Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-49502 Authentication Bypass in dell (CVE-2026-49502)
authentication bypass in dell (CVE-2026-49502). Confidential information can be exposed externally.
CVE-2025-71321 Unsafe Deserialization in picklescan (CVE-2025-71321)
vulnerability in picklescan (CVE-2025-71321). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.0.33` or later.
CVE-2026-42055 Vulnerability in nginx (CVE-2026-42055)
vulnerability in nginx (CVE-2026-42055). Successful exploitation can lead to full system takeover.
CVE-2026-54415 Privilege Escalation in CVE-2026-54415 (CVE-2026-54415)
vulnerability in CVE-2026-54415 (CVE-2026-54415). Confidential information can be exposed externally.
CVE-2026-54810 Vulnerability in CVE-2026-54810 (CVE-2026-54810)
vulnerability in CVE-2026-54810 (CVE-2026-54810). Risk of unauthorized operations or information disclosure.
CVE-2025-71322 Vulnerability in picklescan (CVE-2025-71322)
vulnerability in picklescan (CVE-2025-71322). Successful exploitation can lead to full system takeover. Exploitable via ``pty``. Mitigation: upgrade to `0.0.33` or later.
CVE-2026-42530 Use-After-Free in nginx (CVE-2026-42530)
vulnerability in nginx (CVE-2026-42530). Successful exploitation can lead to full system takeover.
CVE-2026-54812 SQL Injection in sqli (CVE-2026-54812)
SQL injection in sqli (CVE-2026-54812). Confidential information can be exposed externally.
CVE-2026-55743 OS Command Injection in CVE-2026-55743 (CVE-2026-55743)
OS command injection in CVE-2026-55743 (CVE-2026-55743). Successful exploitation can lead to full system takeover.
CVE-2026-55748 OS Command Injection in horizon (CVE-2026-55748)
OS command injection in horizon (CVE-2026-55748). Confidential information can be exposed externally.
CVE-2026-48142 Out-of-Bounds Read in nginx (CVE-2026-48142)
vulnerability in nginx (CVE-2026-48142). Risk of unauthorized operations or information disclosure.
CVE-2026-54819 SQL Injection in sqli (CVE-2026-54819)
SQL injection in sqli (CVE-2026-54819). Confidential information can be exposed externally.
CVE-2026-54809 SQL Injection in sqli (CVE-2026-54809)
SQL injection in sqli (CVE-2026-54809). Confidential information can be exposed externally.
CVE-2026-54818 SQL Injection in sqli (CVE-2026-54818)
SQL injection in sqli (CVE-2026-54818). Confidential information can be exposed externally.
CVE-2026-54808 SQL Injection in sqli (CVE-2026-54808)
SQL injection in sqli (CVE-2026-54808). Confidential information can be exposed externally.
CVE-2026-54813 SQL Injection in sqli (CVE-2026-54813)
SQL injection in sqli (CVE-2026-54813). Confidential information can be exposed externally.
CVE-2026-54815 SQL Injection in c (CVE-2026-54815)
SQL injection in c (CVE-2026-54815). Confidential information can be exposed externally.
CVE-2026-54417 Vulnerability in c (CVE-2026-54417)
vulnerability in c (CVE-2026-54417). Risk of unauthorized operations or information disclosure.
CVE-2026-10850 Cross-Site Scripting (XSS) in plane (CVE-2026-10850)
cross-site scripting in plane (CVE-2026-10850). Risk of unauthorized operations or information disclosure.
CVE-2026-11311 Vulnerability in nginx (CVE-2026-11311)
vulnerability in nginx (CVE-2026-11311). Confidential information can be exposed externally.
CVE-2026-52707 Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
CVE-2026-22283 Vulnerability in dell (CVE-2026-22283)
vulnerability in dell (CVE-2026-22283). Successful exploitation can lead to full system takeover.
CVE-2026-55738 Vulnerability in c (CVE-2026-55738)
vulnerability in c (CVE-2026-55738). Successful exploitation can lead to full system takeover.
CVE-2026-54817 Vulnerability in CVE-2026-54817 (CVE-2026-54817)
vulnerability in CVE-2026-54817 (CVE-2026-54817). Risk of unauthorized operations or information disclosure.
CVE-2026-9591 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-9591)
vulnerability in csrf (CVE-2026-9591). Risk of unauthorized operations or information disclosure.
CVE-2026-54814 Vulnerability in CVE-2026-54814 (CVE-2026-54814)
vulnerability in CVE-2026-54814 (CVE-2026-54814). Successful exploitation can lead to full system takeover.
CVE-2024-47477 Vulnerability in dell (CVE-2024-47477)
vulnerability in dell (CVE-2024-47477). Risk of unauthorized operations or information disclosure.
CVE-2026-32804 Authentication Bypass in dell (CVE-2026-32804)
authentication bypass in dell (CVE-2026-32804). Data can be tampered with by attackers.
CVE-2026-52716 Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions.
Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions.
CVE-2026-54193 Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions.
Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions.
CVE-2026-49108 Unauthenticated PHP Object Injection in Moderno < 1.43 versions.
Unauthenticated PHP Object Injection in Moderno < 1.43 versions.
CVE-2026-12528 Out-of-Bounds Write in c (CVE-2026-12528)
out-of-bounds write in c (CVE-2026-12528). Risk of unauthorized operations or information disclosure.
CVE-2026-54816 Code Injection in CVE-2026-54816 (CVE-2026-54816)
code injection in CVE-2026-54816 (CVE-2026-54816). Successful exploitation can lead to full system takeover.
CVE-2025-69128 Path Traversal in path-traversal (CVE-2025-69128)
path traversal in path-traversal (CVE-2025-69128). Risk of unauthorized operations or information disclosure.
CVE-2026-40757 Unauthenticated PHP Object Injection in Château <= 1.2.1 versions.
Unauthenticated PHP Object Injection in Château <= 1.2.1 versions.
CVE-2026-40733 Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions.
Unauthenticated PHP Object Injection in ShiftUp <= 1.3 versions.
CVE-2026-40752 Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
CVE-2026-40756 Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.
Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.
CVE-2026-39576 Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.
CVE-2026-39560 Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.
CVE-2026-39445 Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.
Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.
CVE-2026-40738 Unauthenticated PHP Object Injection in Eldon <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Eldon <= 1.4.1 versions.
CVE-2025-69130 Unsafe Deserialization in wordpress (CVE-2025-69130)
vulnerability in wordpress (CVE-2025-69130). Successful exploitation can lead to full system takeover.
CVE-2026-39442 Unauthenticated PHP Object Injection in PressMart <= 1.2.26 versions.
Unauthenticated PHP Object Injection in PressMart <= 1.2.26 versions.
CVE-2026-39556 Unauthenticated PHP Object Injection in Konsept <= 1.9 versions.
Unauthenticated PHP Object Injection in Konsept <= 1.9 versions.
CVE-2025-69189 Vulnerability in CVE-2025-69189 (CVE-2025-69189)
vulnerability in CVE-2025-69189 (CVE-2025-69189). Risk of unauthorized operations or information disclosure.
CVE-2026-40720 Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions.
Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions.
CVE-2025-68524 Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions.
Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions.
CVE-2025-69140 Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions.
Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions.
CVE-2025-69170 Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions.
Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →