Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-5068 Out-of-Bounds Write in c (CVE-2026-5068)
out-of-bounds write in c (CVE-2026-5068). Risk of unauthorized operations or information disclosure.
CVE-2026-8981 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8981)
cross-site scripting in wordpress (CVE-2026-8981). Risk of unauthorized operations or information disclosure.
CVE-2026-9662 Vulnerability in wordpress (CVE-2026-9662)
vulnerability in wordpress (CVE-2026-9662). Successful exploitation can lead to full system takeover. Exploitable via ``tpf``.
CVE-2026-8907 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8907)
vulnerability in wordpress (CVE-2026-8907). Risk of unauthorized operations or information disclosure.
CVE-2026-8940 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8940)
vulnerability in wordpress (CVE-2026-8940). Risk of unauthorized operations or information disclosure.
CVE-2026-8895 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8895)
cross-site scripting in wordpress (CVE-2026-8895). Risk of unauthorized operations or information disclosure.
CVE-2026-7662 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7662)
cross-site scripting in wordpress (CVE-2026-7662). Risk of unauthorized operations or information disclosure. Exploitable via ``epaperflip_embed``.
CVE-2026-8499 Vulnerability in wordpress (CVE-2026-8499)
vulnerability in wordpress (CVE-2026-8499). Risk of unauthorized operations or information disclosure. Exploitable via ``token``.
CVE-2026-41846 Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
CVE-2026-41845 Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
CVE-2026-11603 Cross-Site Scripting (XSS) in wordpress (CVE-2026-11603)
cross-site scripting in wordpress (CVE-2026-11603). Risk of unauthorized operations or information disclosure.
CVE-2026-11623 Buffer Overflow in c (CVE-2026-11623)
vulnerability in c (CVE-2026-11623). Risk of unauthorized operations or information disclosure.
CVE-2026-11619 Vulnerability in CVE-2026-11619 (CVE-2026-11619)
vulnerability in CVE-2026-11619 (CVE-2026-11619). Risk of unauthorized operations or information disclosure.
CVE-2026-11618 Authentication Bypass in CVE-2026-11618 (CVE-2026-11618)
authentication bypass in CVE-2026-11618 (CVE-2026-11618). Risk of unauthorized operations or information disclosure.
CVE-2026-44746 Cross-Site Scripting (XSS) in CVE-2026-44746 (CVE-2026-44746)
cross-site scripting in CVE-2026-44746 (CVE-2026-44746). Risk of unauthorized operations or information disclosure.
CVE-2026-40128 Vulnerability in path-traversal (CVE-2026-40128)
vulnerability in path-traversal (CVE-2026-40128). Successful exploitation can lead to full system takeover.
CVE-2026-11693 Vulnerability in c (CVE-2026-11693)
vulnerability in c (CVE-2026-11693). Confidential information can be exposed externally.
CVE-2026-11691 Vulnerability in c (CVE-2026-11691)
vulnerability in c (CVE-2026-11691). Risk of unauthorized operations or information disclosure.
CVE-2026-47734 Vulnerability in dulwich (CVE-2026-47734)
vulnerability in dulwich (CVE-2026-47734). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.5` or later.
CVE-2026-47712 Path Traversal in dulwich (CVE-2026-47712)
path traversal in dulwich (CVE-2026-47712). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.5` or later.
CVE-2026-47244 Vulnerability in io.netty:netty-codec-http2 (CVE-2026-47244)
vulnerability in io.netty:netty-codec-http2 (CVE-2026-47244). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-45536 Information Disclosure in io.netty:netty-transport-native-epoll (CVE-2026-45536)
vulnerability in io.netty:netty-transport-native-epoll (CVE-2026-45536). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-45034 Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-45034)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-45034). Risk of unauthorized operations or information disclosure. Exploitable via ``parse_url``. Mitigation: upgrade to `1.30.5` or later.
CVE-2026-11585 Vulnerability in sqli (CVE-2026-11585)
vulnerability in sqli (CVE-2026-11585). Risk of unauthorized operations or information disclosure.
CVE-2026-11584 Vulnerability in sqli (CVE-2026-11584)
vulnerability in sqli (CVE-2026-11584). Risk of unauthorized operations or information disclosure.
CVE-2026-40519 OS Command Injection in nginx (CVE-2026-40519)
OS command injection in nginx (CVE-2026-40519). Successful exploitation can lead to full system takeover.
CVE-2026-11582 Vulnerability in sqli (CVE-2026-11582)
vulnerability in sqli (CVE-2026-11582). Risk of unauthorized operations or information disclosure.
CVE-2026-11583 Vulnerability in sqli (CVE-2026-11583)
vulnerability in sqli (CVE-2026-11583). Risk of unauthorized operations or information disclosure.
CVE-2026-11393 Code Injection in Amazon aws (CVE-2026-11393)
code injection in Amazon aws (CVE-2026-11393). Successful exploitation can lead to full system takeover.
CVE-2026-52778 Code Injection in dos (CVE-2026-52778)
code injection in dos (CVE-2026-52778). Successful exploitation can lead to full system takeover.
CVE-2026-11559 Vulnerability in sqli (CVE-2026-11559)
vulnerability in sqli (CVE-2026-11559). Risk of unauthorized operations or information disclosure.
CVE-2026-11558 Vulnerability in sqli (CVE-2026-11558)
vulnerability in sqli (CVE-2026-11558). Risk of unauthorized operations or information disclosure.
CVE-2026-44892 Vulnerability in io.netty:netty-codec-http3 (CVE-2026-44892)
vulnerability in io.netty:netty-codec-http3 (CVE-2026-44892). Risk of unauthorized operations or information disclosure. Exploitable via ``Http3ConnectionHandler``. Mitigation: upgrade to `4.2.15.Final` or later.
CVE-2026-42890 Code Injection in actual (CVE-2026-42890)
code injection in actual (CVE-2026-42890). Risk of unauthorized operations or information disclosure. Exploitable via ``actual``. Mitigation: upgrade to `26.5.0` or later.
CVE-2026-11552 Vulnerability in CVE-2026-11552 (CVE-2026-11552)
vulnerability in CVE-2026-11552 (CVE-2026-11552). Risk of unauthorized operations or information disclosure.
CVE-2026-41479 Open Redirect in authlib (CVE-2026-41479)
vulnerability in authlib (CVE-2026-41479). Risk of unauthorized operations or information disclosure. Exploitable via ``redirect_uri``. Mitigation: upgrade to `1.7.1` or later.
CVE-2026-46313 Vulnerability in c (CVE-2026-46313)
vulnerability in c (CVE-2026-46313). Risk of unauthorized operations or information disclosure.
CVE-2026-46312 Vulnerability in c (CVE-2026-46312)
vulnerability in c (CVE-2026-46312). Risk of unauthorized operations or information disclosure.
CVE-2026-46307 Out-of-Bounds Read in c (CVE-2026-46307)
vulnerability in c (CVE-2026-46307). Confidential information can be exposed externally.
CVE-2026-46303 Vulnerability in c (CVE-2026-46303)
vulnerability in c (CVE-2026-46303). Confidential information can be exposed externally.
CVE-2026-46297 Vulnerability in c (CVE-2026-46297)
vulnerability in c (CVE-2026-46297). Risk of unauthorized operations or information disclosure.
CVE-2026-46295 Vulnerability in c (CVE-2026-46295)
vulnerability in c (CVE-2026-46295). Risk of unauthorized operations or information disclosure.
CVE-2026-46289 Vulnerability in c (CVE-2026-46289)
vulnerability in c (CVE-2026-46289). Successful exploitation can lead to full system takeover.
CVE-2026-46287 Vulnerability in c (CVE-2026-46287)
vulnerability in c (CVE-2026-46287). Risk of unauthorized operations or information disclosure.
CVE-2026-25856 Code Injection in c (CVE-2026-25856)
code injection in c (CVE-2026-25856). Successful exploitation can lead to full system takeover.
CVE-2026-11532 Vulnerability in CVE-2026-11532 (CVE-2026-11532)
vulnerability in CVE-2026-11532 (CVE-2026-11532). Risk of unauthorized operations or information disclosure.
CVE-2026-11534 Cross-Site Scripting (XSS) in CVE-2026-11534 (CVE-2026-11534)
cross-site scripting in CVE-2026-11534 (CVE-2026-11534). Risk of unauthorized operations or information disclosure.
CVE-2026-11531 Vulnerability in sqli (CVE-2026-11531)
vulnerability in sqli (CVE-2026-11531). Risk of unauthorized operations or information disclosure.
CVE-2026-11533 Vulnerability in CVE-2026-11533 (CVE-2026-11533)
vulnerability in CVE-2026-11533 (CVE-2026-11533). Risk of unauthorized operations or information disclosure.
CVE-2026-49233 Path Traversal in routinator (CVE-2026-49233)
path traversal in routinator (CVE-2026-49233). Confidential information can be exposed externally. Mitigation: upgrade to `0.15.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →