Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-41156 Use-After-Free in CVE-2026-41156 (CVE-2026-41156)
vulnerability in CVE-2026-41156 (CVE-2026-41156). Data can be tampered with by attackers.
CVE-2026-34192 Use-After-Free in CVE-2026-34192 (CVE-2026-34192)
vulnerability in CVE-2026-34192 (CVE-2026-34192). Data can be tampered with by attackers.
CVE-2026-56138 Path Traversal in path-traversal (CVE-2026-56138)
path traversal in path-traversal (CVE-2026-56138). Risk of unauthorized operations or information disclosure.
CVE-2026-11576 Vulnerability in eclipse (CVE-2026-11576)
vulnerability in eclipse (CVE-2026-11576). Risk of unauthorized operations or information disclosure.
CVE-2026-46461 Vulnerability in dell (CVE-2026-46461)
vulnerability in dell (CVE-2026-46461). Successful exploitation can lead to full system takeover.
CVE-2026-6798 Vulnerability in wordpress (CVE-2026-6798)
vulnerability in wordpress (CVE-2026-6798). Risk of unauthorized operations or information disclosure.
CVE-2026-3640 Vulnerability in wordpress (CVE-2026-3640)
vulnerability in wordpress (CVE-2026-3640). Risk of unauthorized operations or information disclosure.
CVE-2026-4328 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-4328)
SSRF in wordpress (CVE-2026-4328). Risk of unauthorized operations or information disclosure.
CVE-2026-9013 Vulnerability in wordpress (CVE-2026-9013)
vulnerability in wordpress (CVE-2026-9013). Risk of unauthorized operations or information disclosure.
CVE-2026-54414 Path Traversal in path-traversal (CVE-2026-54414)
path traversal in path-traversal (CVE-2026-54414). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.16.0` or later.
CVE-2026-7547 Path Traversal in wordpress (CVE-2026-7547)
path traversal in wordpress (CVE-2026-7547). Confidential information can be exposed externally.
CVE-2026-8713 Path Traversal in wordpress (CVE-2026-8713)
path traversal in wordpress (CVE-2026-8713). Data can be tampered with by attackers.
CVE-2026-12430 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12430)
cross-site scripting in wordpress (CVE-2026-12430). Risk of unauthorized operations or information disclosure.
CVE-2026-1856 Cross-Site Scripting (XSS) in wordpress (CVE-2026-1856)
cross-site scripting in wordpress (CVE-2026-1856). Risk of unauthorized operations or information disclosure.
CVE-2026-12157 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12157)
cross-site scripting in wordpress (CVE-2026-12157). Risk of unauthorized operations or information disclosure.
CVE-2026-56131 Use-After-Free in libexpat-project (CVE-2026-56131)
vulnerability in libexpat-project (CVE-2026-56131). Risk of unauthorized operations or information disclosure.
CVE-2026-7515 Vulnerability in wordpress (CVE-2026-7515)
vulnerability in wordpress (CVE-2026-7515). Successful exploitation can lead to full system takeover. Exploitable via ``doc_style``.
CVE-2026-8118 Vulnerability in wordpress (CVE-2026-8118)
vulnerability in wordpress (CVE-2026-8118). Confidential information can be exposed externally.
CVE-2026-11989 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11989)
SSRF in wordpress (CVE-2026-11989). Risk of unauthorized operations or information disclosure.
CVE-2026-10034 Vulnerability in wordpress (CVE-2026-10034)
vulnerability in wordpress (CVE-2026-10034). Risk of unauthorized operations or information disclosure.
CVE-2026-10779 Vulnerability in wordpress (CVE-2026-10779)
vulnerability in wordpress (CVE-2026-10779). Risk of unauthorized operations or information disclosure.
CVE-2026-10720 Vulnerability in github.com/canonical/microceph/microceph (CVE-2026-10720)
vulnerability in github.com/canonical/microceph/microceph (CVE-2026-10720). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.0.0-20260609072127-5c2760d8fb76` or later.
CVE-2026-11775 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11775)
vulnerability in wordpress (CVE-2026-11775). Risk of unauthorized operations or information disclosure.
CVE-2026-8805 Vulnerability in dos (CVE-2026-8805)
vulnerability in dos (CVE-2026-8805). Risk of unauthorized operations or information disclosure.
CVE-2026-50195 Vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195)
vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195). Successful exploitation can lead to full system takeover. Exploitable via ``IfNotPresent``. Mitigation: upgrade to `2.3.2` or later.
CVE-2026-12049 Open Redirect in pgadmin (CVE-2026-12049)
vulnerability in pgadmin (CVE-2026-12049). Risk of unauthorized operations or information disclosure.
CVE-2026-52866 Vulnerability in CVE-2026-52866 (CVE-2026-52866)
vulnerability in CVE-2026-52866 (CVE-2026-52866). Risk of unauthorized operations or information disclosure.
CVE-2026-12048 Cross-Site Scripting (XSS) in react (CVE-2026-12048)
cross-site scripting in react (CVE-2026-12048). Confidential information can be exposed externally.
CVE-2026-12047 Cross-Site Scripting (XSS) in react (CVE-2026-12047)
cross-site scripting in react (CVE-2026-12047). Risk of unauthorized operations or information disclosure.
CVE-2026-12050 SQL Injection in sqli (CVE-2026-12050)
SQL injection in sqli (CVE-2026-12050). Risk of unauthorized operations or information disclosure. Exploitable via `POST /browser/server/restore_point/{gid}/{sid}`.
CVE-2026-12045 Command Injection in pgadmin (CVE-2026-12045)
command injection in pgadmin (CVE-2026-12045). Successful exploitation can lead to full system takeover.
CVE-2026-12044 SQL Injection in sqli (CVE-2026-12044)
SQL injection in sqli (CVE-2026-12044). Successful exploitation can lead to full system takeover. Exploitable via ``qtLiteral``.
CVE-2026-56077 Vulnerability in CVE-2026-56077 (CVE-2026-56077)
vulnerability in CVE-2026-56077 (CVE-2026-56077). Confidential information can be exposed externally.
CVE-2026-56075 Authorization Flaw in CVE-2026-56075 (CVE-2026-56075)
vulnerability in CVE-2026-56075 (CVE-2026-56075). Successful exploitation can lead to full system takeover.
CVE-2026-56074 Authorization Flaw in praisonai (CVE-2026-56074)
vulnerability in praisonai (CVE-2026-56074). Confidential information can be exposed externally. Exploitable via ``execute_command``. Mitigation: upgrade to `4.5.128` or later.
CVE-2026-12046 Vulnerability in flask (CVE-2026-12046)
vulnerability in flask (CVE-2026-12046). Successful exploitation can lead to full system takeover. Exploitable via `DELETE /sqleditor/close/`.
CVE-2026-56078 Path Traversal in praisonai (CVE-2026-56078)
path traversal in praisonai (CVE-2026-56078). Successful exploitation can lead to full system takeover. Exploitable via ``MultiAgentLedger``. Mitigation: upgrade to `1.5.115` or later.
CVE-2026-8100 Vulnerability in CVE-2026-8100 (CVE-2026-8100)
vulnerability in CVE-2026-8100 (CVE-2026-8100). Risk of unauthorized operations or information disclosure.
CVE-2026-54130 Vulnerability in microsoft (CVE-2026-54130)
vulnerability in microsoft (CVE-2026-54130). Successful exploitation can lead to full system takeover.
CVE-2026-47633 Information Disclosure in microsoft (CVE-2026-47633)
vulnerability in microsoft (CVE-2026-47633). Confidential information can be exposed externally.
CVE-2026-47647 Vulnerability in microsoft (CVE-2026-47647)
vulnerability in microsoft (CVE-2026-47647). Successful exploitation can lead to full system takeover.
CVE-2026-49205 Vulnerability in thorsten/phpmyfaq (CVE-2026-49205)
vulnerability in thorsten/phpmyfaq (CVE-2026-49205). Confidential information can be exposed externally. Exploitable via `POST /api/v4.0/category`. Mitigation: upgrade to `4.1.4` or later.
CVE-2026-32174 Authentication Bypass in microsoft (CVE-2026-32174)
authentication bypass in microsoft (CVE-2026-32174). Data can be tampered with by attackers.
CVE-2026-22674 Cross-Site Scripting (XSS) in CVE-2026-22674 (CVE-2026-22674)
cross-site scripting in CVE-2026-22674 (CVE-2026-22674). Risk of unauthorized operations or information disclosure.
CVE-2025-15661 Out-of-Bounds Read in c (CVE-2025-15661)
vulnerability in c (CVE-2025-15661). Risk of unauthorized operations or information disclosure.
CVE-2026-56099 Out-of-Bounds Read in c (CVE-2026-56099)
vulnerability in c (CVE-2026-56099). Risk of unauthorized operations or information disclosure.
CVE-2026-48937 Vulnerability in CVE-2026-48937 (CVE-2026-48937)
vulnerability in CVE-2026-48937 (CVE-2026-48937). Risk of unauthorized operations or information disclosure. Exploitable via ``GOAWAY``.
CVE-2026-12390 Vulnerability in CVE-2026-12390 (CVE-2026-12390)
vulnerability in CVE-2026-12390 (CVE-2026-12390). Risk of unauthorized operations or information disclosure.
CVE-2026-47833 Vulnerability in privilege-escalation (CVE-2026-47833)
vulnerability in privilege-escalation (CVE-2026-47833). Confidential information can be exposed externally.
CVE-2026-49257 Vulnerability in mcp-pinot-server (CVE-2026-49257)
vulnerability in mcp-pinot-server (CVE-2026-49257). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`. Mitigation: upgrade to `3.1.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →