Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-28381 |
|
Vulnerability in grafana (CVE-2026-28381)
vulnerability in grafana (CVE-2026-28381). Confidential information can be exposed externally.
|
| CVE-2026-42454 |
|
OS Command Injection in docker (CVE-2026-42454)
OS command injection in docker (CVE-2026-42454). Successful exploitation can lead to full system takeover. Exploitable via `GET /docker/containers/`.
|
| CVE-2026-42298 |
|
Code Injection in docker (CVE-2026-42298)
code injection in docker (CVE-2026-42298). Successful exploitation can lead to full system takeover. Exploitable via ``GITHUB_TOKEN``. Mitigation: upgrade to `>= 0` or later.
|
| CVE-2026-42302 |
|
Vulnerability in openai-sdk (CVE-2026-42302)
vulnerability in openai-sdk (CVE-2026-42302). Successful exploitation can lead to full system takeover. Exploitable via ``entrypoint.sh``.
|
| CVE-2026-41512 |
|
Code Injection in gem (CVE-2026-41512)
code injection in gem (CVE-2026-41512). Successful exploitation can lead to full system takeover. Exploitable via `POST /targets/auto_detect_selectors`.
|
| CVE-2026-42880 |
|
Information Disclosure in argo-cd (CVE-2026-42880)
vulnerability in argo-cd (CVE-2026-42880). Confidential information can be exposed externally.
|
| CVE-2026-33519 |
|
Vulnerability in esri (CVE-2026-33519)
vulnerability in esri (CVE-2026-33519). Successful exploitation can lead to full system takeover.
|
| CVE-2025-41118 |
|
Vulnerability in c (CVE-2025-41118)
vulnerability in c (CVE-2025-41118). Confidential information can be exposed externally.
|
| CVE-2026-27876 |
|
Code Injection in grafana (CVE-2026-27876)
code injection in grafana (CVE-2026-27876). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7224 |
|
Authentication Bypass in puppet (CVE-2015-7224)
authentication bypass in puppet (CVE-2015-7224). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5713 |
|
Code Injection in puppet (CVE-2016-5713)
code injection in puppet (CVE-2016-5713). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7550 |
|
Vulnerability in ansible (CVE-2017-7550)
vulnerability in ansible (CVE-2017-7550). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.3.3.0, 2.4.1.0` or later.
|
| CVE-2017-1000245 |
|
Vulnerability in jenkins (CVE-2017-1000245)
vulnerability in jenkins (CVE-2017-1000245). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000362 |
|
Information Disclosure in jenkins (CVE-2017-1000362)
vulnerability in jenkins (CVE-2017-1000362). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000056 |
|
Vulnerability in privilege-escalation (CVE-2017-1000056)
vulnerability in privilege-escalation (CVE-2017-1000056). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2292 |
|
Unsafe Deserialization in puppet (CVE-2017-2292)
vulnerability in puppet (CVE-2017-2292). Confidential information can be exposed externally.
|
| CVE-2016-2788 |
|
Vulnerability in puppet (CVE-2016-2788)
vulnerability in puppet (CVE-2016-2788). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9299 |
|
Vulnerability in jenkins (CVE-2016-9299)
vulnerability in jenkins (CVE-2016-9299). Successful exploitation can lead to full system takeover.
|