Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-26318 |
|
OS Command Injection in systeminformation (CVE-2026-26318)
OS command injection in systeminformation (CVE-2026-26318). Successful exploitation can lead to full system takeover. Exploitable via ``locate``.
|
| CVE-2026-26280 |
|
OS Command Injection in systeminformation (CVE-2026-26280)
OS command injection in systeminformation (CVE-2026-26280). Successful exploitation can lead to full system takeover. Exploitable via ``iface``.
|
| CVE-2026-26200 |
|
Vulnerability in hdfgroup (CVE-2026-26200)
vulnerability in hdfgroup (CVE-2026-26200). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26339 |
|
SSRF (Server-Side Request Forgery) in hyland (CVE-2026-26339)
SSRF in hyland (CVE-2026-26339). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26338 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-26338)
SSRF in ssrf (CVE-2026-26338). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26337 |
|
Vulnerability in path-traversal (CVE-2026-26337)
vulnerability in path-traversal (CVE-2026-26337). Confidential information can be exposed externally.
|
| CVE-2026-24834 |
|
Vulnerability in c (CVE-2026-24834)
vulnerability in c (CVE-2026-24834). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69725 |
|
Open Redirect in github.com/go-chi/chi/v5 (CVE-2025-69725)
vulnerability in github.com/go-chi/chi/v5 (CVE-2025-69725). Risk of unauthorized operations or information disclosure. Exploitable via ``RedirectSlashes``. Mitigation: upgrade to `5.2.4` or later.
|
| CVE-2026-25940 |
|
Vulnerability in parall (CVE-2026-25940)
vulnerability in parall (CVE-2026-25940). Confidential information can be exposed externally.
|
| CVE-2026-25755 |
|
Code Injection in parall (CVE-2026-25755)
code injection in parall (CVE-2026-25755). Confidential information can be exposed externally. Exploitable via ``addJS``.
|
| CVE-2026-25535 |
|
Vulnerability in dos (CVE-2026-25535)
vulnerability in dos (CVE-2026-25535). Risk of unauthorized operations or information disclosure. Exploitable via ``addImage``.
|
| CVE-2025-8350 |
|
Vulnerability in CVE-2025-8350 (CVE-2025-8350)
vulnerability in CVE-2025-8350 (CVE-2025-8350). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13590 |
|
Unrestricted File Upload in wso2 (CVE-2025-13590)
vulnerability in wso2 (CVE-2025-13590). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2704 |
|
Buffer Overflow in openbabel (CVE-2026-2704)
vulnerability in openbabel (CVE-2026-2704). Risk of unauthorized operations or information disclosure. Exploitable via ``obabel``. Mitigation: upgrade to `3.2.0` or later.
|
| CVE-2026-0974 |
|
Vulnerability in wordpress (CVE-2026-0974)
vulnerability in wordpress (CVE-2026-0974). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26980 |
|
SQL Injection in ghost (CVE-2026-26980)
SQL injection in ghost (CVE-2026-26980). Confidential information can be exposed externally. Mitigation: upgrade to `6.19.1` or later.
|
| CVE-2026-22860 |
|
Path Traversal in rack (CVE-2026-22860)
path traversal in rack (CVE-2026-22860). Confidential information can be exposed externally.
|
| CVE-2026-24708 |
|
Vulnerability in CVE-2026-24708 (CVE-2026-24708)
vulnerability in CVE-2026-24708 (CVE-2026-24708). Data can be tampered with by attackers.
|
| CVE-2025-14009 |
|
Code Injection in nltk (CVE-2025-14009)
code injection in nltk (CVE-2025-14009). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-23228 |
|
Vulnerability in linux (CVE-2026-23228)
vulnerability in linux (CVE-2026-23228). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23230 |
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: split...
In the Linux kernel, the following vulnerability has been resolved:
smb: client: split...
|
| CVE-2026-23220 |
|
Vulnerability in linux (CVE-2026-23220)
vulnerability in linux (CVE-2026-23220). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7630 |
|
Authentication Bypass in CVE-2025-7630 (CVE-2025-7630)
authentication bypass in CVE-2025-7630 (CVE-2025-7630). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-8308 |
|
Cross-Site Scripting (XSS) in CVE-2025-8308 (CVE-2025-8308)
cross-site scripting in CVE-2025-8308 (CVE-2025-8308). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-33239 |
|
Code Injection in nvidia (CVE-2025-33239)
code injection in nvidia (CVE-2025-33239). Successful exploitation can lead to full system takeover.
|
| CVE-2025-33240 |
|
Code Injection in nvidia (CVE-2025-33240)
code injection in nvidia (CVE-2025-33240). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22175 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in gitlab (CVE-2021-22175)
SSRF in gitlab (CVE-2021-22175). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-22769 KEV |
|
[KEV] Vulnerability in Dell recoverpoint-for-virtual-machines-rp4vms (CVE-2026-22769)
vulnerability in Dell recoverpoint-for-virtual-machines-rp4vms (CVE-2026-22769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-24734 |
|
Vulnerability in apache (CVE-2026-24734)
vulnerability in apache (CVE-2026-24734). Data can be tampered with by attackers.
|
| CVE-2025-70397 |
|
SQL Injection in sqli (CVE-2025-70397)
SQL injection in sqli (CVE-2025-70397). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65753 |
|
Vulnerability in CVE-2025-65753 (CVE-2025-65753)
vulnerability in CVE-2025-65753 (CVE-2025-65753). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7706 |
|
Vulnerability in CVE-2025-7706 (CVE-2025-7706)
vulnerability in CVE-2025-7706 (CVE-2025-7706). Confidential information can be exposed externally.
|
| CVE-2026-22208 |
|
Vulnerability in CVE-2026-22208 (CVE-2026-22208)
vulnerability in CVE-2026-22208 (CVE-2026-22208). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7631 |
|
SQL Injection in c (CVE-2025-7631)
SQL injection in c (CVE-2025-7631). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-8303 |
|
Cross-Site Scripting (XSS) in CVE-2025-8303 (CVE-2025-8303)
cross-site scripting in CVE-2025-8303 (CVE-2025-8303). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26220 |
|
Unsafe Deserialization in CVE-2026-26220 (CVE-2026-26220)
vulnerability in CVE-2026-26220 (CVE-2026-26220). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-7796 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite (CVE-2020-7796)
SSRF in Synacor zimbra-collaboration-suite (CVE-2020-7796). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-7694 KEV |
|
[KEV] Unrestricted File Upload in Teamt5 threatsonar-anti-ransomware (CVE-2024-7694)
vulnerability in Teamt5 threatsonar-anti-ransomware (CVE-2024-7694). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2441 KEV |
|
[KEV] Use-After-Free in Google chromium (CVE-2026-2441)
vulnerability in Google chromium (CVE-2026-2441). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2447 |
|
Vulnerability in mozilla (CVE-2026-2447)
vulnerability in mozilla (CVE-2026-2447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23185 |
|
Use-After-Free in linux (CVE-2026-23185)
vulnerability in linux (CVE-2026-23185). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71221 |
|
Vulnerability in linux (CVE-2025-71221)
vulnerability in linux (CVE-2025-71221). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23204 |
|
Out-of-Bounds Read in c (CVE-2026-23204)
vulnerability in c (CVE-2026-23204). Confidential information can be exposed externally.
|
| CVE-2026-23171 |
|
Use-After-Free in c (CVE-2026-23171)
vulnerability in c (CVE-2026-23171). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23157 |
|
Vulnerability in linux (CVE-2026-23157)
vulnerability in linux (CVE-2026-23157). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23151 |
|
Vulnerability in linux (CVE-2026-23151)
vulnerability in linux (CVE-2026-23151). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26226 |
|
Cross-Site Scripting (XSS) in CVE-2026-26226 (CVE-2026-26226)
cross-site scripting in CVE-2026-26226 (CVE-2026-26226). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23111 |
|
Use-After-Free in privilege-escalation (CVE-2026-23111)
vulnerability in privilege-escalation (CVE-2026-23111). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23112 |
|
Out-of-Bounds Write in linux (CVE-2026-23112)
out-of-bounds write in linux (CVE-2026-23112). Successful exploitation can lead to full system takeover.
|
| CVE-2025-14349 |
|
Vulnerability in privilege-escalation (CVE-2025-14349)
vulnerability in privilege-escalation (CVE-2025-14349). Successful exploitation can lead to full system takeover.
|