Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-44959 Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.
CVE-2026-44956 Cross-Site Scripting (XSS) in CVE-2026-44956 (CVE-2026-44956)
cross-site scripting in CVE-2026-44956 (CVE-2026-44956). Risk of unauthorized operations or information disclosure.
CVE-2026-34916 Code Injection in CVE-2026-34916 (CVE-2026-34916)
code injection in CVE-2026-34916 (CVE-2026-34916). Successful exploitation can lead to full system takeover.
CVE-2026-34912 Vulnerability in CVE-2026-34912 (CVE-2026-34912)
vulnerability in CVE-2026-34912 (CVE-2026-34912). Risk of unauthorized operations or information disclosure.
CVE-2026-34915 Cross-Site Scripting (XSS) in sqli (CVE-2026-34915)
cross-site scripting in sqli (CVE-2026-34915). Risk of unauthorized operations or information disclosure.
CVE-2026-34913 Vulnerability in CVE-2026-34913 (CVE-2026-34913)
vulnerability in CVE-2026-34913 (CVE-2026-34913). Risk of unauthorized operations or information disclosure.
CVE-2026-34914 SQL Injection in sqli (CVE-2026-34914)
SQL injection in sqli (CVE-2026-34914). Data can be tampered with by attackers.
CVE-2026-52814 Vulnerability in gogs.io/gogs (CVE-2026-52814)
vulnerability in gogs.io/gogs (CVE-2026-52814). Risk of unauthorized operations or information disclosure. Exploitable via ``net.Conn``. Mitigation: upgrade to `0.14.3` or later.
CVE-2026-52807 Cross-Site Scripting (XSS) in gogs.io/gogs (CVE-2026-52807)
cross-site scripting in gogs.io/gogs (CVE-2026-52807). Risk of unauthorized operations or information disclosure. Exploitable via ``preserveHTML``. Mitigation: upgrade to `0.14.3` or later.
CVE-2025-55639 Vulnerability in c (CVE-2025-55639)
vulnerability in c (CVE-2025-55639). Risk of unauthorized operations or information disclosure.
CVE-2026-11772 Cross-Site Scripting (XSS) in CVE-2026-11772 (CVE-2026-11772)
cross-site scripting in CVE-2026-11772 (CVE-2026-11772). Risk of unauthorized operations or information disclosure.
CVE-2026-12969 Out-of-Bounds Read in c (CVE-2026-12969)
vulnerability in c (CVE-2026-12969). Risk of unauthorized operations or information disclosure.
CVE-2026-56762 Vulnerability in CVE-2026-56762 (CVE-2026-56762)
vulnerability in CVE-2026-56762 (CVE-2026-56762). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
CVE-2026-56371 Vulnerability in c (CVE-2026-56371)
vulnerability in c (CVE-2026-56371). Risk of unauthorized operations or information disclosure.
CVE-2026-56784 Vulnerability in CVE-2026-56784 (CVE-2026-56784)
vulnerability in CVE-2026-56784 (CVE-2026-56784). Confidential information can be exposed externally.
CVE-2026-56315 Vulnerability in CVE-2026-56315 (CVE-2026-56315)
vulnerability in CVE-2026-56315 (CVE-2026-56315). Successful exploitation can lead to full system takeover.
CVE-2023-54365 Vulnerability in traefik (CVE-2023-54365)
vulnerability in traefik (CVE-2023-54365). Risk of unauthorized operations or information disclosure.
CVE-2026-12866 Code Injection in CVE-2026-12866 (CVE-2026-12866)
code injection in CVE-2026-12866 (CVE-2026-12866). Successful exploitation can lead to full system takeover.
CVE-2026-10658 Out-of-Bounds Read in c (CVE-2026-10658)
vulnerability in c (CVE-2026-10658). Risk of unauthorized operations or information disclosure.
CVE-2026-10651 Vulnerability in c (CVE-2026-10651)
vulnerability in c (CVE-2026-10651). Risk of unauthorized operations or information disclosure.
CVE-2026-10645 Out-of-Bounds Read in c (CVE-2026-10645)
vulnerability in c (CVE-2026-10645). Risk of unauthorized operations or information disclosure.
CVE-2026-52798 Cross-Site Scripting (XSS) in gogs.io/gogs (CVE-2026-52798)
cross-site scripting in gogs.io/gogs (CVE-2026-52798). Confidential information can be exposed externally. Exploitable via ``poc``. Mitigation: upgrade to `0.14.3` or later.
CVE-2026-56698 Cross-Site Scripting (XSS) in nuxt (CVE-2026-56698)
cross-site scripting in nuxt (CVE-2026-56698). Risk of unauthorized operations or information disclosure.
CVE-2026-48513 Vulnerability in MessagePack (CVE-2026-48513)
vulnerability in MessagePack (CVE-2026-48513). Risk of unauthorized operations or information disclosure. Exploitable via ``DynamicUnionResolver``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48517 Vulnerability in MessagePack (CVE-2026-48517)
vulnerability in MessagePack (CVE-2026-48517). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializer.Typeless``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48516 Vulnerability in MessagePack (CVE-2026-48516)
vulnerability in MessagePack (CVE-2026-48516). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48515 Vulnerability in MessagePack (CVE-2026-48515)
vulnerability in MessagePack (CVE-2026-48515). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48514 Vulnerability in MessagePack (CVE-2026-48514)
vulnerability in MessagePack (CVE-2026-48514). Risk of unauthorized operations or information disclosure. Exploitable via ``byteLength``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48502 Out-of-Bounds Read in MessagePack (CVE-2026-48502)
vulnerability in MessagePack (CVE-2026-48502). Risk of unauthorized operations or information disclosure. Exploitable via ``tokenSize``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48506 Vulnerability in MessagePack (CVE-2026-48506)
vulnerability in MessagePack (CVE-2026-48506). Risk of unauthorized operations or information disclosure. Exploitable via ``StackOverflowException``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48509 Vulnerability in MessagePack (CVE-2026-48509)
vulnerability in MessagePack (CVE-2026-48509). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializerOptions.Standard``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48510 Vulnerability in MessagePack (CVE-2026-48510)
vulnerability in MessagePack (CVE-2026-48510). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48511 Vulnerability in MessagePack (CVE-2026-48511)
vulnerability in MessagePack (CVE-2026-48511). Risk of unauthorized operations or information disclosure. Exploitable via ``ExpandoObjectFormatter.Deserialize``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48512 Vulnerability in MessagePack (CVE-2026-48512)
vulnerability in MessagePack (CVE-2026-48512). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSerializer.ConvertFromJson``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48167 Cross-Site Scripting (XSS) in filament/infolists (CVE-2026-48167)
cross-site scripting in filament/infolists (CVE-2026-48167). Risk of unauthorized operations or information disclosure. Exploitable via ``ImageColumn``. Mitigation: upgrade to `5.6.5` or later.
CVE-2026-48931 Vulnerability in nodejs (CVE-2026-48931)
vulnerability in nodejs (CVE-2026-48931). Risk of unauthorized operations or information disclosure.
CVE-2026-55599 SSRF (Server-Side Request Forgery) in phpseclib/phpseclib (CVE-2026-55599)
SSRF in phpseclib/phpseclib (CVE-2026-55599). Risk of unauthorized operations or information disclosure. Exploitable via `GET /ssrf`. Mitigation: upgrade to `3.0.54` or later.
CVE-2026-54651 Vulnerability in pypdf-project (CVE-2026-54651)
vulnerability in pypdf-project (CVE-2026-54651). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.13.1` or later.
CVE-2026-56109 Vulnerability in c (CVE-2026-56109)
vulnerability in c (CVE-2026-56109). Risk of unauthorized operations or information disclosure.
CVE-2026-12249 Vulnerability in CVE-2026-12249 (CVE-2026-12249)
vulnerability in CVE-2026-12249 (CVE-2026-12249). Successful exploitation can lead to full system takeover.
CVE-2026-11994 Cross-Site Scripting (XSS) in CVE-2026-11994 (CVE-2026-11994)
cross-site scripting in CVE-2026-11994 (CVE-2026-11994). Risk of unauthorized operations or information disclosure.
CVE-2026-33646 Code Injection in mise (CVE-2026-33646)
code injection in mise (CVE-2026-33646). Successful exploitation can lead to full system takeover. Exploitable via ``tera_exec``. Mitigation: upgrade to `2026.3.10` or later.
CVE-2026-8059 Cross-Site Scripting (XSS) in ibm (CVE-2026-8059)
cross-site scripting in ibm (CVE-2026-8059). Risk of unauthorized operations or information disclosure.
CVE-2026-50178 Cross-Site Scripting (XSS) in angular (CVE-2026-50178)
cross-site scripting in angular (CVE-2026-50178). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
CVE-2026-49241 Cross-Site Scripting (XSS) in angular (CVE-2026-49241)
cross-site scripting in angular (CVE-2026-49241). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
CVE-2026-11942 Cross-Site Scripting (XSS) in CVE-2026-11942 (CVE-2026-11942)
cross-site scripting in CVE-2026-11942 (CVE-2026-11942). Risk of unauthorized operations or information disclosure.
CVE-2026-11943 Cross-Site Scripting (XSS) in CVE-2026-11943 (CVE-2026-11943)
cross-site scripting in CVE-2026-11943 (CVE-2026-11943). Risk of unauthorized operations or information disclosure.
CVE-2026-11372 Cross-Site Scripting (XSS) in ibm (CVE-2026-11372)
cross-site scripting in ibm (CVE-2026-11372). Risk of unauthorized operations or information disclosure.
CVE-2026-56425 Vulnerability in csrf (CVE-2026-56425)
vulnerability in csrf (CVE-2026-56425). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
CVE-2026-56446 Code Injection in misp-project (CVE-2026-56446)
code injection in misp-project (CVE-2026-56446). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →