Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-56319 Vulnerability in CVE-2026-56319 (CVE-2026-56319)
vulnerability in CVE-2026-56319 (CVE-2026-56319). Risk of unauthorized operations or information disclosure. Exploitable via `GET /statistics/app/`.
CVE-2026-56307 Vulnerability in CVE-2026-56307 (CVE-2026-56307)
vulnerability in CVE-2026-56307 (CVE-2026-56307). Risk of unauthorized operations or information disclosure.
CVE-2026-56282 Information Disclosure in CVE-2026-56282 (CVE-2026-56282)
vulnerability in CVE-2026-56282 (CVE-2026-56282). Risk of unauthorized operations or information disclosure.
CVE-2025-71331 Vulnerability in flowiseai (CVE-2025-71331)
vulnerability in flowiseai (CVE-2025-71331). Risk of unauthorized operations or information disclosure.
CVE-2026-56267 Information Disclosure in CVE-2026-56267 (CVE-2026-56267)
vulnerability in CVE-2026-56267 (CVE-2026-56267). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/account/forgot-password`.
CVE-2026-56235 Information Disclosure in CVE-2026-56235 (CVE-2026-56235)
vulnerability in CVE-2026-56235 (CVE-2026-56235). Risk of unauthorized operations or information disclosure.
CVE-2026-56218 Information Disclosure in CVE-2026-56218 (CVE-2026-56218)
vulnerability in CVE-2026-56218 (CVE-2026-56218). Risk of unauthorized operations or information disclosure.
CVE-2026-56227 SSRF (Server-Side Request Forgery) in CVE-2026-56227 (CVE-2026-56227)
SSRF in CVE-2026-56227 (CVE-2026-56227). Risk of unauthorized operations or information disclosure.
CVE-2026-56228 Vulnerability in dos (CVE-2026-56228)
vulnerability in dos (CVE-2026-56228). Risk of unauthorized operations or information disclosure.
CVE-2024-58351 Code Injection in dos (CVE-2024-58351)
code injection in dos (CVE-2024-58351). Successful exploitation can lead to full system takeover.
CVE-2026-12673 Vulnerability in privilege-escalation (CVE-2026-12673)
vulnerability in privilege-escalation (CVE-2026-12673). Risk of unauthorized operations or information disclosure.
CVE-2022-50972 Code Injection in CVE-2022-50972 (CVE-2022-50972)
code injection in CVE-2022-50972 (CVE-2022-50972). Successful exploitation can lead to full system takeover.
CVE-2020-37255 Vulnerability in wordpress (CVE-2020-37255)
vulnerability in wordpress (CVE-2020-37255). Confidential information can be exposed externally.
CVE-2019-25763 Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.
CVE-2026-48909 Unsafe Deserialization in CVE-2026-48909 (CVE-2026-48909)
vulnerability in CVE-2026-48909 (CVE-2026-48909). Risk of unauthorized operations or information disclosure.
CVE-2026-48908 KEV [KEV] Unrestricted File Upload in Joomshaper ollyo (CVE-2026-48908)
vulnerability in Joomshaper ollyo (CVE-2026-48908). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-48939 Unrestricted File Upload in joomlic (CVE-2026-48939)
vulnerability in joomlic (CVE-2026-48939). Successful exploitation can lead to full system takeover.
CVE-2026-12119 Vulnerability in wordpress (CVE-2026-12119)
vulnerability in wordpress (CVE-2026-12119). Data can be tampered with by attackers.
CVE-2026-11912 Vulnerability in wordpress (CVE-2026-11912)
vulnerability in wordpress (CVE-2026-11912). Data can be tampered with by attackers.
CVE-2026-11911 Path Traversal in wordpress (CVE-2026-11911)
path traversal in wordpress (CVE-2026-11911). Confidential information can be exposed externally.
CVE-2026-9843 Path Traversal in wordpress (CVE-2026-9843)
path traversal in wordpress (CVE-2026-9843). Data can be tampered with by attackers.
CVE-2026-9265 Out-of-Bounds Read in CVE-2026-9265 (CVE-2026-9265)
vulnerability in CVE-2026-9265 (CVE-2026-9265). Confidential information can be exposed externally.
CVE-2026-56216 Privilege Escalation in CVE-2026-56216 (CVE-2026-56216)
vulnerability in CVE-2026-56216 (CVE-2026-56216). Successful exploitation can lead to full system takeover. Exploitable via `POST /functions/v1/apikey`.
CVE-2026-56212 Privilege Escalation in CVE-2026-56212 (CVE-2026-56212)
vulnerability in CVE-2026-56212 (CVE-2026-56212). Risk of unauthorized operations or information disclosure.
CVE-2026-56214 Information Disclosure in CVE-2026-56214 (CVE-2026-56214)
vulnerability in CVE-2026-56214 (CVE-2026-56214). Confidential information can be exposed externally.
CVE-2026-56213 Vulnerability in CVE-2026-56213 (CVE-2026-56213)
vulnerability in CVE-2026-56213 (CVE-2026-56213). Risk of unauthorized operations or information disclosure.
CVE-2026-56082 Vulnerability in dos (CVE-2026-56082)
vulnerability in dos (CVE-2026-56082). Data can be tampered with by attackers.
CVE-2026-56080 Authentication Bypass in dos (CVE-2026-56080)
authentication bypass in dos (CVE-2026-56080). Risk of unauthorized operations or information disclosure.
CVE-2026-56079 Information Disclosure in CVE-2026-56079 (CVE-2026-56079)
vulnerability in CVE-2026-56079 (CVE-2026-56079). Confidential information can be exposed externally.
CVE-2026-55878 Path Traversal in symfony/ux-toolkit (CVE-2026-55878)
path traversal in symfony/ux-toolkit (CVE-2026-55878). Successful exploitation can lead to full system takeover. Exploitable via ``true``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-55877 Cross-Site Scripting (XSS) in symfony/ux-icons (CVE-2026-55877)
cross-site scripting in symfony/ux-icons (CVE-2026-55877). Risk of unauthorized operations or information disclosure. Exploitable via ``body``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-32208 Cross-Site Scripting (XSS) in microsoft (CVE-2026-32208)
cross-site scripting in microsoft (CVE-2026-32208). Successful exploitation can lead to full system takeover.
CVE-2026-42895 Command Injection in microsoft (CVE-2026-42895)
command injection in microsoft (CVE-2026-42895). Data can be tampered with by attackers.
CVE-2026-47645 Open Redirect in microsoft (CVE-2026-47645)
vulnerability in microsoft (CVE-2026-47645). Successful exploitation can lead to full system takeover.
CVE-2026-48582 Vulnerability in microsoft (CVE-2026-48582)
vulnerability in microsoft (CVE-2026-48582). Confidential information can be exposed externally.
CVE-2026-9375 Vulnerability in dos (CVE-2026-9375)
vulnerability in dos (CVE-2026-9375). Risk of unauthorized operations or information disclosure. Exploitable via ``response.py``.
CVE-2026-45480 Authentication Bypass in microsoft (CVE-2026-45480)
authentication bypass in microsoft (CVE-2026-45480). Successful exploitation can lead to full system takeover.
CVE-2026-50519 Vulnerability in microsoft (CVE-2026-50519)
vulnerability in microsoft (CVE-2026-50519). Confidential information can be exposed externally.
CVE-2026-48584 Vulnerability in microsoft (CVE-2026-48584)
vulnerability in microsoft (CVE-2026-48584). Successful exploitation can lead to full system takeover.
CVE-2023-54357 Vulnerability in CVE-2023-54357 (CVE-2023-54357)
vulnerability in CVE-2023-54357 (CVE-2023-54357). Confidential information can be exposed externally.
CVE-2026-12726 SSRF (Server-Side Request Forgery) in CVE-2026-12726 (CVE-2026-12726)
SSRF in CVE-2026-12726 (CVE-2026-12726). Confidential information can be exposed externally.
CVE-2026-12238 Vulnerability in wordpress (CVE-2026-12238)
vulnerability in wordpress (CVE-2026-12238). Risk of unauthorized operations or information disclosure.
CVE-2026-27878 Vulnerability in dos (CVE-2026-27878)
vulnerability in dos (CVE-2026-27878). Risk of unauthorized operations or information disclosure.
CVE-2026-55447 Vulnerability in langflow (CVE-2026-55447)
vulnerability in langflow (CVE-2026-55447). Successful exploitation can lead to full system takeover. Exploitable via ``BaseFileComponent``. Mitigation: upgrade to `1.9.2` or later.
CVE-2026-55446 Vulnerability in langflow (CVE-2026-55446)
vulnerability in langflow (CVE-2026-55446). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/files/upload/test`. Mitigation: upgrade to `1.0.19` or later.
CVE-2026-50559 Authentication Bypass in c (CVE-2026-50559)
authentication bypass in c (CVE-2026-50559). Confidential information can be exposed externally.
CVE-2026-48794 Vulnerability in github.com/authelia/authelia/v4 (CVE-2026-48794)
vulnerability in github.com/authelia/authelia/v4 (CVE-2026-48794). Risk of unauthorized operations or information disclosure. Exploitable via ``a.b.example.com``. Mitigation: upgrade to `4.39.20` or later.
CVE-2026-49337 Vulnerability in CVE-2026-49337 (CVE-2026-49337)
vulnerability in CVE-2026-49337 (CVE-2026-49337). Risk of unauthorized operations or information disclosure.
CVE-2026-49295 Out-of-Bounds Write in struktur (CVE-2026-49295)
out-of-bounds write in struktur (CVE-2026-49295). Risk of unauthorized operations or information disclosure. Exploitable via ``PocStFoll``.
CVE-2026-49346 Vulnerability in struktur (CVE-2026-49346)
vulnerability in struktur (CVE-2026-49346). Risk of unauthorized operations or information disclosure. Exploitable via ``size_t``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →