Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-0146 Vulnerability in c (CVE-2026-0146)
vulnerability in c (CVE-2026-0146). Successful exploitation can lead to full system takeover.
CVE-2026-0147 Vulnerability in c (CVE-2026-0147)
vulnerability in c (CVE-2026-0147). Successful exploitation can lead to full system takeover.
CVE-2026-0143 Use-After-Free in c (CVE-2026-0143)
vulnerability in c (CVE-2026-0143). Successful exploitation can lead to full system takeover.
CVE-2026-0160 Vulnerability in cpp (CVE-2026-0160)
vulnerability in cpp (CVE-2026-0160). Successful exploitation can lead to full system takeover.
CVE-2026-0144 Vulnerability in cpp (CVE-2026-0144)
vulnerability in cpp (CVE-2026-0144). Risk of unauthorized operations or information disclosure.
CVE-2026-0148 Vulnerability in cpp (CVE-2026-0148)
vulnerability in cpp (CVE-2026-0148). Successful exploitation can lead to full system takeover.
CVE-2026-0156 Vulnerability in cpp (CVE-2026-0156)
vulnerability in cpp (CVE-2026-0156). Risk of unauthorized operations or information disclosure.
CVE-2026-12425 Cross-Site Scripting (XSS) in powerschool (CVE-2026-12425)
cross-site scripting in powerschool (CVE-2026-12425). Risk of unauthorized operations or information disclosure.
CVE-2026-0161 Vulnerability in cpp (CVE-2026-0161)
vulnerability in cpp (CVE-2026-0161). Successful exploitation can lead to full system takeover.
CVE-2026-0162 Vulnerability in cpp (CVE-2026-0162)
vulnerability in cpp (CVE-2026-0162). Successful exploitation can lead to full system takeover.
CVE-2026-0127 Out-of-Bounds Read in cpp (CVE-2026-0127)
vulnerability in cpp (CVE-2026-0127). Risk of unauthorized operations or information disclosure.
CVE-2026-0134 Vulnerability in cpp (CVE-2026-0134)
vulnerability in cpp (CVE-2026-0134). Risk of unauthorized operations or information disclosure.
CVE-2026-0141 Vulnerability in cpp (CVE-2026-0141)
vulnerability in cpp (CVE-2026-0141). Risk of unauthorized operations or information disclosure.
CVE-2026-0142 Vulnerability in c (CVE-2026-0142)
vulnerability in c (CVE-2026-0142). Risk of unauthorized operations or information disclosure.
CVE-2026-0137 Use-After-Free in c (CVE-2026-0137)
vulnerability in c (CVE-2026-0137). Successful exploitation can lead to full system takeover.
CVE-2026-0133 Vulnerability in c (CVE-2026-0133)
vulnerability in c (CVE-2026-0133). Successful exploitation can lead to full system takeover.
CVE-2026-0138 Vulnerability in c (CVE-2026-0138)
vulnerability in c (CVE-2026-0138). Successful exploitation can lead to full system takeover.
CVE-2026-0125 Use-After-Free in c (CVE-2026-0125)
vulnerability in c (CVE-2026-0125). Successful exploitation can lead to full system takeover.
CVE-2026-52845 Authentication Bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845)
authentication bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845). Confidential information can be exposed externally. Exploitable via `GET /index.php`. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-47750 Out-of-Bounds Write in c (CVE-2026-47750)
out-of-bounds write in c (CVE-2026-47750). Successful exploitation can lead to full system takeover.
CVE-2026-47747 Vulnerability in c (CVE-2026-47747)
vulnerability in c (CVE-2026-47747). Successful exploitation can lead to full system takeover.
CVE-2026-53753 Code Injection in crawl4ai (CVE-2026-53753)
code injection in crawl4ai (CVE-2026-53753). Successful exploitation can lead to full system takeover. Exploitable via `POST /crawl`. Mitigation: upgrade to `0.8.7` or later.
CVE-2026-53864 OpenClaw: Host environment sanitizer missed two Node.js control variables
OpenClaw: Host environment sanitizer missed two Node.js control variables
CVE-2026-53842 Vulnerability in openclaw (CVE-2026-53842)
vulnerability in openclaw (CVE-2026-53842). Confidential information can be exposed externally. Exploitable via ``gcloud``. Mitigation: upgrade to `2026.5.2` or later.
CVE-2026-53841 Cross-Site Scripting (XSS) in openclaw (CVE-2026-53841)
cross-site scripting in openclaw (CVE-2026-53841). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.5.12` or later.
CVE-2026-48775 Unsafe Deserialization in langgraph-checkpoint (CVE-2026-48775)
vulnerability in langgraph-checkpoint (CVE-2026-48775). Successful exploitation can lead to full system takeover. Exploitable via ``JsonPlusSerializer``. Mitigation: upgrade to `4.1.1` or later.
CVE-2026-47749 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. Versions prior to master-584-0a7ae07 are vulnerable to...
stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. Versions prior to master-584-0a7ae07 are vulnerable to heap buffer overflow in SHORT_BINUNICODE parsing for PyTorch checkpoint files. The pickle .ckpt pars...
CVE-2026-47748 Out-of-Bounds Read in c (CVE-2026-47748)
vulnerability in c (CVE-2026-47748). Risk of unauthorized operations or information disclosure.
CVE-2026-49401 Vulnerability in deno (CVE-2026-49401)
vulnerability in deno (CVE-2026-49401). Data can be tampered with by attackers. Mitigation: upgrade to `2.7.14` or later.
CVE-2026-49406 Path Traversal in deno (CVE-2026-49406)
path traversal in deno (CVE-2026-49406). Confidential information can be exposed externally. Exploitable via ``main``. Mitigation: upgrade to `2.7.12` or later.
CVE-2026-49411 Vulnerability in deno (CVE-2026-49411)
vulnerability in deno (CVE-2026-49411). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `2.8.0` or later.
CVE-2026-49440 Vulnerability in deno (CVE-2026-49440)
vulnerability in deno (CVE-2026-49440). Confidential information can be exposed externally. Exploitable via ``options.checks``. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-49402 OS Command Injection in deno (CVE-2026-49402)
OS command injection in deno (CVE-2026-49402). Successful exploitation can lead to full system takeover. Exploitable via ``spawn``. Mitigation: upgrade to `2.7.10` or later.
CVE-2026-49983 Authorization Flaw in deno (CVE-2026-49983)
vulnerability in deno (CVE-2026-49983). Risk of unauthorized operations or information disclosure. Exploitable via ``env``. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-49860 SSRF (Server-Side Request Forgery) in deno (CVE-2026-49860)
SSRF in deno (CVE-2026-49860). Risk of unauthorized operations or information disclosure. Exploitable via ``localhost``. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-49859 Vulnerability in deno (CVE-2026-49859)
vulnerability in deno (CVE-2026-49859). Risk of unauthorized operations or information disclosure. Exploitable via ``localhost``. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-54301 Cross-Site Scripting (XSS) in n8n (CVE-2026-54301)
cross-site scripting in n8n (CVE-2026-54301). Risk of unauthorized operations or information disclosure. Exploitable via ``NODES_EXCLUDE``. Mitigation: upgrade to `2.25.7` or later.
CVE-2026-49444 Vulnerability in n8n (CVE-2026-49444)
vulnerability in n8n (CVE-2026-49444). Confidential information can be exposed externally. Exploitable via ``NODES_EXCLUDE``. Mitigation: upgrade to `2.21.8` or later.
CVE-2026-48519 Code Injection in langflow (CVE-2026-48519)
code injection in langflow (CVE-2026-48519). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.9.2` or later.
CVE-2026-41523 Code Injection in vllm (CVE-2026-41523)
code injection in vllm (CVE-2026-41523). Successful exploitation can lead to full system takeover. Exploitable via ``assert``. Mitigation: upgrade to `0.22.0` or later.
CVE-2026-12003 Vulnerability in CVE-2026-12003 (CVE-2026-12003)
vulnerability in CVE-2026-12003 (CVE-2026-12003). Risk of unauthorized operations or information disclosure. Exploitable via ``Lib``.
CVE-2026-10638 Use-After-Free in c (CVE-2026-10638)
vulnerability in c (CVE-2026-10638). Risk of unauthorized operations or information disclosure.
CVE-2026-10640 Use-After-Free in c (CVE-2026-10640)
vulnerability in c (CVE-2026-10640). Risk of unauthorized operations or information disclosure.
CVE-2026-10639 Use-After-Free in c (CVE-2026-10639)
vulnerability in c (CVE-2026-10639). Risk of unauthorized operations or information disclosure.
CVE-2026-10637 Use-After-Free in c (CVE-2026-10637)
vulnerability in c (CVE-2026-10637). Risk of unauthorized operations or information disclosure.
CVE-2026-10636 Use-After-Free in c (CVE-2026-10636)
vulnerability in c (CVE-2026-10636). Risk of unauthorized operations or information disclosure.
CVE-2026-54293 Path Traversal in nltk (CVE-2026-54293)
path traversal in nltk (CVE-2026-54293). Confidential information can be exposed externally.
CVE-2026-54288 Vulnerability in hono (CVE-2026-54288)
vulnerability in hono (CVE-2026-54288). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.12.25` or later.
CVE-2026-54289 Vulnerability in hono (CVE-2026-54289)
vulnerability in hono (CVE-2026-54289). Risk of unauthorized operations or information disclosure. Exploitable via ``Headers.set``. Mitigation: upgrade to `4.12.25` or later.
CVE-2026-54290 Vulnerability in hono (CVE-2026-54290)
vulnerability in hono (CVE-2026-54290). Confidential information can be exposed externally. Exploitable via ``origin``. Mitigation: upgrade to `4.12.25` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →