Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53951 |
|
Path Traversal in CVE-2026-53951 (CVE-2026-53951)
path traversal in CVE-2026-53951 (CVE-2026-53951). Risk of unauthorized operations or information disclosure. Exploitable via ``trust``.
|
| CVE-2026-14967 |
|
Path Traversal in CVE-2026-14967 (CVE-2026-14967)
path traversal in CVE-2026-14967 (CVE-2026-14967). Risk of unauthorized operations or information disclosure. Exploitable via ``github_workflows``.
|
| CVE-2026-15063 |
|
Vulnerability in CVE-2026-15063 (CVE-2026-15063)
vulnerability in CVE-2026-15063 (CVE-2026-15063). Confidential information can be exposed externally.
|
| CVE-2026-14966 |
|
Vulnerability in dos (CVE-2026-14966)
vulnerability in dos (CVE-2026-14966). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49145 |
|
Vulnerability in CVE-2026-49145 (CVE-2026-49145)
vulnerability in CVE-2026-49145 (CVE-2026-49145). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56362 |
|
Out-of-Bounds Read in CVE-2026-56362 (CVE-2026-56362)
vulnerability in CVE-2026-56362 (CVE-2026-56362). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56359 |
|
Cross-Site Scripting (XSS) in n8n (CVE-2026-56359)
cross-site scripting in n8n (CVE-2026-56359). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56374 |
|
Out-of-Bounds Read in dos (CVE-2026-56374)
vulnerability in dos (CVE-2026-56374). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56776 |
|
Authorization Flaw in n8n (CVE-2026-56776)
vulnerability in n8n (CVE-2026-56776). Risk of unauthorized operations or information disclosure. Exploitable via `POST /workflows/{workflowId}/test-runs/new`.
|
| CVE-2026-56360 |
|
Vulnerability in n8n (CVE-2026-56360)
vulnerability in n8n (CVE-2026-56360). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56293 |
|
Vulnerability in CVE-2026-56293 (CVE-2026-56293)
vulnerability in CVE-2026-56293 (CVE-2026-56293). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56283 |
|
Cross-Site Scripting (XSS) in CVE-2026-56283 (CVE-2026-56283)
cross-site scripting in CVE-2026-56283 (CVE-2026-56283). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56284 |
|
Information Disclosure in CVE-2026-56284 (CVE-2026-56284)
vulnerability in CVE-2026-56284 (CVE-2026-56284). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56297 |
|
Vulnerability in dos (CVE-2026-56297)
vulnerability in dos (CVE-2026-56297). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56217 |
|
Vulnerability in CVE-2026-56217 (CVE-2026-56217)
vulnerability in CVE-2026-56217 (CVE-2026-56217). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56250 |
|
Vulnerability in dos (CVE-2026-56250)
vulnerability in dos (CVE-2026-56250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-15034 |
|
Cross-Site Request Forgery (CSRF) in flask (CVE-2026-15034)
vulnerability in flask (CVE-2026-15034). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56086 |
|
Authorization Flaw in dell (CVE-2026-56086)
vulnerability in dell (CVE-2026-56086). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56273 |
|
Path Traversal in path-traversal (CVE-2026-56273)
path traversal in path-traversal (CVE-2026-56273). Data can be tampered with by attackers.
|
| CVE-2026-41122 |
|
Cross-Site Scripting (XSS) in dell (CVE-2026-41122)
cross-site scripting in dell (CVE-2026-41122). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56298 |
|
Information Disclosure in CVE-2026-56298 (CVE-2026-56298)
vulnerability in CVE-2026-56298 (CVE-2026-56298). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56246 |
|
Vulnerability in CVE-2026-56246 (CVE-2026-56246)
vulnerability in CVE-2026-56246 (CVE-2026-56246). Data can be tampered with by attackers. Exploitable via `DELETE /organization`.
|
| CVE-2026-15033 |
|
Command Injection in CVE-2026-15033 (CVE-2026-15033)
command injection in CVE-2026-15033 (CVE-2026-15033). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56226 |
|
Information Disclosure in CVE-2026-56226 (CVE-2026-56226)
vulnerability in CVE-2026-56226 (CVE-2026-56226). Confidential information can be exposed externally. Exploitable via `POST /rest/v1/rpc/get_orgs_v6`.
|
| CVE-2026-56220 |
|
Authorization Flaw in CVE-2026-56220 (CVE-2026-56220)
vulnerability in CVE-2026-56220 (CVE-2026-56220). Data can be tampered with by attackers.
|
| CVE-2026-53480 |
|
Path Traversal in path-traversal (CVE-2026-53480)
path traversal in path-traversal (CVE-2026-53480). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-15035 |
|
Vulnerability in CVE-2026-15035 (CVE-2026-15035)
vulnerability in CVE-2026-15035 (CVE-2026-15035). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53482 |
|
Vulnerability in dos (CVE-2026-53482)
vulnerability in dos (CVE-2026-53482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22927 |
|
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
|
| CVE-2026-59703 |
|
Vulnerability in c (CVE-2026-59703)
vulnerability in c (CVE-2026-59703). Confidential information can be exposed externally.
|
| CVE-2026-55874 |
|
Path Traversal in CVE-2026-55874 (CVE-2026-55874)
path traversal in CVE-2026-55874 (CVE-2026-55874). Confidential information can be exposed externally.
|
| CVE-2026-55668 |
|
Path Traversal in CVE-2026-55668 (CVE-2026-55668)
path traversal in CVE-2026-55668 (CVE-2026-55668). Data can be tampered with by attackers.
|
| CVE-2026-55873 |
|
Authorization Flaw in CVE-2026-55873 (CVE-2026-55873)
vulnerability in CVE-2026-55873 (CVE-2026-55873). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-24700 |
|
OS Command Injection in CVE-2026-24700 (CVE-2026-24700)
OS command injection in CVE-2026-24700 (CVE-2026-24700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49146 |
|
Vulnerability in c (CVE-2026-49146)
vulnerability in c (CVE-2026-49146). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24699 |
|
OS Command Injection in CVE-2026-24699 (CVE-2026-24699)
OS command injection in CVE-2026-24699 (CVE-2026-24699). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24698 |
|
OS Command Injection in CVE-2026-24698 (CVE-2026-24698)
OS command injection in CVE-2026-24698 (CVE-2026-24698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24697 |
|
OS Command Injection in CVE-2026-24697 (CVE-2026-24697)
OS command injection in CVE-2026-24697 (CVE-2026-24697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15062 |
|
SQL Injection in sqli (CVE-2026-15062)
SQL injection in sqli (CVE-2026-15062). Confidential information can be exposed externally.
|
| CVE-2026-15067 |
|
SQL Injection in sqli (CVE-2026-15067)
SQL injection in sqli (CVE-2026-15067). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11903 |
|
Cross-Site Scripting (XSS) in CVE-2026-11903 (CVE-2026-11903)
cross-site scripting in CVE-2026-11903 (CVE-2026-11903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-15036 |
|
Vulnerability in CVE-2026-15036 (CVE-2026-15036)
vulnerability in CVE-2026-15036 (CVE-2026-15036). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10699 |
|
Vulnerability in CVE-2026-10699 (CVE-2026-10699)
vulnerability in CVE-2026-10699 (CVE-2026-10699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60124 |
|
Vulnerability in CVE-2026-60124 (CVE-2026-60124)
vulnerability in CVE-2026-60124 (CVE-2026-60124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60092 |
|
Cross-Site Scripting (XSS) in CVE-2026-60092 (CVE-2026-60092)
cross-site scripting in CVE-2026-60092 (CVE-2026-60092). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
|
| CVE-2026-60125 |
|
Authorization Flaw in CVE-2026-60125 (CVE-2026-60125)
vulnerability in CVE-2026-60125 (CVE-2026-60125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58654 |
|
Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2026-58657 |
|
Cross-Site Scripting (XSS) in CVE-2026-58657 (CVE-2026-58657)
cross-site scripting in CVE-2026-58657 (CVE-2026-58657). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.0` or later.
|
| CVE-2026-59257 |
|
SQL Injection in sqli (CVE-2026-59257)
SQL injection in sqli (CVE-2026-59257). Successful exploitation can lead to full system takeover.
|