Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-9370 Vulnerability in com.github.ulisesbocchio:jasypt-spring-boot (CVE-2026-9370)
vulnerability in com.github.ulisesbocchio:jasypt-spring-boot (CVE-2026-9370). Risk of unauthorized operations or information disclosure.
CVE-2026-9365 Buffer Overflow in c (CVE-2026-9365)
vulnerability in c (CVE-2026-9365). Risk of unauthorized operations or information disclosure.
CVE-2026-9364 Vulnerability in sqli (CVE-2026-9364)
vulnerability in sqli (CVE-2026-9364). Risk of unauthorized operations or information disclosure.
CVE-2026-9358 Vulnerability in dos (CVE-2026-9358)
vulnerability in dos (CVE-2026-9358). Risk of unauthorized operations or information disclosure.
CVE-2026-9355 Vulnerability in sqli (CVE-2026-9355)
vulnerability in sqli (CVE-2026-9355). Risk of unauthorized operations or information disclosure.
CVE-2026-9356 Vulnerability in sqli (CVE-2026-9356)
vulnerability in sqli (CVE-2026-9356). Risk of unauthorized operations or information disclosure.
CVE-2026-3515 Vulnerability in prefect (CVE-2026-3515)
vulnerability in prefect (CVE-2026-3515). Confidential information can be exposed externally. Exploitable via ``GitHubRepository``.
CVE-2026-48829 Vulnerability in c (CVE-2026-48829)
vulnerability in c (CVE-2026-48829). Risk of unauthorized operations or information disclosure.
CVE-2026-9342 Vulnerability in sqli (CVE-2026-9342)
vulnerability in sqli (CVE-2026-9342). Risk of unauthorized operations or information disclosure.
CVE-2018-25356 Vulnerability in cpp (CVE-2018-25356)
vulnerability in cpp (CVE-2018-25356). Successful exploitation can lead to full system takeover.
CVE-2018-25357 Code Injection in dolibarr/dolibarr (CVE-2018-25357)
code injection in dolibarr/dolibarr (CVE-2018-25357). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.0.8` or later.
CVE-2018-25352 SQL Injection in wordpress (CVE-2018-25352)
SQL injection in wordpress (CVE-2018-25352). Confidential information can be exposed externally.
CVE-2018-25349 Cross-Site Scripting (XSS) in CVE-2018-25349 (CVE-2018-25349)
cross-site scripting in CVE-2018-25349 (CVE-2018-25349). Risk of unauthorized operations or information disclosure.
CVE-2018-25350 Vulnerability in CVE-2018-25350 (CVE-2018-25350)
vulnerability in CVE-2018-25350 (CVE-2018-25350). Successful exploitation can lead to full system takeover.
CVE-2018-25343 Cross-Site Request Forgery (CSRF) in CVE-2018-25343 (CVE-2018-25343)
vulnerability in CVE-2018-25343 (CVE-2018-25343). Risk of unauthorized operations or information disclosure.
CVE-2018-25340 SQL Injection in sqli (CVE-2018-25340)
SQL injection in sqli (CVE-2018-25340). Confidential information can be exposed externally.
CVE-2026-9302 Vulnerability in CVE-2026-9302 (CVE-2026-9302)
vulnerability in CVE-2026-9302 (CVE-2026-9302). Risk of unauthorized operations or information disclosure.
CVE-2018-25341 SQL Injection in sqli (CVE-2018-25341)
SQL injection in sqli (CVE-2018-25341). Confidential information can be exposed externally.
CVE-2018-25342 SQL Injection in sqli (CVE-2018-25342)
SQL injection in sqli (CVE-2018-25342). Confidential information can be exposed externally.
CVE-2026-43503 Vulnerability in c (CVE-2026-43503)
vulnerability in c (CVE-2026-43503). Successful exploitation can lead to full system takeover.
CVE-2026-5843 Vulnerability in docker (CVE-2026-5843)
vulnerability in docker (CVE-2026-5843). Successful exploitation can lead to full system takeover.
CVE-2026-5817 Vulnerability in docker (CVE-2026-5817)
vulnerability in docker (CVE-2026-5817). Successful exploitation can lead to full system takeover.
CVE-2026-46727 Vulnerability in ruby (CVE-2026-46727)
vulnerability in ruby (CVE-2026-46727). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.5` or later.
CVE-2026-42627 Vulnerability in cpp (CVE-2026-42627)
vulnerability in cpp (CVE-2026-42627). Risk of unauthorized operations or information disclosure.
CVE-2026-47157 SSRF (Server-Side Request Forgery) in aiograpi (CVE-2026-47157)
SSRF in aiograpi (CVE-2026-47157). Confidential information can be exposed externally. Mitigation: upgrade to `0.9.10` or later.
CVE-2026-47138 Vulnerability in parse-server (CVE-2026-47138)
vulnerability in parse-server (CVE-2026-47138). Risk of unauthorized operations or information disclosure. Exploitable via ``clientSDK``. Mitigation: upgrade to `8.6.77` or later.
CVE-2026-40610 Vulnerability in bentoml (CVE-2026-40610)
vulnerability in bentoml (CVE-2026-40610). Confidential information can be exposed externally. Exploitable via ``src_file``. Mitigation: upgrade to `1.4.39` or later.
CVE-2026-32253 Authentication Bypass in cpp (CVE-2026-32253)
authentication bypass in cpp (CVE-2026-32253). Successful exploitation can lead to full system takeover.
CVE-2026-5072 Vulnerability in c (CVE-2026-5072)
vulnerability in c (CVE-2026-5072). Risk of unauthorized operations or information disclosure.
CVE-2026-3481 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3481)
cross-site scripting in wordpress (CVE-2026-3481). Risk of unauthorized operations or information disclosure.
CVE-2026-7886 Vulnerability in concrete5/concrete5 (CVE-2026-7886)
vulnerability in concrete5/concrete5 (CVE-2026-7886). Risk of unauthorized operations or information disclosure. Exploitable via ``AddMessage``. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-4093 Cross-Site Scripting (XSS) in drupal (CVE-2026-4093)
cross-site scripting in drupal (CVE-2026-4093). Risk of unauthorized operations or information disclosure.
CVE-2026-7879 Vulnerability in concrete5/concrete5 (CVE-2026-7879)
vulnerability in concrete5/concrete5 (CVE-2026-7879). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-46679 Vulnerability in @libp2p/gossipsub (CVE-2026-46679)
vulnerability in @libp2p/gossipsub (CVE-2026-46679). Risk of unauthorized operations or information disclosure. Exploitable via ``handleReceivedSubscription``. Mitigation: upgrade to `15.0.23` or later.
CVE-2026-8203 Cross-Site Scripting (XSS) in concrete5/concrete5 (CVE-2026-8203)
cross-site scripting in concrete5/concrete5 (CVE-2026-8203). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8426 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8426)
vulnerability in concrete5/concrete5 (CVE-2026-8426). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8421 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8421)
vulnerability in concrete5/concrete5 (CVE-2026-8421). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8428 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8428)
vulnerability in concrete5/concrete5 (CVE-2026-8428). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8417 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8417)
vulnerability in concrete5/concrete5 (CVE-2026-8417). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8350 Authorization Flaw in concrete5/concrete5 (CVE-2026-8350)
vulnerability in concrete5/concrete5 (CVE-2026-8350). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8135 Unsafe Deserialization in concrete5/concrete5 (CVE-2026-8135)
vulnerability in concrete5/concrete5 (CVE-2026-8135). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8197 Cross-Site Scripting (XSS) in concrete5/concrete5 (CVE-2026-8197)
cross-site scripting in concrete5/concrete5 (CVE-2026-8197). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8140 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8140)
vulnerability in concrete5/concrete5 (CVE-2026-8140). Data can be tampered with by attackers. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8134 Vulnerability in concrete5/concrete5 (CVE-2026-8134)
vulnerability in concrete5/concrete5 (CVE-2026-8134). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-46625 Vulnerability in js-cookie (CVE-2026-46625)
vulnerability in js-cookie (CVE-2026-46625). Data can be tampered with by attackers. Exploitable via ``for...in``. Mitigation: upgrade to `3.0.7` or later.
CVE-2026-46673 Vulnerability in russh-cryptovec (CVE-2026-46673)
vulnerability in russh-cryptovec (CVE-2026-46673). Risk of unauthorized operations or information disclosure. Exploitable via ``CryptoVec``. Mitigation: upgrade to `0.60.3` or later.
CVE-2026-46609 Cross-Site Scripting (XSS) in Umbraco.Cms (CVE-2026-46609)
cross-site scripting in Umbraco.Cms (CVE-2026-46609). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.4.0` or later.
CVE-2026-46547 Cross-Site Scripting (XSS) in nocodb (CVE-2026-46547)
cross-site scripting in nocodb (CVE-2026-46547). Risk of unauthorized operations or information disclosure. Exploitable via ``ncRedirectUrl``.
CVE-2026-46643 OS Command Injection in KnpLabs/knp-snappy (CVE-2026-46643)
OS command injection in KnpLabs/knp-snappy (CVE-2026-46643). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.1` or later.
CVE-2026-46683 SSRF (Server-Side Request Forgery) in knplabs/knp-snappy (CVE-2026-46683)
SSRF in knplabs/knp-snappy (CVE-2026-46683). Risk of unauthorized operations or information disclosure. Exploitable via ``http``. Mitigation: upgrade to `1.7.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →