Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-38329 Vulnerability in CVE-2026-38329 (CVE-2026-38329)
vulnerability in CVE-2026-38329 (CVE-2026-38329). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/files/{key}`.
CVE-2026-39006 Vulnerability in CVE-2026-39006 (CVE-2026-39006)
vulnerability in CVE-2026-39006 (CVE-2026-39006). Successful exploitation can lead to full system takeover.
CVE-2026-38812 SQL Injection in sqli (CVE-2026-38812)
SQL injection in sqli (CVE-2026-38812). Successful exploitation can lead to full system takeover.
CVE-2026-39196 SQL Injection in sqli (CVE-2026-39196)
SQL injection in sqli (CVE-2026-39196). Successful exploitation can lead to full system takeover.
CVE-2026-38060 OS Command Injection in CVE-2026-38060 (CVE-2026-38060)
OS command injection in CVE-2026-38060 (CVE-2026-38060). Successful exploitation can lead to full system takeover.
CVE-2026-38061 OS Command Injection in CVE-2026-38061 (CVE-2026-38061)
OS command injection in CVE-2026-38061 (CVE-2026-38061). Successful exploitation can lead to full system takeover.
CVE-2026-38062 OS Command Injection in CVE-2026-38062 (CVE-2026-38062)
OS command injection in CVE-2026-38062 (CVE-2026-38062). Successful exploitation can lead to full system takeover.
CVE-2026-38063 OS Command Injection in CVE-2026-38063 (CVE-2026-38063)
OS command injection in CVE-2026-38063 (CVE-2026-38063). Successful exploitation can lead to full system takeover.
CVE-2026-38064 OS Command Injection in CVE-2026-38064 (CVE-2026-38064)
OS command injection in CVE-2026-38064 (CVE-2026-38064). Successful exploitation can lead to full system takeover.
CVE-2026-38065 OS Command Injection in CVE-2026-38065 (CVE-2026-38065)
OS command injection in CVE-2026-38065 (CVE-2026-38065). Successful exploitation can lead to full system takeover.
CVE-2026-30120 Code Injection in remotion (CVE-2026-30120)
code injection in remotion (CVE-2026-30120). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.410` or later.
CVE-2026-30121 Remotion: arbitrary file write vulnerability
Remotion: arbitrary file write vulnerability
CVE-2026-36537 Vulnerability in CVE-2026-36537 (CVE-2026-36537)
vulnerability in CVE-2026-36537 (CVE-2026-36537). Successful exploitation can lead to full system takeover.
CVE-2026-9862 OS Command Injection in CVE-2026-9862 (CVE-2026-9862)
OS command injection in CVE-2026-9862 (CVE-2026-9862). Successful exploitation can lead to full system takeover.
CVE-2026-52704 Code Injection in CVE-2026-52704 (CVE-2026-52704)
code injection in CVE-2026-52704 (CVE-2026-52704). Successful exploitation can lead to full system takeover.
CVE-2018-25436 Unrestricted File Upload in wordpress (CVE-2018-25436)
vulnerability in wordpress (CVE-2018-25436). Successful exploitation can lead to full system takeover.
CVE-2026-11526 Vulnerability in CVE-2026-11526 (CVE-2026-11526)
vulnerability in CVE-2026-11526 (CVE-2026-11526). Successful exploitation can lead to full system takeover.
CVE-2026-12183 Authentication Bypass in CVE-2026-12183 (CVE-2026-12183)
authentication bypass in CVE-2026-12183 (CVE-2026-12183). Successful exploitation can lead to full system takeover.
CVE-2026-53838 Vulnerability in openclaw (CVE-2026-53838)
vulnerability in openclaw (CVE-2026-53838). Successful exploitation can lead to full system takeover.
CVE-2026-53609 Vulnerability in CVE-2026-53609 (CVE-2026-53609)
vulnerability in CVE-2026-53609 (CVE-2026-53609). Confidential information can be exposed externally. Exploitable via ``__proto__``.
CVE-2026-53519 Path Traversal in github.com/nezhahq/nezha (CVE-2026-53519)
path traversal in github.com/nezhahq/nezha (CVE-2026-53519). Confidential information can be exposed externally. Exploitable via `GET /dashboard../data/config.yaml`. Mitigation: upgrade to `2.0.13` or later.
CVE-2026-41157 Out-of-Bounds Write in Google chrome (CVE-2026-41157)
out-of-bounds write in Google chrome (CVE-2026-41157). Successful exploitation can lead to full system takeover.
CVE-2026-28742 Vulnerability in CVE-2026-28742 (CVE-2026-28742)
vulnerability in CVE-2026-28742 (CVE-2026-28742). Successful exploitation can lead to full system takeover.
CVE-2026-48558 KEV [KEV] Vulnerability in Simplehelp simple-help (CVE-2026-48558)
vulnerability in Simplehelp simple-help (CVE-2026-48558). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-44172 SQL Injection in mariadb (CVE-2026-44172)
SQL injection in mariadb (CVE-2026-44172). Successful exploitation can lead to full system takeover.
CVE-2026-44170 OS Command Injection in mariadb (CVE-2026-44170)
OS command injection in mariadb (CVE-2026-44170). Successful exploitation can lead to full system takeover.
CVE-2026-50091 Vulnerability in c (CVE-2026-50091)
vulnerability in c (CVE-2026-50091). Confidential information can be exposed externally.
CVE-2026-50084 Vulnerability in c (CVE-2026-50084)
vulnerability in c (CVE-2026-50084). Confidential information can be exposed externally.
CVE-2026-50083 Vulnerability in c (CVE-2026-50083)
vulnerability in c (CVE-2026-50083). Confidential information can be exposed externally.
CVE-2026-53787 Unrestricted File Upload in path-traversal (CVE-2026-53787)
vulnerability in path-traversal (CVE-2026-53787). Successful exploitation can lead to full system takeover.
CVE-2026-54133 Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
CVE-2026-11849 Vulnerability in CVE-2026-11849 (CVE-2026-11849)
vulnerability in CVE-2026-11849 (CVE-2026-11849). Successful exploitation can lead to full system takeover.
CVE-2026-50627 Vulnerability in apache (CVE-2026-50627)
vulnerability in apache (CVE-2026-50627). Successful exploitation can lead to full system takeover.
CVE-2026-49875 XXE (XML External Entity) in apache (CVE-2026-49875)
vulnerability in apache (CVE-2026-49875). Successful exploitation can lead to full system takeover.
CVE-2026-50628 Vulnerability in apache (CVE-2026-50628)
vulnerability in apache (CVE-2026-50628). Successful exploitation can lead to full system takeover.
CVE-2026-48611 Authentication Bypass in CVE-2026-48611 (CVE-2026-48611)
authentication bypass in CVE-2026-48611 (CVE-2026-48611). Successful exploitation can lead to full system takeover.
CVE-2026-47367 Vulnerability in CVE-2026-47367 (CVE-2026-47367)
vulnerability in CVE-2026-47367 (CVE-2026-47367). Successful exploitation can lead to full system takeover.
CVE-2026-47370 Vulnerability in CVE-2026-47370 (CVE-2026-47370)
vulnerability in CVE-2026-47370 (CVE-2026-47370). Successful exploitation can lead to full system takeover.
CVE-2026-47369 Vulnerability in CVE-2026-47369 (CVE-2026-47369)
vulnerability in CVE-2026-47369 (CVE-2026-47369). Successful exploitation can lead to full system takeover.
CVE-2026-47365 Vulnerability in wordpress (CVE-2026-47365)
vulnerability in wordpress (CVE-2026-47365). Successful exploitation can lead to full system takeover.
CVE-2026-45060 SQL Injection in sqli (CVE-2026-45060)
SQL injection in sqli (CVE-2026-45060). Successful exploitation can lead to full system takeover.
CVE-2026-42846 OS Command Injection in CVE-2026-42846 (CVE-2026-42846)
OS command injection in CVE-2026-42846 (CVE-2026-42846). Successful exploitation can lead to full system takeover.
CVE-2026-39494 SQL Injection in sqli (CVE-2026-39494)
SQL injection in sqli (CVE-2026-39494). Confidential information can be exposed externally.
CVE-2026-42647 SQL Injection in sqli (CVE-2026-42647)
SQL injection in sqli (CVE-2026-42647). Confidential information can be exposed externally.
CVE-2026-12027 Vulnerability in google (CVE-2026-12027)
vulnerability in google (CVE-2026-12027). Successful exploitation can lead to full system takeover.
CVE-2026-41005 Vulnerability in CVE-2026-41005 (CVE-2026-41005)
vulnerability in CVE-2026-41005 (CVE-2026-41005). Successful exploitation can lead to full system takeover.
CVE-2026-49973 Vulnerability in CVE-2026-49973 (CVE-2026-49973)
vulnerability in CVE-2026-49973 (CVE-2026-49973). Confidential information can be exposed externally.
CVE-2026-45177 Vulnerability in paloaltonetworks (CVE-2026-45177)
vulnerability in paloaltonetworks (CVE-2026-45177). Confidential information can be exposed externally.
CVE-2026-49261 OS Command Injection in mariadb (CVE-2026-49261)
OS command injection in mariadb (CVE-2026-49261). Successful exploitation can lead to full system takeover. Exploitable via ``wsrep_notify_cmd``. Mitigation: upgrade to `10.6.27` or later.
CVE-2026-11839 Unrestricted File Upload in CVE-2026-11839 (CVE-2026-11839)
vulnerability in CVE-2026-11839 (CVE-2026-11839). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →