Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-0880 Vulnerability in mozilla (CVE-2026-0880)
vulnerability in mozilla (CVE-2026-0880). Successful exploitation can lead to full system takeover.
CVE-2025-40944 Vulnerability in CVE-2025-40944 (CVE-2025-40944)
vulnerability in CVE-2025-40944 (CVE-2025-40944). Risk of unauthorized operations or information disclosure.
CVE-2025-66176 Vulnerability in hikvision (CVE-2025-66176)
vulnerability in hikvision (CVE-2025-66176). Successful exploitation can lead to full system takeover.
CVE-2025-66177 Vulnerability in CVE-2025-66177 (CVE-2025-66177)
vulnerability in CVE-2025-66177 (CVE-2025-66177). Successful exploitation can lead to full system takeover.
CVE-2026-20805 KEV [KEV] Information Disclosure in Microsoft windows (CVE-2026-20805)
vulnerability in Microsoft windows (CVE-2026-20805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-22212 Vulnerability in CVE-2026-22212 (CVE-2026-22212)
vulnerability in CVE-2026-22212 (CVE-2026-22212). Risk of unauthorized operations or information disclosure.
CVE-2026-22213 Vulnerability in riot-os (CVE-2026-22213)
vulnerability in riot-os (CVE-2026-22213). Successful exploitation can lead to full system takeover.
CVE-2026-22214 Vulnerability in riot-os (CVE-2026-22214)
vulnerability in riot-os (CVE-2026-22214). Successful exploitation can lead to full system takeover.
CVE-2025-29329 Vulnerability in sagemcom (CVE-2025-29329)
vulnerability in sagemcom (CVE-2025-29329). Successful exploitation can lead to full system takeover.
CVE-2026-22771 Code Injection in envoyproxy (CVE-2026-22771)
code injection in envoyproxy (CVE-2026-22771). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.7` or later.
CVE-2026-22200 Vulnerability in enhancesoft (CVE-2026-22200)
vulnerability in enhancesoft (CVE-2026-22200). Confidential information can be exposed externally.
CVE-2025-65552 Vulnerability in d3dsecurity (CVE-2025-65552)
vulnerability in d3dsecurity (CVE-2025-65552). Successful exploitation can lead to full system takeover.
CVE-2025-65553 Vulnerability in d3dsecurity (CVE-2025-65553)
vulnerability in d3dsecurity (CVE-2025-65553). Risk of unauthorized operations or information disclosure.
CVE-2025-8110 KEV [KEV] Path Traversal in gogs (CVE-2025-8110)
path traversal in gogs (CVE-2025-8110). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-68493 XXE (XML External Entity) in apache (CVE-2025-68493)
vulnerability in apache (CVE-2025-68493). Confidential information can be exposed externally.
CVE-2026-22610 Cross-Site Scripting (XSS) in @angular/compiler (CVE-2026-22610)
cross-site scripting in @angular/compiler (CVE-2026-22610). Risk of unauthorized operations or information disclosure. Exploitable via ``href``.
CVE-2026-22029 Cross-Site Scripting (XSS) in react (CVE-2026-22029)
cross-site scripting in react (CVE-2026-22029). Confidential information can be exposed externally.
CVE-2025-59057 Cross-Site Scripting (XSS) in react (CVE-2025-59057)
cross-site scripting in react (CVE-2025-59057). Confidential information can be exposed externally.
CVE-2026-21884 Cross-Site Scripting (XSS) in react (CVE-2026-21884)
cross-site scripting in react (CVE-2026-21884). Confidential information can be exposed externally.
CVE-2025-61686 Path Traversal in react (CVE-2025-61686)
path traversal in react (CVE-2025-61686). Data can be tampered with by attackers.
CVE-2025-9222 Cross-Site Scripting (XSS) in gitlab (CVE-2025-9222)
cross-site scripting in gitlab (CVE-2025-9222). Confidential information can be exposed externally.
CVE-2025-13761 Cross-Site Scripting (XSS) in c (CVE-2025-13761)
cross-site scripting in c (CVE-2025-13761). Confidential information can be exposed externally.
CVE-2025-13772 Vulnerability in gitlab (CVE-2025-13772)
vulnerability in gitlab (CVE-2025-13772). Confidential information can be exposed externally.
CVE-2025-70974 Vulnerability in CVE-2025-70974 (CVE-2025-70974)
vulnerability in CVE-2025-70974 (CVE-2025-70974). Successful exploitation can lead to full system takeover.
CVE-2025-65518 Vulnerability in dos (CVE-2025-65518)
vulnerability in dos (CVE-2025-65518). Risk of unauthorized operations or information disclosure.
CVE-2025-50334 Vulnerability in dos (CVE-2025-50334)
vulnerability in dos (CVE-2025-50334). Risk of unauthorized operations or information disclosure.
CVE-2026-0719 Vulnerability in CVE-2026-0719 (CVE-2026-0719)
vulnerability in CVE-2026-0719 (CVE-2026-0719). Risk of unauthorized operations or information disclosure.
CVE-2026-0674 Vulnerability in wordpress (CVE-2026-0674)
vulnerability in wordpress (CVE-2026-0674). Risk of unauthorized operations or information disclosure.
CVE-2025-69262 pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings....
pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Code E...
CVE-2025-69263 pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies (and git-hosted tarballs) in the lockfile without integrity hashes. This allows the remote server to serve differe...
pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies (and git-hosted tarballs) in the lockfile without integrity hashes. This allows the remote server to serve different content on each install, even when a lockfile is committed. An attacker who publishes a package w...
CVE-2025-69264 Vulnerability in pnpm (CVE-2025-69264)
vulnerability in pnpm (CVE-2025-69264). Successful exploitation can lead to full system takeover.
CVE-2026-22184 Out-of-Bounds Write in zlib (CVE-2026-22184)
out-of-bounds write in zlib (CVE-2026-22184). Successful exploitation can lead to full system takeover.
CVE-2026-22189 Vulnerability in cmu (CVE-2026-22189)
vulnerability in cmu (CVE-2026-22189). Successful exploitation can lead to full system takeover.
CVE-2026-22190 Vulnerability in cmu (CVE-2026-22190)
vulnerability in cmu (CVE-2026-22190). Confidential information can be exposed externally.
CVE-2026-22188 Vulnerability in dos (CVE-2026-22188)
vulnerability in dos (CVE-2026-22188). Risk of unauthorized operations or information disclosure.
CVE-2025-12543 Vulnerability in redhat (CVE-2025-12543)
vulnerability in redhat (CVE-2025-12543). Confidential information can be exposed externally. Exploitable via `Host header`.
CVE-2026-0650 Vulnerability in CVE-2026-0650 (CVE-2026-0650)
vulnerability in CVE-2026-0650 (CVE-2026-0650). Risk of unauthorized operations or information disclosure.
CVE-2009-0556 KEV [KEV] Code Injection in Microsoft office (CVE-2009-0556)
code injection in Microsoft office (CVE-2009-0556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-37164 KEV [KEV] Code Injection in Hewlett packard enterprise (hpe) hewlett-packard-enterprise-hpe (CVE-2025-37164)
code injection in Hewlett packard enterprise (hpe) hewlett-packard-enterprise-hpe (CVE-2025-37164). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-60534 Authentication Bypass in blueaccesstech (CVE-2025-60534)
authentication bypass in blueaccesstech (CVE-2025-60534). Successful exploitation can lead to full system takeover.
CVE-2026-0625 Vulnerability in CVE-2026-0625 (CVE-2026-0625)
vulnerability in CVE-2026-0625 (CVE-2026-0625). Risk of unauthorized operations or information disclosure.
CVE-2025-69223 Vulnerability in dos (CVE-2025-69223)
vulnerability in dos (CVE-2025-69223). Risk of unauthorized operations or information disclosure.
CVE-2025-68428 Vulnerability in path-traversal (CVE-2025-68428)
vulnerability in path-traversal (CVE-2025-68428). Confidential information can be exposed externally. Exploitable via ``addImage``.
CVE-2025-67316 Cross-Site Scripting (XSS) in heytap (CVE-2025-67316)
cross-site scripting in heytap (CVE-2025-67316). Risk of unauthorized operations or information disclosure.
CVE-2025-63396 Vulnerability in pytorch (CVE-2025-63396)
vulnerability in pytorch (CVE-2025-63396). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.5.1, 2.8.0` or later.
CVE-2025-67268 Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
CVE-2025-67269 Vulnerability in c (CVE-2025-67269)
vulnerability in c (CVE-2025-67269). Risk of unauthorized operations or information disclosure. Exploitable via ``ffa1d6f40bca0b035fc7f5e563160ebb67199da7``.
CVE-2025-67160 Path Traversal in path-traversal (CVE-2025-67160)
path traversal in path-traversal (CVE-2025-67160). Confidential information can be exposed externally.
CVE-2025-67158 Authentication Bypass in revotech (CVE-2025-67158)
authentication bypass in revotech (CVE-2025-67158). Confidential information can be exposed externally.
CVE-2025-59381 Path Traversal in path-traversal (CVE-2025-59381)
path traversal in path-traversal (CVE-2025-59381). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →