Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-46467 |
|
Vulnerability in CVE-2026-46467 (CVE-2026-46467)
vulnerability in CVE-2026-46467 (CVE-2026-46467). Confidential information can be exposed externally.
|
| CVE-2026-8482 |
|
Vulnerability in CVE-2026-8482 (CVE-2026-8482)
vulnerability in CVE-2026-8482 (CVE-2026-8482). Confidential information can be exposed externally.
|
| CVE-2026-54704 |
|
Vulnerability in linuxfoundation (CVE-2026-54704)
vulnerability in linuxfoundation (CVE-2026-54704). Confidential information can be exposed externally.
|
| CVE-2026-49088 |
|
Vulnerability in elastic (CVE-2026-49088)
vulnerability in elastic (CVE-2026-49088). Confidential information can be exposed externally.
|
| CVE-2026-12086 |
|
Vulnerability in ibm (CVE-2026-12086)
vulnerability in ibm (CVE-2026-12086). Confidential information can be exposed externally.
|
| CVE-2026-13750 |
|
Vulnerability in snowflake (CVE-2026-13750)
vulnerability in snowflake (CVE-2026-13750). Confidential information can be exposed externally.
|
| CVE-2026-56457 |
|
Vulnerability in hcltechsw (CVE-2026-56457)
vulnerability in hcltechsw (CVE-2026-56457). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-59868 |
|
Vulnerability in hcltech (CVE-2025-59868)
vulnerability in hcltech (CVE-2025-59868). Confidential information can be exposed externally.
|
| CVE-2026-9699 |
|
Vulnerability in CVE-2026-9699 (CVE-2026-9699)
vulnerability in CVE-2026-9699 (CVE-2026-9699). Confidential information can be exposed externally.
|
| CVE-2026-12053 |
|
Vulnerability in gitlab (CVE-2026-12053)
vulnerability in gitlab (CVE-2026-12053). Confidential information can be exposed externally.
|
| CVE-2026-8330 |
|
Vulnerability in gitlab (CVE-2026-8330)
vulnerability in gitlab (CVE-2026-8330). Confidential information can be exposed externally.
|
| CVE-2026-9073 |
|
Vulnerability in redhat (CVE-2026-9073)
vulnerability in redhat (CVE-2026-9073). Confidential information can be exposed externally.
|
| CVE-2026-11819 |
|
Vulnerability in c (CVE-2026-11819)
vulnerability in c (CVE-2026-11819). Confidential information can be exposed externally.
|
| CVE-2026-11820 |
|
Vulnerability in c (CVE-2026-11820)
vulnerability in c (CVE-2026-11820). Confidential information can be exposed externally.
|
| CVE-2026-54236 |
|
Vulnerability in vllm (CVE-2026-54236)
vulnerability in vllm (CVE-2026-54236). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v1/messages`.
|
| CVE-2025-46313 |
|
Vulnerability in apple (CVE-2025-46313)
vulnerability in apple (CVE-2025-46313). Confidential information can be exposed externally.
|
| CVE-2026-0267 |
|
Vulnerability in paloaltonetworks (CVE-2026-0267)
vulnerability in paloaltonetworks (CVE-2026-0267). Confidential information can be exposed externally.
|
| CVE-2026-9735 |
|
Vulnerability in mongodb (CVE-2026-9735)
vulnerability in mongodb (CVE-2026-9735). Confidential information can be exposed externally.
|
| CVE-2026-9751 |
|
Vulnerability in mongodb (CVE-2026-9751)
vulnerability in mongodb (CVE-2026-9751). Confidential information can be exposed externally. Mitigation: upgrade to `7.0.35, 8.0.24, 8.2.10, 8.3.3` or later.
|
| CVE-2026-50205 |
|
Vulnerability in acer (CVE-2026-50205)
vulnerability in acer (CVE-2026-50205). Confidential information can be exposed externally.
|
| CVE-2026-40619 |
|
Vulnerability in CVE-2026-40619 (CVE-2026-40619)
vulnerability in CVE-2026-40619 (CVE-2026-40619). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49200 |
|
Vulnerability in acer (CVE-2026-49200)
vulnerability in acer (CVE-2026-49200). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45040 |
|
Vulnerability in CVE-2026-45040 (CVE-2026-45040)
vulnerability in CVE-2026-45040 (CVE-2026-45040). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
|
| CVE-2026-6720 |
|
Vulnerability in github.com/projectcalico/calicoctl/v3 (CVE-2026-6720)
vulnerability in github.com/projectcalico/calicoctl/v3 (CVE-2026-6720). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.31.6` or later.
|
| CVE-2026-41184 |
|
Vulnerability in github.com/projectcalico/calico (CVE-2026-41184)
vulnerability in github.com/projectcalico/calico (CVE-2026-41184). Confidential information can be exposed externally. Mitigation: upgrade to `1.11.0-cni-plugin.0.20260417001138-cd73bc2cea0f` or later.
|
| CVE-2026-41185 |
|
Vulnerability in github.com/projectcalico/calico (CVE-2026-41185)
vulnerability in github.com/projectcalico/calico (CVE-2026-41185). Confidential information can be exposed externally. Mitigation: upgrade to `1.11.0-cni-plugin.0.20260417001138-cd73bc2cea0f` or later.
|
| CVE-2026-32996 |
|
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
|
| CVE-2026-2607 |
|
Vulnerability in CVE-2026-2607 (CVE-2026-2607)
vulnerability in CVE-2026-2607 (CVE-2026-2607). Confidential information can be exposed externally.
|
| CVE-2026-5515 |
|
Vulnerability in ibm (CVE-2026-5515)
vulnerability in ibm (CVE-2026-5515). Confidential information can be exposed externally.
|
| CVE-2025-13755 |
|
Vulnerability in ibm (CVE-2025-13755)
vulnerability in ibm (CVE-2025-13755). Confidential information can be exposed externally.
|
| CVE-2026-25193 |
|
Vulnerability in CVE-2026-25193 (CVE-2026-25193)
vulnerability in CVE-2026-25193 (CVE-2026-25193). Data can be tampered with by attackers.
|
| CVE-2026-8671 |
|
Vulnerability in avantra (CVE-2026-8671)
vulnerability in avantra (CVE-2026-8671). Data can be tampered with by attackers.
|
| CVE-2026-44052 |
|
Vulnerability in CVE-2026-44052 (CVE-2026-44052)
vulnerability in CVE-2026-44052 (CVE-2026-44052). Confidential information can be exposed externally.
|
| CVE-2026-20239 |
|
Vulnerability in splunk (CVE-2026-20239)
vulnerability in splunk (CVE-2026-20239). Successful exploitation can lead to full system takeover. Exploitable via ``_internal``.
|
| CVE-2026-45581 |
|
Vulnerability in org.hyperledger.fabric-chaincode-java:fabric-chaincode-shim (CVE-2026-45581)
vulnerability in org.hyperledger.fabric-chaincode-java:fabric-chaincode-shim (CVE-2026-45581). Confidential information can be exposed externally. Mitigation: upgrade to `2.5.10` or later.
|
| CVE-2026-45679 |
|
Vulnerability in go.opentelemetry.io/obi (CVE-2026-45679)
vulnerability in go.opentelemetry.io/obi (CVE-2026-45679). Risk of unauthorized operations or information disclosure. Exploitable via ``getRedisError``. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2026-44479 |
|
Information Disclosure in vercel (CVE-2026-44479)
vulnerability in vercel (CVE-2026-44479). Confidential information can be exposed externally. Exploitable via ``VERCEL_TOKEN``. Mitigation: upgrade to `52.0.1` or later.
|
| CVE-2026-41219 |
|
Vulnerability in f5 (CVE-2026-41219)
vulnerability in f5 (CVE-2026-41219). Confidential information can be exposed externally.
|
| CVE-2026-8200 |
|
Vulnerability in mongodb (CVE-2026-8200)
vulnerability in mongodb (CVE-2026-8200). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
|
| CVE-2026-43992 |
|
Information Disclosure in CVE-2026-43992 (CVE-2026-43992)
vulnerability in CVE-2026-43992 (CVE-2026-43992). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
|
| CVE-2026-28987 |
|
Vulnerability in apple (CVE-2026-28987)
vulnerability in apple (CVE-2026-28987). Confidential information can be exposed externally.
|
| CVE-2026-28923 |
|
Vulnerability in apple (CVE-2026-28923)
vulnerability in apple (CVE-2026-28923). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28943 |
|
Vulnerability in apple (CVE-2026-28943)
vulnerability in apple (CVE-2026-28943). Confidential information can be exposed externally.
|
| CVE-2026-44516 |
|
Vulnerability in com.ritense.valtimo:web (CVE-2026-44516)
vulnerability in com.ritense.valtimo:web (CVE-2026-44516). Confidential information can be exposed externally. Exploitable via ``LoggingRestClientCustomizer``. Mitigation: upgrade to `13.26.0` or later.
|
| CVE-2026-43826 |
|
Vulnerability in apache-airflow-providers-opensearch (CVE-2026-43826)
vulnerability in apache-airflow-providers-opensearch (CVE-2026-43826). Confidential information can be exposed externally. Exploitable via ``host``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-41018 |
|
Vulnerability in apache-airflow-providers-elasticsearch (CVE-2026-41018)
vulnerability in apache-airflow-providers-elasticsearch (CVE-2026-41018). Confidential information can be exposed externally. Exploitable via ``host``. Mitigation: upgrade to `6.5.3` or later.
|
| CVE-2026-42282 |
|
Vulnerability in n8n-mcp (CVE-2026-42282)
vulnerability in n8n-mcp (CVE-2026-42282). Risk of unauthorized operations or information disclosure. Exploitable via ``n8n_manage_credentials.data``. Mitigation: upgrade to `2.47.13` or later.
|
| CVE-2026-41495 |
|
Vulnerability in n8n-mcp (CVE-2026-41495)
vulnerability in n8n-mcp (CVE-2026-41495). Risk of unauthorized operations or information disclosure. Exploitable via `POST /mcp`. Mitigation: upgrade to `2.47.11` or later.
|
| CVE-2026-41004 |
|
Vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41004)
vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41004). Confidential information can be exposed externally.
|