Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-52982 Vulnerability in c (CVE-2026-52982)
vulnerability in c (CVE-2026-52982). Successful exploitation can lead to full system takeover.
CVE-2026-52991 Vulnerability in c (CVE-2026-52991)
vulnerability in c (CVE-2026-52991). Successful exploitation can lead to full system takeover.
CVE-2026-52947 Vulnerability in c (CVE-2026-52947)
vulnerability in c (CVE-2026-52947). Successful exploitation can lead to full system takeover.
CVE-2026-52957 Vulnerability in c (CVE-2026-52957)
vulnerability in c (CVE-2026-52957). Risk of unauthorized operations or information disclosure.
CVE-2026-52966 Vulnerability in c (CVE-2026-52966)
vulnerability in c (CVE-2026-52966). Risk of unauthorized operations or information disclosure.
CVE-2026-52961 Vulnerability in c (CVE-2026-52961)
vulnerability in c (CVE-2026-52961). Risk of unauthorized operations or information disclosure.
CVE-2026-48721 Vulnerability in c (CVE-2026-48721)
vulnerability in c (CVE-2026-48721). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.2026.05.06.15.42.stable` or later.
CVE-2026-49851 Vulnerability in dos (CVE-2026-49851)
vulnerability in dos (CVE-2026-49851). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.0` or later.
CVE-2026-56121 Unsafe Deserialization in deserialization (CVE-2026-56121)
vulnerability in deserialization (CVE-2026-56121). Successful exploitation can lead to full system takeover.
CVE-2026-56111 Vulnerability in c (CVE-2026-56111)
vulnerability in c (CVE-2026-56111). Data can be tampered with by attackers.
CVE-2026-50699 Cross-Site Scripting (XSS) in CVE-2026-50699 (CVE-2026-50699)
cross-site scripting in CVE-2026-50699 (CVE-2026-50699). Risk of unauthorized operations or information disclosure.
CVE-2026-42450 Vulnerability in cpp (CVE-2026-42450)
vulnerability in cpp (CVE-2026-42450). Risk of unauthorized operations or information disclosure. Exploitable via ``sscanf``.
CVE-2026-13163 Open Redirect in c (CVE-2026-13163)
vulnerability in c (CVE-2026-13163). Risk of unauthorized operations or information disclosure.
CVE-2026-12242 Code Injection in wordpress (CVE-2026-12242)
code injection in wordpress (CVE-2026-12242). Successful exploitation can lead to full system takeover.
CVE-2026-52942 Out-of-Bounds Read in c (CVE-2026-52942)
vulnerability in c (CVE-2026-52942). Confidential information can be exposed externally.
CVE-2026-52941 Vulnerability in c (CVE-2026-52941)
vulnerability in c (CVE-2026-52941). Risk of unauthorized operations or information disclosure.
CVE-2026-52939 Vulnerability in c (CVE-2026-52939)
vulnerability in c (CVE-2026-52939). Risk of unauthorized operations or information disclosure.
CVE-2026-52938 Vulnerability in c (CVE-2026-52938)
vulnerability in c (CVE-2026-52938). Risk of unauthorized operations or information disclosure.
CVE-2026-52925 Vulnerability in c (CVE-2026-52925)
vulnerability in c (CVE-2026-52925). Risk of unauthorized operations or information disclosure.
CVE-2026-52915 Vulnerability in c (CVE-2026-52915)
vulnerability in c (CVE-2026-52915). Confidential information can be exposed externally. Exploitable via ``IP6T_OPTS_OPTSNR``.
CVE-2026-9643 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9643)
cross-site scripting in wordpress (CVE-2026-9643). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_wpms_links.link_url``.
CVE-2026-9183 Information Disclosure in wordpress (CVE-2026-9183)
vulnerability in wordpress (CVE-2026-9183). Risk of unauthorized operations or information disclosure.
CVE-2026-9612 Information Disclosure in wordpress (CVE-2026-9612)
vulnerability in wordpress (CVE-2026-9612). Risk of unauthorized operations or information disclosure.
CVE-2026-8705 SQL Injection in wordpress (CVE-2026-8705)
SQL injection in wordpress (CVE-2026-8705). Confidential information can be exposed externally. Exploitable via ``clearsale_total_push``.
CVE-2026-8628 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8628)
cross-site scripting in wordpress (CVE-2026-8628). Risk of unauthorized operations or information disclosure.
CVE-2026-13006 Vulnerability in CVE-2026-13006 (CVE-2026-13006)
vulnerability in CVE-2026-13006 (CVE-2026-13006). Risk of unauthorized operations or information disclosure.
CVE-2026-12417 Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
CVE-2026-10091 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10091)
cross-site scripting in wordpress (CVE-2026-10091). Risk of unauthorized operations or information disclosure.
CVE-2026-10749 Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
CVE-2026-3652 The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
CVE-2026-54639 Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `c...
Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `convertTokenData(tokens, { output: 'object' });`; indirect usage, via using Expand API; and/or indire...
CVE-2026-56785 Cross-Site Scripting (XSS) in CVE-2026-56785 (CVE-2026-56785)
cross-site scripting in CVE-2026-56785 (CVE-2026-56785). Confidential information can be exposed externally.
CVE-2026-54512 Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512). Successful exploitation can lead to full system takeover. Exploitable via ``PolymorphicTypeValidator``. Mitigation: upgrade to `2.21.4` or later.
CVE-2026-56120 Vulnerability in CVE-2026-56120 (CVE-2026-56120)
vulnerability in CVE-2026-56120 (CVE-2026-56120). Confidential information can be exposed externally.
CVE-2026-11819 Vulnerability in c (CVE-2026-11819)
vulnerability in c (CVE-2026-11819). Confidential information can be exposed externally.
CVE-2026-11820 Vulnerability in c (CVE-2026-11820)
vulnerability in c (CVE-2026-11820). Confidential information can be exposed externally.
CVE-2026-55249 OS Command Injection in c (CVE-2026-55249)
OS command injection in c (CVE-2026-55249). Confidential information can be exposed externally.
CVE-2026-55488 Path Traversal in motioneye (CVE-2026-55488)
path traversal in motioneye (CVE-2026-55488). Risk of unauthorized operations or information disclosure. Exploitable via `GET /movie/`. Mitigation: upgrade to `0.44.0` or later.
CVE-2026-50221 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-50221)
SSRF in ssrf (CVE-2026-50221). Risk of unauthorized operations or information disclosure.
CVE-2025-71382 Vulnerability in c (CVE-2025-71382)
vulnerability in c (CVE-2025-71382). Risk of unauthorized operations or information disclosure.
CVE-2026-55448 OS Command Injection in mise (CVE-2026-55448)
OS command injection in mise (CVE-2026-55448). Confidential information can be exposed externally. Exploitable via ``mise``. Mitigation: upgrade to `2026.6.4` or later.
CVE-2026-55441 OS Command Injection in mise (CVE-2026-55441)
OS command injection in mise (CVE-2026-55441). Successful exploitation can lead to full system takeover. Exploitable via ``mise.toml``. Mitigation: upgrade to `2026.6.4` or later.
CVE-2026-53662 Cross-Site Scripting (XSS) in CVE-2026-53662 (CVE-2026-53662)
cross-site scripting in CVE-2026-53662 (CVE-2026-53662). Successful exploitation can lead to full system takeover.
CVE-2026-54557 Path Traversal in mise (CVE-2026-54557)
path traversal in mise (CVE-2026-54557). Data can be tampered with by attackers. Exploitable via ``bin_path``. Mitigation: upgrade to `2026.6.1` or later.
CVE-2026-52816 Vulnerability in gogs.io/gogs (CVE-2026-52816)
vulnerability in gogs.io/gogs (CVE-2026-52816). Risk of unauthorized operations or information disclosure. Exploitable via `POST /-/api/sanitize_ipynb`. Mitigation: upgrade to `0.14.3` or later.
CVE-2026-56114 Out-of-Bounds Write in c (CVE-2026-56114)
out-of-bounds write in c (CVE-2026-56114). Risk of unauthorized operations or information disclosure.
CVE-2026-56117 Use-After-Free in c (CVE-2026-56117)
vulnerability in c (CVE-2026-56117). Risk of unauthorized operations or information disclosure.
CVE-2026-56115 Vulnerability in c (CVE-2026-56115)
vulnerability in c (CVE-2026-56115). Successful exploitation can lead to full system takeover.
CVE-2026-44960 Cross-Site Scripting (XSS) in CVE-2026-44960 (CVE-2026-44960)
cross-site scripting in CVE-2026-44960 (CVE-2026-44960). Risk of unauthorized operations or information disclosure.
CVE-2026-44959 Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →