Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-44889 Open Redirect in webob (CVE-2026-44889)
vulnerability in webob (CVE-2026-44889). Risk of unauthorized operations or information disclosure. Exploitable via ``urllib.parse``. Mitigation: upgrade to `1.8.10` or later.
CVE-2026-44496 Vulnerability in axios (CVE-2026-44496)
vulnerability in axios (CVE-2026-44496). Risk of unauthorized operations or information disclosure. Exploitable via ``document.cookie``. Mitigation: upgrade to `0.32.0` or later.
CVE-2026-44488 Vulnerability in axios (CVE-2026-44488)
vulnerability in axios (CVE-2026-44488). Risk of unauthorized operations or information disclosure. Exploitable via ``fetch``. Mitigation: upgrade to `1.16.0` or later.
CVE-2026-44487 Vulnerability in axios (CVE-2026-44487)
vulnerability in axios (CVE-2026-44487). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `0.32.0` or later.
CVE-2026-40605 Path Traversal in path-traversal (CVE-2026-40605)
path traversal in path-traversal (CVE-2026-40605). Risk of unauthorized operations or information disclosure.
CVE-2026-44486 Information Disclosure in axios (CVE-2026-44486)
vulnerability in axios (CVE-2026-44486). Confidential information can be exposed externally. Exploitable via `GET /start`. Mitigation: upgrade to `0.32.0` or later.
CVE-2025-52611 Vulnerability in hcltech (CVE-2025-52611)
vulnerability in hcltech (CVE-2025-52611). Risk of unauthorized operations or information disclosure.
CVE-2026-41010 OS Command Injection in c (CVE-2026-41010)
OS command injection in c (CVE-2026-41010). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `282.1.12` or later.
CVE-2026-41011 OS Command Injection in c (CVE-2026-41011)
OS command injection in c (CVE-2026-41011). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `282.1.12` or later.
CVE-2026-10737 Vulnerability in wordpress (CVE-2026-10737)
vulnerability in wordpress (CVE-2026-10737). Confidential information can be exposed externally.
CVE-2026-10777 A vulnerability was identified in ealpha072 Student-Management-System up to...
A vulnerability was identified in ealpha072 Student-Management-System up to...
CVE-2026-10771 A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate...
A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate...
CVE-2026-44016 Code Injection in docling (CVE-2026-44016)
code injection in docling (CVE-2026-44016). Confidential information can be exposed externally. Exploitable via ``enable_remote_fetch``. Mitigation: upgrade to `2.91.0` or later.
CVE-2026-44017 Path Traversal in docling (CVE-2026-44017)
path traversal in docling (CVE-2026-44017). Successful exploitation can lead to full system takeover. Exploitable via ``SecurityError``. Mitigation: upgrade to `2.91.0` or later.
CVE-2026-8888 Vulnerability in dos (CVE-2026-8888)
vulnerability in dos (CVE-2026-8888). Risk of unauthorized operations or information disclosure.
CVE-2026-8879 Vulnerability in securly (CVE-2026-8879)
vulnerability in securly (CVE-2026-8879). Risk of unauthorized operations or information disclosure.
CVE-2026-8876 Vulnerability in securly (CVE-2026-8876)
vulnerability in securly (CVE-2026-8876). Risk of unauthorized operations or information disclosure.
CVE-2026-8874 Vulnerability in c (CVE-2026-8874)
vulnerability in c (CVE-2026-8874). Data can be tampered with by attackers.
CVE-2026-7888 Unsafe Deserialization in CVE-2026-7888 (CVE-2026-7888)
vulnerability in CVE-2026-7888 (CVE-2026-7888). Risk of unauthorized operations or information disclosure.
CVE-2026-42839 Cross-Site Scripting (XSS) in CVE-2026-42839 (CVE-2026-42839)
cross-site scripting in CVE-2026-42839 (CVE-2026-42839). Risk of unauthorized operations or information disclosure.
CVE-2026-42840 Cross-Site Scripting (XSS) in CVE-2026-42840 (CVE-2026-42840)
cross-site scripting in CVE-2026-42840 (CVE-2026-42840). Risk of unauthorized operations or information disclosure.
CVE-2026-46268 Vulnerability in c (CVE-2026-46268)
vulnerability in c (CVE-2026-46268). Risk of unauthorized operations or information disclosure.
CVE-2026-46272 Vulnerability in c (CVE-2026-46272)
vulnerability in c (CVE-2026-46272). Risk of unauthorized operations or information disclosure.
CVE-2026-46255 Vulnerability in c (CVE-2026-46255)
vulnerability in c (CVE-2026-46255). Risk of unauthorized operations or information disclosure.
CVE-2026-46265 Vulnerability in c (CVE-2026-46265)
vulnerability in c (CVE-2026-46265). Risk of unauthorized operations or information disclosure.
CVE-2026-46264 Use-After-Free in c (CVE-2026-46264)
vulnerability in c (CVE-2026-46264). Successful exploitation can lead to full system takeover.
CVE-2026-46263 Out-of-Bounds Read in c (CVE-2026-46263)
vulnerability in c (CVE-2026-46263). Successful exploitation can lead to full system takeover.
CVE-2026-46251 Vulnerability in c (CVE-2026-46251)
vulnerability in c (CVE-2026-46251). Successful exploitation can lead to full system takeover.
CVE-2026-46252 Vulnerability in c (CVE-2026-46252)
vulnerability in c (CVE-2026-46252). Risk of unauthorized operations or information disclosure.
CVE-2026-46260 Out-of-Bounds Read in c (CVE-2026-46260)
vulnerability in c (CVE-2026-46260). Successful exploitation can lead to full system takeover.
CVE-2026-46245 Vulnerability in c (CVE-2026-46245)
vulnerability in c (CVE-2026-46245). Risk of unauthorized operations or information disclosure.
CVE-2026-46248 Vulnerability in c (CVE-2026-46248)
vulnerability in c (CVE-2026-46248). Risk of unauthorized operations or information disclosure.
CVE-2026-46254 Vulnerability in c (CVE-2026-46254)
vulnerability in c (CVE-2026-46254). Risk of unauthorized operations or information disclosure.
CVE-2026-46247 Vulnerability in c (CVE-2026-46247)
vulnerability in c (CVE-2026-46247). Risk of unauthorized operations or information disclosure.
CVE-2026-46244 Vulnerability in c (CVE-2026-46244)
vulnerability in c (CVE-2026-46244). Confidential information can be exposed externally.
CVE-2026-36460 Cross-Site Scripting (XSS) in CVE-2026-36460 (CVE-2026-36460)
cross-site scripting in CVE-2026-36460 (CVE-2026-36460). Risk of unauthorized operations or information disclosure.
CVE-2026-39107 Cross-Site Scripting (XSS) in CVE-2026-39107 (CVE-2026-39107)
cross-site scripting in CVE-2026-39107 (CVE-2026-39107). Risk of unauthorized operations or information disclosure.
CVE-2026-5241 Vulnerability in huggingface (CVE-2026-5241)
vulnerability in huggingface (CVE-2026-5241). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``.
CVE-2026-47324 Cross-Site Scripting (XSS) in CVE-2026-47324 (CVE-2026-47324)
cross-site scripting in CVE-2026-47324 (CVE-2026-47324). Risk of unauthorized operations or information disclosure.
CVE-2026-37460 Vulnerability in c (CVE-2026-37460)
vulnerability in c (CVE-2026-37460). Risk of unauthorized operations or information disclosure.
CVE-2025-70101 Out-of-Bounds Read in c (CVE-2025-70101)
vulnerability in c (CVE-2025-70101). Confidential information can be exposed externally.
CVE-2025-70100 Vulnerability in c (CVE-2025-70100)
vulnerability in c (CVE-2025-70100). Risk of unauthorized operations or information disclosure.
CVE-2025-60477 Vulnerability in c (CVE-2025-60477)
vulnerability in c (CVE-2025-60477). Risk of unauthorized operations or information disclosure.
CVE-2026-47065 Unsafe Deserialization in apache (CVE-2026-47065)
vulnerability in apache (CVE-2026-47065). Successful exploitation can lead to full system takeover.
CVE-2026-10704 Vulnerability in sqli (CVE-2026-10704)
vulnerability in sqli (CVE-2026-10704). Risk of unauthorized operations or information disclosure.
CVE-2026-10703 Buffer Overflow in c (CVE-2026-10703)
vulnerability in c (CVE-2026-10703). Risk of unauthorized operations or information disclosure.
CVE-2026-10694 Vulnerability in CVE-2026-10694 (CVE-2026-10694)
vulnerability in CVE-2026-10694 (CVE-2026-10694). Risk of unauthorized operations or information disclosure.
CVE-2026-7421 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7421)
cross-site scripting in wordpress (CVE-2026-7421). Risk of unauthorized operations or information disclosure. Exploitable via ``shop_name``.
CVE-2026-25861 Vulnerability in CVE-2026-25861 (CVE-2026-25861)
vulnerability in CVE-2026-25861 (CVE-2026-25861). Confidential information can be exposed externally.
CVE-2026-35482 Authorization Flaw in CVE-2026-35482 (CVE-2026-35482)
vulnerability in CVE-2026-35482 (CVE-2026-35482). Successful exploitation can lead to full system takeover. Exploitable via ``returnClass``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →