Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

Filtering: Group: cwe Clear

ID	Title	Severity	Tags	Detected
CVE-2026-43116	Vulnerability in linux (CVE-2026-43116) vulnerability in linux (CVE-2026-43116). Successful exploitation can lead to full system takeover.	High	Cwe 362 Linux Linux Kernel	3 days ago
CVE-2026-43111	Use-After-Free in linux (CVE-2026-43111) vulnerability in linux (CVE-2026-43111). Successful exploitation can lead to full system takeover.	High	Cwe 416 Linux Linux Kernel	3 days ago
CVE-2026-43112	Out-of-Bounds Read in linux (CVE-2026-43112) vulnerability in linux (CVE-2026-43112). Successful exploitation can lead to full system takeover.	High	Cwe 125 Linux Linux Kernel	3 days ago
CVE-2026-43083	Vulnerability in linux (CVE-2026-43083) vulnerability in linux (CVE-2026-43083). Confidential information can be exposed externally.	Critical	Linux Ipv6 Buffer Overflow Cwe 19 +8	3 days ago
CVE-2026-0300 KEV	[KEV] Out-of-Bounds Write in Palo alto networks palo-alto-networks (CVE-2026-0300) out-of-bounds write in Palo alto networks palo-alto-networks (CVE-2026-0300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Palo Alto Networks Pan Os Cwe 787 Firewall +11	3 days ago
CVE-2026-39852	Authentication Bypass in io.quarkus:quarkus-vertx-http (CVE-2026-39852) authentication bypass in io.quarkus:quarkus-vertx-http (CVE-2026-39852). Confidential information can be exposed externally. Mitigation: upgrade to `3.35.1.1` or later.	High	Java Cwe 863 Quarkus Maven Central +2	3 days ago
CVE-2026-35579	Authentication Bypass in github.com/coredns/coredns (CVE-2026-35579) authentication bypass in github.com/coredns/coredns (CVE-2026-35579). Successful exploitation can lead to full system takeover. Exploitable via ``tsigStatus``. Mitigation: upgrade to `1.14.3` or later.	Critical	Cwe 287 Corednsio Coredns Go +19	3 days ago
CVE-2026-39383	SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383) SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383). Confidential information can be exposed externally. Exploitable via ``FilterDeadline``. Mitigation: upgrade to `8.31.0` or later.	High	Server-Side Request Forgery Cwe 918 Thecodingmachine Gotenberg +3	3 days ago
CVE-2026-35397	Path Traversal in jupyter-server (CVE-2026-35397) path traversal in jupyter-server (CVE-2026-35397). Confidential information can be exposed externally. Exploitable via ``root_dir``. Mitigation: upgrade to `2.18.0` or later.	High	Path Traversal Cwe 22 Jupyter Jupyter Server +1	4 days ago
CVE-2026-40280	SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280) SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.31.0` or later.	High	Cwe 918 Thecodingmachine Gotenberg	4 days ago
CVE-2026-35453	Cross-Site Scripting (XSS) in phpoffice/phpspreadsheet (CVE-2026-35453) cross-site scripting in phpoffice/phpspreadsheet (CVE-2026-35453). Risk of unauthorized operations or information disclosure. Exploitable via ``formatColor``. Mitigation: upgrade to `1.30.4` or later.	Medium	JavaScript Cwe 79 Phpoffice Phpspreadsheet +5	4 days ago
CVE-2026-34084	Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-34084) vulnerability in phpoffice/phpspreadsheet (CVE-2026-34084). Successful exploitation can lead to full system takeover. Exploitable via ``is_file``. Mitigation: upgrade to `1.30.3` or later.	Critical	PHP Remote Code Execution Insecure Deserialization Cwe 502 +9	4 days ago
CVE-2026-33324	SQL Injection in fit2cloud (CVE-2026-33324) SQL injection in fit2cloud (CVE-2026-33324). Successful exploitation can lead to full system takeover.	High	Remote Code Execution Cwe 89 Fit2Cloud Sqlbot	4 days ago
CVE-2026-33420	Vulnerability in dani-garcia (CVE-2026-33420) vulnerability in dani-garcia (CVE-2026-33420). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/organizations/{org_id}/collections/details`.	Medium	Rust Cwe 862 Dani Garcia Vaultwarden	4 days ago
CVE-2026-32936	Vulnerability in github.com/coredns/coredns (CVE-2026-32936) vulnerability in github.com/coredns/coredns (CVE-2026-32936). Risk of unauthorized operations or information disclosure. Exploitable via ``dns``. Mitigation: upgrade to `1.14.3` or later.	High	Denial of Service Cwe 400 Corednsio Coredns +3	4 days ago
CVE-2026-33489	Vulnerability in github.com/coredns/coredns (CVE-2026-33489) vulnerability in github.com/coredns/coredns (CVE-2026-33489). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.	High	Cwe 863 Corednsio Coredns Go +2	4 days ago
CVE-2026-33190	Authentication Bypass in github.com/coredns/coredns (CVE-2026-33190) authentication bypass in github.com/coredns/coredns (CVE-2026-33190). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.	High	Cwe 303 Corednsio Coredns Go +3	4 days ago
CVE-2026-32934	Vulnerability in github.com/coredns/coredns (CVE-2026-32934) vulnerability in github.com/coredns/coredns (CVE-2026-32934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.14.3` or later.	High	Cwe 770 Corednsio Coredns Go +2	4 days ago
CVE-2026-38428	SQL Injection in sqli (CVE-2026-38428) SQL injection in sqli (CVE-2026-38428). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v1/main/flows/search`.	Critical	SQL Injection Cwe 89 Kestra HTTP +15	4 days ago
CVE-2026-38431	Code Injection in frappe (CVE-2026-38431) code injection in frappe (CVE-2026-38431). Successful exploitation can lead to full system takeover.	Critical	Cwe 94 Frappe Erpnext Server-Side Template Injection +15	4 days ago
CVE-2026-38432	Cross-Site Scripting (XSS) in frappe (CVE-2026-38432) cross-site scripting in frappe (CVE-2026-38432). Risk of unauthorized operations or information disclosure.	Medium	JavaScript Cross-Site Scripting Cwe 79 Frappe +1	4 days ago
CVE-2025-61669	Open Redirect in jupyter-server (CVE-2025-61669) vulnerability in jupyter-server (CVE-2025-61669). Risk of unauthorized operations or information disclosure. Exploitable via ``google.com``. Mitigation: upgrade to `2.18.0` or later.		Pip Jupyter Server Cwe 601	4 days ago
CVE-2026-43067	Vulnerability in linux (CVE-2026-43067) vulnerability in linux (CVE-2026-43067). Successful exploitation can lead to full system takeover.	Critical	Linux Ext4 Cwe 122 Cwe 22 +12	4 days ago
CVE-2026-27693	Vulnerability in traccar (CVE-2026-27693) vulnerability in traccar (CVE-2026-27693). Risk of unauthorized operations or information disclosure.	Medium	Cwe 91 Traccar	4 days ago
CVE-2026-27694	Cross-Site Scripting (XSS) in traccar (CVE-2026-27694) cross-site scripting in traccar (CVE-2026-27694). Risk of unauthorized operations or information disclosure.	Medium	Cwe 79 Traccar	4 days ago
CVE-2026-42085	Vulnerability in path-traversal (CVE-2026-42085) vulnerability in path-traversal (CVE-2026-42085). Risk of unauthorized operations or information disclosure.	Medium	Path Traversal Cwe 23 Openc3 Cosmos	5 days ago
CVE-2026-42087	SQL Injection in sqli (CVE-2026-42087) SQL injection in sqli (CVE-2026-42087). Confidential information can be exposed externally. Exploitable via ``tsdb_lookup``.	Critical	SQL Injection Cwe 89 Openc3 Cosmos +11	5 days ago
CVE-2026-42086	Cross-Site Scripting (XSS) in openc3 (CVE-2026-42086) cross-site scripting in openc3 (CVE-2026-42086). Risk of unauthorized operations or information disclosure.	Medium	Cross-Site Scripting Cwe 79 Openc3 Cosmos	5 days ago
CVE-2026-26956	Vulnerability in vm2-project (CVE-2026-26956) vulnerability in vm2-project (CVE-2026-26956). Successful exploitation can lead to full system takeover. Exploitable via ``catch``.	Critical	JavaScript Cwe 693 Vm2 Project Vm2 +12	5 days ago
CVE-2026-24120	Code Injection in vm2-project (CVE-2026-24120) code injection in vm2-project (CVE-2026-24120). Successful exploitation can lead to full system takeover. Exploitable via ``resetPromiseSpecies``.	Critical	JavaScript Cwe 94 Cwe 693 Vm2 Project +12	5 days ago
CVE-2026-24118	Code Injection in vm2-project (CVE-2026-24118) code injection in vm2-project (CVE-2026-24118). Successful exploitation can lead to full system takeover. Exploitable via ``__lookupGetter__``.	Critical	JavaScript Cwe 94 Cwe 693 Vm2 Project +12	5 days ago
CVE-2026-24781	Code Injection in vm2-project (CVE-2026-24781) code injection in vm2-project (CVE-2026-24781). Successful exploitation can lead to full system takeover. Exploitable via ``inspect``.	Critical	JavaScript Cwe 94 Cwe 693 Vm2 Project +11	5 days ago
CVE-2026-35527	SSRF (Server-Side Request Forgery) in github.com/lxc/incus/v6/cmd/incusd (CVE-2026-35527) SSRF in github.com/lxc/incus/v6/cmd/incusd (CVE-2026-35527). Risk of unauthorized operations or information disclosure. Exploitable via ``restricted.images.servers``. Mitigation: upgrade to `7.0.0` or later.		Go Githubcomlxcincusv6Cmdincusd Server-Side Request Forgery Cwe 918	5 days ago
CVE-2026-43047	Out-of-Bounds Write in linux (CVE-2026-43047) out-of-bounds write in linux (CVE-2026-43047). Successful exploitation can lead to full system takeover.	High	Cwe 787 Linux Linux Kernel	1 week ago
CVE-2026-43041	Vulnerability in linux (CVE-2026-43041) vulnerability in linux (CVE-2026-43041). Risk of unauthorized operations or information disclosure.	Medium	Cwe 401 Linux Linux Kernel	1 week ago
CVE-2026-43043	Vulnerability in linux (CVE-2026-43043) vulnerability in linux (CVE-2026-43043). Risk of unauthorized operations or information disclosure.	Medium	Cwe 476 Linux Linux Kernel	1 week ago
CVE-2026-43042	Out-of-Bounds Read in linux (CVE-2026-43042) vulnerability in linux (CVE-2026-43042). Confidential information can be exposed externally.	High	Cwe 125 Linux Linux Kernel	1 week ago
CVE-2026-43036	Vulnerability in linux (CVE-2026-43036) vulnerability in linux (CVE-2026-43036). Risk of unauthorized operations or information disclosure.	Medium	Cwe 908 Linux Linux Kernel	1 week ago
CVE-2026-43035	Vulnerability in linux (CVE-2026-43035) vulnerability in linux (CVE-2026-43035). Risk of unauthorized operations or information disclosure.	Medium	Cwe 908 Linux Linux Kernel	1 week ago
CVE-2026-43038	Vulnerability in linux (CVE-2026-43038) vulnerability in linux (CVE-2026-43038). Successful exploitation can lead to full system takeover.	Critical	Linux Linux Kernel Ipv6 Icmp +8	1 week ago
CVE-2026-43029	Vulnerability in c (CVE-2026-43029) vulnerability in c (CVE-2026-43029). Risk of unauthorized operations or information disclosure.	High	C Cwe 667 Linux Linux Kernel	1 week ago
CVE-2026-43027	Use-After-Free in linux (CVE-2026-43027) vulnerability in linux (CVE-2026-43027). Successful exploitation can lead to full system takeover.	High	Cwe 416 Linux Linux Kernel	1 week ago
CVE-2026-43021	Vulnerability in c (CVE-2026-43021) vulnerability in c (CVE-2026-43021). Risk of unauthorized operations or information disclosure.	Medium	C Cwe 401 Linux Linux Kernel	1 week ago
CVE-2026-43019	Use-After-Free in linux (CVE-2026-43019) vulnerability in linux (CVE-2026-43019). Successful exploitation can lead to full system takeover.	High	Cwe 416 Linux Linux Kernel	1 week ago
CVE-2026-43023	Vulnerability in linux (CVE-2026-43023) vulnerability in linux (CVE-2026-43023). Successful exploitation can lead to full system takeover.	High	Cwe 362 Linux Linux Kernel	1 week ago
CVE-2026-43020	Out-of-Bounds Write in linux (CVE-2026-43020) out-of-bounds write in linux (CVE-2026-43020). Successful exploitation can lead to full system takeover.	High	Cwe 787 Linux Linux Kernel	1 week ago
CVE-2026-43025	Out-of-Bounds Read in linux (CVE-2026-43025) vulnerability in linux (CVE-2026-43025). Confidential information can be exposed externally.	High	Cwe 125 Linux Linux Kernel	1 week ago
CVE-2026-43018	Use-After-Free in linux (CVE-2026-43018) vulnerability in linux (CVE-2026-43018). Successful exploitation can lead to full system takeover.	High	Cwe 416 Linux Linux Kernel	1 week ago
CVE-2026-31761	Vulnerability in linux (CVE-2026-31761) vulnerability in linux (CVE-2026-31761). Successful exploitation can lead to full system takeover.	High	Cwe 362 Linux Linux Kernel	1 week ago
CVE-2026-31760	Vulnerability in linux (CVE-2026-31760) vulnerability in linux (CVE-2026-31760). Risk of unauthorized operations or information disclosure.	Medium	Cwe 401 Linux Linux Kernel	1 week ago

Vulnerabilities

🍪 About cookies