Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-55838 Vulnerability in CVE-2026-55838 (CVE-2026-55838)
vulnerability in CVE-2026-55838 (CVE-2026-55838). Risk of unauthorized operations or information disclosure.
CVE-2026-55189 Vulnerability in CVE-2026-55189 (CVE-2026-55189)
vulnerability in CVE-2026-55189 (CVE-2026-55189). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-55188 Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-52785 SQL Injection in sqli (CVE-2026-52785)
SQL injection in sqli (CVE-2026-52785). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-52780 Vulnerability in CVE-2026-52780 (CVE-2026-52780)
vulnerability in CVE-2026-52780 (CVE-2026-52780). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-52781 Cross-Site Scripting (XSS) in CVE-2026-52781 (CVE-2026-52781)
cross-site scripting in CVE-2026-52781 (CVE-2026-52781). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-52779 Vulnerability in CVE-2026-52779 (CVE-2026-52779)
vulnerability in CVE-2026-52779 (CVE-2026-52779). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-52784 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-52784)
vulnerability in csrf (CVE-2026-52784). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-49355 Information Disclosure in CVE-2026-49355 (CVE-2026-49355)
vulnerability in CVE-2026-49355 (CVE-2026-49355). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v3/meetings/`. Mitigation: upgrade to `17.4.0` or later.
CVE-2026-49991 Path Traversal in path-traversal (CVE-2026-49991)
path traversal in path-traversal (CVE-2026-49991). Data can be tampered with by attackers.
CVE-2026-46386 Unsafe Deserialization in rails (CVE-2026-46386)
vulnerability in rails (CVE-2026-46386). Successful exploitation can lead to full system takeover.
CVE-2026-47193 Information Disclosure in CVE-2026-47193 (CVE-2026-47193)
vulnerability in CVE-2026-47193 (CVE-2026-47193). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-44735 Authorization Flaw in CVE-2026-44735 (CVE-2026-44735)
vulnerability in CVE-2026-44735 (CVE-2026-44735). Confidential information can be exposed externally. Exploitable via `GET /api/v3/shares`. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-44734 Vulnerability in CVE-2026-44734 (CVE-2026-44734)
vulnerability in CVE-2026-44734 (CVE-2026-44734). Data can be tampered with by attackers. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-44736 Information Disclosure in CVE-2026-44736 (CVE-2026-44736)
vulnerability in CVE-2026-44736 (CVE-2026-44736). Confidential information can be exposed externally. Exploitable via `GET /api/v3/relations`. Mitigation: upgrade to `17.4.0` or later.
CVE-2026-44696 Cross-Site Scripting (XSS) in CVE-2026-44696 (CVE-2026-44696)
cross-site scripting in CVE-2026-44696 (CVE-2026-44696). Data can be tampered with by attackers. Mitigation: upgrade to `17.4.0` or later.
CVE-2026-54753 Vulnerability in CVE-2026-54753 (CVE-2026-54753)
vulnerability in CVE-2026-54753 (CVE-2026-54753). Confidential information can be exposed externally. Mitigation: upgrade to `22.7.2` or later.
CVE-2026-48090 Use-After-Free in dos (CVE-2026-48090)
vulnerability in dos (CVE-2026-48090). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-47220 Vulnerability in envoyproxy (CVE-2026-47220)
vulnerability in envoyproxy (CVE-2026-47220). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-47205 Use-After-Free in envoyproxy (CVE-2026-47205)
vulnerability in envoyproxy (CVE-2026-47205). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.36.9` or later.
CVE-2026-56876 Path Traversal in max-mapper (CVE-2026-56876)
path traversal in max-mapper (CVE-2026-56876). Confidential information can be exposed externally.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2026-21734 Vulnerability in imaginationtech (CVE-2026-21734)
vulnerability in imaginationtech (CVE-2026-21734). Data can be tampered with by attackers.
CVE-2026-45195 Vulnerability in imaginationtech (CVE-2026-45195)
vulnerability in imaginationtech (CVE-2026-45195). Successful exploitation can lead to full system takeover.
CVE-2026-5757 Out-of-Bounds Read in ollama (CVE-2026-5757)
vulnerability in ollama (CVE-2026-5757). Confidential information can be exposed externally.
CVE-2026-13434 Vulnerability in kubevirt (CVE-2026-13434)
vulnerability in kubevirt (CVE-2026-13434). Risk of unauthorized operations or information disclosure.
CVE-2023-20572 Vulnerability in CVE-2023-20572 (CVE-2023-20572)
vulnerability in CVE-2023-20572 (CVE-2023-20572). Risk of unauthorized operations or information disclosure.
CVE-2023-20540 Vulnerability in CVE-2023-20540 (CVE-2023-20540)
vulnerability in CVE-2023-20540 (CVE-2023-20540). Risk of unauthorized operations or information disclosure.
CVE-2026-54341 Out-of-Bounds Read in dos (CVE-2026-54341)
vulnerability in dos (CVE-2026-54341). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.39.0` or later.
CVE-2026-48743 Vulnerability in envoyproxy (CVE-2026-48743)
vulnerability in envoyproxy (CVE-2026-48743). Data can be tampered with by attackers. Exploitable via `GET /pwn`. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48706 Vulnerability in envoyproxy (CVE-2026-48706)
vulnerability in envoyproxy (CVE-2026-48706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47778 Vulnerability in c (CVE-2026-47778)
vulnerability in c (CVE-2026-47778). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47692 Vulnerability in envoyproxy (CVE-2026-47692)
vulnerability in envoyproxy (CVE-2026-47692). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47775 Vulnerability in envoyproxy (CVE-2026-47775)
vulnerability in envoyproxy (CVE-2026-47775). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47221 Vulnerability in dos (CVE-2026-47221)
vulnerability in dos (CVE-2026-47221). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47204 Vulnerability in envoyproxy (CVE-2026-47204)
vulnerability in envoyproxy (CVE-2026-47204). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47206 Vulnerability in CVE-2026-47206 (CVE-2026-47206)
vulnerability in CVE-2026-47206 (CVE-2026-47206). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.39.9` or later.
CVE-2026-47207 Use-After-Free in envoyproxy (CVE-2026-47207)
vulnerability in envoyproxy (CVE-2026-47207). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-54636 OS Command Injection in dokku (CVE-2026-54636)
OS command injection in dokku (CVE-2026-54636). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.38.7` or later.
CVE-2026-56663 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-56663)
SSRF in ssrf (CVE-2026-56663). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.6.52` or later.
CVE-2026-55677 Path Traversal in CVE-2026-55677 (CVE-2026-55677)
path traversal in CVE-2026-55677 (CVE-2026-55677). Confidential information can be exposed externally. Mitigation: upgrade to `4.15.3` or later.
CVE-2026-56823 Vulnerability in CVE-2026-56823 (CVE-2026-56823)
vulnerability in CVE-2026-56823 (CVE-2026-56823). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/integrations/webhooks/{webhook_id}/ping`.
CVE-2026-57231 Information Disclosure in podman-project (CVE-2026-57231)
vulnerability in podman-project (CVE-2026-57231). Confidential information can be exposed externally. Mitigation: upgrade to `5.8.4` or later.
CVE-2026-45405 Vulnerability in dokku (CVE-2026-45405)
vulnerability in dokku (CVE-2026-45405). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.38.2` or later.
CVE-2026-45406 Vulnerability in dokku (CVE-2026-45406)
vulnerability in dokku (CVE-2026-45406). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.38.2` or later.
CVE-2026-45407 Vulnerability in dokku (CVE-2026-45407)
vulnerability in dokku (CVE-2026-45407). Confidential information can be exposed externally. Mitigation: upgrade to `0.38.2` or later.
CVE-2026-45408 OS Command Injection in dokku (CVE-2026-45408)
OS command injection in dokku (CVE-2026-45408). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.38.2` or later.
CVE-2026-28385 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-28385)
SSRF in ssrf (CVE-2026-28385). Risk of unauthorized operations or information disclosure.
CVE-2025-32423 Vulnerability in dos (CVE-2025-32423)
vulnerability in dos (CVE-2025-32423). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.32` or later.
CVE-2025-32394 Vulnerability in dos (CVE-2025-32394)
vulnerability in dos (CVE-2025-32394). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.32` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →