Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-49779 |
|
Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.
Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions.
|
| CVE-2026-52707 |
|
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
|
| CVE-2026-52703 |
|
Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
|
| CVE-2026-49112 |
|
Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions.
Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions.
|
| CVE-2026-42661 |
|
Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
|
| CVE-2026-40128 |
|
Vulnerability in path-traversal (CVE-2026-40128)
vulnerability in path-traversal (CVE-2026-40128). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24315 |
|
Vulnerability in CVE-2026-24315 (CVE-2026-24315)
vulnerability in CVE-2026-24315 (CVE-2026-24315). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45661 |
|
Path Traversal in path-traversal (CVE-2026-45661)
path traversal in path-traversal (CVE-2026-45661). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44933 |
|
Vulnerability in CVE-2026-44933 (CVE-2026-44933)
vulnerability in CVE-2026-44933 (CVE-2026-44933). Successful exploitation can lead to full system takeover. Exploitable via ``PluginScript``.
|
| CVE-2026-45495 |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
| CVE-2026-7302 |
|
Vulnerability in sglang (CVE-2026-7302)
vulnerability in sglang (CVE-2026-7302). Data can be tampered with by attackers.
|
| CVE-2026-42930 |
|
Vulnerability in f5 (CVE-2026-42930)
vulnerability in f5 (CVE-2026-42930). Confidential information can be exposed externally.
|
| CVE-2026-24464 |
|
Vulnerability in path-traversal (CVE-2026-24464)
vulnerability in path-traversal (CVE-2026-24464). Data can be tampered with by attackers.
|
| CVE-2026-25705 |
|
Vulnerability in github.com/rancher/rancher (CVE-2026-25705)
vulnerability in github.com/rancher/rancher (CVE-2026-25705). Successful exploitation can lead to full system takeover. Exploitable via ``compressedEndpoint``. Mitigation: upgrade to `2.11.13` or later.
|
| CVE-2026-0804 |
|
Vulnerability in path-traversal (CVE-2026-0804)
vulnerability in path-traversal (CVE-2026-0804). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20034 |
|
Vulnerability in Cisco unity-connection (CVE-2026-20034)
vulnerability in Cisco unity-connection (CVE-2026-20034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6074 |
|
Vulnerability in cisa (CVE-2026-6074)
vulnerability in cisa (CVE-2026-6074). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42274 |
|
Vulnerability in github.com/dadrus/heimdall (CVE-2026-42274)
vulnerability in github.com/dadrus/heimdall (CVE-2026-42274). Risk of unauthorized operations or information disclosure. Exploitable via ``allow_encoded_slashes``. Mitigation: upgrade to `0.17.14` or later.
|
| CVE-2025-68428 |
|
Vulnerability in path-traversal (CVE-2025-68428)
vulnerability in path-traversal (CVE-2025-68428). Confidential information can be exposed externally. Exploitable via ``addImage``.
|
| CVE-2025-8088 KEV |
|
[KEV] Vulnerability in Rarlab winrar (CVE-2025-8088)
vulnerability in Rarlab winrar (CVE-2025-8088). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-54216 |
|
Vulnerability in path-traversal (CVE-2024-54216)
vulnerability in path-traversal (CVE-2024-54216). Confidential information can be exposed externally.
|
| CVE-2024-39171 |
|
Path Traversal in phpvibe (CVE-2024-39171)
path traversal in phpvibe (CVE-2024-39171). Successful exploitation can lead to full system takeover.
|
| CVE-2022-3693 |
|
Path Traversal in path-traversal (CVE-2022-3693)
path traversal in path-traversal (CVE-2022-3693). Confidential information can be exposed externally.
|
| CVE-2022-2265 |
|
Path Traversal in path-traversal (CVE-2022-2265)
path traversal in path-traversal (CVE-2022-2265). Confidential information can be exposed externally.
|