Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44349 |
|
SQL Injection in github.com/daptin/daptin (CVE-2026-44349)
SQL injection in github.com/daptin/daptin (CVE-2026-44349). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/`. Mitigation: upgrade to `0.11.5` or later.
|
| CVE-2026-36458 |
|
Code Injection in sqli (CVE-2026-36458)
code injection in sqli (CVE-2026-36458). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32686 |
|
Vulnerability in dos (CVE-2026-32686)
vulnerability in dos (CVE-2026-32686). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63706 |
|
Code Injection in npm (CVE-2025-63706)
code injection in npm (CVE-2025-63706). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67202 |
|
Cross-Site Scripting (XSS) in CVE-2025-67202 (CVE-2025-67202)
cross-site scripting in CVE-2025-67202 (CVE-2025-67202). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63705 |
|
OS Command Injection in CVE-2025-63705 (CVE-2025-63705)
OS command injection in CVE-2025-63705 (CVE-2025-63705). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30496 |
|
Vulnerability in android (CVE-2026-30496)
vulnerability in android (CVE-2026-30496). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30495 |
|
Vulnerability in CVE-2026-30495 (CVE-2026-30495)
vulnerability in CVE-2026-30495 (CVE-2026-30495). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8094 |
|
Code Injection in firefox (CVE-2026-8094)
code injection in firefox (CVE-2026-8094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8091 |
|
Vulnerability in firefox (CVE-2026-8091)
vulnerability in firefox (CVE-2026-8091). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8093 |
|
Buffer Overflow in CVE-2026-8093 (CVE-2026-8093)
vulnerability in CVE-2026-8093 (CVE-2026-8093). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8092 |
|
Out-of-Bounds Read in CVE-2026-8092 (CVE-2026-8092)
vulnerability in CVE-2026-8092 (CVE-2026-8092). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8090 |
|
Use-After-Free in mozilla (CVE-2026-8090)
vulnerability in mozilla (CVE-2026-8090). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4430 |
|
Out-of-Bounds Write in libreoffice (CVE-2026-4430)
out-of-bounds write in libreoffice (CVE-2026-4430). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44406 |
|
Vulnerability in privilege-escalation (CVE-2026-44406)
vulnerability in privilege-escalation (CVE-2026-44406). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9661 |
|
OS Command Injection in hitachi (CVE-2025-9661)
OS command injection in hitachi (CVE-2025-9661). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41413 |
|
SSRF (Server-Side Request Forgery) in istio.io/istio (CVE-2026-41413)
SSRF in istio.io/istio (CVE-2026-41413). Risk of unauthorized operations or information disclosure. Exploitable via ``ValidatingAdmissionPolicy``. Mitigation: upgrade to `0.0.0-20260410004459-189832a289c1` or later.
|
| CVE-2026-44602 |
|
Vulnerability in torproject (CVE-2026-44602)
vulnerability in torproject (CVE-2026-44602). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42217 |
|
Vulnerability in openexr (CVE-2026-42217)
vulnerability in openexr (CVE-2026-42217). Successful exploitation can lead to full system takeover. Exploitable via ``ImfIDManifest.cpp``.
|
| CVE-2026-42216 |
|
Out-of-Bounds Read in openexr (CVE-2026-42216)
vulnerability in openexr (CVE-2026-42216). Confidential information can be exposed externally. Exploitable via ``c13e0e1320a6652e02c5c90c6dbd984d532efe44``.
|
| CVE-2026-41142 |
|
Vulnerability in openexr (CVE-2026-41142)
vulnerability in openexr (CVE-2026-41142). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6973 KEV |
|
[KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-40243 |
|
Authentication Bypass in github.com/lxc/incus/v6/cmd/incusd (CVE-2026-40243)
authentication bypass in github.com/lxc/incus/v6/cmd/incusd (CVE-2026-40243). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.0` or later.
|
| CVE-2026-8018 |
|
Vulnerability in google (CVE-2026-8018)
vulnerability in google (CVE-2026-8018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7989 |
|
Vulnerability in google (CVE-2026-7989)
vulnerability in google (CVE-2026-7989). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7959 |
|
Vulnerability in google (CVE-2026-7959)
vulnerability in google (CVE-2026-7959). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7946 |
|
Vulnerability in google (CVE-2026-7946)
vulnerability in google (CVE-2026-7946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7932 |
|
Vulnerability in chromium (CVE-2026-7932)
vulnerability in chromium (CVE-2026-7932). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-7916 |
|
Vulnerability in google (CVE-2026-7916)
vulnerability in google (CVE-2026-7916). Successful exploitation can lead to full system takeover.
|
| CVE-2025-0509 |
|
Vulnerability in java (CVE-2025-0509)
vulnerability in java (CVE-2025-0509). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.441` or later.
|
| CVE-2024-47778 |
|
Out-of-Bounds Read in java (CVE-2024-47778)
vulnerability in java (CVE-2024-47778). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47777 |
|
Out-of-Bounds Read in java (CVE-2024-47777)
vulnerability in java (CVE-2024-47777). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47776 |
|
Out-of-Bounds Read in java (CVE-2024-47776)
vulnerability in java (CVE-2024-47776). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47775 |
|
Out-of-Bounds Read in java (CVE-2024-47775)
vulnerability in java (CVE-2024-47775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47606 |
|
Vulnerability in java (CVE-2024-47606)
vulnerability in java (CVE-2024-47606). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47597 |
|
Out-of-Bounds Read in java (CVE-2024-47597)
vulnerability in java (CVE-2024-47597). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47596 |
|
Out-of-Bounds Read in java (CVE-2024-47596)
vulnerability in java (CVE-2024-47596). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47546 |
|
Vulnerability in java (CVE-2024-47546)
vulnerability in java (CVE-2024-47546). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2024-47544 |
|
Vulnerability in java (CVE-2024-47544)
vulnerability in java (CVE-2024-47544). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.24.10` or later.
|
| CVE-2026-43280 |
|
Out-of-Bounds Read in linux (CVE-2026-43280)
vulnerability in linux (CVE-2026-43280). Confidential information can be exposed externally.
|
| CVE-2026-43282 |
|
Vulnerability in linux (CVE-2026-43282)
vulnerability in linux (CVE-2026-43282). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43279 |
|
Out-of-Bounds Write in linux (CVE-2026-43279)
out-of-bounds write in linux (CVE-2026-43279). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43278 |
|
Vulnerability in linux (CVE-2026-43278)
vulnerability in linux (CVE-2026-43278). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43281 |
|
Out-of-Bounds Read in linux (CVE-2026-43281)
vulnerability in linux (CVE-2026-43281). Confidential information can be exposed externally. Exploitable via ``fw_xlate``.
|
| CVE-2026-43272 |
|
Vulnerability in linux (CVE-2026-43272)
vulnerability in linux (CVE-2026-43272). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43271 |
|
Vulnerability in linux (CVE-2026-43271)
vulnerability in linux (CVE-2026-43271). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43275 |
|
Vulnerability in linux (CVE-2026-43275)
vulnerability in linux (CVE-2026-43275). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43274 |
|
Out-of-Bounds Read in linux (CVE-2026-43274)
vulnerability in linux (CVE-2026-43274). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43276 |
|
Vulnerability in linux (CVE-2026-43276)
vulnerability in linux (CVE-2026-43276). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43269 |
|
Vulnerability in linux (CVE-2026-43269)
vulnerability in linux (CVE-2026-43269). Risk of unauthorized operations or information disclosure.
|