Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56762 |
|
Vulnerability in CVE-2026-56762 (CVE-2026-56762)
vulnerability in CVE-2026-56762 (CVE-2026-56762). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
|
| CVE-2026-55766 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-55766)
vulnerability in guzzlehttp/psr7 (CVE-2026-55766). Risk of unauthorized operations or information disclosure. Exploitable via ``Request``. Mitigation: upgrade to `2.12.1` or later.
|
| CVE-2026-50269 |
|
Vulnerability in aiohttp (CVE-2026-50269)
vulnerability in aiohttp (CVE-2026-50269). Risk of unauthorized operations or information disclosure. Exploitable via ``Payload.headers``. Mitigation: upgrade to `3.14.0` or later.
|
| CVE-2026-49214 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-49214)
vulnerability in guzzlehttp/psr7 (CVE-2026-49214). Risk of unauthorized operations or information disclosure. Exploitable via ``Uri``. Mitigation: upgrade to `2.10.2` or later.
|
| CVE-2026-44489 |
|
Vulnerability in axios (CVE-2026-44489)
vulnerability in axios (CVE-2026-44489). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-47675 |
|
Vulnerability in hono (CVE-2026-47675)
vulnerability in hono (CVE-2026-47675). Risk of unauthorized operations or information disclosure. Exploitable via ``domain``. Mitigation: upgrade to `4.12.21` or later.
|
| CVE-2026-9658 |
|
Vulnerability in CVE-2026-9658 (CVE-2026-9658)
vulnerability in CVE-2026-9658 (CVE-2026-9658). Risk of unauthorized operations or information disclosure. Exploitable via `GET /path`.
|
| CVE-2026-42578 |
|
Vulnerability in io.netty:netty-handler-proxy (CVE-2026-42578)
vulnerability in io.netty:netty-handler-proxy (CVE-2026-42578). Data can be tampered with by attackers. Exploitable via ``io.netty.handler.proxy.HttpProxyHandler``. Mitigation: upgrade to `4.2.13.Final` or later.
|
| CVE-2026-44214 |
|
Vulnerability in eventsource-encoder (CVE-2026-44214)
vulnerability in eventsource-encoder (CVE-2026-44214). Risk of unauthorized operations or information disclosure. Exploitable via ``event``. Mitigation: upgrade to `1.0.2` or later.
|
| CVE-2026-41683 |
|
Vulnerability in i18next-http-middleware (CVE-2026-41683)
vulnerability in i18next-http-middleware (CVE-2026-41683). Data can be tampered with by attackers. Exploitable via ``i18next``. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-40175 |
|
Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
|