Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56359 |
|
Cross-Site Scripting (XSS) in CVE-2026-56359 (CVE-2026-56359)
cross-site scripting in CVE-2026-56359 (CVE-2026-56359). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-15033 |
|
Command Injection in CVE-2026-15033 (CVE-2026-15033)
command injection in CVE-2026-15033 (CVE-2026-15033). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60092 |
|
Cross-Site Scripting (XSS) in CVE-2026-60092 (CVE-2026-60092)
cross-site scripting in CVE-2026-60092 (CVE-2026-60092). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
|
| CVE-2026-58657 |
|
Cross-Site Scripting (XSS) in CVE-2026-58657 (CVE-2026-58657)
cross-site scripting in CVE-2026-58657 (CVE-2026-58657). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.0` or later.
|
| CVE-2026-58654 |
|
Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2026-57256 |
|
Use-After-Free in CVE-2026-57256 (CVE-2026-57256)
vulnerability in CVE-2026-57256 (CVE-2026-57256). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57250 |
|
Use-After-Free in CVE-2026-57250 (CVE-2026-57250)
vulnerability in CVE-2026-57250 (CVE-2026-57250). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57252 |
|
Use-After-Free in CVE-2026-57252 (CVE-2026-57252)
vulnerability in CVE-2026-57252 (CVE-2026-57252). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57246 |
|
Vulnerability in CVE-2026-57246 (CVE-2026-57246)
vulnerability in CVE-2026-57246 (CVE-2026-57246). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57244 |
|
Use-After-Free in CVE-2026-57244 (CVE-2026-57244)
vulnerability in CVE-2026-57244 (CVE-2026-57244). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57242 |
|
Use-After-Free in CVE-2026-57242 (CVE-2026-57242)
vulnerability in CVE-2026-57242 (CVE-2026-57242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57243 |
|
Out-of-Bounds Read in CVE-2026-57243 (CVE-2026-57243)
vulnerability in CVE-2026-57243 (CVE-2026-57243). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57241 |
|
Out-of-Bounds Read in CVE-2026-57241 (CVE-2026-57241)
vulnerability in CVE-2026-57241 (CVE-2026-57241). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57240 |
|
Use-After-Free in CVE-2026-57240 (CVE-2026-57240)
vulnerability in CVE-2026-57240 (CVE-2026-57240). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57237 |
|
Use-After-Free in CVE-2026-57237 (CVE-2026-57237)
vulnerability in CVE-2026-57237 (CVE-2026-57237). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57238 |
|
Use-After-Free in CVE-2026-57238 (CVE-2026-57238)
vulnerability in CVE-2026-57238 (CVE-2026-57238). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13129 |
|
Use-After-Free in CVE-2026-13129 (CVE-2026-13129)
vulnerability in CVE-2026-13129 (CVE-2026-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13128 |
|
Use-After-Free in CVE-2026-13128 (CVE-2026-13128)
vulnerability in CVE-2026-13128 (CVE-2026-13128). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13126 |
|
Use-After-Free in CVE-2026-13126 (CVE-2026-13126)
vulnerability in CVE-2026-13126 (CVE-2026-13126). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13127 |
|
Use-After-Free in CVE-2026-13127 (CVE-2026-13127)
vulnerability in CVE-2026-13127 (CVE-2026-13127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9731 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36162 |
|
Cross-Site Scripting (XSS) in CVE-2026-36162 (CVE-2026-36162)
cross-site scripting in CVE-2026-36162 (CVE-2026-36162). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55408 |
|
Code Injection in CVE-2026-55408 (CVE-2026-55408)
code injection in CVE-2026-55408 (CVE-2026-55408). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55592 |
|
Cross-Site Scripting (XSS) in CVE-2026-55592 (CVE-2026-55592)
cross-site scripting in CVE-2026-55592 (CVE-2026-55592). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56812 |
|
Vulnerability in dos (CVE-2026-56812)
vulnerability in dos (CVE-2026-56812). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13356 |
|
Vulnerability in mozilla (CVE-2026-13356)
vulnerability in mozilla (CVE-2026-13356). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53641 |
|
Cross-Site Scripting (XSS) in CVE-2026-53641 (CVE-2026-53641)
cross-site scripting in CVE-2026-53641 (CVE-2026-53641). Risk of unauthorized operations or information disclosure. Exploitable via ``content_html``.
|
| CVE-2026-59710 |
|
Cross-Site Scripting (XSS) in CVE-2026-59710 (CVE-2026-59710)
cross-site scripting in CVE-2026-59710 (CVE-2026-59710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59711 |
|
Cross-Site Scripting (XSS) in CVE-2026-59711 (CVE-2026-59711)
cross-site scripting in CVE-2026-59711 (CVE-2026-59711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55430 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55430)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55430). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-14802 |
|
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
|
| CVE-2026-14631 |
|
Vulnerability in webpackjs (CVE-2026-14631)
vulnerability in webpackjs (CVE-2026-14631). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-9756 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9756)
cross-site scripting in wordpress (CVE-2026-9756). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59102 |
|
Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58579 |
|
Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8699 |
|
Cross-Site Scripting (XSS) in CVE-2026-8699 (CVE-2026-8699)
cross-site scripting in CVE-2026-8699 (CVE-2026-8699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55790 |
|
Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55790)
cross-site scripting in craftcms/cms (CVE-2026-55790). Risk of unauthorized operations or information disclosure. Exploitable via ``CraftSupportWidget.js``. Mitigation: upgrade to `4.17.16` or later.
|
| CVE-2026-55793 |
|
Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55793)
cross-site scripting in craftcms/cms (CVE-2026-55793). Risk of unauthorized operations or information disclosure. Exploitable via ``saveEntries``. Mitigation: upgrade to `5.9.53` or later.
|
| CVE-2026-58592 |
|
Out-of-Bounds Write in cpp (CVE-2026-58592)
out-of-bounds write in cpp (CVE-2026-58592). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58032 |
|
Cross-Site Scripting (XSS) in CVE-2026-58032 (CVE-2026-58032)
cross-site scripting in CVE-2026-58032 (CVE-2026-58032). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58031 |
|
Cross-Site Scripting (XSS) in CVE-2026-58031 (CVE-2026-58031)
cross-site scripting in CVE-2026-58031 (CVE-2026-58031). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53907 |
|
Cross-Site Scripting (XSS) in mycomplianceoffice (CVE-2026-53907)
cross-site scripting in mycomplianceoffice (CVE-2026-53907). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12142 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12142)
cross-site scripting in wordpress (CVE-2026-12142). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56356 |
|
Cross-Site Scripting (XSS) in n8n (CVE-2026-56356)
cross-site scripting in n8n (CVE-2026-56356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.123.27` or later.
|
| CVE-2026-56264 |
|
Code Injection in kidocode (CVE-2026-56264)
code injection in kidocode (CVE-2026-56264). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10585 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-10585)
cross-site scripting in c (CVE-2026-10585). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36323 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-36323)
cross-site scripting in ibm (CVE-2025-36323). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36320 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-36320)
cross-site scripting in ibm (CVE-2025-36320). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58138 |
|
Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58371 |
|
Cross-Site Scripting (XSS) in CVE-2026-58371 (CVE-2026-58371)
cross-site scripting in CVE-2026-58371 (CVE-2026-58371). Risk of unauthorized operations or information disclosure.
|