Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-48497 Vulnerability in c (CVE-2026-48497)
vulnerability in c (CVE-2026-48497). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47778 Vulnerability in c (CVE-2026-47778)
vulnerability in c (CVE-2026-47778). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-57652 Unauthenticated Insecure Direct Object References (IDOR) in JS Help Desk <= 3.1.0 versions.
Unauthenticated Insecure Direct Object References (IDOR) in JS Help Desk <= 3.1.0 versions.
CVE-2026-57527 Unsafe Deserialization in deserialization (CVE-2026-57527)
vulnerability in deserialization (CVE-2026-57527). Successful exploitation can lead to full system takeover.
CVE-2026-56032 Subscriber PHP Object Injection in Buddyboss Platform <= 3.0.4 versions.
Subscriber PHP Object Injection in Buddyboss Platform <= 3.0.4 versions.
CVE-2026-56055 Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
CVE-2026-56031 Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
CVE-2026-56057 Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.
Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.
CVE-2026-57940 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57940)
SSRF in ssrf (CVE-2026-57940). Risk of unauthorized operations or information disclosure.
CVE-2026-53914 Unsafe Deserialization in deserialization (CVE-2026-53914)
vulnerability in deserialization (CVE-2026-53914). Confidential information can be exposed externally.
CVE-2026-13426 Path Traversal in c (CVE-2026-13426)
path traversal in c (CVE-2026-13426). Risk of unauthorized operations or information disclosure.
CVE-2026-57918 Vulnerability in c (CVE-2026-57918)
vulnerability in c (CVE-2026-57918). Confidential information can be exposed externally.
CVE-2026-6658 Cross-Site Scripting (XSS) in CVE-2026-6658 (CVE-2026-6658)
cross-site scripting in CVE-2026-6658 (CVE-2026-6658). Risk of unauthorized operations or information disclosure. Exploitable via ``data_mermaid``.
CVE-2026-50739 Vulnerability in revive-adserver (CVE-2026-50739)
vulnerability in revive-adserver (CVE-2026-50739). Risk of unauthorized operations or information disclosure.
CVE-2026-8661 Cross-Site Scripting (XSS) in CVE-2026-8661 (CVE-2026-8661)
cross-site scripting in CVE-2026-8661 (CVE-2026-8661). Risk of unauthorized operations or information disclosure.
CVE-2026-48935 Vulnerability in nodejs (CVE-2026-48935)
vulnerability in nodejs (CVE-2026-48935). Risk of unauthorized operations or information disclosure.
CVE-2026-48936 Vulnerability in nodejs (CVE-2026-48936)
vulnerability in nodejs (CVE-2026-48936). Risk of unauthorized operations or information disclosure.
CVE-2026-48934 Vulnerability in nodejs (CVE-2026-48934)
vulnerability in nodejs (CVE-2026-48934). Risk of unauthorized operations or information disclosure.
CVE-2026-50744 Vulnerability in c (CVE-2026-50744)
vulnerability in c (CVE-2026-50744). Risk of unauthorized operations or information disclosure.
CVE-2026-50740 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50740)
cross-site scripting in revive-adserver (CVE-2026-50740). Risk of unauthorized operations or information disclosure.
CVE-2026-50745 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50745)
cross-site scripting in revive-adserver (CVE-2026-50745). Risk of unauthorized operations or information disclosure.
CVE-2026-50742 Cross-Site Scripting (XSS) in revive-adserver (CVE-2026-50742)
cross-site scripting in revive-adserver (CVE-2026-50742). Risk of unauthorized operations or information disclosure.
CVE-2026-48930 Vulnerability in c (CVE-2026-48930)
vulnerability in c (CVE-2026-48930). Successful exploitation can lead to full system takeover.
CVE-2026-48618 Vulnerability in nodejs (CVE-2026-48618)
vulnerability in nodejs (CVE-2026-48618). Confidential information can be exposed externally.
CVE-2026-48933 Vulnerability in nodejs (CVE-2026-48933)
vulnerability in nodejs (CVE-2026-48933). Risk of unauthorized operations or information disclosure.
CVE-2026-48619 Vulnerability in nodejs (CVE-2026-48619)
vulnerability in nodejs (CVE-2026-48619). Risk of unauthorized operations or information disclosure.
CVE-2026-48615 Vulnerability in nodejs (CVE-2026-48615)
vulnerability in nodejs (CVE-2026-48615). Confidential information can be exposed externally. Exploitable via ``ERR_PROXY_TUNNEL``.
CVE-2026-48928 Vulnerability in nodejs (CVE-2026-48928)
vulnerability in nodejs (CVE-2026-48928). Risk of unauthorized operations or information disclosure.
CVE-2025-71340 Unsafe Deserialization in CVE-2025-71340 (CVE-2025-71340)
vulnerability in CVE-2025-71340 (CVE-2025-71340). Confidential information can be exposed externally.
CVE-2026-40084 Path Traversal in path-traversal (CVE-2026-40084)
path traversal in path-traversal (CVE-2026-40084). Confidential information can be exposed externally.
CVE-2026-40080 Open Redirect in cacti (CVE-2026-40080)
vulnerability in cacti (CVE-2026-40080). Risk of unauthorized operations or information disclosure.
CVE-2026-40082 Vulnerability in cacti (CVE-2026-40082)
vulnerability in cacti (CVE-2026-40082). Risk of unauthorized operations or information disclosure.
CVE-2026-40083 SQL Injection in sqli (CVE-2026-40083)
SQL injection in sqli (CVE-2026-40083). Successful exploitation can lead to full system takeover.
CVE-2026-56445 Path Traversal in c (CVE-2026-56445)
path traversal in c (CVE-2026-56445). Data can be tampered with by attackers.
CVE-2026-37149 SQL Injection in sqli (CVE-2026-37149)
SQL injection in sqli (CVE-2026-37149). Confidential information can be exposed externally.
CVE-2026-56789 Vulnerability in c (CVE-2026-56789)
vulnerability in c (CVE-2026-56789). Risk of unauthorized operations or information disclosure.
CVE-2025-60464 Use-After-Free in c (CVE-2025-60464)
vulnerability in c (CVE-2025-60464). Successful exploitation can lead to full system takeover.
CVE-2025-60465 Use-After-Free in c (CVE-2025-60465)
vulnerability in c (CVE-2025-60465). Data can be tampered with by attackers.
CVE-2026-56787 Vulnerability in c (CVE-2026-56787)
vulnerability in c (CVE-2026-56787). Risk of unauthorized operations or information disclosure.
CVE-2026-56790 Vulnerability in c (CVE-2026-56790)
vulnerability in c (CVE-2026-56790). Data can be tampered with by attackers.
CVE-2026-11999 Vulnerability in c (CVE-2026-11999)
vulnerability in c (CVE-2026-11999). Data can be tampered with by attackers.
CVE-2026-9086 Cross-Site Scripting (XSS) in redhat (CVE-2026-9086)
cross-site scripting in redhat (CVE-2026-9086). Confidential information can be exposed externally.
CVE-2026-45233 Path Traversal in path-traversal (CVE-2026-45233)
path traversal in path-traversal (CVE-2026-45233). Data can be tampered with by attackers.
CVE-2026-48945 Unrestricted File Upload in joomlaworks (CVE-2026-48945)
vulnerability in joomlaworks (CVE-2026-48945). Risk of unauthorized operations or information disclosure.
CVE-2026-48943 Vulnerability in c (CVE-2026-48943)
vulnerability in c (CVE-2026-48943). Risk of unauthorized operations or information disclosure. Exploitable via ``plg_user_k2``.
CVE-2026-48946 Unrestricted File Upload in apache (CVE-2026-48946)
vulnerability in apache (CVE-2026-48946). Risk of unauthorized operations or information disclosure. Exploitable via ``shell.php``.
CVE-2026-48944 Path Traversal in joomlaworks (CVE-2026-48944)
path traversal in joomlaworks (CVE-2026-48944). Confidential information can be exposed externally. Exploitable via ``configuration.php``.
CVE-2026-47770 Vulnerability in c (CVE-2026-47770)
vulnerability in c (CVE-2026-47770). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.2` or later.
CVE-2026-55413 Code Injection in CVE-2026-55413 (CVE-2026-55413)
code injection in CVE-2026-55413 (CVE-2026-55413). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.20.178-lts` or later.
CVE-2026-57456 Code Injection in vim (CVE-2026-57456)
code injection in vim (CVE-2026-57456). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0699` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →