Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-1341 Vulnerability in CVE-2026-1341 (CVE-2026-1341)
vulnerability in CVE-2026-1341 (CVE-2026-1341). Risk of unauthorized operations or information disclosure.
CVE-2026-25223 Vulnerability in fastify (CVE-2026-25223)
vulnerability in fastify (CVE-2026-25223). Data can be tampered with by attackers.
CVE-2025-5319 SQL Injection in sqli (CVE-2025-5319)
SQL injection in sqli (CVE-2025-5319). Successful exploitation can lead to full system takeover.
CVE-2025-6397 Cross-Site Scripting (XSS) in CVE-2025-6397 (CVE-2025-6397)
cross-site scripting in CVE-2025-6397 (CVE-2025-6397). Risk of unauthorized operations or information disclosure.
CVE-2025-7760 Cross-Site Scripting (XSS) in CVE-2025-7760 (CVE-2025-7760)
cross-site scripting in CVE-2025-7760 (CVE-2025-7760). Risk of unauthorized operations or information disclosure.
CVE-2025-8456 Cross-Site Scripting (XSS) in CVE-2025-8456 (CVE-2025-8456)
cross-site scripting in CVE-2025-8456 (CVE-2025-8456). Risk of unauthorized operations or information disclosure.
CVE-2025-8461 Cross-Site Scripting (XSS) in CVE-2025-8461 (CVE-2025-8461)
cross-site scripting in CVE-2025-8461 (CVE-2025-8461). Risk of unauthorized operations or information disclosure.
CVE-2025-8589 Cross-Site Scripting (XSS) in CVE-2025-8589 (CVE-2025-8589)
cross-site scripting in CVE-2025-8589 (CVE-2025-8589). Risk of unauthorized operations or information disclosure.
CVE-2025-8590 Information Disclosure in CVE-2025-8590 (CVE-2025-8590)
vulnerability in CVE-2025-8590 (CVE-2025-8590). Confidential information can be exposed externally.
CVE-2026-22550 OS Command Injection in elecom (CVE-2026-22550)
OS command injection in elecom (CVE-2026-22550). Successful exploitation can lead to full system takeover.
CVE-2025-64328 KEV [KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328)
OS command injection in Sangoma freepbx (CVE-2025-64328). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-40551 KEV [KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-40551)
vulnerability in Solarwinds web-help-desk (CVE-2025-40551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-39935 KEV [KEV] SSRF (Server-Side Request Forgery) in Gitlab community-and-enterprise-editions (CVE-2021-39935)
SSRF in Gitlab community-and-enterprise-editions (CVE-2021-39935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-19006 KEV [KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006)
authentication bypass in Sangoma freepbx (CVE-2019-19006). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-24737 Vulnerability in parall (CVE-2026-24737)
vulnerability in parall (CVE-2026-24737). Confidential information can be exposed externally.
CVE-2026-22778 Vulnerability in vllm (CVE-2026-22778)
vulnerability in vllm (CVE-2026-22778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
CVE-2026-24051 Vulnerability in opentelemetry (CVE-2026-24051)
vulnerability in opentelemetry (CVE-2026-24051). Successful exploitation can lead to full system takeover.
CVE-2026-22226 OS Command Injection in tp-link (CVE-2026-22226)
OS command injection in tp-link (CVE-2026-22226). Successful exploitation can lead to full system takeover.
CVE-2026-1761 Vulnerability in CVE-2026-1761 (CVE-2026-1761)
vulnerability in CVE-2026-1761 (CVE-2026-1761). Data can be tampered with by attackers.
CVE-2025-8587 SQL Injection in sqli (CVE-2025-8587)
SQL injection in sqli (CVE-2025-8587). Risk of unauthorized operations or information disclosure.
CVE-2026-1530 Vulnerability in CVE-2026-1530 (CVE-2026-1530)
vulnerability in CVE-2026-1530 (CVE-2026-1530). Confidential information can be exposed externally.
CVE-2026-1531 Vulnerability in CVE-2026-1531 (CVE-2026-1531)
vulnerability in CVE-2026-1531 (CVE-2026-1531). Confidential information can be exposed externally.
CVE-2026-25069 Path Traversal in path-traversal (CVE-2026-25069)
path traversal in path-traversal (CVE-2026-25069). Risk of unauthorized operations or information disclosure.
CVE-2026-23019 Vulnerability in linux (CVE-2026-23019)
vulnerability in linux (CVE-2026-23019). Risk of unauthorized operations or information disclosure.
CVE-2026-23026 Vulnerability in linux (CVE-2026-23026)
vulnerability in linux (CVE-2026-23026). Risk of unauthorized operations or information disclosure.
CVE-2025-71188 Vulnerability in linux (CVE-2025-71188)
vulnerability in linux (CVE-2025-71188). Risk of unauthorized operations or information disclosure.
CVE-2025-71189 Vulnerability in linux (CVE-2025-71189)
vulnerability in linux (CVE-2025-71189). Risk of unauthorized operations or information disclosure.
CVE-2025-71185 Vulnerability in linux (CVE-2025-71185)
vulnerability in linux (CVE-2025-71185). Risk of unauthorized operations or information disclosure.
CVE-2025-71186 Vulnerability in linux (CVE-2025-71186)
vulnerability in linux (CVE-2025-71186). Risk of unauthorized operations or information disclosure.
CVE-2026-25153 Code Injection in linuxfoundation (CVE-2026-25153)
code injection in linuxfoundation (CVE-2026-25153). Confidential information can be exposed externally. Exploitable via ``hooks``.
CVE-2025-24293 Command Injection in CVE-2025-24293 (CVE-2025-24293)
command injection in CVE-2025-24293 (CVE-2025-24293). Successful exploitation can lead to full system takeover.
CVE-2025-4686 SQL Injection in sqli (CVE-2025-4686)
SQL injection in sqli (CVE-2025-4686). Risk of unauthorized operations or information disclosure.
CVE-2024-4027 Vulnerability in dos (CVE-2024-4027)
vulnerability in dos (CVE-2024-4027). Risk of unauthorized operations or information disclosure.
CVE-2025-1395 Vulnerability in CVE-2025-1395 (CVE-2025-1395)
vulnerability in CVE-2025-1395 (CVE-2025-1395). Confidential information can be exposed externally.
CVE-2026-25210 Vulnerability in libexpat-project (CVE-2026-25210)
vulnerability in libexpat-project (CVE-2026-25210). Confidential information can be exposed externally.
CVE-2025-69604 Vulnerability in shirt-pocket (CVE-2025-69604)
vulnerability in shirt-pocket (CVE-2025-69604). Successful exploitation can lead to full system takeover.
CVE-2025-15549 Cross-Site Scripting (XSS) in fluentcms (CVE-2025-15549)
cross-site scripting in fluentcms (CVE-2025-15549). Risk of unauthorized operations or information disclosure.
CVE-2025-7714 SQL Injection in sqli (CVE-2025-7714)
SQL injection in sqli (CVE-2025-7714). Risk of unauthorized operations or information disclosure.
CVE-2025-7713 Cross-Site Scripting (XSS) in globalmedya (CVE-2025-7713)
cross-site scripting in globalmedya (CVE-2025-7713). Risk of unauthorized operations or information disclosure.
CVE-2020-37011 Out-of-Bounds Write in CVE-2020-37011 (CVE-2020-37011)
out-of-bounds write in CVE-2020-37011 (CVE-2020-37011). Risk of unauthorized operations or information disclosure.
CVE-2020-37015 Path Traversal in path-traversal (CVE-2020-37015)
path traversal in path-traversal (CVE-2020-37015). Confidential information can be exposed externally.
CVE-2020-37004 SQL Injection in sqli (CVE-2020-37004)
SQL injection in sqli (CVE-2020-37004). Confidential information can be exposed externally.
CVE-2020-37002 OS Command Injection in CVE-2020-37002 (CVE-2020-37002)
OS command injection in CVE-2020-37002 (CVE-2020-37002). Successful exploitation can lead to full system takeover.
CVE-2025-7016 Vulnerability in akinsoft (CVE-2025-7016)
vulnerability in akinsoft (CVE-2025-7016). Successful exploitation can lead to full system takeover.
CVE-2026-1281 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-71001 Out-of-Bounds Read in dos (CVE-2025-71001)
vulnerability in dos (CVE-2025-71001). Risk of unauthorized operations or information disclosure.
CVE-2025-61726 Vulnerability in stdlib (CVE-2025-61726)
vulnerability in stdlib (CVE-2025-61726). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.12, 1.25.6` or later.
CVE-2025-61731 Vulnerability in toolchain (CVE-2025-61731)
vulnerability in toolchain (CVE-2025-61731). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.24.12, 1.25.6` or later.
CVE-2025-70999 Vulnerability in dos (CVE-2025-70999)
vulnerability in dos (CVE-2025-70999). Risk of unauthorized operations or information disclosure.
CVE-2025-71000 Vulnerability in dos (CVE-2025-71000)
vulnerability in dos (CVE-2025-71000). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →