Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2026-23697 Unrestricted File Upload in apache (CVE-2026-23697)
vulnerability in apache (CVE-2026-23697). Successful exploitation can lead to full system takeover.
CVE-2026-14904 Vulnerability in Amazon aws (CVE-2026-14904)
vulnerability in Amazon aws (CVE-2026-14904). Confidential information can be exposed externally.
CVE-2025-12799 Cross-Site Scripting (XSS) in CVE-2025-12799 (CVE-2025-12799)
cross-site scripting in CVE-2025-12799 (CVE-2025-12799). Data can be tampered with by attackers.
CVE-2026-42953 Out-of-Bounds Write in cisa (CVE-2026-42953)
out-of-bounds write in cisa (CVE-2026-42953). Risk of unauthorized operations or information disclosure.
CVE-2026-56812 Vulnerability in dos (CVE-2026-56812)
vulnerability in dos (CVE-2026-56812). Risk of unauthorized operations or information disclosure.
CVE-2026-56811 Vulnerability in dos (CVE-2026-56811)
vulnerability in dos (CVE-2026-56811). Risk of unauthorized operations or information disclosure.
CVE-2026-14935 Vulnerability in CVE-2026-14935 (CVE-2026-14935)
vulnerability in CVE-2026-14935 (CVE-2026-14935). Risk of unauthorized operations or information disclosure.
CVE-2026-59709 Vulnerability in CVE-2026-59709 (CVE-2026-59709)
vulnerability in CVE-2026-59709 (CVE-2026-59709). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v1/portfolio/holding/`.
CVE-2026-48588 Vulnerability in django (CVE-2026-48588)
vulnerability in django (CVE-2026-48588). Risk of unauthorized operations or information disclosure. Exploitable via ``UpdateCacheMiddleware``.
CVE-2026-14940 Vulnerability in dos (CVE-2026-14940)
vulnerability in dos (CVE-2026-14940). Risk of unauthorized operations or information disclosure.
CVE-2026-12352 Authorization Flaw in cisa (CVE-2026-12352)
vulnerability in cisa (CVE-2026-12352). Confidential information can be exposed externally.
CVE-2026-12948 Cross-Site Scripting (XSS) in CVE-2026-12948 (CVE-2026-12948)
cross-site scripting in CVE-2026-12948 (CVE-2026-12948). Risk of unauthorized operations or information disclosure.
CVE-2026-6101 Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
CVE-2026-53479 OS Command Injection in dell (CVE-2026-53479)
OS command injection in dell (CVE-2026-53479). Successful exploitation can lead to full system takeover.
CVE-2026-53483 Authentication Bypass in dell (CVE-2026-53483)
authentication bypass in dell (CVE-2026-53483). Successful exploitation can lead to full system takeover.
CVE-2026-53481 Path Traversal in path-traversal (CVE-2026-53481)
path traversal in path-traversal (CVE-2026-53481). Successful exploitation can lead to full system takeover.
CVE-2026-10659 Vulnerability in c (CVE-2026-10659)
vulnerability in c (CVE-2026-10659). Risk of unauthorized operations or information disclosure.
CVE-2026-44512 Vulnerability in onnx (CVE-2026-44512)
vulnerability in onnx (CVE-2026-44512). Risk of unauthorized operations or information disclosure. Exploitable via ``width_scale``. Mitigation: upgrade to `1.22.0` or later.
CVE-2026-11348 Vulnerability in CVE-2026-11348 (CVE-2026-11348)
vulnerability in CVE-2026-11348 (CVE-2026-11348). Successful exploitation can lead to full system takeover.
CVE-2026-11340 Vulnerability in CVE-2026-11340 (CVE-2026-11340)
vulnerability in CVE-2026-11340 (CVE-2026-11340). Data can be tampered with by attackers.
CVE-2026-48828 Information Disclosure in apache (CVE-2026-48828)
vulnerability in apache (CVE-2026-48828). Confidential information can be exposed externally. Exploitable via ``should_hide_value_for_key``.
CVE-2026-48891 Information Disclosure in apache (CVE-2026-48891)
vulnerability in apache (CVE-2026-48891). Risk of unauthorized operations or information disclosure. Exploitable via ``dep.source``.
CVE-2026-48892 Information Disclosure in apache (CVE-2026-48892)
vulnerability in apache (CVE-2026-48892). Confidential information can be exposed externally. Exploitable via ``sensitive_config_values``.
CVE-2026-49487 Information Disclosure in apache (CVE-2026-49487)
vulnerability in apache (CVE-2026-49487). Confidential information can be exposed externally.
CVE-2026-14868 Vulnerability in arcinformatique (CVE-2026-14868)
vulnerability in arcinformatique (CVE-2026-14868). Confidential information can be exposed externally.
CVE-2026-33264 Unsafe Deserialization in apache (CVE-2026-33264)
vulnerability in apache (CVE-2026-33264). Successful exploitation can lead to full system takeover.
CVE-2026-14476 Vulnerability in path-traversal (CVE-2026-14476)
vulnerability in path-traversal (CVE-2026-14476). Successful exploitation can lead to full system takeover.
CVE-2026-11610 Vulnerability in c (CVE-2026-11610)
vulnerability in c (CVE-2026-11610). Successful exploitation can lead to full system takeover.
CVE-2026-14474 Vulnerability in CVE-2026-14474 (CVE-2026-14474)
vulnerability in CVE-2026-14474 (CVE-2026-14474). Successful exploitation can lead to full system takeover.
CVE-2026-58384 Vulnerability in dos (CVE-2026-58384)
vulnerability in dos (CVE-2026-58384). Successful exploitation can lead to full system takeover.
CVE-2026-8309 Cross-Site Scripting (XSS) in CVE-2026-8309 (CVE-2026-8309)
cross-site scripting in CVE-2026-8309 (CVE-2026-8309). Risk of unauthorized operations or information disclosure.
CVE-2026-8377 Vulnerability in CVE-2026-8377 (CVE-2026-8377)
vulnerability in CVE-2026-8377 (CVE-2026-8377). Confidential information can be exposed externally.
CVE-2026-8306 Cross-Site Scripting (XSS) in CVE-2026-8306 (CVE-2026-8306)
cross-site scripting in CVE-2026-8306 (CVE-2026-8306). Risk of unauthorized operations or information disclosure.
CVE-2026-7380 Vulnerability in CVE-2026-7380 (CVE-2026-7380)
vulnerability in CVE-2026-7380 (CVE-2026-7380). Risk of unauthorized operations or information disclosure.
CVE-2026-14345 Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
CVE-2026-57867 Vulnerability in CVE-2026-57867 (CVE-2026-57867)
vulnerability in CVE-2026-57867 (CVE-2026-57867). Risk of unauthorized operations or information disclosure.
CVE-2026-58315 Cross-Site Request Forgery (CSRF) in jvn (CVE-2026-58315)
vulnerability in jvn (CVE-2026-58315). Risk of unauthorized operations or information disclosure.
CVE-2026-57871 Vulnerability in path-traversal (CVE-2026-57871)
vulnerability in path-traversal (CVE-2026-57871). Risk of unauthorized operations or information disclosure.
CVE-2026-42201 OS Command Injection in CVE-2026-42201 (CVE-2026-42201)
OS command injection in CVE-2026-42201 (CVE-2026-42201). Risk of unauthorized operations or information disclosure.
CVE-2026-34158 OS Command Injection in CVE-2026-34158 (CVE-2026-34158)
OS command injection in CVE-2026-34158 (CVE-2026-34158). Successful exploitation can lead to full system takeover.
CVE-2026-42200 Path Traversal in CVE-2026-42200 (CVE-2026-42200)
path traversal in CVE-2026-42200 (CVE-2026-42200). Successful exploitation can lead to full system takeover.
CVE-2026-42145 Unrestricted File Upload in CVE-2026-42145 (CVE-2026-42145)
vulnerability in CVE-2026-42145 (CVE-2026-42145). Risk of unauthorized operations or information disclosure.
CVE-2026-42147 SSRF (Server-Side Request Forgery) in CVE-2026-42147 (CVE-2026-42147)
SSRF in CVE-2026-42147 (CVE-2026-42147). Confidential information can be exposed externally.
CVE-2026-42143 OS Command Injection in CVE-2026-42143 (CVE-2026-42143)
OS command injection in CVE-2026-42143 (CVE-2026-42143). Successful exploitation can lead to full system takeover.
CVE-2026-34168 OS Command Injection in CVE-2026-34168 (CVE-2026-34168)
OS command injection in CVE-2026-34168 (CVE-2026-34168). Successful exploitation can lead to full system takeover.
CVE-2026-34152 OS Command Injection in CVE-2026-34152 (CVE-2026-34152)
OS command injection in CVE-2026-34152 (CVE-2026-34152). Successful exploitation can lead to full system takeover.
CVE-2026-34171 Cross-Site Request Forgery (CSRF) in CVE-2026-34171 (CVE-2026-34171)
vulnerability in CVE-2026-34171 (CVE-2026-34171). Confidential information can be exposed externally. Exploitable via `GET /invitations/{uuid}`.
CVE-2026-34170 SSRF (Server-Side Request Forgery) in CVE-2026-34170 (CVE-2026-34170)
SSRF in CVE-2026-34170 (CVE-2026-34170). Risk of unauthorized operations or information disclosure.
CVE-2026-34149 OS Command Injection in CVE-2026-34149 (CVE-2026-34149)
OS command injection in CVE-2026-34149 (CVE-2026-34149). Risk of unauthorized operations or information disclosure.
CVE-2026-34058 OS Command Injection in CVE-2026-34058 (CVE-2026-34058)
OS command injection in CVE-2026-34058 (CVE-2026-34058). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →