Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-13749 Code Injection in snowflake (CVE-2026-13749)
code injection in snowflake (CVE-2026-13749). Successful exploitation can lead to full system takeover.
CVE-2026-13746 SQL Injection in snowflake (CVE-2026-13746)
SQL injection in snowflake (CVE-2026-13746). Risk of unauthorized operations or information disclosure.
CVE-2026-13744 SQL Injection in snowflake (CVE-2026-13744)
SQL injection in snowflake (CVE-2026-13744). Successful exploitation can lead to full system takeover.
CVE-2026-41052 Vulnerability in github.com/rancher/rancher (CVE-2026-41052)
vulnerability in github.com/rancher/rancher (CVE-2026-41052). Successful exploitation can lead to full system takeover. Exploitable via ``privileged``. Mitigation: upgrade to `0.0.0-20260513182521-2800aaac25b5` or later.
CVE-2026-13750 Vulnerability in snowflake (CVE-2026-13750)
vulnerability in snowflake (CVE-2026-13750). Confidential information can be exposed externally.
CVE-2026-13742 Vulnerability in CVE-2026-13742 (CVE-2026-13742)
vulnerability in CVE-2026-13742 (CVE-2026-13742). Risk of unauthorized operations or information disclosure.
CVE-2026-13587 Buffer Overflow in c (CVE-2026-13587)
vulnerability in c (CVE-2026-13587). Risk of unauthorized operations or information disclosure.
CVE-2026-13583 Buffer Overflow in CVE-2026-13583 (CVE-2026-13583)
vulnerability in CVE-2026-13583 (CVE-2026-13583). Successful exploitation can lead to full system takeover.
CVE-2026-13582 Buffer Overflow in CVE-2026-13582 (CVE-2026-13582)
vulnerability in CVE-2026-13582 (CVE-2026-13582). Successful exploitation can lead to full system takeover.
CVE-2026-13580 Buffer Overflow in CVE-2026-13580 (CVE-2026-13580)
vulnerability in CVE-2026-13580 (CVE-2026-13580). Successful exploitation can lead to full system takeover.
CVE-2026-13581 Command Injection in CVE-2026-13581 (CVE-2026-13581)
command injection in CVE-2026-13581 (CVE-2026-13581). Risk of unauthorized operations or information disclosure.
CVE-2026-57320 Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.
Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.
CVE-2026-57326 Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
CVE-2026-57328 Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
CVE-2026-57333 Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
CVE-2026-57337 Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
CVE-2026-57336 Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
CVE-2026-57329 Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.
Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.
CVE-2026-57330 Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.
Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.
CVE-2026-57338 Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
CVE-2026-56124 Vulnerability in CVE-2026-56124 (CVE-2026-56124)
vulnerability in CVE-2026-56124 (CVE-2026-56124). Confidential information can be exposed externally.
CVE-2026-57334 Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
CVE-2026-57339 Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
CVE-2026-57340 Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
CVE-2026-57327 Subscriber Broken Access Control in MainWP <= 6.1.1 versions.
Subscriber Broken Access Control in MainWP <= 6.1.1 versions.
CVE-2026-57335 Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
CVE-2026-57332 Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
CVE-2026-57331 Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions.
Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions.
CVE-2026-56290 KEV [KEV] Unrestricted File Upload in Joomlack page-builder-ck (CVE-2026-56290)
vulnerability in Joomlack page-builder-ck (CVE-2026-56290). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-13573 Buffer Overflow in cpp (CVE-2026-13573)
vulnerability in cpp (CVE-2026-13573). Risk of unauthorized operations or information disclosure.
CVE-2026-13574 Buffer Overflow in cpp (CVE-2026-13574)
vulnerability in cpp (CVE-2026-13574). Risk of unauthorized operations or information disclosure.
CVE-2026-49049 Vulnerability in ollyo (CVE-2026-49049)
vulnerability in ollyo (CVE-2026-49049). Data can be tampered with by attackers.
CVE-2026-13579 Vulnerability in sqli (CVE-2026-13579)
vulnerability in sqli (CVE-2026-13579). Risk of unauthorized operations or information disclosure.
CVE-2026-13578 Vulnerability in sqli (CVE-2026-13578)
vulnerability in sqli (CVE-2026-13578). Risk of unauthorized operations or information disclosure.
CVE-2026-13572 Vulnerability in sqli (CVE-2026-13572)
vulnerability in sqli (CVE-2026-13572). Risk of unauthorized operations or information disclosure.
CVE-2026-55607 Path Traversal in anthropic (CVE-2026-55607)
path traversal in anthropic (CVE-2026-55607). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.1.163` or later.
CVE-2026-56457 Vulnerability in hcltechsw (CVE-2026-56457)
vulnerability in hcltechsw (CVE-2026-56457). Risk of unauthorized operations or information disclosure.
CVE-2026-54371 Vulnerability in privilege-escalation (CVE-2026-54371)
vulnerability in privilege-escalation (CVE-2026-54371). Confidential information can be exposed externally.
CVE-2026-54369 Vulnerability in privilege-escalation (CVE-2026-54369)
vulnerability in privilege-escalation (CVE-2026-54369). Confidential information can be exposed externally.
CVE-2026-54370 Vulnerability in privilege-escalation (CVE-2026-54370)
vulnerability in privilege-escalation (CVE-2026-54370). Confidential information can be exposed externally.
CVE-2026-40524 SQL Injection in sqli (CVE-2026-40524)
SQL injection in sqli (CVE-2026-40524). Confidential information can be exposed externally.
CVE-2026-40523 SQL Injection in sqli (CVE-2026-40523)
SQL injection in sqli (CVE-2026-40523). Confidential information can be exposed externally.
CVE-2026-40522 SQL Injection in sqli (CVE-2026-40522)
SQL injection in sqli (CVE-2026-40522). Confidential information can be exposed externally.
CVE-2026-40521 Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
CVE-2026-13568 Vulnerability in CVE-2026-13568 (CVE-2026-13568)
vulnerability in CVE-2026-13568 (CVE-2026-13568). Risk of unauthorized operations or information disclosure.
CVE-2026-13569 Vulnerability in sqli (CVE-2026-13569)
vulnerability in sqli (CVE-2026-13569). Risk of unauthorized operations or information disclosure.
CVE-2026-13567 Cross-Site Scripting (XSS) in CVE-2026-13567 (CVE-2026-13567)
cross-site scripting in CVE-2026-13567 (CVE-2026-13567). Risk of unauthorized operations or information disclosure.
CVE-2026-13570 Cross-Site Scripting (XSS) in CVE-2026-13570 (CVE-2026-13570)
cross-site scripting in CVE-2026-13570 (CVE-2026-13570). Risk of unauthorized operations or information disclosure.
CVE-2026-13676 Vulnerability in openjsf (CVE-2026-13676)
vulnerability in openjsf (CVE-2026-13676). Data can be tampered with by attackers.
CVE-2026-13566 Vulnerability in sqli (CVE-2026-13566)
vulnerability in sqli (CVE-2026-13566). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →