Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44889 |
|
Open Redirect in webob (CVE-2026-44889)
vulnerability in webob (CVE-2026-44889). Risk of unauthorized operations or information disclosure. Exploitable via ``urllib.parse``. Mitigation: upgrade to `1.8.10` or later.
|
| CVE-2026-44496 |
|
Vulnerability in axios (CVE-2026-44496)
vulnerability in axios (CVE-2026-44496). Risk of unauthorized operations or information disclosure. Exploitable via ``document.cookie``. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2026-44488 |
|
Vulnerability in axios (CVE-2026-44488)
vulnerability in axios (CVE-2026-44488). Risk of unauthorized operations or information disclosure. Exploitable via ``fetch``. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-44487 |
|
Vulnerability in axios (CVE-2026-44487)
vulnerability in axios (CVE-2026-44487). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2026-40605 |
|
Path Traversal in path-traversal (CVE-2026-40605)
path traversal in path-traversal (CVE-2026-40605). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44486 |
|
Information Disclosure in axios (CVE-2026-44486)
vulnerability in axios (CVE-2026-44486). Confidential information can be exposed externally. Exploitable via `GET /start`. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2025-52611 |
|
Vulnerability in hcltech (CVE-2025-52611)
vulnerability in hcltech (CVE-2025-52611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41010 |
|
OS Command Injection in c (CVE-2026-41010)
OS command injection in c (CVE-2026-41010). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `282.1.12` or later.
|
| CVE-2026-41011 |
|
OS Command Injection in c (CVE-2026-41011)
OS command injection in c (CVE-2026-41011). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `282.1.12` or later.
|
| CVE-2026-10737 |
|
Vulnerability in wordpress (CVE-2026-10737)
vulnerability in wordpress (CVE-2026-10737). Confidential information can be exposed externally.
|
| CVE-2026-10777 |
|
A vulnerability was identified in ealpha072 Student-Management-System up to...
A vulnerability was identified in ealpha072 Student-Management-System up to...
|
| CVE-2026-10771 |
|
A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate...
A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate...
|
| CVE-2026-44016 |
|
Code Injection in docling (CVE-2026-44016)
code injection in docling (CVE-2026-44016). Confidential information can be exposed externally. Exploitable via ``enable_remote_fetch``. Mitigation: upgrade to `2.91.0` or later.
|
| CVE-2026-44017 |
|
Path Traversal in docling (CVE-2026-44017)
path traversal in docling (CVE-2026-44017). Successful exploitation can lead to full system takeover. Exploitable via ``SecurityError``. Mitigation: upgrade to `2.91.0` or later.
|
| CVE-2026-8888 |
|
Vulnerability in dos (CVE-2026-8888)
vulnerability in dos (CVE-2026-8888). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8879 |
|
Vulnerability in securly (CVE-2026-8879)
vulnerability in securly (CVE-2026-8879). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8876 |
|
Vulnerability in securly (CVE-2026-8876)
vulnerability in securly (CVE-2026-8876). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8874 |
|
Vulnerability in c (CVE-2026-8874)
vulnerability in c (CVE-2026-8874). Data can be tampered with by attackers.
|
| CVE-2026-7888 |
|
Unsafe Deserialization in CVE-2026-7888 (CVE-2026-7888)
vulnerability in CVE-2026-7888 (CVE-2026-7888). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42839 |
|
Cross-Site Scripting (XSS) in CVE-2026-42839 (CVE-2026-42839)
cross-site scripting in CVE-2026-42839 (CVE-2026-42839). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42840 |
|
Cross-Site Scripting (XSS) in CVE-2026-42840 (CVE-2026-42840)
cross-site scripting in CVE-2026-42840 (CVE-2026-42840). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46268 |
|
Vulnerability in c (CVE-2026-46268)
vulnerability in c (CVE-2026-46268). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46272 |
|
Vulnerability in c (CVE-2026-46272)
vulnerability in c (CVE-2026-46272). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46255 |
|
Vulnerability in c (CVE-2026-46255)
vulnerability in c (CVE-2026-46255). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46265 |
|
Vulnerability in c (CVE-2026-46265)
vulnerability in c (CVE-2026-46265). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46264 |
|
Use-After-Free in c (CVE-2026-46264)
vulnerability in c (CVE-2026-46264). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46263 |
|
Out-of-Bounds Read in c (CVE-2026-46263)
vulnerability in c (CVE-2026-46263). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46251 |
|
Vulnerability in c (CVE-2026-46251)
vulnerability in c (CVE-2026-46251). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46252 |
|
Vulnerability in c (CVE-2026-46252)
vulnerability in c (CVE-2026-46252). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46260 |
|
Out-of-Bounds Read in c (CVE-2026-46260)
vulnerability in c (CVE-2026-46260). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46245 |
|
Vulnerability in c (CVE-2026-46245)
vulnerability in c (CVE-2026-46245). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46248 |
|
Vulnerability in c (CVE-2026-46248)
vulnerability in c (CVE-2026-46248). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46254 |
|
Vulnerability in c (CVE-2026-46254)
vulnerability in c (CVE-2026-46254). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46247 |
|
Vulnerability in c (CVE-2026-46247)
vulnerability in c (CVE-2026-46247). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46244 |
|
Vulnerability in c (CVE-2026-46244)
vulnerability in c (CVE-2026-46244). Confidential information can be exposed externally.
|
| CVE-2026-36460 |
|
Cross-Site Scripting (XSS) in CVE-2026-36460 (CVE-2026-36460)
cross-site scripting in CVE-2026-36460 (CVE-2026-36460). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39107 |
|
Cross-Site Scripting (XSS) in CVE-2026-39107 (CVE-2026-39107)
cross-site scripting in CVE-2026-39107 (CVE-2026-39107). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5241 |
|
Vulnerability in huggingface (CVE-2026-5241)
vulnerability in huggingface (CVE-2026-5241). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``.
|
| CVE-2026-47324 |
|
Cross-Site Scripting (XSS) in CVE-2026-47324 (CVE-2026-47324)
cross-site scripting in CVE-2026-47324 (CVE-2026-47324). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-37460 |
|
Vulnerability in c (CVE-2026-37460)
vulnerability in c (CVE-2026-37460). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-70101 |
|
Out-of-Bounds Read in c (CVE-2025-70101)
vulnerability in c (CVE-2025-70101). Confidential information can be exposed externally.
|
| CVE-2025-70100 |
|
Vulnerability in c (CVE-2025-70100)
vulnerability in c (CVE-2025-70100). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60477 |
|
Vulnerability in c (CVE-2025-60477)
vulnerability in c (CVE-2025-60477). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47065 |
|
Unsafe Deserialization in apache (CVE-2026-47065)
vulnerability in apache (CVE-2026-47065). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10704 |
|
Vulnerability in sqli (CVE-2026-10704)
vulnerability in sqli (CVE-2026-10704). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10703 |
|
Buffer Overflow in c (CVE-2026-10703)
vulnerability in c (CVE-2026-10703). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10694 |
|
Vulnerability in CVE-2026-10694 (CVE-2026-10694)
vulnerability in CVE-2026-10694 (CVE-2026-10694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7421 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7421)
cross-site scripting in wordpress (CVE-2026-7421). Risk of unauthorized operations or information disclosure. Exploitable via ``shop_name``.
|
| CVE-2026-25861 |
|
Vulnerability in CVE-2026-25861 (CVE-2026-25861)
vulnerability in CVE-2026-25861 (CVE-2026-25861). Confidential information can be exposed externally.
|
| CVE-2026-35482 |
|
Authorization Flaw in CVE-2026-35482 (CVE-2026-35482)
vulnerability in CVE-2026-35482 (CVE-2026-35482). Successful exploitation can lead to full system takeover. Exploitable via ``returnClass``.
|