Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56782 |
|
Vulnerability in CVE-2026-56782 (CVE-2026-56782)
vulnerability in CVE-2026-56782 (CVE-2026-56782). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13591 |
|
Vulnerability in CVE-2026-13591 (CVE-2026-13591)
vulnerability in CVE-2026-13591 (CVE-2026-13591). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13592 |
|
Buffer Overflow in CVE-2026-13592 (CVE-2026-13592)
vulnerability in CVE-2026-13592 (CVE-2026-13592). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56285 |
|
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
|
| CVE-2026-13590 |
|
Buffer Overflow in CVE-2026-13590 (CVE-2026-13590)
vulnerability in CVE-2026-13590 (CVE-2026-13590). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36848 |
|
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
|
| CVE-2026-11720 |
|
Path Traversal in path-traversal (CVE-2026-11720)
path traversal in path-traversal (CVE-2026-11720). Confidential information can be exposed externally.
|
| CVE-2026-13751 |
|
Vulnerability in snowflake (CVE-2026-13751)
vulnerability in snowflake (CVE-2026-13751). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13588 |
|
Buffer Overflow in cpp (CVE-2026-13588)
vulnerability in cpp (CVE-2026-13588). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13589 |
|
Buffer Overflow in cpp (CVE-2026-13589)
vulnerability in cpp (CVE-2026-13589). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13752 |
|
SQL Injection in snowflake (CVE-2026-13752)
SQL injection in snowflake (CVE-2026-13752). Confidential information can be exposed externally.
|
| CVE-2026-12912 |
|
Vulnerability in dos (CVE-2026-12912)
vulnerability in dos (CVE-2026-12912). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9105 |
|
Vulnerability in tp-link (CVE-2026-9105)
vulnerability in tp-link (CVE-2026-9105). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13749 |
|
Code Injection in snowflake (CVE-2026-13749)
code injection in snowflake (CVE-2026-13749). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13748 |
|
Path Traversal in snowflake (CVE-2026-13748)
path traversal in snowflake (CVE-2026-13748). Confidential information can be exposed externally.
|
| CVE-2026-41052 |
|
Vulnerability in github.com/rancher/rancher (CVE-2026-41052)
vulnerability in github.com/rancher/rancher (CVE-2026-41052). Successful exploitation can lead to full system takeover. Exploitable via ``privileged``. Mitigation: upgrade to `0.0.0-20260513182521-2800aaac25b5` or later.
|
| CVE-2026-13750 |
|
Vulnerability in snowflake (CVE-2026-13750)
vulnerability in snowflake (CVE-2026-13750). Confidential information can be exposed externally.
|
| CVE-2026-13742 |
|
Vulnerability in CVE-2026-13742 (CVE-2026-13742)
vulnerability in CVE-2026-13742 (CVE-2026-13742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13746 |
|
SQL Injection in snowflake (CVE-2026-13746)
SQL injection in snowflake (CVE-2026-13746). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13744 |
|
SQL Injection in snowflake (CVE-2026-13744)
SQL injection in snowflake (CVE-2026-13744). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13581 |
|
Command Injection in CVE-2026-13581 (CVE-2026-13581)
command injection in CVE-2026-13581 (CVE-2026-13581). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13587 |
|
Buffer Overflow in c (CVE-2026-13587)
vulnerability in c (CVE-2026-13587). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13583 |
|
Buffer Overflow in CVE-2026-13583 (CVE-2026-13583)
vulnerability in CVE-2026-13583 (CVE-2026-13583). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13582 |
|
Buffer Overflow in CVE-2026-13582 (CVE-2026-13582)
vulnerability in CVE-2026-13582 (CVE-2026-13582). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13580 |
|
Buffer Overflow in CVE-2026-13580 (CVE-2026-13580)
vulnerability in CVE-2026-13580 (CVE-2026-13580). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57332 |
|
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
|
| CVE-2026-57335 |
|
Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
|
| CVE-2026-57327 |
|
Subscriber Broken Access Control in MainWP <= 6.1.1 versions.
Subscriber Broken Access Control in MainWP <= 6.1.1 versions.
|
| CVE-2026-57340 |
|
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
|
| CVE-2026-57339 |
|
Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
|
| CVE-2026-57334 |
|
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
|
| CVE-2026-56290 KEV |
|
[KEV] Unrestricted File Upload in Joomlack page-builder-ck (CVE-2026-56290)
vulnerability in Joomlack page-builder-ck (CVE-2026-56290). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-57331 |
|
Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions.
Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions.
|
| CVE-2026-57320 |
|
Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.
Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.
|
| CVE-2026-57326 |
|
Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
|
| CVE-2026-57328 |
|
Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.
|
| CVE-2026-57333 |
|
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
|
| CVE-2026-57337 |
|
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
|
| CVE-2026-57336 |
|
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
|
| CVE-2026-57329 |
|
Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.
Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions.
|
| CVE-2026-57330 |
|
Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.
Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions.
|
| CVE-2026-57338 |
|
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
|
| CVE-2026-56124 |
|
Vulnerability in CVE-2026-56124 (CVE-2026-56124)
vulnerability in CVE-2026-56124 (CVE-2026-56124). Confidential information can be exposed externally.
|
| CVE-2026-49049 |
|
Vulnerability in ollyo (CVE-2026-49049)
vulnerability in ollyo (CVE-2026-49049). Data can be tampered with by attackers.
|
| CVE-2026-13573 |
|
Buffer Overflow in cpp (CVE-2026-13573)
vulnerability in cpp (CVE-2026-13573). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13574 |
|
Buffer Overflow in cpp (CVE-2026-13574)
vulnerability in cpp (CVE-2026-13574). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13579 |
|
Vulnerability in sqli (CVE-2026-13579)
vulnerability in sqli (CVE-2026-13579). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13578 |
|
Vulnerability in sqli (CVE-2026-13578)
vulnerability in sqli (CVE-2026-13578). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13572 |
|
Vulnerability in sqli (CVE-2026-13572)
vulnerability in sqli (CVE-2026-13572). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55607 |
|
Path Traversal in anthropic (CVE-2026-55607)
path traversal in anthropic (CVE-2026-55607). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.1.163` or later.
|