Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-59703 |
|
Vulnerability in c (CVE-2026-59703)
vulnerability in c (CVE-2026-59703). Confidential information can be exposed externally.
|
| CVE-2026-55668 |
|
Path Traversal in CVE-2026-55668 (CVE-2026-55668)
path traversal in CVE-2026-55668 (CVE-2026-55668). Data can be tampered with by attackers.
|
| CVE-2026-55873 |
|
Authorization Flaw in CVE-2026-55873 (CVE-2026-55873)
vulnerability in CVE-2026-55873 (CVE-2026-55873). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55874 |
|
Path Traversal in CVE-2026-55874 (CVE-2026-55874)
path traversal in CVE-2026-55874 (CVE-2026-55874). Confidential information can be exposed externally.
|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-24700 |
|
OS Command Injection in CVE-2026-24700 (CVE-2026-24700)
OS command injection in CVE-2026-24700 (CVE-2026-24700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49146 |
|
Vulnerability in c (CVE-2026-49146)
vulnerability in c (CVE-2026-49146). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24698 |
|
OS Command Injection in CVE-2026-24698 (CVE-2026-24698)
OS command injection in CVE-2026-24698 (CVE-2026-24698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24699 |
|
OS Command Injection in CVE-2026-24699 (CVE-2026-24699)
OS command injection in CVE-2026-24699 (CVE-2026-24699). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15067 |
|
SQL Injection in sqli (CVE-2026-15067)
SQL injection in sqli (CVE-2026-15067). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15062 |
|
SQL Injection in sqli (CVE-2026-15062)
SQL injection in sqli (CVE-2026-15062). Confidential information can be exposed externally.
|
| CVE-2026-24697 |
|
OS Command Injection in CVE-2026-24697 (CVE-2026-24697)
OS command injection in CVE-2026-24697 (CVE-2026-24697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10699 |
|
Vulnerability in CVE-2026-10699 (CVE-2026-10699)
vulnerability in CVE-2026-10699 (CVE-2026-10699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11903 |
|
Cross-Site Scripting (XSS) in CVE-2026-11903 (CVE-2026-11903)
cross-site scripting in CVE-2026-11903 (CVE-2026-11903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15036 |
|
Vulnerability in CVE-2026-15036 (CVE-2026-15036)
vulnerability in CVE-2026-15036 (CVE-2026-15036). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60092 |
|
Cross-Site Scripting (XSS) in CVE-2026-60092 (CVE-2026-60092)
cross-site scripting in CVE-2026-60092 (CVE-2026-60092). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
|
| CVE-2026-60124 |
|
Vulnerability in CVE-2026-60124 (CVE-2026-60124)
vulnerability in CVE-2026-60124 (CVE-2026-60124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60125 |
|
Authorization Flaw in CVE-2026-60125 (CVE-2026-60125)
vulnerability in CVE-2026-60125 (CVE-2026-60125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58654 |
|
Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2026-59257 |
|
SQL Injection in sqli (CVE-2026-59257)
SQL injection in sqli (CVE-2026-59257). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58657 |
|
Cross-Site Scripting (XSS) in CVE-2026-58657 (CVE-2026-58657)
cross-site scripting in CVE-2026-58657 (CVE-2026-58657). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.0` or later.
|
| CVE-2026-58480 |
|
Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56401 |
|
Vulnerability in dos (CVE-2026-56401)
vulnerability in dos (CVE-2026-56401). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56778 |
|
Authorization Flaw in n8n (CVE-2026-56778)
vulnerability in n8n (CVE-2026-56778). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56775 |
|
Authorization Flaw in n8n (CVE-2026-56775)
vulnerability in n8n (CVE-2026-56775). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54061 |
|
Vulnerability in CVE-2026-54061 (CVE-2026-54061)
vulnerability in CVE-2026-54061 (CVE-2026-54061). Data can be tampered with by attackers. Exploitable via ``StreamExtSnapshot``.
|
| CVE-2026-8315 |
|
Cross-Site Scripting (XSS) in CVE-2026-8315 (CVE-2026-8315)
cross-site scripting in CVE-2026-8315 (CVE-2026-8315). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8310 |
|
Cross-Site Scripting (XSS) in CVE-2026-8310 (CVE-2026-8310)
cross-site scripting in CVE-2026-8310 (CVE-2026-8310). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8307 |
|
SQL Injection in sqli (CVE-2026-8307)
SQL injection in sqli (CVE-2026-8307). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6820 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6459 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6459)
cross-site scripting in wordpress (CVE-2026-6459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6740 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6740)
cross-site scripting in wordpress (CVE-2026-6740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5356 |
|
Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
|
| CVE-2026-12002 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6230 |
|
SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
|
| CVE-2026-6854 |
|
SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
|
| CVE-2026-6742 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6742)
cross-site scripting in wordpress (CVE-2026-6742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6371 |
|
Cross-Site Scripting (XSS) in CVE-2026-6371 (CVE-2026-6371)
cross-site scripting in CVE-2026-6371 (CVE-2026-6371). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6818 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12936 |
|
SQL Injection in wordpress (CVE-2026-12936)
SQL injection in wordpress (CVE-2026-12936). Confidential information can be exposed externally.
|
| CVE-2026-14250 |
|
Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41042 |
|
Vulnerability in apache (CVE-2026-41042)
vulnerability in apache (CVE-2026-41042). Confidential information can be exposed externally.
|
| CVE-2025-14785 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-14785)
cross-site scripting in wordpress (CVE-2025-14785). Risk of unauthorized operations or information disclosure. Exploitable via ``seedprodnestedmenuwidget``.
|
| CVE-2026-15041 |
|
Vulnerability in CVE-2026-15041 (CVE-2026-15041)
vulnerability in CVE-2026-15041 (CVE-2026-15041). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56003 |
|
Vulnerability in CVE-2026-56003 (CVE-2026-56003)
vulnerability in CVE-2026-56003 (CVE-2026-56003). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56002 |
|
Vulnerability in CVE-2026-56002 (CVE-2026-56002)
vulnerability in CVE-2026-56002 (CVE-2026-56002). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57260 |
|
Out-of-Bounds Write in CVE-2026-57260 (CVE-2026-57260)
out-of-bounds write in CVE-2026-57260 (CVE-2026-57260). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57258 |
|
Out-of-Bounds Read in CVE-2026-57258 (CVE-2026-57258)
vulnerability in CVE-2026-57258 (CVE-2026-57258). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57259 |
|
XXE (XML External Entity) in CVE-2026-57259 (CVE-2026-57259)
vulnerability in CVE-2026-57259 (CVE-2026-57259). Confidential information can be exposed externally.
|
| CVE-2026-57253 |
|
Out-of-Bounds Read in CVE-2026-57253 (CVE-2026-57253)
vulnerability in CVE-2026-57253 (CVE-2026-57253). Risk of unauthorized operations or information disclosure.
|