Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-3472 |
|
Vulnerability in mattermost (CVE-2026-3472)
vulnerability in mattermost (CVE-2026-3472). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64637 |
|
Unauthenticated Content Injection in Auros Core <= 5.3.1 versions.
Unauthenticated Content Injection in Auros Core <= 5.3.1 versions.
|
| CVE-2026-45256 |
|
Privilege Escalation in dos (CVE-2026-45256)
vulnerability in dos (CVE-2026-45256). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54833 |
|
Unauthenticated Backdoor in Enable CORS <= 2.0.3 versions.
Unauthenticated Backdoor in Enable CORS <= 2.0.3 versions.
|
| CVE-2026-54824 |
|
Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions.
Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions.
|
| CVE-2026-54820 |
|
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
|
| CVE-2026-54827 |
|
Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions.
Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions.
|
| CVE-2026-54831 |
|
Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions.
Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions.
|
| CVE-2026-54825 |
|
Unauthenticated SQL Injection in wpDataTables <= 7.4 versions.
Unauthenticated SQL Injection in wpDataTables <= 7.4 versions.
|
| CVE-2026-56011 |
|
Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
|
| CVE-2025-68075 |
|
Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions.
Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions.
|
| CVE-2025-68074 |
|
Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions.
Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions.
|
| CVE-2026-24547 |
|
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
|
| CVE-2025-64636 |
|
Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.
Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.
|
| CVE-2025-63041 |
|
Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.
Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions.
|
| CVE-2025-63079 |
|
Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.
Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.
|
| CVE-2025-63078 |
|
Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.
Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions.
|
| CVE-2026-57940 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57940)
SSRF in ssrf (CVE-2026-57940). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-30040 |
|
Vulnerability in CVE-2026-30040 (CVE-2026-30040)
vulnerability in CVE-2026-30040 (CVE-2026-30040). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57926 |
|
Vulnerability in jetbrains (CVE-2026-57926)
vulnerability in jetbrains (CVE-2026-57926). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-68063 |
|
Vulnerability in wordpress (CVE-2025-68063)
vulnerability in wordpress (CVE-2025-68063). Successful exploitation can lead to full system takeover.
|
| CVE-2025-68064 |
|
Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions.
Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions.
|
| CVE-2025-68052 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
|
| CVE-2026-57915 |
|
Vulnerability in apache (CVE-2026-57915)
vulnerability in apache (CVE-2026-57915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57924 |
|
Vulnerability in jetbrains (CVE-2026-57924)
vulnerability in jetbrains (CVE-2026-57924). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40711 |
|
OS Command Injection in CVE-2026-40711 (CVE-2026-40711)
OS command injection in CVE-2026-40711 (CVE-2026-40711). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53914 |
|
Unsafe Deserialization in deserialization (CVE-2026-53914)
vulnerability in deserialization (CVE-2026-53914). Confidential information can be exposed externally.
|
| CVE-2026-57923 |
|
Vulnerability in jetbrains (CVE-2026-57923)
vulnerability in jetbrains (CVE-2026-57923). Data can be tampered with by attackers.
|
| CVE-2026-57925 |
|
Vulnerability in jetbrains (CVE-2026-57925)
vulnerability in jetbrains (CVE-2026-57925). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57922 |
|
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
|
| CVE-2026-57921 |
|
Vulnerability in jetbrains (CVE-2026-57921)
vulnerability in jetbrains (CVE-2026-57921). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64152 |
|
Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
|
| CVE-2025-55017 |
|
Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
|
| CVE-2026-13426 |
|
Path Traversal in c (CVE-2026-13426)
path traversal in c (CVE-2026-13426). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45257 |
|
Vulnerability in freebsd (CVE-2026-45257)
vulnerability in freebsd (CVE-2026-45257). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57918 |
|
Vulnerability in c (CVE-2026-57918)
vulnerability in c (CVE-2026-57918). Confidential information can be exposed externally.
|
| CVE-2026-57914 |
|
Vulnerability in apache (CVE-2026-57914)
vulnerability in apache (CVE-2026-57914). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57620 |
|
Cross-Site Scripting (XSS) in CVE-2026-57620 (CVE-2026-57620)
cross-site scripting in CVE-2026-57620 (CVE-2026-57620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57473 |
|
Vulnerability in CVE-2026-57473 (CVE-2026-57473)
vulnerability in CVE-2026-57473 (CVE-2026-57473). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6658 |
|
Cross-Site Scripting (XSS) in CVE-2026-6658 (CVE-2026-6658)
cross-site scripting in CVE-2026-6658 (CVE-2026-6658). Risk of unauthorized operations or information disclosure. Exploitable via ``data_mermaid``.
|
| CVE-2026-13325 |
|
Vulnerability in kubevirt (CVE-2026-13325)
vulnerability in kubevirt (CVE-2026-13325). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7958 |
|
Code Injection in CVE-2025-7958 (CVE-2025-7958)
code injection in CVE-2025-7958 (CVE-2025-7958). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1869 |
|
Vulnerability in wordpress (CVE-2026-1869)
vulnerability in wordpress (CVE-2026-1869). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57877 |
|
Vulnerability in dos (CVE-2026-57877)
vulnerability in dos (CVE-2026-57877). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57880 |
|
Vulnerability in dos (CVE-2026-57880)
vulnerability in dos (CVE-2026-57880). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57881 |
|
Vulnerability in dos (CVE-2026-57881)
vulnerability in dos (CVE-2026-57881). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57878 |
|
Vulnerability in dos (CVE-2026-57878)
vulnerability in dos (CVE-2026-57878). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57879 |
|
Vulnerability in dos (CVE-2026-57879)
vulnerability in dos (CVE-2026-57879). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57874 |
|
Vulnerability in dos (CVE-2026-57874)
vulnerability in dos (CVE-2026-57874). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2053 |
|
SSRF (Server-Side Request Forgery) in wso2 (CVE-2026-2053)
SSRF in wso2 (CVE-2026-2053). Risk of unauthorized operations or information disclosure.
|