Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-20213 |
|
Vulnerability in Cisco dos (CVE-2026-20213)
vulnerability in Cisco dos (CVE-2026-20213). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20191 |
|
Path Traversal in cisco (CVE-2026-20191)
path traversal in cisco (CVE-2026-20191). Confidential information can be exposed externally.
|
| CVE-2026-20246 |
|
Privilege Escalation in Cisco umbrella-virtual-appliance (CVE-2026-20246)
vulnerability in Cisco umbrella-virtual-appliance (CVE-2026-20246). Confidential information can be exposed externally.
|
| CVE-2026-20178 |
|
Open Redirect in Cisco webex-web-app (CVE-2026-20178)
vulnerability in Cisco webex-web-app (CVE-2026-20178). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20220 |
|
Vulnerability in Cisco crosswork-network-controller (CVE-2026-20220)
vulnerability in Cisco crosswork-network-controller (CVE-2026-20220). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20181 |
|
Path Traversal in Cisco dos (CVE-2026-20181)
path traversal in Cisco dos (CVE-2026-20181). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20262 KEV |
|
[KEV] Path Traversal in Cisco catalyst-sd-wan-manager (CVE-2026-20262)
path traversal in Cisco catalyst-sd-wan-manager (CVE-2026-20262). Data can be tampered with by attackers. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20175 |
|
Vulnerability in cisco (CVE-2026-20175)
vulnerability in cisco (CVE-2026-20175). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20230 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Cisco ssrf (CVE-2026-20230)
SSRF in Cisco ssrf (CVE-2026-20230). Data can be tampered with by attackers. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20233 |
|
Cross-Site Scripting (XSS) in Cisco webex-meetings (CVE-2026-20233)
cross-site scripting in Cisco webex-meetings (CVE-2026-20233). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10191 |
|
A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function...
A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function...
|
| CVE-2026-3012 |
|
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
|
| CVE-2026-20206 |
|
OS Command Injection in cisco (CVE-2026-20206)
OS command injection in cisco (CVE-2026-20206). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20199 |
|
Vulnerability in Cisco thousandeyes-virtual-appliance (CVE-2026-20199)
vulnerability in Cisco thousandeyes-virtual-appliance (CVE-2026-20199). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20223 |
|
Vulnerability in Cisco secure-workload (CVE-2026-20223)
vulnerability in Cisco secure-workload (CVE-2026-20223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20171 |
|
Vulnerability in Cisco dos (CVE-2026-20171)
vulnerability in Cisco dos (CVE-2026-20171). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20182 KEV |
|
[KEV] Authentication Bypass in Cisco catalyst-sd-wan-manager (CVE-2026-20182)
authentication bypass in Cisco catalyst-sd-wan-manager (CVE-2026-20182). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20040 |
|
OS Command Injection in Cisco ios-xr (CVE-2026-20040)
OS command injection in Cisco ios-xr (CVE-2026-20040). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20108 |
|
Cross-Site Scripting (XSS) in Cisco catalyst-sd-wan-manager (CVE-2026-20108)
cross-site scripting in Cisco catalyst-sd-wan-manager (CVE-2026-20108). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20160 |
|
Vulnerability in Cisco smart-software-manager-on-prem (CVE-2026-20160)
vulnerability in Cisco smart-software-manager-on-prem (CVE-2026-20160). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20042 |
|
Vulnerability in Cisco nexus-dashboard (CVE-2026-20042)
vulnerability in Cisco nexus-dashboard (CVE-2026-20042). Confidential information can be exposed externally.
|
| CVE-2026-20155 |
|
Vulnerability in Cisco evolved-programmable-network-manager (CVE-2026-20155)
vulnerability in Cisco evolved-programmable-network-manager (CVE-2026-20155). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20174 |
|
Path Traversal in Cisco nexus-dashboard-insights (CVE-2026-20174)
path traversal in Cisco nexus-dashboard-insights (CVE-2026-20174). Data can be tampered with by attackers.
|
| CVE-2026-20147 |
|
Command Injection in Cisco dos (CVE-2026-20147)
command injection in Cisco dos (CVE-2026-20147). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20188 |
|
Vulnerability in Cisco dos (CVE-2026-20188)
vulnerability in Cisco dos (CVE-2026-20188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20180 |
|
Path Traversal in Cisco dos (CVE-2026-20180)
path traversal in Cisco dos (CVE-2026-20180). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20136 |
|
Vulnerability in Cisco identity-services-engine (CVE-2026-20136)
vulnerability in Cisco identity-services-engine (CVE-2026-20136). Confidential information can be exposed externally.
|
| CVE-2026-20132 |
|
Cross-Site Scripting (XSS) in Cisco identity-services-engine (CVE-2026-20132)
cross-site scripting in Cisco identity-services-engine (CVE-2026-20132). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20170 |
|
Vulnerability in Cisco webex-contact-center (CVE-2026-20170)
vulnerability in Cisco webex-contact-center (CVE-2026-20170). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20034 |
|
Vulnerability in Cisco unity-connection (CVE-2026-20034)
vulnerability in Cisco unity-connection (CVE-2026-20034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20193 |
|
Vulnerability in Cisco identity-services-engine (CVE-2026-20193)
vulnerability in Cisco identity-services-engine (CVE-2026-20193). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20189 |
|
Vulnerability in Cisco prime-infrastructure (CVE-2026-20189)
vulnerability in Cisco prime-infrastructure (CVE-2026-20189). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20167 |
|
Vulnerability in Cisco dos (CVE-2026-20167)
vulnerability in Cisco dos (CVE-2026-20167). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44313 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-44313)
SSRF in ssrf (CVE-2026-44313). Confidential information can be exposed externally. Exploitable via `GET /api/v1/archives/{linkId}`.
|
| CVE-2026-42302 |
|
Vulnerability in openai-sdk (CVE-2026-42302)
vulnerability in openai-sdk (CVE-2026-42302). Successful exploitation can lead to full system takeover. Exploitable via ``entrypoint.sh``.
|
| CVE-2026-37431 |
|
SQL Injection in sqli (CVE-2026-37431)
SQL injection in sqli (CVE-2026-37431). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41512 |
|
Code Injection in gem (CVE-2026-41512)
code injection in gem (CVE-2026-41512). Successful exploitation can lead to full system takeover. Exploitable via `POST /targets/auto_detect_selectors`.
|
| CVE-2026-25199 |
|
Information Disclosure in apache (CVE-2026-25199)
vulnerability in apache (CVE-2026-25199). Confidential information can be exposed externally.
|
| CVE-2026-8153 |
|
OS Command Injection in iot-embedded (CVE-2026-8153)
OS command injection in iot-embedded (CVE-2026-8153). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69690 |
|
Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42826 |
|
Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33823 |
|
Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
|
| CVE-2026-33109 |
|
Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63704 |
|
Vulnerability in prototype-pollution (CVE-2025-63704)
vulnerability in prototype-pollution (CVE-2025-63704). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63706 |
|
Code Injection in npm (CVE-2025-63706)
code injection in npm (CVE-2025-63706). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43208 |
|
Vulnerability in linux (CVE-2026-43208)
vulnerability in linux (CVE-2026-43208). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43198 |
|
Vulnerability in linux (CVE-2026-43198)
vulnerability in linux (CVE-2026-43198). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43186 |
|
Vulnerability in c (CVE-2026-43186)
vulnerability in c (CVE-2026-43186). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43117 |
|
Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
|