Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-22927 |
|
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-14250 |
|
Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-58583 |
|
Privilege Escalation in privilege-escalation (CVE-2026-58583)
vulnerability in privilege-escalation (CVE-2026-58583). Confidential information can be exposed externally.
|
| CVE-2026-57851 |
|
Vulnerability in privilege-escalation (CVE-2026-57851)
vulnerability in privilege-escalation (CVE-2026-57851). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53645 |
|
Privilege Escalation in privilege-escalation (CVE-2026-53645)
vulnerability in privilege-escalation (CVE-2026-53645). Risk of unauthorized operations or information disclosure. Exploitable via ``staff.create_and_edit_staff``.
|
| CVE-2026-48614 |
|
Code Injection in privilege-escalation (CVE-2026-48614)
code injection in privilege-escalation (CVE-2026-48614). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6509 |
|
Vulnerability in privilege-escalation (CVE-2026-6509)
vulnerability in privilege-escalation (CVE-2026-6509). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13079 |
|
Vulnerability in privilege-escalation (CVE-2026-13079)
vulnerability in privilege-escalation (CVE-2026-13079). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54998 |
|
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
|
| CVE-2026-53902 |
|
Vulnerability in privilege-escalation (CVE-2026-53902)
vulnerability in privilege-escalation (CVE-2026-53902). Data can be tampered with by attackers.
|
| CVE-2026-13228 |
|
Privilege Escalation in wordpress (CVE-2026-13228)
vulnerability in wordpress (CVE-2026-13228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12224 |
|
Privilege Escalation in wordpress (CVE-2026-12224)
vulnerability in wordpress (CVE-2026-12224). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11387 |
|
Authentication Bypass in wordpress (CVE-2026-11387)
authentication bypass in wordpress (CVE-2026-11387). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57995 |
|
Privilege Escalation in privilege-escalation (CVE-2026-57995)
vulnerability in privilege-escalation (CVE-2026-57995). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56233 |
|
Path Traversal in path-traversal (CVE-2026-56233)
path traversal in path-traversal (CVE-2026-56233). Confidential information can be exposed externally.
|
| CVE-2026-14124 |
|
Privilege Escalation in privilege-escalation (CVE-2026-14124)
vulnerability in privilege-escalation (CVE-2026-14124). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14115 |
|
Vulnerability in privilege-escalation (CVE-2026-14115)
vulnerability in privilege-escalation (CVE-2026-14115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14094 |
|
Use-After-Free in privilege-escalation (CVE-2026-14094)
vulnerability in privilege-escalation (CVE-2026-14094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14078 |
|
Vulnerability in privilege-escalation (CVE-2026-14078)
vulnerability in privilege-escalation (CVE-2026-14078). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14060 |
|
Vulnerability in privilege-escalation (CVE-2026-14060)
vulnerability in privilege-escalation (CVE-2026-14060). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14018 |
|
Use-After-Free in privilege-escalation (CVE-2026-14018)
vulnerability in privilege-escalation (CVE-2026-14018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13927 |
|
Vulnerability in privilege-escalation (CVE-2026-13927)
vulnerability in privilege-escalation (CVE-2026-13927). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13928 |
|
Vulnerability in privilege-escalation (CVE-2026-13928)
vulnerability in privilege-escalation (CVE-2026-13928). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13891 |
|
Vulnerability in privilege-escalation (CVE-2026-13891)
vulnerability in privilege-escalation (CVE-2026-13891). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13897 |
|
Vulnerability in privilege-escalation (CVE-2026-13897)
vulnerability in privilege-escalation (CVE-2026-13897). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13864 |
|
Vulnerability in privilege-escalation (CVE-2026-13864)
vulnerability in privilege-escalation (CVE-2026-13864). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13863 |
|
Vulnerability in privilege-escalation (CVE-2026-13863)
vulnerability in privilege-escalation (CVE-2026-13863). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13856 |
|
Vulnerability in privilege-escalation (CVE-2026-13856)
vulnerability in privilege-escalation (CVE-2026-13856). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13844 |
|
Use-After-Free in privilege-escalation (CVE-2026-13844)
vulnerability in privilege-escalation (CVE-2026-13844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13827 |
|
Use-After-Free in privilege-escalation (CVE-2026-13827)
vulnerability in privilege-escalation (CVE-2026-13827). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13800 |
|
Vulnerability in privilege-escalation (CVE-2026-13800)
vulnerability in privilege-escalation (CVE-2026-13800). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13824 |
|
Vulnerability in privilege-escalation (CVE-2026-13824)
vulnerability in privilege-escalation (CVE-2026-13824). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58165 |
|
Vulnerability in privilege-escalation (CVE-2026-58165)
vulnerability in privilege-escalation (CVE-2026-58165). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7406 |
|
Privilege Escalation in privilege-escalation (CVE-2025-7406)
vulnerability in privilege-escalation (CVE-2025-7406). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58302 |
|
Path Traversal in path-traversal (CVE-2026-58302)
path traversal in path-traversal (CVE-2026-58302). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57919 |
|
Vulnerability in privilege-escalation (CVE-2026-57919)
vulnerability in privilege-escalation (CVE-2026-57919). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54369 |
|
Vulnerability in privilege-escalation (CVE-2026-54369)
vulnerability in privilege-escalation (CVE-2026-54369). Confidential information can be exposed externally.
|
| CVE-2026-54371 |
|
Vulnerability in privilege-escalation (CVE-2026-54371)
vulnerability in privilege-escalation (CVE-2026-54371). Confidential information can be exposed externally.
|
| CVE-2026-54370 |
|
Vulnerability in privilege-escalation (CVE-2026-54370)
vulnerability in privilege-escalation (CVE-2026-54370). Confidential information can be exposed externally.
|
| CVE-2026-25707 |
|
Vulnerability in path-traversal (CVE-2026-25707)
vulnerability in path-traversal (CVE-2026-25707). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58054 |
|
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
|
| CVE-2026-12415 |
|
Privilege Escalation in wordpress (CVE-2026-12415)
vulnerability in wordpress (CVE-2026-12415). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46710 |
|
Vulnerability in privilege-escalation (CVE-2026-46710)
vulnerability in privilege-escalation (CVE-2026-46710). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6` or later.
|
| CVE-2026-57518 |
|
Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9640 |
|
Authorization Flaw in privilege-escalation (CVE-2026-9640)
vulnerability in privilege-escalation (CVE-2026-9640). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56038 |
|
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
|
| CVE-2026-40702 |
|
Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
|