Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9180 |
|
Vulnerability in wordpress (CVE-2026-9180)
vulnerability in wordpress (CVE-2026-9180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /motopress/appointment/v1/bookings`.
|
| CVE-2026-38971 |
|
Out-of-Bounds Read in cpp (CVE-2026-38971)
vulnerability in cpp (CVE-2026-38971). Confidential information can be exposed externally.
|
| CVE-2026-38972 |
|
Vulnerability in c (CVE-2026-38972)
vulnerability in c (CVE-2026-38972). Successful exploitation can lead to full system takeover.
|
| CVE-2026-38968 |
|
Vulnerability in cpp (CVE-2026-38968)
vulnerability in cpp (CVE-2026-38968). Successful exploitation can lead to full system takeover.
|
| CVE-2026-38969 |
|
Vulnerability in CVE-2026-38969 (CVE-2026-38969)
vulnerability in CVE-2026-38969 (CVE-2026-38969). Data can be tampered with by attackers.
|
| CVE-2026-59102 |
|
Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58579 |
|
Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58578 |
|
Vulnerability in dos (CVE-2026-58578)
vulnerability in dos (CVE-2026-58578). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58467 |
|
Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
|
| CVE-2026-7311 |
|
Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
|
| CVE-2026-58465 |
|
Vulnerability in c (CVE-2026-58465)
vulnerability in c (CVE-2026-58465). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44454 |
|
OS Command Injection in github.com/coder/coder/v2 (CVE-2026-44454)
OS command injection in github.com/coder/coder/v2 (CVE-2026-44454). Confidential information can be exposed externally. Exploitable via ``dotfiles``. Mitigation: upgrade to `2.30.2` or later.
|
| CVE-2026-8699 |
|
Cross-Site Scripting (XSS) in CVE-2026-8699 (CVE-2026-8699)
cross-site scripting in CVE-2026-8699 (CVE-2026-8699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50281 |
|
Vulnerability in craftcms/cms (CVE-2026-50281)
vulnerability in craftcms/cms (CVE-2026-50281). Risk of unauthorized operations or information disclosure. Exploitable via ``newAttributes``. Mitigation: upgrade to `5.9.21` or later.
|
| CVE-2026-58455 |
|
OS Command Injection in CVE-2026-58455 (CVE-2026-58455)
OS command injection in CVE-2026-58455 (CVE-2026-58455). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57677 |
|
Unsafe Deserialization in CVE-2026-57677 (CVE-2026-57677)
vulnerability in CVE-2026-57677 (CVE-2026-57677). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57621 |
|
Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions.
Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions.
|
| CVE-2026-27414 |
|
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
|
| CVE-2026-27060 |
|
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
|
| CVE-2026-9834 |
|
Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
|
| CVE-2026-9145 |
|
Path Traversal in wordpress (CVE-2026-9145)
path traversal in wordpress (CVE-2026-9145). Confidential information can be exposed externally.
|
| CVE-2026-14249 |
|
Vulnerability in wordpress (CVE-2026-14249)
vulnerability in wordpress (CVE-2026-14249). Data can be tampered with by attackers.
|
| CVE-2026-38891 |
|
Vulnerability in cpp (CVE-2026-38891)
vulnerability in cpp (CVE-2026-38891). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55790 |
|
Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55790)
cross-site scripting in craftcms/cms (CVE-2026-55790). Risk of unauthorized operations or information disclosure. Exploitable via ``CraftSupportWidget.js``. Mitigation: upgrade to `4.17.16` or later.
|
| CVE-2026-54704 |
|
Vulnerability in linuxfoundation (CVE-2026-54704)
vulnerability in linuxfoundation (CVE-2026-54704). Confidential information can be exposed externally.
|
| CVE-2026-54712 |
|
Vulnerability in dos (CVE-2026-54712)
vulnerability in dos (CVE-2026-54712). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55793 |
|
Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55793)
cross-site scripting in craftcms/cms (CVE-2026-55793). Risk of unauthorized operations or information disclosure. Exploitable via ``saveEntries``. Mitigation: upgrade to `5.9.53` or later.
|
| CVE-2026-58451 |
|
Path Traversal in csrf (CVE-2026-58451)
path traversal in csrf (CVE-2026-58451). Confidential information can be exposed externally.
|
| CVE-2026-58592 |
|
Out-of-Bounds Write in cpp (CVE-2026-58592)
out-of-bounds write in cpp (CVE-2026-58592). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54720 |
|
Cross-Site Scripting (XSS) in CVE-2026-54720 (CVE-2026-54720)
cross-site scripting in CVE-2026-54720 (CVE-2026-54720). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55153 |
|
Vulnerability in deserialization (CVE-2026-55153)
vulnerability in deserialization (CVE-2026-55153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14265 |
|
Unsafe Deserialization in Amazon aws (CVE-2026-14265)
vulnerability in Amazon aws (CVE-2026-14265). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55688 |
|
Vulnerability in CVE-2026-55688 (CVE-2026-55688)
vulnerability in CVE-2026-55688 (CVE-2026-55688). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54164 |
|
Vulnerability in symfony (CVE-2026-54164)
vulnerability in symfony (CVE-2026-54164). Data can be tampered with by attackers.
|
| CVE-2026-34115 |
|
OS Command Injection in CVE-2026-34115 (CVE-2026-34115)
OS command injection in CVE-2026-34115 (CVE-2026-34115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34116 |
|
OS Command Injection in CVE-2026-34116 (CVE-2026-34116)
OS command injection in CVE-2026-34116 (CVE-2026-34116). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34111 |
|
OS Command Injection in CVE-2026-34111 (CVE-2026-34111)
OS command injection in CVE-2026-34111 (CVE-2026-34111). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34112 |
|
OS Command Injection in CVE-2026-34112 (CVE-2026-34112)
OS command injection in CVE-2026-34112 (CVE-2026-34112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34108 |
|
OS Command Injection in CVE-2026-34108 (CVE-2026-34108)
OS command injection in CVE-2026-34108 (CVE-2026-34108). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34113 |
|
OS Command Injection in CVE-2026-34113 (CVE-2026-34113)
OS command injection in CVE-2026-34113 (CVE-2026-34113). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34110 |
|
OS Command Injection in CVE-2026-34110 (CVE-2026-34110)
OS command injection in CVE-2026-34110 (CVE-2026-34110). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34114 |
|
OS Command Injection in CVE-2026-34114 (CVE-2026-34114)
OS command injection in CVE-2026-34114 (CVE-2026-34114). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34117 |
|
OS Command Injection in CVE-2026-34117 (CVE-2026-34117)
OS command injection in CVE-2026-34117 (CVE-2026-34117). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34109 |
|
OS Command Injection in CVE-2026-34109 (CVE-2026-34109)
OS command injection in CVE-2026-34109 (CVE-2026-34109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34107 |
|
OS Command Injection in CVE-2026-34107 (CVE-2026-34107)
OS command injection in CVE-2026-34107 (CVE-2026-34107). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34105 |
|
SQL Injection in sqli (CVE-2026-34105)
SQL injection in sqli (CVE-2026-34105). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34106 |
|
OS Command Injection in CVE-2026-34106 (CVE-2026-34106)
OS command injection in CVE-2026-34106 (CVE-2026-34106). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34104 |
|
SQL Injection in sqli (CVE-2026-34104)
SQL injection in sqli (CVE-2026-34104). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34103 |
|
SQL Injection in sqli (CVE-2026-34103)
SQL injection in sqli (CVE-2026-34103). Successful exploitation can lead to full system takeover.
|