Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-9180 Vulnerability in wordpress (CVE-2026-9180)
vulnerability in wordpress (CVE-2026-9180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /motopress/appointment/v1/bookings`.
CVE-2026-38971 Out-of-Bounds Read in cpp (CVE-2026-38971)
vulnerability in cpp (CVE-2026-38971). Confidential information can be exposed externally.
CVE-2026-38972 Vulnerability in c (CVE-2026-38972)
vulnerability in c (CVE-2026-38972). Successful exploitation can lead to full system takeover.
CVE-2026-38968 Vulnerability in cpp (CVE-2026-38968)
vulnerability in cpp (CVE-2026-38968). Successful exploitation can lead to full system takeover.
CVE-2026-38969 Vulnerability in CVE-2026-38969 (CVE-2026-38969)
vulnerability in CVE-2026-38969 (CVE-2026-38969). Data can be tampered with by attackers.
CVE-2026-59102 Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
CVE-2026-58579 Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
CVE-2026-58578 Vulnerability in dos (CVE-2026-58578)
vulnerability in dos (CVE-2026-58578). Risk of unauthorized operations or information disclosure.
CVE-2026-58467 Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
CVE-2026-7311 Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
CVE-2026-58465 Vulnerability in c (CVE-2026-58465)
vulnerability in c (CVE-2026-58465). Risk of unauthorized operations or information disclosure.
CVE-2026-44454 OS Command Injection in github.com/coder/coder/v2 (CVE-2026-44454)
OS command injection in github.com/coder/coder/v2 (CVE-2026-44454). Confidential information can be exposed externally. Exploitable via ``dotfiles``. Mitigation: upgrade to `2.30.2` or later.
CVE-2026-8699 Cross-Site Scripting (XSS) in CVE-2026-8699 (CVE-2026-8699)
cross-site scripting in CVE-2026-8699 (CVE-2026-8699). Risk of unauthorized operations or information disclosure.
CVE-2026-50281 Vulnerability in craftcms/cms (CVE-2026-50281)
vulnerability in craftcms/cms (CVE-2026-50281). Risk of unauthorized operations or information disclosure. Exploitable via ``newAttributes``. Mitigation: upgrade to `5.9.21` or later.
CVE-2026-58455 OS Command Injection in CVE-2026-58455 (CVE-2026-58455)
OS command injection in CVE-2026-58455 (CVE-2026-58455). Successful exploitation can lead to full system takeover.
CVE-2026-5524 Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
CVE-2026-57677 Unsafe Deserialization in CVE-2026-57677 (CVE-2026-57677)
vulnerability in CVE-2026-57677 (CVE-2026-57677). Successful exploitation can lead to full system takeover.
CVE-2026-57621 Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions.
Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions.
CVE-2026-27414 Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
CVE-2026-27060 Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
CVE-2026-9834 Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
CVE-2026-9145 Path Traversal in wordpress (CVE-2026-9145)
path traversal in wordpress (CVE-2026-9145). Confidential information can be exposed externally.
CVE-2026-14249 Vulnerability in wordpress (CVE-2026-14249)
vulnerability in wordpress (CVE-2026-14249). Data can be tampered with by attackers.
CVE-2026-38891 Vulnerability in cpp (CVE-2026-38891)
vulnerability in cpp (CVE-2026-38891). Risk of unauthorized operations or information disclosure.
CVE-2026-55790 Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55790)
cross-site scripting in craftcms/cms (CVE-2026-55790). Risk of unauthorized operations or information disclosure. Exploitable via ``CraftSupportWidget.js``. Mitigation: upgrade to `4.17.16` or later.
CVE-2026-54704 Vulnerability in linuxfoundation (CVE-2026-54704)
vulnerability in linuxfoundation (CVE-2026-54704). Confidential information can be exposed externally.
CVE-2026-54712 Vulnerability in dos (CVE-2026-54712)
vulnerability in dos (CVE-2026-54712). Risk of unauthorized operations or information disclosure.
CVE-2026-55793 Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55793)
cross-site scripting in craftcms/cms (CVE-2026-55793). Risk of unauthorized operations or information disclosure. Exploitable via ``saveEntries``. Mitigation: upgrade to `5.9.53` or later.
CVE-2026-58451 Path Traversal in csrf (CVE-2026-58451)
path traversal in csrf (CVE-2026-58451). Confidential information can be exposed externally.
CVE-2026-58592 Out-of-Bounds Write in cpp (CVE-2026-58592)
out-of-bounds write in cpp (CVE-2026-58592). Successful exploitation can lead to full system takeover.
CVE-2026-54720 Cross-Site Scripting (XSS) in CVE-2026-54720 (CVE-2026-54720)
cross-site scripting in CVE-2026-54720 (CVE-2026-54720). Risk of unauthorized operations or information disclosure.
CVE-2026-55153 Vulnerability in deserialization (CVE-2026-55153)
vulnerability in deserialization (CVE-2026-55153). Successful exploitation can lead to full system takeover.
CVE-2026-14265 Unsafe Deserialization in Amazon aws (CVE-2026-14265)
vulnerability in Amazon aws (CVE-2026-14265). Successful exploitation can lead to full system takeover.
CVE-2026-55688 Vulnerability in CVE-2026-55688 (CVE-2026-55688)
vulnerability in CVE-2026-55688 (CVE-2026-55688). Risk of unauthorized operations or information disclosure.
CVE-2026-54164 Vulnerability in symfony (CVE-2026-54164)
vulnerability in symfony (CVE-2026-54164). Data can be tampered with by attackers.
CVE-2026-34115 OS Command Injection in CVE-2026-34115 (CVE-2026-34115)
OS command injection in CVE-2026-34115 (CVE-2026-34115). Successful exploitation can lead to full system takeover.
CVE-2026-34116 OS Command Injection in CVE-2026-34116 (CVE-2026-34116)
OS command injection in CVE-2026-34116 (CVE-2026-34116). Successful exploitation can lead to full system takeover.
CVE-2026-34111 OS Command Injection in CVE-2026-34111 (CVE-2026-34111)
OS command injection in CVE-2026-34111 (CVE-2026-34111). Successful exploitation can lead to full system takeover.
CVE-2026-34112 OS Command Injection in CVE-2026-34112 (CVE-2026-34112)
OS command injection in CVE-2026-34112 (CVE-2026-34112). Successful exploitation can lead to full system takeover.
CVE-2026-34108 OS Command Injection in CVE-2026-34108 (CVE-2026-34108)
OS command injection in CVE-2026-34108 (CVE-2026-34108). Successful exploitation can lead to full system takeover.
CVE-2026-34113 OS Command Injection in CVE-2026-34113 (CVE-2026-34113)
OS command injection in CVE-2026-34113 (CVE-2026-34113). Successful exploitation can lead to full system takeover.
CVE-2026-34110 OS Command Injection in CVE-2026-34110 (CVE-2026-34110)
OS command injection in CVE-2026-34110 (CVE-2026-34110). Successful exploitation can lead to full system takeover.
CVE-2026-34114 OS Command Injection in CVE-2026-34114 (CVE-2026-34114)
OS command injection in CVE-2026-34114 (CVE-2026-34114). Successful exploitation can lead to full system takeover.
CVE-2026-34117 OS Command Injection in CVE-2026-34117 (CVE-2026-34117)
OS command injection in CVE-2026-34117 (CVE-2026-34117). Successful exploitation can lead to full system takeover.
CVE-2026-34109 OS Command Injection in CVE-2026-34109 (CVE-2026-34109)
OS command injection in CVE-2026-34109 (CVE-2026-34109). Successful exploitation can lead to full system takeover.
CVE-2026-34107 OS Command Injection in CVE-2026-34107 (CVE-2026-34107)
OS command injection in CVE-2026-34107 (CVE-2026-34107). Successful exploitation can lead to full system takeover.
CVE-2026-34105 SQL Injection in sqli (CVE-2026-34105)
SQL injection in sqli (CVE-2026-34105). Successful exploitation can lead to full system takeover.
CVE-2026-34106 OS Command Injection in CVE-2026-34106 (CVE-2026-34106)
OS command injection in CVE-2026-34106 (CVE-2026-34106). Successful exploitation can lead to full system takeover.
CVE-2026-34104 SQL Injection in sqli (CVE-2026-34104)
SQL injection in sqli (CVE-2026-34104). Successful exploitation can lead to full system takeover.
CVE-2026-34103 SQL Injection in sqli (CVE-2026-34103)
SQL injection in sqli (CVE-2026-34103). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →