Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-25639 Vulnerability in axios (CVE-2026-25639)
vulnerability in axios (CVE-2026-25639). Risk of unauthorized operations or information disclosure. Exploitable via ``mergeConfig``. Mitigation: upgrade to `0.30.3` or later.
CVE-2025-10464 Vulnerability in CVE-2025-10464 (CVE-2025-10464)
vulnerability in CVE-2025-10464 (CVE-2025-10464). Confidential information can be exposed externally.
CVE-2025-10465 Unrestricted File Upload in CVE-2025-10465 (CVE-2025-10465)
vulnerability in CVE-2025-10465 (CVE-2025-10465). Successful exploitation can lead to full system takeover.
CVE-2025-6830 SQL Injection in sqli (CVE-2025-6830)
SQL injection in sqli (CVE-2025-6830). Successful exploitation can lead to full system takeover.
CVE-2025-10463 Authentication Bypass in CVE-2025-10463 (CVE-2025-10463)
authentication bypass in CVE-2025-10463 (CVE-2025-10463). Risk of unauthorized operations or information disclosure.
CVE-2025-7799 Cross-Site Scripting (XSS) in CVE-2025-7799 (CVE-2025-7799)
cross-site scripting in CVE-2025-7799 (CVE-2025-7799). Data can be tampered with by attackers.
CVE-2026-1615 Code Injection in CVE-2026-1615 (CVE-2026-1615)
code injection in CVE-2026-1615 (CVE-2026-1615). Successful exploitation can lead to full system takeover.
CVE-2026-2141 Vulnerability in 5kcrm (CVE-2026-2141)
vulnerability in 5kcrm (CVE-2026-2141). Risk of unauthorized operations or information disclosure.
CVE-2026-25565 Authorization Flaw in wekan-project (CVE-2026-25565)
vulnerability in wekan-project (CVE-2026-25565). Data can be tampered with by attackers.
CVE-2026-25566 Authorization Flaw in wekan-project (CVE-2026-25566)
vulnerability in wekan-project (CVE-2026-25566). Risk of unauthorized operations or information disclosure.
CVE-2026-25568 Authorization Flaw in wekan-project (CVE-2026-25568)
vulnerability in wekan-project (CVE-2026-25568). Risk of unauthorized operations or information disclosure.
CVE-2026-25859 Authorization Flaw in wekan-project (CVE-2026-25859)
vulnerability in wekan-project (CVE-2026-25859). Successful exploitation can lead to full system takeover.
CVE-2026-25561 Authorization Flaw in wekan-project (CVE-2026-25561)
vulnerability in wekan-project (CVE-2026-25561). Data can be tampered with by attackers.
CVE-2026-25562 Vulnerability in wekan-project (CVE-2026-25562)
vulnerability in wekan-project (CVE-2026-25562). Risk of unauthorized operations or information disclosure.
CVE-2026-25749 Vulnerability in c (CVE-2026-25749)
vulnerability in c (CVE-2026-25749). Data can be tampered with by attackers.
CVE-2026-25580 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-25580)
SSRF in ssrf (CVE-2026-25580). Confidential information can be exposed externally. Mitigation: upgrade to `1.56.0` or later.
CVE-2026-25640 Path Traversal in path-traversal (CVE-2026-25640)
path traversal in path-traversal (CVE-2026-25640). Confidential information can be exposed externally. Mitigation: upgrade to `1.51.0` or later.
CVE-2026-25727 Vulnerability in dos (CVE-2026-25727)
vulnerability in dos (CVE-2026-25727). Risk of unauthorized operations or information disclosure.
CVE-2026-25556 Vulnerability in artifex (CVE-2026-25556)
vulnerability in artifex (CVE-2026-25556). Risk of unauthorized operations or information disclosure.
CVE-2025-69619 Path Traversal in path-traversal (CVE-2025-69619)
path traversal in path-traversal (CVE-2025-69619). Risk of unauthorized operations or information disclosure.
CVE-2020-37131 Vulnerability in dos (CVE-2020-37131)
vulnerability in dos (CVE-2020-37131). Risk of unauthorized operations or information disclosure.
CVE-2026-1312 SQL Injection in django (CVE-2026-1312)
SQL injection in django (CVE-2026-1312). Risk of unauthorized operations or information disclosure. Exploitable via ``FilteredRelation``. Mitigation: upgrade to `4.2.28, 5.2.11, 6.0.2` or later.
CVE-2026-1287 SQL Injection in django (CVE-2026-1287)
SQL injection in django (CVE-2026-1287). Risk of unauthorized operations or information disclosure. Exploitable via ``FilteredRelation``. Mitigation: upgrade to `4.2.28, 5.2.11, 6.0.2` or later.
CVE-2026-1207 SQL Injection in django (CVE-2026-1207)
SQL injection in django (CVE-2026-1207). Risk of unauthorized operations or information disclosure. Exploitable via ``RasterField``. Mitigation: upgrade to `4.2.28, 5.2.11, 6.0.2` or later.
CVE-2025-61732 Code Injection in toolchain (CVE-2025-61732)
code injection in toolchain (CVE-2025-61732). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.24.13, 1.25.7` or later.
CVE-2025-11953 KEV [KEV] OS Command Injection in React native community react-native-community (CVE-2025-11953)
OS command injection in React native community react-native-community (CVE-2025-11953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-24423 KEV [KEV] Vulnerability in Smartertools smartermail (CVE-2026-24423)
vulnerability in Smartertools smartermail (CVE-2026-24423). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-25521 Vulnerability in locutus (CVE-2026-25521)
vulnerability in locutus (CVE-2026-25521). Successful exploitation can lead to full system takeover.
CVE-2026-25536 Vulnerability in lfprojects (CVE-2026-25536)
vulnerability in lfprojects (CVE-2026-25536). Confidential information can be exposed externally.
CVE-2026-23074 Use-After-Free in linux (CVE-2026-23074)
vulnerability in linux (CVE-2026-23074). Successful exploitation can lead to full system takeover.
CVE-2026-23103 Vulnerability in linux (CVE-2026-23103)
vulnerability in linux (CVE-2026-23103). Successful exploitation can lead to full system takeover.
CVE-2026-23110 Vulnerability in linux (CVE-2026-23110)
vulnerability in linux (CVE-2026-23110). Risk of unauthorized operations or information disclosure.
CVE-2026-23095 Vulnerability in c (CVE-2026-23095)
vulnerability in c (CVE-2026-23095). Risk of unauthorized operations or information disclosure.
CVE-2026-23099 Out-of-Bounds Read in c (CVE-2026-23099)
vulnerability in c (CVE-2026-23099). Confidential information can be exposed externally.
CVE-2026-23084 Vulnerability in linux (CVE-2026-23084)
vulnerability in linux (CVE-2026-23084). Risk of unauthorized operations or information disclosure.
CVE-2026-23087 Vulnerability in linux (CVE-2026-23087)
vulnerability in linux (CVE-2026-23087). Risk of unauthorized operations or information disclosure.
CVE-2026-20123 Open Redirect in cisco (CVE-2026-20123)
vulnerability in cisco (CVE-2026-20123). Risk of unauthorized operations or information disclosure.
CVE-2026-20111 Vulnerability in cisco (CVE-2026-20111)
vulnerability in cisco (CVE-2026-20111). Risk of unauthorized operations or information disclosure.
CVE-2026-0537 Out-of-Bounds Write in autodesk (CVE-2026-0537)
out-of-bounds write in autodesk (CVE-2026-0537). Successful exploitation can lead to full system takeover.
CVE-2026-0538 Out-of-Bounds Write in autodesk (CVE-2026-0538)
out-of-bounds write in autodesk (CVE-2026-0538). Successful exploitation can lead to full system takeover.
CVE-2026-0661 Out-of-Bounds Write in autodesk (CVE-2026-0661)
out-of-bounds write in autodesk (CVE-2026-0661). Successful exploitation can lead to full system takeover.
CVE-2026-0660 Vulnerability in autodesk (CVE-2026-0660)
vulnerability in autodesk (CVE-2026-0660). Successful exploitation can lead to full system takeover.
CVE-2025-70545 Cross-Site Scripting (XSS) in belden (CVE-2025-70545)
cross-site scripting in belden (CVE-2025-70545). Risk of unauthorized operations or information disclosure.
CVE-2026-23060 Vulnerability in dos (CVE-2026-23060)
vulnerability in dos (CVE-2026-23060). Risk of unauthorized operations or information disclosure.
CVE-2025-5329 SQL Injection in sqli (CVE-2025-5329)
SQL injection in sqli (CVE-2025-5329). Successful exploitation can lead to full system takeover.
CVE-2025-69618 Path Traversal in cotoworld (CVE-2025-69618)
path traversal in cotoworld (CVE-2025-69618). Risk of unauthorized operations or information disclosure.
CVE-2026-1819 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
CVE-2025-69621 Path Traversal in CVE-2025-69621 (CVE-2025-69621)
path traversal in CVE-2025-69621 (CVE-2025-69621). Confidential information can be exposed externally.
CVE-2025-69620 Path Traversal in path-traversal (CVE-2025-69620)
path traversal in path-traversal (CVE-2025-69620). Risk of unauthorized operations or information disclosure.
CVE-2020-37094 Vulnerability in espocrm (CVE-2020-37094)
vulnerability in espocrm (CVE-2020-37094). Confidential information can be exposed externally. Exploitable via `Authorization header`.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →