Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-44062 Out-of-Bounds Write in c (CVE-2026-44062)
out-of-bounds write in c (CVE-2026-44062). Successful exploitation can lead to full system takeover.
CVE-2026-6279 Vulnerability in wordpress (CVE-2026-6279)
vulnerability in wordpress (CVE-2026-6279). Successful exploitation can lead to full system takeover. Exploitable via ``wp_conditional_tags``.
CVE-2026-40094 Vulnerability in CVE-2026-40094 (CVE-2026-40094)
vulnerability in CVE-2026-40094 (CVE-2026-40094). Risk of unauthorized operations or information disclosure.
CVE-2026-9137 Vulnerability in c (CVE-2026-9137)
vulnerability in c (CVE-2026-9137). Risk of unauthorized operations or information disclosure.
CVE-2026-9144 Cross-Site Scripting (XSS) in CVE-2026-9144 (CVE-2026-9144)
cross-site scripting in CVE-2026-9144 (CVE-2026-9144). Confidential information can be exposed externally.
CVE-2026-9139 Vulnerability in CVE-2026-9139 (CVE-2026-9139)
vulnerability in CVE-2026-9139 (CVE-2026-9139). Successful exploitation can lead to full system takeover.
CVE-2026-35016 Cross-Site Scripting (XSS) in CVE-2026-35016 (CVE-2026-35016)
cross-site scripting in CVE-2026-35016 (CVE-2026-35016). Risk of unauthorized operations or information disclosure.
CVE-2026-39311 Cross-Site Scripting (XSS) in CVE-2026-39311 (CVE-2026-39311)
cross-site scripting in CVE-2026-39311 (CVE-2026-39311). Risk of unauthorized operations or information disclosure.
CVE-2026-35015 Cross-Site Scripting (XSS) in CVE-2026-35015 (CVE-2026-35015)
cross-site scripting in CVE-2026-35015 (CVE-2026-35015). Risk of unauthorized operations or information disclosure.
CVE-2026-35014 Cross-Site Scripting (XSS) in CVE-2026-35014 (CVE-2026-35014)
cross-site scripting in CVE-2026-35014 (CVE-2026-35014). Risk of unauthorized operations or information disclosure.
CVE-2026-35013 Cross-Site Scripting (XSS) in CVE-2026-35013 (CVE-2026-35013)
cross-site scripting in CVE-2026-35013 (CVE-2026-35013). Risk of unauthorized operations or information disclosure.
CVE-2026-35012 Cross-Site Scripting (XSS) in CVE-2026-35012 (CVE-2026-35012)
cross-site scripting in CVE-2026-35012 (CVE-2026-35012). Risk of unauthorized operations or information disclosure.
CVE-2026-35011 Cross-Site Scripting (XSS) in CVE-2026-35011 (CVE-2026-35011)
cross-site scripting in CVE-2026-35011 (CVE-2026-35011). Risk of unauthorized operations or information disclosure.
CVE-2026-35010 Cross-Site Scripting (XSS) in CVE-2026-35010 (CVE-2026-35010)
cross-site scripting in CVE-2026-35010 (CVE-2026-35010). Risk of unauthorized operations or information disclosure.
CVE-2026-35009 Cross-Site Scripting (XSS) in CVE-2026-35009 (CVE-2026-35009)
cross-site scripting in CVE-2026-35009 (CVE-2026-35009). Risk of unauthorized operations or information disclosure.
CVE-2026-35008 Cross-Site Scripting (XSS) in CVE-2026-35008 (CVE-2026-35008)
cross-site scripting in CVE-2026-35008 (CVE-2026-35008). Risk of unauthorized operations or information disclosure.
CVE-2026-35007 Cross-Site Scripting (XSS) in CVE-2026-35007 (CVE-2026-35007)
cross-site scripting in CVE-2026-35007 (CVE-2026-35007). Risk of unauthorized operations or information disclosure.
CVE-2026-26028 Vulnerability in cryptpad (CVE-2026-26028)
vulnerability in cryptpad (CVE-2026-26028). Risk of unauthorized operations or information disclosure. Exploitable via ``jscolor.js``.
CVE-2026-30691 Cross-Site Scripting (XSS) in @cyntler/react-doc-viewer (CVE-2026-30691)
cross-site scripting in @cyntler/react-doc-viewer (CVE-2026-30691). Risk of unauthorized operations or information disclosure.
CVE-2026-9100 Vulnerability in c (CVE-2026-9100)
vulnerability in c (CVE-2026-9100). Risk of unauthorized operations or information disclosure.
CVE-2026-4293 Cross-Site Scripting (XSS) in CVE-2026-4293 (CVE-2026-4293)
cross-site scripting in CVE-2026-4293 (CVE-2026-4293). Risk of unauthorized operations or information disclosure.
CVE-2026-35676 Vulnerability in thorsten/phpmyfaq (CVE-2026-35676)
vulnerability in thorsten/phpmyfaq (CVE-2026-35676). Data can be tampered with by attackers. Exploitable via `PUT /api/index.php/user/password/update`. Mitigation: upgrade to `4.1.3` or later.
CVE-2026-46431 Vulnerability in github.com/xyproto/algernon (CVE-2026-46431)
vulnerability in github.com/xyproto/algernon (CVE-2026-46431). Risk of unauthorized operations or information disclosure. Exploitable via ``Origin``. Mitigation: upgrade to `1.17.7` or later.
CVE-2026-45792 Vulnerability in rtk (CVE-2026-45792)
vulnerability in rtk (CVE-2026-45792). Data can be tampered with by attackers. Exploitable via ``strip_lines_matching``. Mitigation: upgrade to `0.32.0` or later.
CVE-2026-24425 Vulnerability in twig/twig (CVE-2026-24425)
vulnerability in twig/twig (CVE-2026-24425). Successful exploitation can lead to full system takeover. Exploitable via ``SourcePolicyInterface``. Mitigation: upgrade to `3.26.0` or later.
CVE-2026-4224 Vulnerability in libpython (CVE-2026-4224)
vulnerability in libpython (CVE-2026-4224). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.13, 3.14.4` or later.
CVE-2026-42959 Vulnerability in c (CVE-2026-42959)
vulnerability in c (CVE-2026-42959). Risk of unauthorized operations or information disclosure.
CVE-2026-41054 Vulnerability in c (CVE-2026-41054)
vulnerability in c (CVE-2026-41054). Successful exploitation can lead to full system takeover. Exploitable via ``socket_handler``.
CVE-2026-6405 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6405)
vulnerability in wordpress (CVE-2026-6405). Risk of unauthorized operations or information disclosure.
CVE-2026-7522 Vulnerability in wordpress (CVE-2026-7522)
vulnerability in wordpress (CVE-2026-7522). Successful exploitation can lead to full system takeover.
CVE-2026-7637 Unsafe Deserialization in wordpress (CVE-2026-7637)
vulnerability in wordpress (CVE-2026-7637). Successful exploitation can lead to full system takeover.
CVE-2026-8626 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8626)
cross-site scripting in wordpress (CVE-2026-8626). Risk of unauthorized operations or information disclosure.
CVE-2026-7472 SQL Injection in wordpress (CVE-2026-7472)
SQL injection in wordpress (CVE-2026-7472). Confidential information can be exposed externally.
CVE-2026-6555 Unrestricted File Upload in wordpress (CVE-2026-6555)
vulnerability in wordpress (CVE-2026-6555). Successful exploitation can lead to full system takeover.
CVE-2026-6456 Authentication Bypass in wordpress (CVE-2026-6456)
authentication bypass in wordpress (CVE-2026-6456). Successful exploitation can lead to full system takeover. Exploitable via ``rememberLogin``.
CVE-2026-6401 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6401)
vulnerability in wordpress (CVE-2026-6401). Risk of unauthorized operations or information disclosure.
CVE-2026-5293 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5293)
cross-site scripting in wordpress (CVE-2026-5293). Risk of unauthorized operations or information disclosure.
CVE-2026-6395 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6395)
vulnerability in wordpress (CVE-2026-6395). Risk of unauthorized operations or information disclosure.
CVE-2026-6072 Vulnerability in wordpress (CVE-2026-6072)
vulnerability in wordpress (CVE-2026-6072). Confidential information can be exposed externally.
CVE-2026-43620 Out-of-Bounds Read in c (CVE-2026-43620)
vulnerability in c (CVE-2026-43620). Risk of unauthorized operations or information disclosure.
CVE-2026-45232 Vulnerability in c (CVE-2026-45232)
vulnerability in c (CVE-2026-45232). Risk of unauthorized operations or information disclosure.
CVE-2026-39309 Vulnerability in CVE-2026-39309 (CVE-2026-39309)
vulnerability in CVE-2026-39309 (CVE-2026-39309). Confidential information can be exposed externally.
CVE-2026-5090 Cross-Site Scripting (XSS) in CVE-2026-5090 (CVE-2026-5090)
cross-site scripting in CVE-2026-5090 (CVE-2026-5090). Risk of unauthorized operations or information disclosure.
CVE-2026-34246 Vulnerability in privilege-escalation (CVE-2026-34246)
vulnerability in privilege-escalation (CVE-2026-34246). Risk of unauthorized operations or information disclosure.
CVE-2026-34241 Cross-Site Scripting (XSS) in CVE-2026-34241 (CVE-2026-34241)
cross-site scripting in CVE-2026-34241 (CVE-2026-34241). Confidential information can be exposed externally.
CVE-2026-34234 OS Command Injection in CVE-2026-34234 (CVE-2026-34234)
OS command injection in CVE-2026-34234 (CVE-2026-34234). Successful exploitation can lead to full system takeover.
CVE-2026-34216 Vulnerability in CVE-2026-34216 (CVE-2026-34216)
vulnerability in CVE-2026-34216 (CVE-2026-34216). Successful exploitation can lead to full system takeover.
CVE-2026-46417 SSRF (Server-Side Request Forgery) in @angular/platform-server (CVE-2026-46417)
SSRF in @angular/platform-server (CVE-2026-46417). Risk of unauthorized operations or information disclosure. Exploitable via ``ServerPlatformLocation``.
CVE-2026-45783 Vulnerability in @libp2p/kad-dht (CVE-2026-45783)
vulnerability in @libp2p/kad-dht (CVE-2026-45783). Risk of unauthorized operations or information disclosure. Exploitable via ``PUT_VALUE``. Mitigation: upgrade to `16.2.6` or later.
CVE-2026-46342 Cross-Site Scripting (XSS) in nuxt (CVE-2026-46342)
cross-site scripting in nuxt (CVE-2026-46342). Risk of unauthorized operations or information disclosure. Exploitable via ``props``. Mitigation: upgrade to `4.4.6` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →