Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-15619 |
|
Vulnerability in CVE-2025-15619 (CVE-2025-15619)
vulnerability in CVE-2025-15619 (CVE-2025-15619). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55639 |
|
Vulnerability in c (CVE-2025-55639)
vulnerability in c (CVE-2025-55639). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35019 |
|
Vulnerability in CVE-2026-35019 (CVE-2026-35019)
vulnerability in CVE-2026-35019 (CVE-2026-35019). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28496 |
|
Vulnerability in CVE-2026-28496 (CVE-2026-28496)
vulnerability in CVE-2026-28496 (CVE-2026-28496). Risk of unauthorized operations or information disclosure. Exploitable via ``string_render``.
|
| CVE-2026-27604 |
|
Information Disclosure in csrf (CVE-2026-27604)
vulnerability in csrf (CVE-2026-27604). Risk of unauthorized operations or information disclosure. Exploitable via ``system``.
|
| CVE-2026-35018 |
|
OS Command Injection in CVE-2026-35018 (CVE-2026-35018)
OS command injection in CVE-2026-35018 (CVE-2026-35018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11772 |
|
Cross-Site Scripting (XSS) in CVE-2026-11772 (CVE-2026-11772)
cross-site scripting in CVE-2026-11772 (CVE-2026-11772). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12969 |
|
Out-of-Bounds Read in c (CVE-2026-12969)
vulnerability in c (CVE-2026-12969). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10609 |
|
Vulnerability in redhat (CVE-2026-10609)
vulnerability in redhat (CVE-2026-10609). Confidential information can be exposed externally.
|
| CVE-2026-56371 |
|
Vulnerability in c (CVE-2026-56371)
vulnerability in c (CVE-2026-56371). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56376 |
|
Use-After-Free in dos (CVE-2026-56376)
vulnerability in dos (CVE-2026-56376). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56701 |
|
XXE (XML External Entity) in CVE-2026-56701 (CVE-2026-56701)
vulnerability in CVE-2026-56701 (CVE-2026-56701). Confidential information can be exposed externally.
|
| CVE-2026-56762 |
|
Vulnerability in CVE-2026-56762 (CVE-2026-56762)
vulnerability in CVE-2026-56762 (CVE-2026-56762). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
|
| CVE-2026-56379 |
|
Vulnerability in imagemagick (CVE-2026-56379)
vulnerability in imagemagick (CVE-2026-56379). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56274 |
|
OS Command Injection in flowiseai (CVE-2026-56274)
OS command injection in flowiseai (CVE-2026-56274). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56301 |
|
Vulnerability in nuxt (CVE-2026-56301)
vulnerability in nuxt (CVE-2026-56301). Confidential information can be exposed externally.
|
| CVE-2026-56315 |
|
Vulnerability in CVE-2026-56315 (CVE-2026-56315)
vulnerability in CVE-2026-56315 (CVE-2026-56315). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56322 |
|
Information Disclosure in CVE-2026-56322 (CVE-2026-56322)
vulnerability in CVE-2026-56322 (CVE-2026-56322). Confidential information can be exposed externally.
|
| CVE-2026-56275 |
|
SSRF (Server-Side Request Forgery) in flowiseai (CVE-2026-56275)
SSRF in flowiseai (CVE-2026-56275). Confidential information can be exposed externally.
|
| CVE-2026-56248 |
|
Vulnerability in dos (CVE-2026-56248)
vulnerability in dos (CVE-2026-56248). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56258 |
|
Path Traversal in kidocode (CVE-2026-56258)
path traversal in kidocode (CVE-2026-56258). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56263 |
|
Cross-Site Scripting (XSS) in kidocode (CVE-2026-56263)
cross-site scripting in kidocode (CVE-2026-56263). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56243 |
|
Vulnerability in CVE-2026-56243 (CVE-2026-56243)
vulnerability in CVE-2026-56243 (CVE-2026-56243). Confidential information can be exposed externally.
|
| CVE-2026-56225 |
|
Privilege Escalation in CVE-2026-56225 (CVE-2026-56225)
vulnerability in CVE-2026-56225 (CVE-2026-56225). Confidential information can be exposed externally.
|
| CVE-2026-4610 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4610)
cross-site scripting in wordpress (CVE-2026-4610). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44089 |
|
Vulnerability in CVE-2026-44089 (CVE-2026-44089)
vulnerability in CVE-2026-44089 (CVE-2026-44089). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10711 |
|
Vulnerability in CVE-2026-10711 (CVE-2026-10711)
vulnerability in CVE-2026-10711 (CVE-2026-10711). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10857 |
|
Cross-Site Scripting (XSS) in CVE-2026-10857 (CVE-2026-10857)
cross-site scripting in CVE-2026-10857 (CVE-2026-10857). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71376 |
|
Unsafe Deserialization in CVE-2025-71376 (CVE-2025-71376)
vulnerability in CVE-2025-71376 (CVE-2025-71376). Confidential information can be exposed externally.
|
| CVE-2025-71370 |
|
Unsafe Deserialization in CVE-2025-71370 (CVE-2025-71370)
vulnerability in CVE-2025-71370 (CVE-2025-71370). Confidential information can be exposed externally.
|
| CVE-2025-71365 |
|
Unsafe Deserialization in CVE-2025-71365 (CVE-2025-71365)
vulnerability in CVE-2025-71365 (CVE-2025-71365). Confidential information can be exposed externally.
|
| CVE-2025-71341 |
|
Unsafe Deserialization in CVE-2025-71341 (CVE-2025-71341)
vulnerability in CVE-2025-71341 (CVE-2025-71341). Confidential information can be exposed externally.
|
| CVE-2023-54365 |
|
Vulnerability in traefik (CVE-2023-54365)
vulnerability in traefik (CVE-2023-54365). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4983 |
|
Cross-Site Scripting (XSS) in eclipse (CVE-2026-4983)
cross-site scripting in eclipse (CVE-2026-4983). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11374 |
|
Authentication Bypass in CVE-2026-11374 (CVE-2026-11374)
authentication bypass in CVE-2026-11374 (CVE-2026-11374). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10521 |
|
An high privileged remote attacker can access a hidden configuration method, that should not be...
An high privileged remote attacker can access a hidden configuration method, that should not be...
|
| CVE-2026-12866 |
|
Code Injection in CVE-2026-12866 (CVE-2026-12866)
code injection in CVE-2026-12866 (CVE-2026-12866). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55654 |
|
Out-of-Bounds Read in dos (CVE-2026-55654)
vulnerability in dos (CVE-2026-55654). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55655 |
|
Vulnerability in openbsd (CVE-2026-55655)
vulnerability in openbsd (CVE-2026-55655). Confidential information can be exposed externally.
|
| CVE-2026-55653 |
|
Vulnerability in dos (CVE-2026-55653)
vulnerability in dos (CVE-2026-55653). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10651 |
|
Vulnerability in c (CVE-2026-10651)
vulnerability in c (CVE-2026-10651). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10645 |
|
Out-of-Bounds Read in c (CVE-2026-10645)
vulnerability in c (CVE-2026-10645). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10658 |
|
Out-of-Bounds Read in c (CVE-2026-10658)
vulnerability in c (CVE-2026-10658). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52801 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52801)
vulnerability in gogs.io/gogs (CVE-2026-52801). Confidential information can be exposed externally. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52800 |
|
Cross-Site Request Forgery (CSRF) in gogs.io/gogs (CVE-2026-52800)
vulnerability in gogs.io/gogs (CVE-2026-52800). Successful exploitation can lead to full system takeover. Exploitable via ``TeamsAction``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2025-67038 KEV |
|
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...
|
| CVE-2026-52799 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52799)
vulnerability in gogs.io/gogs (CVE-2026-52799). Confidential information can be exposed externally. Exploitable via `GET /attachments/`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52798 |
|
Cross-Site Scripting (XSS) in gogs.io/gogs (CVE-2026-52798)
cross-site scripting in gogs.io/gogs (CVE-2026-52798). Confidential information can be exposed externally. Exploitable via ``poc``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-52796 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52796)
vulnerability in gogs.io/gogs (CVE-2026-52796). Risk of unauthorized operations or information disclosure. Exploitable via ``com.Expand``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-54353 |
|
Vulnerability in @budibase/backend-core (CVE-2026-54353)
vulnerability in @budibase/backend-core (CVE-2026-54353). Confidential information can be exposed externally. Mitigation: upgrade to `3.39.9` or later.
|