Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-36670 SQL Injection in sqli (CVE-2026-36670)
SQL injection in sqli (CVE-2026-36670). Successful exploitation can lead to full system takeover.
CVE-2025-70102 Vulnerability in c (CVE-2025-70102)
vulnerability in c (CVE-2025-70102). Risk of unauthorized operations or information disclosure.
CVE-2025-55663 Vulnerability in c (CVE-2025-55663)
vulnerability in c (CVE-2025-55663). Risk of unauthorized operations or information disclosure.
CVE-2025-55660 Vulnerability in c (CVE-2025-55660)
vulnerability in c (CVE-2025-55660). Risk of unauthorized operations or information disclosure.
CVE-2025-55652 Vulnerability in c (CVE-2025-55652)
vulnerability in c (CVE-2025-55652). Risk of unauthorized operations or information disclosure.
CVE-2025-55650 Use-After-Free in c (CVE-2025-55650)
vulnerability in c (CVE-2025-55650). Risk of unauthorized operations or information disclosure.
CVE-2025-55649 Vulnerability in c (CVE-2025-55649)
vulnerability in c (CVE-2025-55649). Risk of unauthorized operations or information disclosure.
CVE-2025-55648 Vulnerability in c (CVE-2025-55648)
vulnerability in c (CVE-2025-55648). Risk of unauthorized operations or information disclosure.
CVE-2025-55647 Vulnerability in c (CVE-2025-55647)
vulnerability in c (CVE-2025-55647). Risk of unauthorized operations or information disclosure.
CVE-2025-55645 Vulnerability in c (CVE-2025-55645)
vulnerability in c (CVE-2025-55645). Risk of unauthorized operations or information disclosure.
CVE-2025-55644 Use-After-Free in c (CVE-2025-55644)
vulnerability in c (CVE-2025-55644). Risk of unauthorized operations or information disclosure.
CVE-2025-55643 Vulnerability in c (CVE-2025-55643)
vulnerability in c (CVE-2025-55643). Risk of unauthorized operations or information disclosure.
CVE-2025-55642 Vulnerability in c (CVE-2025-55642)
vulnerability in c (CVE-2025-55642). Risk of unauthorized operations or information disclosure.
CVE-2025-55641 Vulnerability in c (CVE-2025-55641)
vulnerability in c (CVE-2025-55641). Risk of unauthorized operations or information disclosure.
CVE-2026-54271 Code Injection in protobufjs-cli (CVE-2026-54271)
code injection in protobufjs-cli (CVE-2026-54271). Confidential information can be exposed externally. Exploitable via ``pbjs``. Mitigation: upgrade to `2.5.0` or later.
CVE-2026-54270 Vulnerability in protobufjs (CVE-2026-54270)
vulnerability in protobufjs (CVE-2026-54270). Risk of unauthorized operations or information disclosure. Exploitable via ``Reader``. Mitigation: upgrade to `8.5.0` or later.
CVE-2026-54274 Vulnerability in aiohttp (CVE-2026-54274)
vulnerability in aiohttp (CVE-2026-54274). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54275 Vulnerability in aiohttp (CVE-2026-54275)
vulnerability in aiohttp (CVE-2026-54275). Risk of unauthorized operations or information disclosure. Exploitable via ``server_hostname``. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54280 Vulnerability in aiohttp (CVE-2026-54280)
vulnerability in aiohttp (CVE-2026-54280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54273 Vulnerability in aiohttp (CVE-2026-54273)
vulnerability in aiohttp (CVE-2026-54273). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54278 Vulnerability in aiohttp (CVE-2026-54278)
vulnerability in aiohttp (CVE-2026-54278). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54277 Vulnerability in aiohttp (CVE-2026-54277)
vulnerability in aiohttp (CVE-2026-54277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54276 Information Disclosure in aiohttp (CVE-2026-54276)
vulnerability in aiohttp (CVE-2026-54276). Risk of unauthorized operations or information disclosure. Exploitable via ``DigestAuthMiddleware``. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-54279 Vulnerability in aiohttp (CVE-2026-54279)
vulnerability in aiohttp (CVE-2026-54279). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-50269 Vulnerability in aiohttp (CVE-2026-50269)
vulnerability in aiohttp (CVE-2026-50269). Risk of unauthorized operations or information disclosure. Exploitable via ``Payload.headers``. Mitigation: upgrade to `3.14.0` or later.
CVE-2026-49294 Cross-Site Scripting (XSS) in CVE-2026-49294 (CVE-2026-49294)
cross-site scripting in CVE-2026-49294 (CVE-2026-49294). Risk of unauthorized operations or information disclosure.
CVE-2026-48712 Vulnerability in protobufjs (CVE-2026-48712)
vulnerability in protobufjs (CVE-2026-48712). Risk of unauthorized operations or information disclosure. Exploitable via ``google.protobuf.Any``. Mitigation: upgrade to `8.4.1` or later.
CVE-2026-54269 Vulnerability in protobufjs (CVE-2026-54269)
vulnerability in protobufjs (CVE-2026-54269). Risk of unauthorized operations or information disclosure. Exploitable via ``hasOwnProperty``. Mitigation: upgrade to `8.6.0` or later.
CVE-2026-54264 Information Disclosure in @angular/service-worker (CVE-2026-54264)
vulnerability in @angular/service-worker (CVE-2026-54264). Risk of unauthorized operations or information disclosure. Exploitable via ``Authorization``.
CVE-2026-54268 Vulnerability in @angular/common (CVE-2026-54268)
vulnerability in @angular/common (CVE-2026-54268). Risk of unauthorized operations or information disclosure. Exploitable via ``formatDate``.
CVE-2026-54266 Vulnerability in @angular/common (CVE-2026-54266)
vulnerability in @angular/common (CVE-2026-54266). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpTransferCache``.
CVE-2026-54265 Cross-Site Scripting (XSS) in @angular/compiler (CVE-2026-54265)
cross-site scripting in @angular/compiler (CVE-2026-54265). Risk of unauthorized operations or information disclosure. Exploitable via ``innerHTML``.
CVE-2026-50557 Cross-Site Scripting (XSS) in @angular/core (CVE-2026-50557)
cross-site scripting in @angular/core (CVE-2026-50557). Risk of unauthorized operations or information disclosure.
CVE-2026-50556 Cross-Site Scripting (XSS) in @angular/platform-server (CVE-2026-50556)
cross-site scripting in @angular/platform-server (CVE-2026-50556). Risk of unauthorized operations or information disclosure. Exploitable via ``domino``.
CVE-2026-50555 Cross-Site Scripting (XSS) in @angular/platform-server (CVE-2026-50555)
cross-site scripting in @angular/platform-server (CVE-2026-50555). Risk of unauthorized operations or information disclosure. Exploitable via ``domino``.
CVE-2026-53655 Vulnerability in tar (CVE-2026-53655)
vulnerability in tar (CVE-2026-53655). Data can be tampered with by attackers. Exploitable via ``tar``. Mitigation: upgrade to `7.5.16` or later.
CVE-2026-53632 Vulnerability in launch-editor (CVE-2026-53632)
vulnerability in launch-editor (CVE-2026-53632). Risk of unauthorized operations or information disclosure. Exploitable via ``smbserver.py``. Mitigation: upgrade to `2.14.1` or later.
CVE-2026-53571 Path Traversal in vite (CVE-2026-53571)
path traversal in vite (CVE-2026-53571). Confidential information can be exposed externally. Exploitable via ``server.fs.deny``. Mitigation: upgrade to `6.4.3` or later.
CVE-2026-53550 Vulnerability in js-yaml (CVE-2026-53550)
vulnerability in js-yaml (CVE-2026-53550). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.15.0` or later.
CVE-2026-49356 Path Traversal in @babel/core (CVE-2026-49356)
path traversal in @babel/core (CVE-2026-49356). Risk of unauthorized operations or information disclosure. Exploitable via ``inputSourceMap``. Mitigation: upgrade to `7.29.6` or later.
CVE-2026-50184 Information Disclosure in @angular/service-worker (CVE-2026-50184)
vulnerability in @angular/service-worker (CVE-2026-50184). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
CVE-2026-50171 Vulnerability in @angular/common (CVE-2026-50171)
vulnerability in @angular/common (CVE-2026-50171). Risk of unauthorized operations or information disclosure. Exploitable via ``formatNumber``. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-50170 Vulnerability in @angular/common (CVE-2026-50170)
vulnerability in @angular/common (CVE-2026-50170). Confidential information can be exposed externally. Exploitable via ``HttpTransferCache``. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-52725 Cross-Site Scripting (XSS) in @angular/core (CVE-2026-52725)
cross-site scripting in @angular/core (CVE-2026-52725). Risk of unauthorized operations or information disclosure. Exploitable via ``createComponent``. Mitigation: upgrade to `20.3.22` or later.
CVE-2026-50169 Information Disclosure in @angular/service-worker (CVE-2026-50169)
vulnerability in @angular/service-worker (CVE-2026-50169). Risk of unauthorized operations or information disclosure. Exploitable via ``Request``. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-50168 Vulnerability in @angular/platform-server (CVE-2026-50168)
vulnerability in @angular/platform-server (CVE-2026-50168). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-48779 Vulnerability in ws (CVE-2026-48779)
vulnerability in ws (CVE-2026-48779). Risk of unauthorized operations or information disclosure. Exploitable via ``maxPayload``. Mitigation: upgrade to `8.21.0` or later.
CVE-2026-10634 Use-After-Free in c (CVE-2026-10634)
vulnerability in c (CVE-2026-10634). Risk of unauthorized operations or information disclosure.
CVE-2026-54267 Cross-Site Scripting (XSS) in @angular/core (CVE-2026-54267)
cross-site scripting in @angular/core (CVE-2026-54267). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpClient``.
CVE-2026-49062 Vulnerability in CVE-2026-49062 (CVE-2026-49062)
vulnerability in CVE-2026-49062 (CVE-2026-49062). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →