Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-35159 |
|
Vulnerability in CVE-2026-35159 (CVE-2026-35159)
vulnerability in CVE-2026-35159 (CVE-2026-35159). Data can be tampered with by attackers.
|
| CVE-2026-10539 |
|
Vulnerability in CVE-2026-10539 (CVE-2026-10539)
vulnerability in CVE-2026-10539 (CVE-2026-10539). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41052 |
|
Vulnerability in github.com/rancher/rancher (CVE-2026-41052)
vulnerability in github.com/rancher/rancher (CVE-2026-41052). Successful exploitation can lead to full system takeover. Exploitable via ``privileged``. Mitigation: upgrade to `0.0.0-20260513182521-2800aaac25b5` or later.
|
| CVE-2025-4994 |
|
Vulnerability in CVE-2025-4994 (CVE-2025-4994)
vulnerability in CVE-2025-4994 (CVE-2025-4994). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7064 |
|
Vulnerability in CVE-2025-7064 (CVE-2025-7064)
vulnerability in CVE-2025-7064 (CVE-2025-7064). Data can be tampered with by attackers.
|
| CVE-2026-25555 |
|
Vulnerability in CVE-2026-25555 (CVE-2026-25555)
vulnerability in CVE-2026-25555 (CVE-2026-25555). Successful exploitation can lead to full system takeover. Exploitable via `X-API-Key header`.
|
| CVE-2026-9798 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-9798)
vulnerability in org.keycloak:keycloak-services (CVE-2026-9798). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41054 |
|
Vulnerability in c (CVE-2026-41054)
vulnerability in c (CVE-2026-41054). Successful exploitation can lead to full system takeover. Exploitable via ``socket_handler``.
|
| CVE-2026-6334 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6334)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6334). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0-20260318173148-e9ae890a013b` or later.
|
| CVE-2026-2652 |
|
Vulnerability in mlflow (CVE-2026-2652)
vulnerability in mlflow (CVE-2026-2652). Data can be tampered with by attackers. Mitigation: upgrade to `3.10.0` or later.
|
| CVE-2026-6266 |
|
Vulnerability in CVE-2026-6266 (CVE-2026-6266)
vulnerability in CVE-2026-6266 (CVE-2026-6266). Confidential information can be exposed externally.
|
| CVE-2026-40976 |
|
Vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976)
vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.6` or later.
|
| CVE-2026-3591 |
|
Vulnerability in isc (CVE-2026-3591)
vulnerability in isc (CVE-2026-3591). Risk of unauthorized operations or information disclosure. Exploitable via ``named``.
|
| CVE-2026-3784 |
|
Vulnerability in haxx (CVE-2026-3784)
vulnerability in haxx (CVE-2026-3784). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3047 |
|
Vulnerability in redhat (CVE-2026-3047)
vulnerability in redhat (CVE-2026-3047). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4320 |
|
Vulnerability in CVE-2025-4320 (CVE-2025-4320)
vulnerability in CVE-2025-4320 (CVE-2025-4320). Successful exploitation can lead to full system takeover.
|
| CVE-2025-31161 KEV |
|
[KEV] Vulnerability in crushftp (CVE-2025-31161)
vulnerability in crushftp (CVE-2025-31161). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12582 |
|
Vulnerability in dos (CVE-2024-12582)
vulnerability in dos (CVE-2024-12582). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-37085 KEV |
|
[KEV] Vulnerability in Vmware esxi (CVE-2024-37085)
vulnerability in Vmware esxi (CVE-2024-37085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-4727 |
|
Vulnerability in CVE-2023-4727 (CVE-2023-4727)
vulnerability in CVE-2023-4727 (CVE-2023-4727). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6153 |
|
Vulnerability in CVE-2023-6153 (CVE-2023-6153)
vulnerability in CVE-2023-6153 (CVE-2023-6153). Successful exploitation can lead to full system takeover.
|
| CVE-2024-1202 |
|
Vulnerability in CVE-2024-1202 (CVE-2024-1202)
vulnerability in CVE-2024-1202 (CVE-2024-1202). Successful exploitation can lead to full system takeover.
|
| CVE-2023-7103 |
|
Vulnerability in zksoftware (CVE-2023-7103)
vulnerability in zksoftware (CVE-2023-7103). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2959 |
|
Authentication Bypass in olivaekspertiz (CVE-2023-2959)
authentication bypass in olivaekspertiz (CVE-2023-2959). Confidential information can be exposed externally.
|
| CVE-2023-1833 |
|
Vulnerability in redline (CVE-2023-1833)
vulnerability in redline (CVE-2023-1833). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45031 |
|
Vulnerability in mepsan (CVE-2021-45031)
vulnerability in mepsan (CVE-2021-45031). Confidential information can be exposed externally.
|