Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56968 |
|
Vulnerability in gnu (CVE-2026-56968)
vulnerability in gnu (CVE-2026-56968). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56115 |
|
Vulnerability in c (CVE-2026-56115)
vulnerability in c (CVE-2026-56115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56114 |
|
Out-of-Bounds Write in c (CVE-2026-56114)
out-of-bounds write in c (CVE-2026-56114). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56117 |
|
Use-After-Free in c (CVE-2026-56117)
vulnerability in c (CVE-2026-56117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56113 |
|
Use-After-Free in dhcpcd-project (CVE-2026-56113)
vulnerability in dhcpcd-project (CVE-2026-56113). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44960 |
|
Cross-Site Scripting (XSS) in CVE-2026-44960 (CVE-2026-44960)
cross-site scripting in CVE-2026-44960 (CVE-2026-44960). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44959 |
|
Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44961 |
|
Authentication Bypass in CVE-2026-44961 (CVE-2026-44961)
authentication bypass in CVE-2026-44961 (CVE-2026-44961). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44958 |
|
Vulnerability in CVE-2026-44958 (CVE-2026-44958)
vulnerability in CVE-2026-44958 (CVE-2026-44958). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44957 |
|
Vulnerability in CVE-2026-44957 (CVE-2026-44957)
vulnerability in CVE-2026-44957 (CVE-2026-44957). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44956 |
|
Cross-Site Scripting (XSS) in CVE-2026-44956 (CVE-2026-44956)
cross-site scripting in CVE-2026-44956 (CVE-2026-44956). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34917 |
|
Authentication Bypass in CVE-2026-34917 (CVE-2026-34917)
authentication bypass in CVE-2026-34917 (CVE-2026-34917). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34916 |
|
Code Injection in CVE-2026-34916 (CVE-2026-34916)
code injection in CVE-2026-34916 (CVE-2026-34916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34912 |
|
Vulnerability in CVE-2026-34912 (CVE-2026-34912)
vulnerability in CVE-2026-34912 (CVE-2026-34912). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34913 |
|
Vulnerability in CVE-2026-34913 (CVE-2026-34913)
vulnerability in CVE-2026-34913 (CVE-2026-34913). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34915 |
|
Cross-Site Scripting (XSS) in sqli (CVE-2026-34915)
cross-site scripting in sqli (CVE-2026-34915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34914 |
|
SQL Injection in sqli (CVE-2026-34914)
SQL injection in sqli (CVE-2026-34914). Data can be tampered with by attackers.
|
| CVE-2026-13007 |
|
Vulnerability in CVE-2026-13007 (CVE-2026-13007)
vulnerability in CVE-2026-13007 (CVE-2026-13007). Confidential information can be exposed externally.
|
| CVE-2026-11940 |
|
Path Traversal in CVE-2026-11940 (CVE-2026-11940)
path traversal in CVE-2026-11940 (CVE-2026-11940). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61020 |
|
SQL Injection in dos (CVE-2025-61020)
SQL injection in dos (CVE-2025-61020). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61021 |
|
SQL Injection in dos (CVE-2025-61021)
SQL injection in dos (CVE-2025-61021). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61022 |
|
SQL Injection in dos (CVE-2025-61022)
SQL injection in dos (CVE-2025-61022). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61023 |
|
SQL Injection in dos (CVE-2025-61023)
SQL injection in dos (CVE-2025-61023). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61025 |
|
SQL Injection in dos (CVE-2025-61025)
SQL injection in dos (CVE-2025-61025). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61027 |
|
SQL Injection in dos (CVE-2025-61027)
SQL injection in dos (CVE-2025-61027). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61028 |
|
SQL Injection in dos (CVE-2025-61028)
SQL injection in dos (CVE-2025-61028). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61018 |
|
SQL Injection in dos (CVE-2025-61018)
SQL injection in dos (CVE-2025-61018). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61019 |
|
SQL Injection in dos (CVE-2025-61019)
SQL injection in dos (CVE-2025-61019). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13162 |
|
Vulnerability in CVE-2025-13162 (CVE-2025-13162)
vulnerability in CVE-2025-13162 (CVE-2025-13162). Data can be tampered with by attackers.
|
| CVE-2026-52815 |
|
Information Disclosure in gogs.io/gogs (CVE-2026-52815)
vulnerability in gogs.io/gogs (CVE-2026-52815). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/orgs/`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52814 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52814)
vulnerability in gogs.io/gogs (CVE-2026-52814). Risk of unauthorized operations or information disclosure. Exploitable via ``net.Conn``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52813 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52813)
vulnerability in gogs.io/gogs (CVE-2026-52813). Successful exploitation can lead to full system takeover. Exploitable via ``hooks``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52812 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52812)
vulnerability in gogs.io/gogs (CVE-2026-52812). Risk of unauthorized operations or information disclosure. Exploitable via ``lfs_object``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52811 |
|
Path Traversal in gogs.io/gogs (CVE-2026-52811)
path traversal in gogs.io/gogs (CVE-2026-52811). Risk of unauthorized operations or information disclosure. Exploitable via `GET /user/login`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-12957 |
|
Vulnerability in Amazon aws (CVE-2026-12957)
vulnerability in Amazon aws (CVE-2026-12957). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52810 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52810)
vulnerability in gogs.io/gogs (CVE-2026-52810). Risk of unauthorized operations or information disclosure. Exploitable via ``service``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52809 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52809)
vulnerability in gogs.io/gogs (CVE-2026-52809). Confidential information can be exposed externally. Exploitable via `POST /user/forget_password`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52808 |
|
Privilege Escalation in gogs.io/gogs (CVE-2026-52808)
vulnerability in gogs.io/gogs (CVE-2026-52808). Data can be tampered with by attackers. Exploitable via `PATCH /api/v1/repos/`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52807 |
|
Cross-Site Scripting (XSS) in gogs.io/gogs (CVE-2026-52807)
cross-site scripting in gogs.io/gogs (CVE-2026-52807). Risk of unauthorized operations or information disclosure. Exploitable via ``preserveHTML``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52806 |
|
Command Injection in gogs.io/gogs (CVE-2026-52806)
command injection in gogs.io/gogs (CVE-2026-52806). Successful exploitation can lead to full system takeover. Exploitable via ``b53d3162``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52805 |
|
SSRF (Server-Side Request Forgery) in gogs.io/gogs (CVE-2026-52805)
SSRF in gogs.io/gogs (CVE-2026-52805). Confidential information can be exposed externally. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-1840 |
|
Vulnerability in cisa (CVE-2026-1840)
vulnerability in cisa (CVE-2026-1840). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52804 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52804)
vulnerability in gogs.io/gogs (CVE-2026-52804). Risk of unauthorized operations or information disclosure. Exploitable via `POST /{owner}/{repo}/settings/collaboration/access_mode`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52802 |
|
Open Redirect in gogs.io/gogs (CVE-2026-52802)
vulnerability in gogs.io/gogs (CVE-2026-52802). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-56694 |
|
Authorization Flaw in privilege-escalation (CVE-2026-56694)
vulnerability in privilege-escalation (CVE-2026-56694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56696 |
|
Vulnerability in CVE-2026-56696 (CVE-2026-56696)
vulnerability in CVE-2026-56696 (CVE-2026-56696). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56695 |
|
Vulnerability in CVE-2026-56695 (CVE-2026-56695)
vulnerability in CVE-2026-56695 (CVE-2026-56695). Confidential information can be exposed externally.
|
| CVE-2026-56402 |
|
Vulnerability in privilege-escalation (CVE-2026-56402)
vulnerability in privilege-escalation (CVE-2026-56402). Data can be tampered with by attackers.
|
| CVE-2026-56692 |
|
Vulnerability in CVE-2026-56692 (CVE-2026-56692)
vulnerability in CVE-2026-56692 (CVE-2026-56692). Confidential information can be exposed externally.
|
| CVE-2026-52673 |
|
SQL Injection in sqli (CVE-2026-52673)
SQL injection in sqli (CVE-2026-52673). Confidential information can be exposed externally.
|