Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41423 |
|
SSRF (Server-Side Request Forgery) in @angular/platform-server (CVE-2026-41423)
SSRF in @angular/platform-server (CVE-2026-41423). Risk of unauthorized operations or information disclosure. Exploitable via ``evil.com``.
|
| CVE-2026-41493 |
|
Path Traversal in yard (CVE-2026-41493)
path traversal in yard (CVE-2026-41493). Confidential information can be exposed externally. Mitigation: upgrade to `0.9.42` or later.
|
| CVE-2025-71301 |
|
Vulnerability in c (CVE-2025-71301)
vulnerability in c (CVE-2025-71301). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71299 |
|
Vulnerability in c (CVE-2025-71299)
vulnerability in c (CVE-2025-71299). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71298 |
|
Vulnerability in c (CVE-2025-71298)
vulnerability in c (CVE-2025-71298). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71297 |
|
Vulnerability in c (CVE-2025-71297)
vulnerability in c (CVE-2025-71297). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71296 |
|
Vulnerability in c (CVE-2025-71296)
vulnerability in c (CVE-2025-71296). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13836 |
|
Vulnerability in python (CVE-2025-13836)
vulnerability in python (CVE-2025-13836). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.10.20, 3.11.15, 3.12.13, 3.13.11, 3.14.1` or later.
|
| CVE-2026-5127 |
|
Unsafe Deserialization in wordpress (CVE-2026-5127)
vulnerability in wordpress (CVE-2026-5127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32178 |
|
Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2026-26171 |
|
Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2013-10075 |
|
Vulnerability in apache (CVE-2013-10075)
vulnerability in apache (CVE-2013-10075). Confidential information can be exposed externally.
|
| CVE-2025-67886 |
|
Unrestricted File Upload in CVE-2025-67886 (CVE-2025-67886)
vulnerability in CVE-2025-67886 (CVE-2025-67886). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-67887 |
|
Code Injection in CVE-2025-67887 (CVE-2025-67887)
code injection in CVE-2025-67887 (CVE-2025-67887). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67888 |
|
OS Command Injection in CVE-2025-67888 (CVE-2025-67888)
OS command injection in CVE-2025-67888 (CVE-2025-67888). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69690 |
|
Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69691 |
|
Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
|
| CVE-2024-51092 |
|
OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
|
| CVE-2024-33288 |
|
SQL Injection in sqli (CVE-2024-33288)
SQL injection in sqli (CVE-2024-33288). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-33722 |
|
SQL Injection in sqli (CVE-2024-33722)
SQL injection in sqli (CVE-2024-33722). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-33724 |
|
Cross-Site Scripting (XSS) in CVE-2024-33724 (CVE-2024-33724)
cross-site scripting in CVE-2024-33724 (CVE-2024-33724). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-47268 |
|
Command Injection in cpp (CVE-2023-47268)
command injection in cpp (CVE-2023-47268). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42278 |
|
Vulnerability in CVE-2026-42278 (CVE-2026-42278)
vulnerability in CVE-2026-42278 (CVE-2026-42278). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8133 |
|
Vulnerability in sqli (CVE-2026-8133)
vulnerability in sqli (CVE-2026-8133). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8136 |
|
Cross-Site Scripting (XSS) in CVE-2026-8136 (CVE-2026-8136)
cross-site scripting in CVE-2026-8136 (CVE-2026-8136). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8132 |
|
Vulnerability in sqli (CVE-2026-8132)
vulnerability in sqli (CVE-2026-8132). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44298 |
|
Path Traversal in kimai/kimai (CVE-2026-44298)
path traversal in kimai/kimai (CVE-2026-44298). Risk of unauthorized operations or information disclosure. Exploitable via ``ROLE_SYSTE_ADMIN``. Mitigation: upgrade to `2.56` or later.
|
| CVE-2026-8129 |
|
Vulnerability in sqli (CVE-2026-8129)
vulnerability in sqli (CVE-2026-8129). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8130 |
|
Vulnerability in sqli (CVE-2026-8130)
vulnerability in sqli (CVE-2026-8130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8131 |
|
Vulnerability in sqli (CVE-2026-8131)
vulnerability in sqli (CVE-2026-8131). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43944 |
|
Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
|
| CVE-2026-43941 |
|
Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
|
| CVE-2026-43942 |
|
Information Disclosure in electerm (CVE-2026-43942)
vulnerability in electerm (CVE-2026-43942). Confidential information can be exposed externally. Exploitable via ``process.env``.
|
| CVE-2026-43940 |
|
Path Traversal in electerm (CVE-2026-43940)
path traversal in electerm (CVE-2026-43940). Successful exploitation can lead to full system takeover. Exploitable via ``runWidget``. Mitigation: upgrade to `3.7.16` or later.
|
| CVE-2026-42264 |
|
Vulnerability in axios (CVE-2026-42264)
vulnerability in axios (CVE-2026-42264). Confidential information can be exposed externally. Exploitable via ``hasOwnProperty``. Mitigation: upgrade to `1.15.2` or later.
|
| CVE-2026-41646 |
|
Vulnerability in github.com/projectdiscovery/nuclei/v3 (CVE-2026-41646)
vulnerability in github.com/projectdiscovery/nuclei/v3 (CVE-2026-41646). Confidential information can be exposed externally. Mitigation: upgrade to `3.8.0` or later.
|
| CVE-2026-41500 |
|
Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
|
| CVE-2026-41501 |
|
Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
|
| CVE-2026-8127 |
|
Vulnerability in CVE-2026-8127 (CVE-2026-8127)
vulnerability in CVE-2026-8127 (CVE-2026-8127). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8128 |
|
Vulnerability in sqli (CVE-2026-8128)
vulnerability in sqli (CVE-2026-8128). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8126 |
|
Vulnerability in sqli (CVE-2026-8126)
vulnerability in sqli (CVE-2026-8126). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8125 |
|
Vulnerability in sqli (CVE-2026-8125)
vulnerability in sqli (CVE-2026-8125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8124 |
|
Vulnerability in c (CVE-2026-8124)
vulnerability in c (CVE-2026-8124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8123 |
|
Vulnerability in c (CVE-2026-8123)
vulnerability in c (CVE-2026-8123). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8122 |
|
Vulnerability in c (CVE-2026-8122)
vulnerability in c (CVE-2026-8122). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8121 |
|
Vulnerability in c (CVE-2026-8121)
vulnerability in c (CVE-2026-8121). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8120 |
|
Vulnerability in c (CVE-2026-8120)
vulnerability in c (CVE-2026-8120). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8119 |
|
Vulnerability in c (CVE-2026-8119)
vulnerability in c (CVE-2026-8119). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8117 |
|
Cross-Site Scripting (XSS) in CVE-2026-8117 (CVE-2026-8117)
cross-site scripting in CVE-2026-8117 (CVE-2026-8117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44662 |
|
Vulnerability in openssl (CVE-2026-44662)
vulnerability in openssl (CVE-2026-44662). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.10.79` or later.
|