|
Privilege Escalation in zoom (CVE-2026-30902)
vulnerability in zoom (CVE-2026-30902). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30901 |
|
Vulnerability in zoom (CVE-2026-30901)
vulnerability in zoom (CVE-2026-30901). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30900 |
|
Vulnerability in zoom (CVE-2026-30900)
vulnerability in zoom (CVE-2026-30900). Successful exploitation can lead to full system takeover.
|
| CVE-2025-70330 |
|
Out-of-Bounds Read in CVE-2025-70330 (CVE-2025-70330)
vulnerability in CVE-2025-70330 (CVE-2025-70330). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28229 |
|
Authorization Flaw in github.com/argoproj/argo-workflows/v4 (CVE-2026-28229)
vulnerability in github.com/argoproj/argo-workflows/v4 (CVE-2026-28229). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.2` or later.
|
| CVE-2026-32062 |
|
Vulnerability in openclaw (CVE-2026-32062)
vulnerability in openclaw (CVE-2026-32062). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.2.22` or later.
|
| CVE-2026-3784 |
|
Vulnerability in haxx (CVE-2026-3784)
vulnerability in haxx (CVE-2026-3784). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29515 |
|
Vulnerability in xiaomi (CVE-2026-29515)
vulnerability in xiaomi (CVE-2026-29515). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23817 |
|
Open Redirect in hpe (CVE-2026-23817)
vulnerability in hpe (CVE-2026-23817). Data can be tampered with by attackers.
|
| CVE-2025-68613 KEV |
|
[KEV] Vulnerability in n8n (CVE-2025-68613)
vulnerability in n8n (CVE-2025-68613). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-31837 |
|
Information Disclosure in istio (CVE-2026-31837)
vulnerability in istio (CVE-2026-31837). Confidential information can be exposed externally. Mitigation: upgrade to `1.29.1` or later.
|
| CVE-2026-28806 |
|
Vulnerability in nerves-hub (CVE-2026-28806)
vulnerability in nerves-hub (CVE-2026-28806). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28807 |
|
Path Traversal in wisp (CVE-2026-28807)
path traversal in wisp (CVE-2026-28807). Confidential information can be exposed externally. Exploitable via ``wisp.serve_static``. Mitigation: upgrade to `2.2.1` or later.
|
| CVE-2026-23868 |
|
Vulnerability in giflib-project (CVE-2026-23868)
vulnerability in giflib-project (CVE-2026-23868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-30951 |
|
SQL Injection in sqli (CVE-2026-30951)
SQL injection in sqli (CVE-2026-30951). Confidential information can be exposed externally. Mitigation: upgrade to `6.37.8` or later.
|
| CVE-2026-28292 |
|
OS Command Injection in simple-git-project (CVE-2026-28292)
OS command injection in simple-git-project (CVE-2026-28292). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25187 |
|
Vulnerability in microsoft (CVE-2026-25187)
vulnerability in microsoft (CVE-2026-25187). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26128 |
|
Authentication Bypass in microsoft (CVE-2026-26128)
authentication bypass in microsoft (CVE-2026-26128). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24294 |
|
Authentication Bypass in microsoft (CVE-2026-24294)
authentication bypass in microsoft (CVE-2026-24294). Successful exploitation can lead to full system takeover.
|
| CVE-2025-11739 |
|
Unsafe Deserialization in deserialization (CVE-2025-11739)
vulnerability in deserialization (CVE-2025-11739). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2273 |
|
Code Injection in schneider-electric (CVE-2026-2273)
code injection in schneider-electric (CVE-2026-2273). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2339 |
|
Vulnerability in CVE-2026-2339 (CVE-2026-2339)
vulnerability in CVE-2026-2339 (CVE-2026-2339). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26738 |
|
Vulnerability in uderzo (CVE-2026-26738)
vulnerability in uderzo (CVE-2026-26738). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26134 |
|
Vulnerability in microsoft (CVE-2026-26134)
vulnerability in microsoft (CVE-2026-26134). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26130 |
|
Vulnerability in csharp (CVE-2026-26130)
vulnerability in csharp (CVE-2026-26130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26110 |
|
Vulnerability in microsoft (CVE-2026-26110)
vulnerability in microsoft (CVE-2026-26110). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25836 |
|
OS Command Injection in fortinet (CVE-2026-25836)
OS command injection in fortinet (CVE-2026-25836). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25180 |
|
Out-of-Bounds Read in microsoft (CVE-2026-25180)
vulnerability in microsoft (CVE-2026-25180). Confidential information can be exposed externally.
|
| CVE-2026-24293 |
|
Vulnerability in microsoft (CVE-2026-24293)
vulnerability in microsoft (CVE-2026-24293). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24289 |
|
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-24285 |
|
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-23239 |
|
Vulnerability in Kernel (CVE-2026-23239)
vulnerability in Kernel (CVE-2026-23239). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.12.75, 6.18.16, 6.19.6` or later.
|
| CVE-2026-23240 |
|
Vulnerability in Kernel (CVE-2026-23240)
vulnerability in Kernel (CVE-2026-23240). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.12.75, 6.18.16, 6.19.6` or later.
|
| CVE-2026-22614 |
|
Vulnerability in eaton (CVE-2026-22614)
vulnerability in eaton (CVE-2026-22614). Confidential information can be exposed externally.
|
| CVE-2026-21262 |
|
Vulnerability in microsoft (CVE-2026-21262)
vulnerability in microsoft (CVE-2026-21262). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1286 |
|
Unsafe Deserialization in deserialization (CVE-2026-1286)
vulnerability in deserialization (CVE-2026-1286). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56422 |
|
Unsafe Deserialization in deserialization (CVE-2025-56422)
vulnerability in deserialization (CVE-2025-56422). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56421 |
|
SQL Injection in sqli (CVE-2025-56421)
SQL injection in sqli (CVE-2025-56421). Confidential information can be exposed externally.
|
| CVE-2025-13902 |
|
Cross-Site Scripting (XSS) in schneider-electric (CVE-2025-13902)
cross-site scripting in schneider-electric (CVE-2025-13902). Risk of unauthorized operations or information disclosure.
|