Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-15034 |
|
Cross-Site Request Forgery (CSRF) in flask (CVE-2026-15034)
vulnerability in flask (CVE-2026-15034). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12002 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9731 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49471 |
|
Vulnerability in serena-agent (CVE-2026-49471)
vulnerability in serena-agent (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`. Mitigation: upgrade to `1.5.2` or later.
|
| CVE-2026-58315 |
|
Cross-Site Request Forgery (CSRF) in jvn (CVE-2026-58315)
vulnerability in jvn (CVE-2026-58315). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34171 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-34171 (CVE-2026-34171)
vulnerability in CVE-2026-34171 (CVE-2026-34171). Confidential information can be exposed externally. Exploitable via `GET /invitations/{uuid}`.
|
| CVE-2026-59713 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59713)
vulnerability in csrf (CVE-2026-59713). Confidential information can be exposed externally.
|
| CVE-2026-14800 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-14800 (CVE-2026-14800)
vulnerability in CVE-2026-14800 (CVE-2026-14800). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59520 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59520)
vulnerability in csrf (CVE-2026-59520). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12746 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-12746 (CVE-2026-12746)
vulnerability in CVE-2026-12746 (CVE-2026-12746). Confidential information can be exposed externally.
|
| CVE-2026-12740 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-12740 (CVE-2026-12740)
vulnerability in CVE-2026-12740 (CVE-2026-12740). Confidential information can be exposed externally.
|
| CVE-2026-14620 |
|
Cross-Site Request Forgery (CSRF) in webpackjs (CVE-2026-14620)
vulnerability in webpackjs (CVE-2026-14620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57766 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57766)
vulnerability in csrf (CVE-2026-57766). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57759 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.
|
| CVE-2026-57751 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions.
|
| CVE-2026-57690 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt <= 4.7.2 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt <= 4.7.2 versions.
|
| CVE-2026-57758 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57758)
vulnerability in csrf (CVE-2026-57758). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57757 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions.
|
| CVE-2026-57747 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Booked <= 3.0.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Booked <= 3.0.0 versions.
|
| CVE-2026-57761 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions.
|
| CVE-2026-57723 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57723)
vulnerability in csrf (CVE-2026-57723). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12158 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12158)
vulnerability in wordpress (CVE-2026-12158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58518 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-58518)
vulnerability in csrf (CVE-2026-58518). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11981 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11981)
vulnerability in wordpress (CVE-2026-11981). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14016 |
|
Cross-Site Request Forgery (CSRF) in google (CVE-2026-14016)
vulnerability in google (CVE-2026-14016). Confidential information can be exposed externally.
|
| CVE-2026-13952 |
|
Cross-Site Request Forgery (CSRF) in google (CVE-2026-13952)
vulnerability in google (CVE-2026-13952). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13963 |
|
Cross-Site Request Forgery (CSRF) in google (CVE-2026-13963)
vulnerability in google (CVE-2026-13963). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13944 |
|
Cross-Site Request Forgery (CSRF) in google (CVE-2026-13944)
vulnerability in google (CVE-2026-13944). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13946 |
|
Cross-Site Request Forgery (CSRF) in google (CVE-2026-13946)
vulnerability in google (CVE-2026-13946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13887 |
|
Vulnerability in google (CVE-2026-13887)
vulnerability in google (CVE-2026-13887). Confidential information can be exposed externally.
|
| CVE-2026-13826 |
|
Vulnerability in google (CVE-2026-13826)
vulnerability in google (CVE-2026-13826). Confidential information can be exposed externally.
|
| CVE-2026-35096 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-35096)
vulnerability in csrf (CVE-2026-35096). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8944 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8944)
vulnerability in wordpress (CVE-2026-8944). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43735 |
|
Cross-Site Request Forgery (CSRF) in apple (CVE-2026-43735)
vulnerability in apple (CVE-2026-43735). Confidential information can be exposed externally.
|
| CVE-2026-31016 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-31016 (CVE-2026-31016)
vulnerability in CVE-2026-31016 (CVE-2026-31016). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13537 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-13537 (CVE-2026-13537)
vulnerability in CVE-2026-13537 (CVE-2026-13537). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13422 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-13422)
vulnerability in wordpress (CVE-2026-13422). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52784 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-52784)
vulnerability in csrf (CVE-2026-52784). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `17.3.3` or later.
|
| CVE-2026-57641 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7 <= 3.5.9 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7 <= 3.5.9 versions.
|
| CVE-2026-57655 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
|
| CVE-2026-57657 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions.
|
| CVE-2026-57659 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57659)
vulnerability in csrf (CVE-2026-57659). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57635 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57635)
vulnerability in csrf (CVE-2026-57635). Data can be tampered with by attackers.
|
| CVE-2026-57637 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57637)
vulnerability in csrf (CVE-2026-57637). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-68052 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
|
| CVE-2026-12986 |
|
Cross-Site Request Forgery (CSRF) in ssrf (CVE-2026-12986)
vulnerability in ssrf (CVE-2026-12986). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57305 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57305)
vulnerability in csrf (CVE-2026-57305). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57306 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57306)
vulnerability in csrf (CVE-2026-57306). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57295 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57295)
vulnerability in csrf (CVE-2026-57295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57292 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57292)
vulnerability in csrf (CVE-2026-57292). Risk of unauthorized operations or information disclosure.
|