Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-49291 |
|
Vulnerability in mcp-memory-service (CVE-2026-49291)
vulnerability in mcp-memory-service (CVE-2026-49291). Data can be tampered with by attackers. Exploitable via `POST /api/memories`. Mitigation: upgrade to `10.65.3` or later.
|
| CVE-2026-49288 |
|
Information Disclosure in statamic/cms (CVE-2026-49288)
vulnerability in statamic/cms (CVE-2026-49288). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.73.23` or later.
|
| CVE-2026-49293 |
|
Vulnerability in js-toml (CVE-2026-49293)
vulnerability in js-toml (CVE-2026-49293). Risk of unauthorized operations or information disclosure. Exploitable via ``parseBigInt``. Mitigation: upgrade to `1.1.1` or later.
|
| CVE-2026-49339 |
|
Path Traversal in go.senan.xyz/gonic (CVE-2026-49339)
path traversal in go.senan.xyz/gonic (CVE-2026-49339). Data can be tampered with by attackers. Exploitable via ``playlist.UserID``. Mitigation: upgrade to `0.21.0` or later.
|
| CVE-2026-49338 |
|
Vulnerability in go.senan.xyz/gonic (CVE-2026-49338)
vulnerability in go.senan.xyz/gonic (CVE-2026-49338). Data can be tampered with by attackers. Exploitable via `GET /rest/deletePlaylist.view`. Mitigation: upgrade to `0.21.0` or later.
|
| CVE-2019-25760 |
|
Vulnerability in CVE-2019-25760 (CVE-2019-25760)
vulnerability in CVE-2019-25760 (CVE-2019-25760). Confidential information can be exposed externally.
|
| CVE-2019-25758 |
|
Unrestricted File Upload in CVE-2019-25758 (CVE-2019-25758)
vulnerability in CVE-2019-25758 (CVE-2019-25758). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25759 |
|
SQL Injection in sqli (CVE-2019-25759)
SQL injection in sqli (CVE-2019-25759). Confidential information can be exposed externally.
|
| CVE-2019-25761 |
|
SQL Injection in sqli (CVE-2019-25761)
SQL injection in sqli (CVE-2019-25761). Confidential information can be exposed externally.
|
| CVE-2019-25750 |
|
SQL Injection in sqli (CVE-2019-25750)
SQL injection in sqli (CVE-2019-25750). Confidential information can be exposed externally.
|
| CVE-2019-25753 |
|
SQL Injection in sqli (CVE-2019-25753)
SQL injection in sqli (CVE-2019-25753). Confidential information can be exposed externally.
|
| CVE-2019-25749 |
|
SQL Injection in sqli (CVE-2019-25749)
SQL injection in sqli (CVE-2019-25749). Confidential information can be exposed externally.
|
| CVE-2019-25755 |
|
SQL Injection in sqli (CVE-2019-25755)
SQL injection in sqli (CVE-2019-25755). Confidential information can be exposed externally.
|
| CVE-2019-25754 |
|
SQL Injection in sqli (CVE-2019-25754)
SQL injection in sqli (CVE-2019-25754). Confidential information can be exposed externally.
|
| CVE-2019-25757 |
|
SQL Injection in sqli (CVE-2019-25757)
SQL injection in sqli (CVE-2019-25757). Confidential information can be exposed externally.
|
| CVE-2019-25751 |
|
SQL Injection in sqli (CVE-2019-25751)
SQL injection in sqli (CVE-2019-25751). Confidential information can be exposed externally.
|
| CVE-2019-25752 |
|
SQL Injection in sqli (CVE-2019-25752)
SQL injection in sqli (CVE-2019-25752). Confidential information can be exposed externally.
|
| CVE-2019-25756 |
|
SQL Injection in sqli (CVE-2019-25756)
SQL injection in sqli (CVE-2019-25756). Confidential information can be exposed externally.
|
| CVE-2026-56210 |
|
Out-of-Bounds Read in dos (CVE-2026-56210)
vulnerability in dos (CVE-2026-56210). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56211 |
|
Out-of-Bounds Write in CVE-2026-56211 (CVE-2026-56211)
out-of-bounds write in CVE-2026-56211 (CVE-2026-56211). Data can be tampered with by attackers.
|
| CVE-2026-56209 |
|
Out-of-Bounds Write in dos (CVE-2026-56209)
out-of-bounds write in dos (CVE-2026-56209). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56208 |
|
Vulnerability in dos (CVE-2026-56208)
vulnerability in dos (CVE-2026-56208). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-51846 |
|
Vulnerability in CVE-2026-51846 (CVE-2026-51846)
vulnerability in CVE-2026-51846 (CVE-2026-51846). Successful exploitation can lead to full system takeover.
|
| CVE-2026-51845 |
|
Vulnerability in CVE-2026-51845 (CVE-2026-51845)
vulnerability in CVE-2026-51845 (CVE-2026-51845). Successful exploitation can lead to full system takeover.
|
| CVE-2026-51843 |
|
Vulnerability in CVE-2026-51843 (CVE-2026-51843)
vulnerability in CVE-2026-51843 (CVE-2026-51843). Successful exploitation can lead to full system takeover.
|
| CVE-2026-51844 |
|
Vulnerability in CVE-2026-51844 (CVE-2026-51844)
vulnerability in CVE-2026-51844 (CVE-2026-51844). Successful exploitation can lead to full system takeover.
|
| CVE-2017-20281 |
|
SQL Injection in sqli (CVE-2017-20281)
SQL injection in sqli (CVE-2017-20281). Confidential information can be exposed externally.
|
| CVE-2017-20282 |
|
SQL Injection in sqli (CVE-2017-20282)
SQL injection in sqli (CVE-2017-20282). Confidential information can be exposed externally.
|
| CVE-2017-20270 |
|
SQL Injection in sqli (CVE-2017-20270)
SQL injection in sqli (CVE-2017-20270). Confidential information can be exposed externally.
|
| CVE-2017-20271 |
|
SQL Injection in sqli (CVE-2017-20271)
SQL injection in sqli (CVE-2017-20271). Confidential information can be exposed externally.
|
| CVE-2017-20268 |
|
SQL Injection in sqli (CVE-2017-20268)
SQL injection in sqli (CVE-2017-20268). Confidential information can be exposed externally.
|
| CVE-2017-20274 |
|
SQL Injection in sqli (CVE-2017-20274)
SQL injection in sqli (CVE-2017-20274). Confidential information can be exposed externally.
|
| CVE-2017-20275 |
|
SQL Injection in sqli (CVE-2017-20275)
SQL injection in sqli (CVE-2017-20275). Confidential information can be exposed externally.
|
| CVE-2017-20279 |
|
SQL Injection in sqli (CVE-2017-20279)
SQL injection in sqli (CVE-2017-20279). Confidential information can be exposed externally.
|
| CVE-2017-20269 |
|
SQL Injection in sqli (CVE-2017-20269)
SQL injection in sqli (CVE-2017-20269). Confidential information can be exposed externally.
|
| CVE-2017-20276 |
|
SQL Injection in sqli (CVE-2017-20276)
SQL injection in sqli (CVE-2017-20276). Confidential information can be exposed externally.
|
| CVE-2017-20277 |
|
SQL Injection in sqli (CVE-2017-20277)
SQL injection in sqli (CVE-2017-20277). Confidential information can be exposed externally.
|
| CVE-2017-20273 |
|
SQL Injection in sqli (CVE-2017-20273)
SQL injection in sqli (CVE-2017-20273). Confidential information can be exposed externally.
|
| CVE-2017-20278 |
|
SQL Injection in sqli (CVE-2017-20278)
SQL injection in sqli (CVE-2017-20278). Confidential information can be exposed externally.
|
| CVE-2017-20272 |
|
SQL Injection in sqli (CVE-2017-20272)
SQL injection in sqli (CVE-2017-20272). Confidential information can be exposed externally.
|
| CVE-2017-20280 |
|
SQL Injection in sqli (CVE-2017-20280)
SQL injection in sqli (CVE-2017-20280). Confidential information can be exposed externally.
|
| CVE-2019-25748 |
|
SQL Injection in sqli (CVE-2019-25748)
SQL injection in sqli (CVE-2019-25748). Confidential information can be exposed externally.
|
| CVE-2026-3196 |
|
Vulnerability in dos (CVE-2026-3196)
vulnerability in dos (CVE-2026-3196). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3195 |
|
Vulnerability in CVE-2026-3195 (CVE-2026-3195)
vulnerability in CVE-2026-3195 (CVE-2026-3195). Successful exploitation can lead to full system takeover. Exploitable via ``virtio_snd_pcm_in_cb``.
|
| CVE-2026-12622 |
|
Open Redirect in CVE-2026-12622 (CVE-2026-12622)
vulnerability in CVE-2026-12622 (CVE-2026-12622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12620 |
|
Information Disclosure in CVE-2026-12620 (CVE-2026-12620)
vulnerability in CVE-2026-12620 (CVE-2026-12620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12621 |
|
Cross-Site Scripting (XSS) in CVE-2026-12621 (CVE-2026-12621)
cross-site scripting in CVE-2026-12621 (CVE-2026-12621). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12619 |
|
Cross-Site Scripting (XSS) in CVE-2026-12619 (CVE-2026-12619)
cross-site scripting in CVE-2026-12619 (CVE-2026-12619). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-20256 |
|
SQL Injection in sqli (CVE-2017-20256)
SQL injection in sqli (CVE-2017-20256). Confidential information can be exposed externally.
|
| CVE-2017-20260 |
|
SQL Injection in sqli (CVE-2017-20260)
SQL injection in sqli (CVE-2017-20260). Confidential information can be exposed externally.
|