Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-45042 Authorization Flaw in CVE-2026-45042 (CVE-2026-45042)
vulnerability in CVE-2026-45042 (CVE-2026-45042). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45041 Vulnerability in CVE-2026-45041 (CVE-2026-45041)
vulnerability in CVE-2026-45041 (CVE-2026-45041). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45040 Vulnerability in CVE-2026-45040 (CVE-2026-45040)
vulnerability in CVE-2026-45040 (CVE-2026-45040). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-45039 Vulnerability in CVE-2026-45039 (CVE-2026-45039)
vulnerability in CVE-2026-45039 (CVE-2026-45039). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-30761 Unrestricted File Upload in CVE-2026-30761 (CVE-2026-30761)
vulnerability in CVE-2026-30761 (CVE-2026-30761). Risk of unauthorized operations or information disclosure.
CVE-2026-45323 Cross-Site Scripting (XSS) in jpettitt (CVE-2026-45323)
cross-site scripting in jpettitt (CVE-2026-45323). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.3.3` or later.
CVE-2026-45296 Vulnerability in CVE-2026-45296 (CVE-2026-45296)
vulnerability in CVE-2026-45296 (CVE-2026-45296). Confidential information can be exposed externally. Mitigation: upgrade to `1.26.0` or later.
CVE-2026-47676 Vulnerability in hono (CVE-2026-47676)
vulnerability in hono (CVE-2026-47676). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-47675 Vulnerability in hono (CVE-2026-47675)
vulnerability in hono (CVE-2026-47675). Risk of unauthorized operations or information disclosure. Exploitable via ``domain``. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-47674 Vulnerability in hono (CVE-2026-47674)
vulnerability in hono (CVE-2026-47674). Risk of unauthorized operations or information disclosure. Exploitable via ``getIP``. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-47673 Vulnerability in hono (CVE-2026-47673)
vulnerability in hono (CVE-2026-47673). Risk of unauthorized operations or information disclosure. Exploitable via ``jwt``. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-41160 Vulnerability in CVE-2026-41160 (CVE-2026-41160)
vulnerability in CVE-2026-41160 (CVE-2026-41160). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/Note/{id}/pin`. Mitigation: upgrade to `9.3.5` or later.
CVE-2026-24444 Vulnerability in CVE-2026-24444 (CVE-2026-24444)
vulnerability in CVE-2026-24444 (CVE-2026-24444). Successful exploitation can lead to full system takeover.
CVE-2026-7786 Vulnerability in cisa (CVE-2026-7786)
vulnerability in cisa (CVE-2026-7786). Successful exploitation can lead to full system takeover.
CVE-2026-48156 Vulnerability in pypdf (CVE-2026-48156)
vulnerability in pypdf (CVE-2026-48156). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.0` or later.
CVE-2026-48735 Vulnerability in pypdf (CVE-2026-48735)
vulnerability in pypdf (CVE-2026-48735). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.1` or later.
CVE-2026-48526 Authentication Bypass in pyjwt (CVE-2026-48526)
authentication bypass in pyjwt (CVE-2026-48526). Confidential information can be exposed externally. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48525 Vulnerability in pyjwt (CVE-2026-48525)
vulnerability in pyjwt (CVE-2026-48525). Risk of unauthorized operations or information disclosure. Exploitable via `POST /verify`. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48524 Vulnerability in pyjwt (CVE-2026-48524)
vulnerability in pyjwt (CVE-2026-48524). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48522 Vulnerability in pyjwt (CVE-2026-48522)
vulnerability in pyjwt (CVE-2026-48522). Risk of unauthorized operations or information disclosure. Exploitable via ``uri``. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-48523 Vulnerability in pyjwt (CVE-2026-48523)
vulnerability in pyjwt (CVE-2026-48523). Risk of unauthorized operations or information disclosure. Exploitable via ``PyJWK``. Mitigation: upgrade to `2.12.1` or later.
CVE-2026-47760 Cross-Site Scripting (XSS) in tinymce (CVE-2026-47760)
cross-site scripting in tinymce (CVE-2026-47760). Confidential information can be exposed externally. Mitigation: upgrade to `7.1.0` or later.
CVE-2026-48155 Vulnerability in pypdf (CVE-2026-48155)
vulnerability in pypdf (CVE-2026-48155). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.0` or later.
CVE-2026-44358 Vulnerability in CVE-2026-44358 (CVE-2026-44358)
vulnerability in CVE-2026-44358 (CVE-2026-44358). Data can be tampered with by attackers. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-9828 Unsafe Deserialization in ch.qos.logback:logback-core (CVE-2026-9828)
vulnerability in ch.qos.logback:logback-core (CVE-2026-9828). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.5.33` or later.
CVE-2026-49238 Path Traversal in cpp (CVE-2026-49238)
path traversal in cpp (CVE-2026-49238). Confidential information can be exposed externally.
CVE-2026-37266 Vulnerability in CVE-2026-37266 (CVE-2026-37266)
vulnerability in CVE-2026-37266 (CVE-2026-37266). Successful exploitation can lead to full system takeover.
CVE-2026-37579 Unsafe Deserialization in CVE-2026-37579 (CVE-2026-37579)
vulnerability in CVE-2026-37579 (CVE-2026-37579). Risk of unauthorized operations or information disclosure.
CVE-2026-46209 Out-of-Bounds Write in c (CVE-2026-46209)
out-of-bounds write in c (CVE-2026-46209). Successful exploitation can lead to full system takeover.
CVE-2026-46202 Vulnerability in c (CVE-2026-46202)
vulnerability in c (CVE-2026-46202). Risk of unauthorized operations or information disclosure.
CVE-2026-46160 Vulnerability in c (CVE-2026-46160)
vulnerability in c (CVE-2026-46160). Risk of unauthorized operations or information disclosure.
CVE-2026-46146 Vulnerability in c (CVE-2026-46146)
vulnerability in c (CVE-2026-46146). Risk of unauthorized operations or information disclosure.
CVE-2026-46147 Vulnerability in c (CVE-2026-46147)
vulnerability in c (CVE-2026-46147). Risk of unauthorized operations or information disclosure.
CVE-2026-46120 Use-After-Free in c (CVE-2026-46120)
vulnerability in c (CVE-2026-46120). Successful exploitation can lead to full system takeover.
CVE-2026-46116 Use-After-Free in c (CVE-2026-46116)
vulnerability in c (CVE-2026-46116). Successful exploitation can lead to full system takeover.
CVE-2026-46114 Vulnerability in c (CVE-2026-46114)
vulnerability in c (CVE-2026-46114). Confidential information can be exposed externally.
CVE-2026-8689 Vulnerability in c (CVE-2026-8689)
vulnerability in c (CVE-2026-8689). Risk of unauthorized operations or information disclosure.
CVE-2026-9806 Cross-Site Scripting (XSS) in CVE-2026-9806 (CVE-2026-9806)
cross-site scripting in CVE-2026-9806 (CVE-2026-9806). Risk of unauthorized operations or information disclosure.
CVE-2026-9227 Unrestricted File Upload in wordpress (CVE-2026-9227)
vulnerability in wordpress (CVE-2026-9227). Successful exploitation can lead to full system takeover.
CVE-2026-9618 Cross-Site Request Forgery (CSRF) in csharp (CVE-2026-9618)
vulnerability in csharp (CVE-2026-9618). Risk of unauthorized operations or information disclosure.
CVE-2026-7797 SQL Injection in wordpress (CVE-2026-7797)
SQL injection in wordpress (CVE-2026-7797). Confidential information can be exposed externally.
CVE-2026-6427 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6427)
cross-site scripting in wordpress (CVE-2026-6427). Risk of unauthorized operations or information disclosure.
CVE-2026-6455 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6455)
vulnerability in wordpress (CVE-2026-6455). Data can be tampered with by attackers.
CVE-2026-9801 Vulnerability in org.keycloak:keycloak-ldap-federation (CVE-2026-9801)
vulnerability in org.keycloak:keycloak-ldap-federation (CVE-2026-9801). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.6.3` or later.
CVE-2026-9009 Unrestricted File Upload in wordpress (CVE-2026-9009)
vulnerability in wordpress (CVE-2026-9009). Successful exploitation can lead to full system takeover.
CVE-2026-9241 Vulnerability in wordpress (CVE-2026-9241)
vulnerability in wordpress (CVE-2026-9241). Risk of unauthorized operations or information disclosure.
CVE-2026-5737 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-5737)
SSRF in wordpress (CVE-2026-5737). Risk of unauthorized operations or information disclosure.
CVE-2026-2374 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2374)
cross-site scripting in wordpress (CVE-2026-2374). Risk of unauthorized operations or information disclosure. Exploitable via ``login_nocaptcha_error``.
CVE-2026-44713 OS Command Injection in c (CVE-2026-44713)
OS command injection in c (CVE-2026-44713). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.8.7` or later.
CVE-2026-44710 Vulnerability in c (CVE-2026-44710)
vulnerability in c (CVE-2026-44710). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.8.7` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →