Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-58282 |
|
Vulnerability in microsoft (CVE-2026-58282)
vulnerability in microsoft (CVE-2026-58282). Data can be tampered with by attackers.
|
| CVE-2026-57991 |
|
Vulnerability in microsoft (CVE-2026-57991)
vulnerability in microsoft (CVE-2026-57991). Confidential information can be exposed externally.
|
| CVE-2026-58283 |
|
Vulnerability in microsoft (CVE-2026-58283)
vulnerability in microsoft (CVE-2026-58283). Data can be tampered with by attackers.
|
| CVE-2026-56646 |
|
Information Disclosure in microsoft (CVE-2026-56646)
vulnerability in microsoft (CVE-2026-56646). Confidential information can be exposed externally.
|
| CVE-2026-45489 |
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Microsoft Edge (Chromium-based) Spoofing Vulnerability
|
| CVE-2026-45488 |
|
Vulnerability in microsoft (CVE-2026-45488)
vulnerability in microsoft (CVE-2026-45488). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57975 |
|
Vulnerability in microsoft (CVE-2026-57975)
vulnerability in microsoft (CVE-2026-57975). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57974 |
|
Vulnerability in microsoft (CVE-2026-57974)
vulnerability in microsoft (CVE-2026-57974). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57986 |
|
Use-After-Free in microsoft (CVE-2026-57986)
vulnerability in microsoft (CVE-2026-57986). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57984 |
|
Use-After-Free in microsoft (CVE-2026-57984)
vulnerability in microsoft (CVE-2026-57984). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57981 |
|
Use-After-Free in microsoft (CVE-2026-57981)
vulnerability in microsoft (CVE-2026-57981). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57977 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2026-57977)
cross-site scripting in microsoft (CVE-2026-57977). Data can be tampered with by attackers.
|
| CVE-2026-57985 |
|
Vulnerability in microsoft (CVE-2026-57985)
vulnerability in microsoft (CVE-2026-57985). Data can be tampered with by attackers.
|
| CVE-2026-56645 |
|
Vulnerability in microsoft (CVE-2026-56645)
vulnerability in microsoft (CVE-2026-56645). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57983 |
|
Vulnerability in microsoft (CVE-2026-57983)
vulnerability in microsoft (CVE-2026-57983). Confidential information can be exposed externally.
|
| CVE-2026-27780 |
|
Authorization Flaw in CVE-2026-27780 (CVE-2026-27780)
vulnerability in CVE-2026-27780 (CVE-2026-27780). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57987 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57987)
SSRF in ssrf (CVE-2026-57987). Confidential information can be exposed externally.
|
| CVE-2026-55945 |
|
Vulnerability in microsoft (CVE-2026-55945)
vulnerability in microsoft (CVE-2026-55945). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28705 |
|
Path Traversal in CVE-2026-28705 (CVE-2026-28705)
path traversal in CVE-2026-28705 (CVE-2026-28705). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27779 |
|
Vulnerability in CVE-2026-27779 (CVE-2026-27779)
vulnerability in CVE-2026-27779 (CVE-2026-27779). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26307 |
|
Vulnerability in CVE-2026-26307 (CVE-2026-26307)
vulnerability in CVE-2026-26307 (CVE-2026-26307). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27660 |
|
Vulnerability in CVE-2026-27660 (CVE-2026-27660)
vulnerability in CVE-2026-27660 (CVE-2026-27660). Data can be tampered with by attackers.
|
| CVE-2026-25712 |
|
Vulnerability in CVE-2026-25712 (CVE-2026-25712)
vulnerability in CVE-2026-25712 (CVE-2026-25712). Confidential information can be exposed externally.
|
| CVE-2026-24690 |
|
Vulnerability in CVE-2026-24690 (CVE-2026-24690)
vulnerability in CVE-2026-24690 (CVE-2026-24690). Data can be tampered with by attackers.
|
| CVE-2026-20909 |
|
Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries.
Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries.
|
| CVE-2026-26292 |
|
Vulnerability in CVE-2026-26292 (CVE-2026-26292)
vulnerability in CVE-2026-26292 (CVE-2026-26292). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26247 |
|
Vulnerability in CVE-2026-26247 (CVE-2026-26247)
vulnerability in CVE-2026-26247 (CVE-2026-26247). Confidential information can be exposed externally.
|
| CVE-2026-14611 |
|
Information Disclosure in CVE-2026-14611 (CVE-2026-14611)
vulnerability in CVE-2026-14611 (CVE-2026-14611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26232 |
|
Vulnerability in CVE-2026-26232 (CVE-2026-26232)
vulnerability in CVE-2026-26232 (CVE-2026-26232). Confidential information can be exposed externally.
|
| CVE-2026-25718 |
|
Vulnerability in CVE-2026-25718 (CVE-2026-25718)
vulnerability in CVE-2026-25718 (CVE-2026-25718). Confidential information can be exposed externally.
|
| CVE-2026-22547 |
|
Vulnerability in CVE-2026-22547 (CVE-2026-22547)
vulnerability in CVE-2026-22547 (CVE-2026-22547). Confidential information can be exposed externally.
|
| CVE-2026-14610 |
|
Buffer Overflow in cpp (CVE-2026-14610)
vulnerability in cpp (CVE-2026-14610). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12481 |
|
Unsafe Deserialization in deserialization (CVE-2026-12481)
vulnerability in deserialization (CVE-2026-12481). Successful exploitation can lead to full system takeover. Exploitable via ``Lambda``.
|
| CVE-2026-58426 |
|
Vulnerability in CVE-2026-58426 (CVE-2026-58426)
vulnerability in CVE-2026-58426 (CVE-2026-58426). Confidential information can be exposed externally.
|
| CVE-2026-58424 |
|
Permanent Fork PR Workflow Approval Gate Bypass
Permanent Fork PR Workflow Approval Gate Bypass
|
| CVE-2026-58418 |
|
SSRF via HTTP Redirect in Repository Migration
SSRF via HTTP Redirect in Repository Migration
|
| CVE-2026-58423 |
|
Authentication Bypass in CVE-2026-58423 (CVE-2026-58423)
authentication bypass in CVE-2026-58423 (CVE-2026-58423). Confidential information can be exposed externally.
|
| CVE-2026-58422 |
|
Vulnerability in CVE-2026-58422 (CVE-2026-58422)
vulnerability in CVE-2026-58422 (CVE-2026-58422). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58421 |
|
Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service
Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service
|
| CVE-2026-58419 |
|
Notification API leaks private issue metadata after access revocation
Notification API leaks private issue metadata after access revocation
|
| CVE-2026-27771 |
|
Vulnerability in CVE-2026-27771 (CVE-2026-27771)
vulnerability in CVE-2026-27771 (CVE-2026-27771). Confidential information can be exposed externally.
|
| CVE-2026-27775 |
|
Authorization Flaw in CVE-2026-27775 (CVE-2026-27775)
vulnerability in CVE-2026-27775 (CVE-2026-27775). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28740 |
|
Vulnerability in CVE-2026-28740 (CVE-2026-28740)
vulnerability in CVE-2026-28740 (CVE-2026-28740). Confidential information can be exposed externally.
|
| CVE-2026-27761 |
|
Authorization Flaw in CVE-2026-27761 (CVE-2026-27761)
vulnerability in CVE-2026-27761 (CVE-2026-27761). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25038 |
|
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
|
| CVE-2026-22874 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-22874)
SSRF in ssrf (CVE-2026-22874). Confidential information can be exposed externally.
|
| CVE-2026-24451 |
|
Information Disclosure in CVE-2026-24451 (CVE-2026-24451)
vulnerability in CVE-2026-24451 (CVE-2026-24451). Confidential information can be exposed externally.
|
| CVE-2026-20896 |
|
Vulnerability in CVE-2026-20896 (CVE-2026-20896)
vulnerability in CVE-2026-20896 (CVE-2026-20896). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20779 |
|
Vulnerability in CVE-2026-20779 (CVE-2026-20779)
vulnerability in CVE-2026-20779 (CVE-2026-20779). Confidential information can be exposed externally.
|
| CVE-2026-14355 |
|
Vulnerability in CVE-2026-14355 (CVE-2026-14355)
vulnerability in CVE-2026-14355 (CVE-2026-14355). Risk of unauthorized operations or information disclosure.
|