Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-69624 |
|
Vulnerability in gonitro (CVE-2025-69624)
vulnerability in gonitro (CVE-2025-69624). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36942 |
|
SQL Injection in sqli (CVE-2026-36942)
SQL injection in sqli (CVE-2026-36942). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36946 |
|
SQL Injection in sqli (CVE-2026-36946)
SQL injection in sqli (CVE-2026-36946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31427 |
|
Vulnerability in c (CVE-2026-31427)
vulnerability in c (CVE-2026-31427). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31426 |
|
Use-After-Free in c (CVE-2026-31426)
vulnerability in c (CVE-2026-31426). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31423 |
|
Vulnerability in c (CVE-2026-31423)
vulnerability in c (CVE-2026-31423). Risk of unauthorized operations or information disclosure. Exploitable via ``dsm``.
|
| CVE-2026-31424 |
|
Vulnerability in c (CVE-2026-31424)
vulnerability in c (CVE-2026-31424). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31425 |
|
Vulnerability in c (CVE-2026-31425)
vulnerability in c (CVE-2026-31425). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31419 |
|
Use-After-Free in c (CVE-2026-31419)
vulnerability in c (CVE-2026-31419). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31421 |
|
Vulnerability in c (CVE-2026-31421)
vulnerability in c (CVE-2026-31421). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31422 |
|
Vulnerability in c (CVE-2026-31422)
vulnerability in c (CVE-2026-31422). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31415 |
|
Vulnerability in c (CVE-2026-31415)
vulnerability in c (CVE-2026-31415). Risk of unauthorized operations or information disclosure. Exploitable via ``__u16``.
|
| CVE-2026-36874 |
|
SQL Injection in sqli (CVE-2026-36874)
SQL injection in sqli (CVE-2026-36874). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25204 |
|
Unsafe Deserialization in dos (CVE-2026-25204)
vulnerability in dos (CVE-2026-25204). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31845 |
|
Cross-Site Scripting (XSS) in CVE-2026-31845 (CVE-2026-31845)
cross-site scripting in CVE-2026-31845 (CVE-2026-31845). Confidential information can be exposed externally.
|
| CVE-2026-40194 |
|
Vulnerability in phpseclib/phpseclib (CVE-2026-40194)
vulnerability in phpseclib/phpseclib (CVE-2026-40194). Risk of unauthorized operations or information disclosure. Exploitable via ``e819a163c``. Mitigation: upgrade to `1.0.28` or later.
|
| CVE-2026-40190 |
|
Vulnerability in langchain (CVE-2026-40190)
vulnerability in langchain (CVE-2026-40190). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.5.18` or later.
|
| CVE-2026-40175 |
|
Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
|
| CVE-2026-5483 |
|
Vulnerability in redhat (CVE-2026-5483)
vulnerability in redhat (CVE-2026-5483). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5263 |
|
Vulnerability in c (CVE-2026-5263)
vulnerability in c (CVE-2026-5263). Confidential information can be exposed externally.
|
| CVE-2026-39848 |
|
Vulnerability in csrf (CVE-2026-39848)
vulnerability in csrf (CVE-2026-39848). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.0` or later.
|
| CVE-2026-40089 |
|
SSRF (Server-Side Request Forgery) in c (CVE-2026-40089)
SSRF in c (CVE-2026-40089). Confidential information can be exposed externally.
|
| CVE-2026-40072 |
|
SSRF (Server-Side Request Forgery) in web3 (CVE-2026-40072)
SSRF in web3 (CVE-2026-40072). Risk of unauthorized operations or information disclosure. Exploitable via ``OffchainLookup``. Mitigation: upgrade to `8.0.0b2` or later.
|
| CVE-2026-39983 |
|
Vulnerability in patrickjuchli (CVE-2026-39983)
vulnerability in patrickjuchli (CVE-2026-39983). Data can be tampered with by attackers. Mitigation: upgrade to `5.2.1` or later.
|
| CVE-2025-62718 |
|
Vulnerability in axios (CVE-2025-62718)
vulnerability in axios (CVE-2025-62718). Confidential information can be exposed externally. Exploitable via ``NO_PROXY``. Mitigation: upgrade to `0.31.0` or later.
|
| CVE-2026-39962 |
|
Vulnerability in misp-project (CVE-2026-39962)
vulnerability in misp-project (CVE-2026-39962). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.5.36` or later.
|
| CVE-2025-70364 |
|
Code Injection in CVE-2025-70364 (CVE-2025-70364)
code injection in CVE-2025-70364 (CVE-2025-70364). Successful exploitation can lead to full system takeover.
|
| CVE-2025-70365 |
|
Cross-Site Scripting (XSS) in c (CVE-2025-70365)
cross-site scripting in c (CVE-2025-70365). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39892 |
|
Buffer Overflow in cryptography (CVE-2026-39892)
vulnerability in cryptography (CVE-2026-39892). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `46.0.7` or later.
|
| CVE-2026-35023 |
|
Vulnerability in wimi-teamwork (CVE-2026-35023)
vulnerability in wimi-teamwork (CVE-2026-35023). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33810 |
|
Vulnerability in stdlib (CVE-2026-33810)
vulnerability in stdlib (CVE-2026-33810). Confidential information can be exposed externally. Mitigation: upgrade to `1.26.2` or later.
|
| CVE-2026-32283 |
|
Vulnerability in stdlib (CVE-2026-32283)
vulnerability in stdlib (CVE-2026-32283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.9, 1.26.2` or later.
|
| CVE-2026-32280 |
|
Vulnerability in stdlib (CVE-2026-32280)
vulnerability in stdlib (CVE-2026-32280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.9, 1.26.2` or later.
|
| CVE-2026-27140 |
|
Vulnerability in toolchain (CVE-2026-27140)
vulnerability in toolchain (CVE-2026-27140). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.25.9, 1.26.2` or later.
|
| CVE-2026-34582 |
|
Vulnerability in c (CVE-2026-34582)
vulnerability in c (CVE-2026-34582). Confidential information can be exposed externally. Mitigation: upgrade to `3.11.1` or later.
|
| CVE-2026-34580 |
|
Vulnerability in c (CVE-2026-34580)
vulnerability in c (CVE-2026-34580). Data can be tampered with by attackers. Mitigation: upgrade to `3.11.1` or later.
|
| CVE-2026-39363 |
|
Information Disclosure in vitejs (CVE-2026-39363)
vulnerability in vitejs (CVE-2026-39363). Confidential information can be exposed externally. Mitigation: upgrade to `6.4.2` or later.
|
| CVE-2026-39364 |
|
Vulnerability in vitejs (CVE-2026-39364)
vulnerability in vitejs (CVE-2026-39364). Confidential information can be exposed externally. Mitigation: upgrade to `7.3.2` or later.
|
| CVE-2025-14821 |
|
Vulnerability in c (CVE-2025-14821)
vulnerability in c (CVE-2025-14821). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35404 |
|
Open Redirect in openedx (CVE-2026-35404)
vulnerability in openedx (CVE-2026-35404). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22675 |
|
Cross-Site Scripting (XSS) in ocsinventory-ng (CVE-2026-22675)
cross-site scripting in ocsinventory-ng (CVE-2026-22675). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
|
| CVE-2025-48651 |
|
Vulnerability in google (CVE-2025-48651)
vulnerability in google (CVE-2025-48651). Confidential information can be exposed externally.
|
| CVE-2026-35029 |
|
Authorization Flaw in litellm (CVE-2026-35029)
vulnerability in litellm (CVE-2026-35029). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.0` or later.
|
| CVE-2026-34977 |
|
OS Command Injection in c (CVE-2026-34977)
OS command injection in c (CVE-2026-34977). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.2.1` or later.
|
| CVE-2026-34756 |
|
Vulnerability in dos (CVE-2026-34756)
vulnerability in dos (CVE-2026-34756). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.19.0` or later.
|
| CVE-2026-34379 |
|
Vulnerability in c (CVE-2026-34379)
vulnerability in c (CVE-2026-34379). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.2.7` or later.
|
| CVE-2026-34780 |
|
Vulnerability in electronjs (CVE-2026-34780)
vulnerability in electronjs (CVE-2026-34780). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34774 |
|
Use-After-Free in electronjs (CVE-2026-34774)
vulnerability in electronjs (CVE-2026-34774). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34769 |
|
Vulnerability in electronjs (CVE-2026-34769)
vulnerability in electronjs (CVE-2026-34769). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34771 |
|
Use-After-Free in electronjs (CVE-2026-34771)
vulnerability in electronjs (CVE-2026-34771). Successful exploitation can lead to full system takeover.
|