Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: cwe-91 Clear
ID Title
CVE-2026-53723 Vulnerability in guzzlehttp/guzzle-services (CVE-2026-53723)
vulnerability in guzzlehttp/guzzle-services (CVE-2026-53723). Risk of unauthorized operations or information disclosure. Exploitable via ``additionalParameters``. Mitigation: upgrade to `1.5.4` or later.
CVE-2026-11169 Vulnerability in google (CVE-2026-11169)
vulnerability in google (CVE-2026-11169). Confidential information can be exposed externally.
CVE-2026-47273 Vulnerability in CVE-2026-47273 (CVE-2026-47273)
vulnerability in CVE-2026-47273 (CVE-2026-47273). Data can be tampered with by attackers. Mitigation: upgrade to `0.9.0` or later.
CVE-2026-46490 Vulnerability in samlify (CVE-2026-46490)
vulnerability in samlify (CVE-2026-46490). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-40165 Vulnerability in authentik (CVE-2026-40165)
vulnerability in authentik (CVE-2026-40165). Confidential information can be exposed externally. Mitigation: upgrade to `2025.12.5, 2026.2.3` or later.
CVE-2026-44665 Vulnerability in fast-xml-builder (CVE-2026-44665)
vulnerability in fast-xml-builder (CVE-2026-44665). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.7` or later.
CVE-2026-44664 Vulnerability in fast-xml-builder (CVE-2026-44664)
vulnerability in fast-xml-builder (CVE-2026-44664). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.6` or later.
CVE-2026-27693 Vulnerability in traccar (CVE-2026-27693)
vulnerability in traccar (CVE-2026-27693). Risk of unauthorized operations or information disclosure.
CVE-2026-41674 Vulnerability in @xmldom/xmldom (CVE-2026-41674)
vulnerability in @xmldom/xmldom (CVE-2026-41674). Data can be tampered with by attackers. Exploitable via ``DocumentType``. Mitigation: upgrade to `0.9.10` or later.
CVE-2026-41675 Vulnerability in @xmldom/xmldom (CVE-2026-41675)
vulnerability in @xmldom/xmldom (CVE-2026-41675). Data can be tampered with by attackers. Exploitable via ``data``. Mitigation: upgrade to `0.9.10` or later.
CVE-2026-41672 Vulnerability in @xmldom/xmldom (CVE-2026-41672)
vulnerability in @xmldom/xmldom (CVE-2026-41672). Data can be tampered with by attackers. Exploitable via ``node.data``. Mitigation: upgrade to `0.9.10` or later.
CVE-2026-41650 Vulnerability in fast-xml-parser (CVE-2026-41650)
vulnerability in fast-xml-parser (CVE-2026-41650). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.7.0` or later.
CVE-2026-34601 Vulnerability in CVE-2026-34601 (CVE-2026-34601)
vulnerability in CVE-2026-34601 (CVE-2026-34601). Data can be tampered with by attackers. Exploitable via ``DOMParser``.
CVE-2020-0646 KEV [KEV] Vulnerability in Microsoft net-framework (CVE-2020-0646)
vulnerability in Microsoft net-framework (CVE-2020-0646). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-15685 Vulnerability in craftercms (CVE-2017-15685)
vulnerability in craftercms (CVE-2017-15685). Confidential information can be exposed externally.
CVE-2017-15683 Vulnerability in craftercms (CVE-2017-15683)
vulnerability in craftercms (CVE-2017-15683). Confidential information can be exposed externally.
CVE-2013-7429 Vulnerability in mapsplugin (CVE-2013-7429)
vulnerability in mapsplugin (CVE-2013-7429). Successful exploitation can lead to full system takeover.
CVE-2015-3932 Vulnerability in netlock (CVE-2015-3932)
vulnerability in netlock (CVE-2015-3932). Successful exploitation can lead to full system takeover.
CVE-2015-3931 Vulnerability in microsec (CVE-2015-3931)
vulnerability in microsec (CVE-2015-3931). Successful exploitation can lead to full system takeover.
CVE-2017-10603 Vulnerability in juniper (CVE-2017-10603)
vulnerability in juniper (CVE-2017-10603). Successful exploitation can lead to full system takeover.
CVE-2017-2171 Cross-Site Scripting (XSS) in bestwebsoft (CVE-2017-2171)
cross-site scripting in bestwebsoft (CVE-2017-2171). Risk of unauthorized operations or information disclosure.
CVE-2017-5654 Vulnerability in apache (CVE-2017-5654)
vulnerability in apache (CVE-2017-5654). Confidential information can be exposed externally.
CVE-2016-5697 Vulnerability in onelogin (CVE-2016-5697)
vulnerability in onelogin (CVE-2016-5697). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →