Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: cwe-943 Clear
ID Title
CVE-2026-54350 SQL Injection in @budibase/server (CVE-2026-54350)
SQL injection in @budibase/server (CVE-2026-54350). Confidential information can be exposed externally. Exploitable via `POST /api/v2/queries/`. Mitigation: upgrade to `3.39.12` or later.
CVE-2026-54019 Vulnerability in open-webui (CVE-2026-54019)
vulnerability in open-webui (CVE-2026-54019). Confidential information can be exposed externally. Exploitable via `POST /api/v1/retrieval/query/collection`. Mitigation: upgrade to `0.9.6` or later.
CVE-2026-47181 Vulnerability in CVE-2026-47181 (CVE-2026-47181)
vulnerability in CVE-2026-47181 (CVE-2026-47181). Risk of unauthorized operations or information disclosure.
CVE-2026-27886 Path Traversal in @strapi/strapi (CVE-2026-27886)
path traversal in @strapi/strapi (CVE-2026-27886). Confidential information can be exposed externally. Exploitable via `POST /admin/reset-password`. Mitigation: upgrade to `5.37.0` or later.
CVE-2026-44425 Vulnerability in github.com/shellhub-io/shellhub (CVE-2026-44425)
vulnerability in github.com/shellhub-io/shellhub (CVE-2026-44425). Risk of unauthorized operations or information disclosure. Exploitable via ``name``. Mitigation: upgrade to `0.24.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →