Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-11903 |
|
Cross-Site Scripting (XSS) in CVE-2026-11903 (CVE-2026-11903)
cross-site scripting in CVE-2026-11903 (CVE-2026-11903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-59257 |
|
SQL Injection in sqli (CVE-2026-59257)
SQL injection in sqli (CVE-2026-59257). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6820 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5356 |
|
Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
|
| CVE-2026-6818 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6230 |
|
SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
|
| CVE-2026-6854 |
|
SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
|
| CVE-2026-56002 |
|
Vulnerability in CVE-2026-56002 (CVE-2026-56002)
vulnerability in CVE-2026-56002 (CVE-2026-56002). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56003 |
|
Vulnerability in CVE-2026-56003 (CVE-2026-56003)
vulnerability in CVE-2026-56003 (CVE-2026-56003). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57260 |
|
Out-of-Bounds Write in CVE-2026-57260 (CVE-2026-57260)
out-of-bounds write in CVE-2026-57260 (CVE-2026-57260). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57252 |
|
Use-After-Free in CVE-2026-57252 (CVE-2026-57252)
vulnerability in CVE-2026-57252 (CVE-2026-57252). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57256 |
|
Use-After-Free in CVE-2026-57256 (CVE-2026-57256)
vulnerability in CVE-2026-57256 (CVE-2026-57256). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57250 |
|
Use-After-Free in CVE-2026-57250 (CVE-2026-57250)
vulnerability in CVE-2026-57250 (CVE-2026-57250). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57254 |
|
Vulnerability in CVE-2026-57254 (CVE-2026-57254)
vulnerability in CVE-2026-57254 (CVE-2026-57254). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57242 |
|
Use-After-Free in CVE-2026-57242 (CVE-2026-57242)
vulnerability in CVE-2026-57242 (CVE-2026-57242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57244 |
|
Use-After-Free in CVE-2026-57244 (CVE-2026-57244)
vulnerability in CVE-2026-57244 (CVE-2026-57244). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57245 |
|
Use-After-Free in CVE-2026-57245 (CVE-2026-57245)
vulnerability in CVE-2026-57245 (CVE-2026-57245). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57247 |
|
Use-After-Free in CVE-2026-57247 (CVE-2026-57247)
vulnerability in CVE-2026-57247 (CVE-2026-57247). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57249 |
|
Use-After-Free in CVE-2026-57249 (CVE-2026-57249)
vulnerability in CVE-2026-57249 (CVE-2026-57249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57246 |
|
Vulnerability in CVE-2026-57246 (CVE-2026-57246)
vulnerability in CVE-2026-57246 (CVE-2026-57246). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57237 |
|
Use-After-Free in CVE-2026-57237 (CVE-2026-57237)
vulnerability in CVE-2026-57237 (CVE-2026-57237). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57238 |
|
Use-After-Free in CVE-2026-57238 (CVE-2026-57238)
vulnerability in CVE-2026-57238 (CVE-2026-57238). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57240 |
|
Use-After-Free in CVE-2026-57240 (CVE-2026-57240)
vulnerability in CVE-2026-57240 (CVE-2026-57240). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56001 |
|
Vulnerability in CVE-2026-56001 (CVE-2026-56001)
vulnerability in CVE-2026-56001 (CVE-2026-56001). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13129 |
|
Use-After-Free in CVE-2026-13129 (CVE-2026-13129)
vulnerability in CVE-2026-13129 (CVE-2026-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13128 |
|
Use-After-Free in CVE-2026-13128 (CVE-2026-13128)
vulnerability in CVE-2026-13128 (CVE-2026-13128). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55999 |
|
Vulnerability in CVE-2026-55999 (CVE-2026-55999)
vulnerability in CVE-2026-55999 (CVE-2026-55999). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13126 |
|
Use-After-Free in CVE-2026-13126 (CVE-2026-13126)
vulnerability in CVE-2026-13126 (CVE-2026-13126). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13127 |
|
Use-After-Free in CVE-2026-13127 (CVE-2026-13127)
vulnerability in CVE-2026-13127 (CVE-2026-13127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57895 |
|
Vulnerability in CVE-2026-57895 (CVE-2026-57895)
vulnerability in CVE-2026-57895 (CVE-2026-57895). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14489 |
|
Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56437 |
|
Vulnerability in jvn (CVE-2026-56437)
vulnerability in jvn (CVE-2026-56437). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9700 |
|
SQL Injection in wordpress (CVE-2026-9700)
SQL injection in wordpress (CVE-2026-9700). Confidential information can be exposed externally.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-14158 |
|
Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-60002 |
|
Use-After-Free in CVE-2026-60002 (CVE-2026-60002)
vulnerability in CVE-2026-60002 (CVE-2026-60002). Confidential information can be exposed externally.
|
| CVE-2026-51937 |
|
Vulnerability in CVE-2026-51937 (CVE-2026-51937)
vulnerability in CVE-2026-51937 (CVE-2026-51937). Confidential information can be exposed externally.
|
| CVE-2026-59704 |
|
Vulnerability in CVE-2026-59704 (CVE-2026-59704)
vulnerability in CVE-2026-59704 (CVE-2026-59704). Confidential information can be exposed externally. Exploitable via `GET /api/video/ai`.
|
| CVE-2026-54607 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-54607 (CVE-2026-54607)
SSRF in CVE-2026-54607 (CVE-2026-54607). Confidential information can be exposed externally.
|
| CVE-2026-49033 |
|
Vulnerability in CVE-2026-49033 (CVE-2026-49033)
vulnerability in CVE-2026-49033 (CVE-2026-49033). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42958 |
|
Use-After-Free in CVE-2026-42958 (CVE-2026-42958)
vulnerability in CVE-2026-42958 (CVE-2026-42958). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58583 |
|
Privilege Escalation in privilege-escalation (CVE-2026-58583)
vulnerability in privilege-escalation (CVE-2026-58583). Confidential information can be exposed externally.
|
| CVE-2026-59707 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-59707 (CVE-2026-59707)
SSRF in CVE-2026-59707 (CVE-2026-59707). Confidential information can be exposed externally. Exploitable via `POST /models/apply`.
|
| CVE-2026-58469 |
|
Out-of-Bounds Read in c (CVE-2026-58469)
vulnerability in c (CVE-2026-58469). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49471 |
|
Vulnerability in serena-agent (CVE-2026-49471)
vulnerability in serena-agent (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`. Mitigation: upgrade to `1.5.2` or later.
|
| CVE-2026-7017 |
|
Vulnerability in CVE-2026-7017 (CVE-2026-7017)
vulnerability in CVE-2026-7017 (CVE-2026-7017). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2026-59708 |
|
Vulnerability in CVE-2026-59708 (CVE-2026-59708)
vulnerability in CVE-2026-59708 (CVE-2026-59708). Confidential information can be exposed externally. Exploitable via `GET /api/v1/public/`.
|
| CVE-2026-57851 |
|
Vulnerability in privilege-escalation (CVE-2026-57851)
vulnerability in privilege-escalation (CVE-2026-57851). Successful exploitation can lead to full system takeover.
|