Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8472 |
|
Vulnerability in CVE-2026-8472 (CVE-2026-8472)
vulnerability in CVE-2026-8472 (CVE-2026-8472). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7492 |
|
Vulnerability in CVE-2026-7492 (CVE-2026-7492)
vulnerability in CVE-2026-7492 (CVE-2026-7492). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59805 |
|
Vulnerability in CVE-2026-59805 (CVE-2026-59805)
vulnerability in CVE-2026-59805 (CVE-2026-59805). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14373 |
|
Vulnerability in CVE-2026-14373 (CVE-2026-14373)
vulnerability in CVE-2026-14373 (CVE-2026-14373). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59262 |
|
Vulnerability in CVE-2026-59262 (CVE-2026-59262)
vulnerability in CVE-2026-59262 (CVE-2026-59262). Confidential information can be exposed externally.
|
| CVE-2026-15034 |
|
Cross-Site Request Forgery (CSRF) in flask (CVE-2026-15034)
vulnerability in flask (CVE-2026-15034). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56250 |
|
Vulnerability in dos (CVE-2026-56250)
vulnerability in dos (CVE-2026-56250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60124 |
|
Vulnerability in CVE-2026-60124 (CVE-2026-60124)
vulnerability in CVE-2026-60124 (CVE-2026-60124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5356 |
|
Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
|
| CVE-2026-12097 |
|
Vulnerability in wordpress (CVE-2026-12097)
vulnerability in wordpress (CVE-2026-12097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12153 |
|
Vulnerability in wordpress (CVE-2026-12153)
vulnerability in wordpress (CVE-2026-12153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-59704 |
|
Vulnerability in CVE-2026-59704 (CVE-2026-59704)
vulnerability in CVE-2026-59704 (CVE-2026-59704). Confidential information can be exposed externally. Exploitable via `GET /api/video/ai`.
|
| CVE-2026-58473 |
|
Vulnerability in CVE-2026-58473 (CVE-2026-58473)
vulnerability in CVE-2026-58473 (CVE-2026-58473). Confidential information can be exposed externally.
|
| CVE-2026-55417 |
|
Vulnerability in CVE-2026-55417 (CVE-2026-55417)
vulnerability in CVE-2026-55417 (CVE-2026-55417). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53730 |
|
Vulnerability in CVE-2026-53730 (CVE-2026-53730)
vulnerability in CVE-2026-53730 (CVE-2026-53730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50007 |
|
Vulnerability in CVE-2026-50007 (CVE-2026-50007)
vulnerability in CVE-2026-50007 (CVE-2026-50007). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59708 |
|
Vulnerability in CVE-2026-59708 (CVE-2026-59708)
vulnerability in CVE-2026-59708 (CVE-2026-59708). Confidential information can be exposed externally. Exploitable via `GET /api/v1/public/`.
|
| CVE-2026-59709 |
|
Vulnerability in CVE-2026-59709 (CVE-2026-59709)
vulnerability in CVE-2026-59709 (CVE-2026-59709). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v1/portfolio/holding/`.
|
| CVE-2026-11340 |
|
Vulnerability in CVE-2026-11340 (CVE-2026-11340)
vulnerability in CVE-2026-11340 (CVE-2026-11340). Data can be tampered with by attackers.
|
| CVE-2026-8377 |
|
Vulnerability in CVE-2026-8377 (CVE-2026-8377)
vulnerability in CVE-2026-8377 (CVE-2026-8377). Confidential information can be exposed externally.
|
| CVE-2026-34048 |
|
Vulnerability in CVE-2026-34048 (CVE-2026-34048)
vulnerability in CVE-2026-34048 (CVE-2026-34048). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53647 |
|
Information Disclosure in CVE-2026-53647 (CVE-2026-53647)
vulnerability in CVE-2026-53647 (CVE-2026-53647). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53643 |
|
Information Disclosure in c (CVE-2026-53643)
vulnerability in c (CVE-2026-53643). Risk of unauthorized operations or information disclosure. Exploitable via ``can_always_access``.
|
| CVE-2026-53640 |
|
Information Disclosure in CVE-2026-53640 (CVE-2026-53640)
vulnerability in CVE-2026-53640 (CVE-2026-53640). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34050 |
|
Vulnerability in CVE-2026-34050 (CVE-2026-34050)
vulnerability in CVE-2026-34050 (CVE-2026-34050). Data can be tampered with by attackers.
|
| CVE-2026-55433 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55433)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55433). Risk of unauthorized operations or information disclosure. Exploitable via ``ActionRead``. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-55432 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55432)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55432). Risk of unauthorized operations or information disclosure. Exploitable via ``CreateSubAgent``. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-14800 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-14800 (CVE-2026-14800)
vulnerability in CVE-2026-14800 (CVE-2026-14800). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6509 |
|
Vulnerability in privilege-escalation (CVE-2026-6509)
vulnerability in privilege-escalation (CVE-2026-6509). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27771 |
|
Vulnerability in CVE-2026-27771 (CVE-2026-27771)
vulnerability in CVE-2026-27771 (CVE-2026-27771). Confidential information can be exposed externally.
|
| CVE-2026-25038 |
|
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
|
| CVE-2026-14460 |
|
Vulnerability in CVE-2026-14460 (CVE-2026-14460)
vulnerability in CVE-2026-14460 (CVE-2026-14460). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11398 |
|
Vulnerability in wordpress (CVE-2026-11398)
vulnerability in wordpress (CVE-2026-11398). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9230 |
|
Vulnerability in wordpress (CVE-2026-9230)
vulnerability in wordpress (CVE-2026-9230). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12557 |
|
Vulnerability in wordpress (CVE-2026-12557)
vulnerability in wordpress (CVE-2026-12557). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12729 |
|
Vulnerability in wordpress (CVE-2026-12729)
vulnerability in wordpress (CVE-2026-12729). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59097 |
|
Vulnerability in CVE-2026-59097 (CVE-2026-59097)
vulnerability in CVE-2026-59097 (CVE-2026-59097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50282 |
|
Vulnerability in craftcms/cms (CVE-2026-50282)
vulnerability in craftcms/cms (CVE-2026-50282). Risk of unauthorized operations or information disclosure. Exploitable via ``deleteAssets``. Mitigation: upgrade to `4.17.14` or later.
|
| CVE-2026-57731 |
|
Contributor Broken Access Control in Flatsome <= 3.20.5 versions.
Contributor Broken Access Control in Flatsome <= 3.20.5 versions.
|
| CVE-2026-57689 |
|
Subscriber Broken Access Control in Werkstatt <= 4.7.2 versions.
Subscriber Broken Access Control in Werkstatt <= 4.7.2 versions.
|
| CVE-2026-57688 |
|
Unauthenticated Broken Access Control in POS Entegratör <= 3.7.103 versions.
Unauthenticated Broken Access Control in POS Entegratör <= 3.7.103 versions.
|
| CVE-2026-57746 |
|
Subscriber Broken Access Control in Booked <= 3.0.0 versions.
Subscriber Broken Access Control in Booked <= 3.0.0 versions.
|
| CVE-2026-57730 |
|
Subscriber Broken Access Control in Flatsome <= 3.20.5 versions.
Subscriber Broken Access Control in Flatsome <= 3.20.5 versions.
|
| CVE-2026-57760 |
|
Vulnerability in CVE-2026-57760 (CVE-2026-57760)
vulnerability in CVE-2026-57760 (CVE-2026-57760). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57685 |
|
Vulnerability in wordpress (CVE-2026-57685)
vulnerability in wordpress (CVE-2026-57685). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57750 |
|
Unauthenticated Broken Access Control in ez Form Calculator Premium <= 2.14.1.2 versions.
Unauthenticated Broken Access Control in ez Form Calculator Premium <= 2.14.1.2 versions.
|
| CVE-2026-57353 |
|
Subscriber Broken Access Control in Link Whisper Premium <= 2.9.0 versions.
Subscriber Broken Access Control in Link Whisper Premium <= 2.9.0 versions.
|
| CVE-2026-57355 |
|
Subscriber Broken Access Control in Classified Listing <= 5.4.2 versions.
Subscriber Broken Access Control in Classified Listing <= 5.4.2 versions.
|
| CVE-2026-57669 |
|
Subscriber Broken Access Control in Advanced Contact form 7 DB <= 2.0.9 versions.
Subscriber Broken Access Control in Advanced Contact form 7 DB <= 2.0.9 versions.
|
| CVE-2026-27433 |
|
Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.
Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.
|