Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-42143 |
|
OS Command Injection in CVE-2026-42143 (CVE-2026-42143)
OS command injection in CVE-2026-42143 (CVE-2026-42143). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34152 |
|
OS Command Injection in CVE-2026-34152 (CVE-2026-34152)
OS command injection in CVE-2026-34152 (CVE-2026-34152). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34168 |
|
OS Command Injection in CVE-2026-34168 (CVE-2026-34168)
OS command injection in CVE-2026-34168 (CVE-2026-34168). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34171 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-34171 (CVE-2026-34171)
vulnerability in CVE-2026-34171 (CVE-2026-34171). Confidential information can be exposed externally. Exploitable via `GET /invitations/{uuid}`.
|
| CVE-2026-34170 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-34170 (CVE-2026-34170)
SSRF in CVE-2026-34170 (CVE-2026-34170). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34058 |
|
OS Command Injection in CVE-2026-34058 (CVE-2026-34058)
OS command injection in CVE-2026-34058 (CVE-2026-34058). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34149 |
|
OS Command Injection in CVE-2026-34149 (CVE-2026-34149)
OS command injection in CVE-2026-34149 (CVE-2026-34149). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34057 |
|
OS Command Injection in CVE-2026-34057 (CVE-2026-34057)
OS command injection in CVE-2026-34057 (CVE-2026-34057). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34047 |
|
Authorization Flaw in CVE-2026-34047 (CVE-2026-34047)
vulnerability in CVE-2026-34047 (CVE-2026-34047). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34048 |
|
Vulnerability in CVE-2026-34048 (CVE-2026-34048)
vulnerability in CVE-2026-34048 (CVE-2026-34048). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34034 |
|
OS Command Injection in CVE-2026-34034 (CVE-2026-34034)
OS command injection in CVE-2026-34034 (CVE-2026-34034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34035 |
|
OS Command Injection in CVE-2026-34035 (CVE-2026-34035)
OS command injection in CVE-2026-34035 (CVE-2026-34035). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11328 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11328)
cross-site scripting in wordpress (CVE-2026-11328). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13356 |
|
Vulnerability in mozilla (CVE-2026-13356)
vulnerability in mozilla (CVE-2026-13356). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53648 |
|
Vulnerability in CVE-2026-53648 (CVE-2026-53648)
vulnerability in CVE-2026-53648 (CVE-2026-53648). Risk of unauthorized operations or information disclosure. Exploitable via ``servicedownloadable.manage``.
|
| CVE-2026-53647 |
|
Information Disclosure in CVE-2026-53647 (CVE-2026-53647)
vulnerability in CVE-2026-53647 (CVE-2026-53647). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53642 |
|
Authorization Flaw in CVE-2026-53642 (CVE-2026-53642)
vulnerability in CVE-2026-53642 (CVE-2026-53642). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53643 |
|
Information Disclosure in c (CVE-2026-53643)
vulnerability in c (CVE-2026-53643). Risk of unauthorized operations or information disclosure. Exploitable via ``can_always_access``.
|
| CVE-2026-53645 |
|
Privilege Escalation in privilege-escalation (CVE-2026-53645)
vulnerability in privilege-escalation (CVE-2026-53645). Risk of unauthorized operations or information disclosure. Exploitable via ``staff.create_and_edit_staff``.
|
| CVE-2026-53640 |
|
Information Disclosure in CVE-2026-53640 (CVE-2026-53640)
vulnerability in CVE-2026-53640 (CVE-2026-53640). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53641 |
|
Cross-Site Scripting (XSS) in CVE-2026-53641 (CVE-2026-53641)
cross-site scripting in CVE-2026-53641 (CVE-2026-53641). Risk of unauthorized operations or information disclosure. Exploitable via ``content_html``.
|
| CVE-2026-59710 |
|
Cross-Site Scripting (XSS) in CVE-2026-59710 (CVE-2026-59710)
cross-site scripting in CVE-2026-59710 (CVE-2026-59710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43927 |
|
Vulnerability in CVE-2026-43927 (CVE-2026-43927)
vulnerability in CVE-2026-43927 (CVE-2026-43927). Risk of unauthorized operations or information disclosure. Exploitable via ``promo``.
|
| CVE-2026-43928 |
|
Vulnerability in CVE-2026-43928 (CVE-2026-43928)
vulnerability in CVE-2026-43928 (CVE-2026-43928). Risk of unauthorized operations or information disclosure. Exploitable via ``mc_gross``.
|
| CVE-2026-41899 |
|
Vulnerability in CVE-2026-41899 (CVE-2026-41899)
vulnerability in CVE-2026-41899 (CVE-2026-41899). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/feedback`.
|
| CVE-2026-43921 |
|
Code Injection in CVE-2026-43921 (CVE-2026-43921)
code injection in CVE-2026-43921 (CVE-2026-43921). Risk of unauthorized operations or information disclosure. Exploitable via ``config.php``.
|
| CVE-2026-42204 |
|
OS Command Injection in CVE-2026-42204 (CVE-2026-42204)
OS command injection in CVE-2026-42204 (CVE-2026-42204). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42153 |
|
OS Command Injection in CVE-2026-42153 (CVE-2026-42153)
OS command injection in CVE-2026-42153 (CVE-2026-42153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42148 |
|
OS Command Injection in CVE-2026-42148 (CVE-2026-42148)
OS command injection in CVE-2026-42148 (CVE-2026-42148). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34599 |
|
OS Command Injection in CVE-2026-34599 (CVE-2026-34599)
OS command injection in CVE-2026-34599 (CVE-2026-34599). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34153 |
|
OS Command Injection in CVE-2026-34153 (CVE-2026-34153)
OS command injection in CVE-2026-34153 (CVE-2026-34153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34049 |
|
OS Command Injection in CVE-2026-34049 (CVE-2026-34049)
OS command injection in CVE-2026-34049 (CVE-2026-34049). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-38976 |
|
Vulnerability in c (CVE-2026-38976)
vulnerability in c (CVE-2026-38976). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34050 |
|
Vulnerability in CVE-2026-34050 (CVE-2026-34050)
vulnerability in CVE-2026-34050 (CVE-2026-34050). Data can be tampered with by attackers.
|
| CVE-2026-32718 |
|
Authorization Flaw in CVE-2026-32718 (CVE-2026-32718)
vulnerability in CVE-2026-32718 (CVE-2026-32718). Data can be tampered with by attackers.
|
| CVE-2026-55727 |
|
Authentication Bypass in CVE-2026-55727 (CVE-2026-55727)
authentication bypass in CVE-2026-55727 (CVE-2026-55727). Confidential information can be exposed externally.
|
| CVE-2026-59711 |
|
Cross-Site Scripting (XSS) in CVE-2026-59711 (CVE-2026-59711)
cross-site scripting in CVE-2026-59711 (CVE-2026-59711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59713 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59713)
vulnerability in csrf (CVE-2026-59713). Confidential information can be exposed externally.
|
| CVE-2026-25271 |
|
Vulnerability in qualcomm (CVE-2026-25271)
vulnerability in qualcomm (CVE-2026-25271). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25268 |
|
Vulnerability in qualcomm (CVE-2026-25268)
vulnerability in qualcomm (CVE-2026-25268). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21368 |
|
Out-of-Bounds Write in qualcomm (CVE-2026-21368)
out-of-bounds write in qualcomm (CVE-2026-21368). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21369 |
|
Out-of-Bounds Write in qualcomm (CVE-2026-21369)
out-of-bounds write in qualcomm (CVE-2026-21369). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21370 |
|
Out-of-Bounds Write in qualcomm (CVE-2026-21370)
out-of-bounds write in qualcomm (CVE-2026-21370). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21384 |
|
Out-of-Bounds Write in qualcomm (CVE-2026-21384)
out-of-bounds write in qualcomm (CVE-2026-21384). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48267 |
|
Vulnerability in CVE-2026-48267 (CVE-2026-48267)
vulnerability in CVE-2026-48267 (CVE-2026-48267). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14468 |
|
Path Traversal in CVE-2026-14468 (CVE-2026-14468)
path traversal in CVE-2026-14468 (CVE-2026-14468). Confidential information can be exposed externally.
|
| CVE-2025-59616 |
|
Use-After-Free in qualcomm (CVE-2025-59616)
vulnerability in qualcomm (CVE-2025-59616). Data can be tampered with by attackers.
|
| CVE-2025-59615 |
|
Use-After-Free in qualcomm (CVE-2025-59615)
vulnerability in qualcomm (CVE-2025-59615). Data can be tampered with by attackers.
|
| CVE-2025-59617 |
|
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
|
| CVE-2026-14471 |
|
SQL Injection in Amazon aws (CVE-2026-14471)
SQL injection in Amazon aws (CVE-2026-14471). Confidential information can be exposed externally.
|