Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56843 |
|
Vulnerability in c (CVE-2026-56843)
vulnerability in c (CVE-2026-56843). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7017 |
|
Vulnerability in CVE-2026-7017 (CVE-2026-7017)
vulnerability in CVE-2026-7017 (CVE-2026-7017). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2026-55431 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55431)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55431). Confidential information can be exposed externally. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-1433 |
|
Vulnerability in CVE-2026-1433 (CVE-2026-1433)
vulnerability in CVE-2026-1433 (CVE-2026-1433). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8926 |
|
Vulnerability in haxx (CVE-2026-8926)
vulnerability in haxx (CVE-2026-8926). Confidential information can be exposed externally.
|
| CVE-2026-9079 |
|
Vulnerability in haxx (CVE-2026-9079)
vulnerability in haxx (CVE-2026-9079). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44938 |
|
Vulnerability in github.com/rancher/fleet (CVE-2026-44938)
vulnerability in github.com/rancher/fleet (CVE-2026-44938). Successful exploitation can lead to full system takeover. Exploitable via ``namespaceLabels``. Mitigation: upgrade to `0.12.15` or later.
|
| CVE-2026-14019 |
|
Vulnerability in google (CVE-2026-14019)
vulnerability in google (CVE-2026-14019). Confidential information can be exposed externally.
|
| CVE-2026-56783 |
|
Vulnerability in CVE-2026-56783 (CVE-2026-56783)
vulnerability in CVE-2026-56783 (CVE-2026-56783). Confidential information can be exposed externally. Exploitable via `GET /api/v1/targets`.
|
| CVE-2025-7386 |
|
Vulnerability in CVE-2025-7386 (CVE-2025-7386)
vulnerability in CVE-2025-7386 (CVE-2025-7386). Confidential information can be exposed externally.
|
| CVE-2026-55180 |
|
Information Disclosure in pnpm (CVE-2026-55180)
vulnerability in pnpm (CVE-2026-55180). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `11.5.3` or later.
|
| CVE-2026-50017 |
|
Information Disclosure in pnpm (CVE-2026-50017)
vulnerability in pnpm (CVE-2026-50017). Confidential information can be exposed externally. Exploitable via ``_authToken``. Mitigation: upgrade to `11.4.0` or later.
|
| CVE-2026-55188 |
|
Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
|
| CVE-2026-45407 |
|
Vulnerability in dokku (CVE-2026-45407)
vulnerability in dokku (CVE-2026-45407). Confidential information can be exposed externally. Mitigation: upgrade to `0.38.2` or later.
|
| CVE-2026-44622 |
|
Vulnerability in CVE-2026-44622 (CVE-2026-44622)
vulnerability in CVE-2026-44622 (CVE-2026-44622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9650 |
|
Vulnerability in CVE-2026-9650 (CVE-2026-9650)
vulnerability in CVE-2026-9650 (CVE-2026-9650). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32315 |
|
Information Disclosure in motioneye (CVE-2026-32315)
vulnerability in motioneye (CVE-2026-32315). Confidential information can be exposed externally. Exploitable via ``motion.conf``. Mitigation: upgrade to `0.44.0` or later.
|
| CVE-2026-53840 |
|
Vulnerability in openclaw (CVE-2026-53840)
vulnerability in openclaw (CVE-2026-53840). Confidential information can be exposed externally. Mitigation: upgrade to `2026.5.12` or later.
|
| CVE-2026-54276 |
|
Information Disclosure in aiohttp (CVE-2026-54276)
vulnerability in aiohttp (CVE-2026-54276). Risk of unauthorized operations or information disclosure. Exploitable via ``DigestAuthMiddleware``. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-53632 |
|
Vulnerability in launch-editor (CVE-2026-53632)
vulnerability in launch-editor (CVE-2026-53632). Risk of unauthorized operations or information disclosure. Exploitable via ``smbserver.py``. Mitigation: upgrade to `2.14.1` or later.
|
| CVE-2026-6517 |
|
Vulnerability in mattermost (CVE-2026-6517)
vulnerability in mattermost (CVE-2026-6517). Confidential information can be exposed externally.
|
| CVE-2026-49949 |
|
Vulnerability in CVE-2026-49949 (CVE-2026-49949)
vulnerability in CVE-2026-49949 (CVE-2026-49949). Confidential information can be exposed externally.
|
| CVE-2024-45636 |
|
Vulnerability in ibm (CVE-2024-45636)
vulnerability in ibm (CVE-2024-45636). Confidential information can be exposed externally.
|
| CVE-2026-41715 |
|
Vulnerability in CVE-2026-41715 (CVE-2026-41715)
vulnerability in CVE-2026-41715 (CVE-2026-41715). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39908 |
|
Vulnerability in CVE-2026-39908 (CVE-2026-39908)
vulnerability in CVE-2026-39908 (CVE-2026-39908). Confidential information can be exposed externally.
|
| CVE-2026-7312 |
|
Vulnerability in progress (CVE-2026-7312)
vulnerability in progress (CVE-2026-7312). Confidential information can be exposed externally.
|
| CVE-2026-7313 |
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
|
| CVE-2026-4387 |
|
Vulnerability in c (CVE-2026-4387)
vulnerability in c (CVE-2026-4387). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49379 |
|
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
|
| CVE-2026-42951 |
|
Vulnerability in macgregor (CVE-2026-42951)
vulnerability in macgregor (CVE-2026-42951). Confidential information can be exposed externally.
|
| CVE-2024-47271 |
|
Vulnerability in synology (CVE-2024-47271)
vulnerability in synology (CVE-2024-47271). Confidential information can be exposed externally.
|
| CVE-2026-2255 |
|
Vulnerability in hitachi (CVE-2026-2255)
vulnerability in hitachi (CVE-2026-2255). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9395 |
|
Vulnerability in CVE-2026-9395 (CVE-2026-9395)
vulnerability in CVE-2026-9395 (CVE-2026-9395). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39968 |
|
Vulnerability in CVE-2026-39968 (CVE-2026-39968)
vulnerability in CVE-2026-39968 (CVE-2026-39968). Confidential information can be exposed externally.
|
| CVE-2025-13477 |
|
Vulnerability in CVE-2025-13477 (CVE-2025-13477)
vulnerability in CVE-2025-13477 (CVE-2025-13477). Confidential information can be exposed externally.
|
| CVE-2026-0393 |
|
Vulnerability in codesys (CVE-2026-0393)
vulnerability in codesys (CVE-2026-0393). Confidential information can be exposed externally.
|
| CVE-2026-46511 |
|
Vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46511)
vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46511). Risk of unauthorized operations or information disclosure. Exploitable via ``jwt``. Mitigation: upgrade to `26.0.0` or later.
|
| CVE-2026-6345 |
|
Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6345)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-6345). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260311102650-3057ae7e83e9` or later.
|
| CVE-2025-62312 |
|
Vulnerability in CVE-2025-62312 (CVE-2025-62312)
vulnerability in CVE-2025-62312 (CVE-2025-62312). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46440 |
|
Vulnerability in flowise (CVE-2026-46440)
vulnerability in flowise (CVE-2026-46440). Confidential information can be exposed externally. Mitigation: upgrade to `3.1.2` or later.
|
| CVE-2026-6253 |
|
Vulnerability in haxx (CVE-2026-6253)
vulnerability in haxx (CVE-2026-6253). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43992 |
|
Information Disclosure in CVE-2026-43992 (CVE-2026-43992)
vulnerability in CVE-2026-43992 (CVE-2026-43992). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
|
| CVE-2026-8368 |
|
Vulnerability in CVE-2026-8368 (CVE-2026-8368)
vulnerability in CVE-2026-8368 (CVE-2026-8368). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2026-45091 |
|
Information Disclosure in sealed-env (CVE-2026-45091)
vulnerability in sealed-env (CVE-2026-45091). Confidential information can be exposed externally. Mitigation: upgrade to `0.1.0-alpha.4` or later.
|
| CVE-2026-28961 |
|
Vulnerability in apple (CVE-2026-28961)
vulnerability in apple (CVE-2026-28961). Confidential information can be exposed externally.
|
| CVE-2026-42869 |
|
Authentication Bypass in CVE-2026-42869 (CVE-2026-42869)
authentication bypass in CVE-2026-42869 (CVE-2026-42869). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.1.57` or later.
|
| CVE-2026-42295 |
|
Vulnerability in argo-workflows (CVE-2026-42295)
vulnerability in argo-workflows (CVE-2026-42295). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.5` or later.
|
| CVE-2026-41506 |
|
Vulnerability in github.com/go-git/go-git/v5 (CVE-2026-41506)
vulnerability in github.com/go-git/go-git/v5 (CVE-2026-41506). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `5.18.0` or later.
|
| CVE-2025-31976 |
|
Information Disclosure in hcltech (CVE-2025-31976)
vulnerability in hcltech (CVE-2025-31976). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42367 |
|
Vulnerability in c (CVE-2026-42367)
vulnerability in c (CVE-2026-42367). Confidential information can be exposed externally.
|