Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-23462 Use-After-Free in c (CVE-2026-23462)
vulnerability in c (CVE-2026-23462). Successful exploitation can lead to full system takeover.
CVE-2026-23465 Vulnerability in c (CVE-2026-23465)
vulnerability in c (CVE-2026-23465). Risk of unauthorized operations or information disclosure.
CVE-2026-31398 Vulnerability in c (CVE-2026-31398)
vulnerability in c (CVE-2026-31398). Successful exploitation can lead to full system takeover.
CVE-2026-31396 Use-After-Free in c (CVE-2026-31396)
vulnerability in c (CVE-2026-31396). Successful exploitation can lead to full system takeover.
CVE-2026-23474 Vulnerability in c (CVE-2026-23474)
vulnerability in c (CVE-2026-23474). Risk of unauthorized operations or information disclosure.
CVE-2026-23469 Vulnerability in c (CVE-2026-23469)
vulnerability in c (CVE-2026-23469). Risk of unauthorized operations or information disclosure.
CVE-2026-23449 Vulnerability in c (CVE-2026-23449)
vulnerability in c (CVE-2026-23449). Successful exploitation can lead to full system takeover.
CVE-2026-47099 Cross-Site Scripting (XSS) in telejson (CVE-2026-47099)
cross-site scripting in telejson (CVE-2026-47099). Risk of unauthorized operations or information disclosure. Exploitable via ``postMessage``. Mitigation: upgrade to `6.0.0` or later.
CVE-2026-35466 Cross-Site Scripting (XSS) in cmu (CVE-2026-35466)
cross-site scripting in cmu (CVE-2026-35466). Risk of unauthorized operations or information disclosure.
CVE-2026-34829 Vulnerability in rack (CVE-2026-34829)
vulnerability in rack (CVE-2026-34829). Risk of unauthorized operations or information disclosure. Exploitable via ``BoundedIO``. Mitigation: upgrade to `3.2.6` or later.
CVE-2026-34827 Vulnerability in rack (CVE-2026-34827)
vulnerability in rack (CVE-2026-34827). Risk of unauthorized operations or information disclosure. Exploitable via ``name``. Mitigation: upgrade to `3.2.6` or later.
CVE-2026-34785 Vulnerability in rack (CVE-2026-34785)
vulnerability in rack (CVE-2026-34785). Confidential information can be exposed externally. Mitigation: upgrade to `3.2.6` or later.
CVE-2026-34601 Vulnerability in CVE-2026-34601 (CVE-2026-34601)
vulnerability in CVE-2026-34601 (CVE-2026-34601). Data can be tampered with by attackers. Exploitable via ``DOMParser``.
CVE-2026-26895 Vulnerability in enhancesoft (CVE-2026-26895)
vulnerability in enhancesoft (CVE-2026-26895). Risk of unauthorized operations or information disclosure.
CVE-2026-34876 Out-of-Bounds Read in c (CVE-2026-34876)
vulnerability in c (CVE-2026-34876). Confidential information can be exposed externally.
CVE-2026-34072 Authentication Bypass in fccview (CVE-2026-34072)
authentication bypass in fccview (CVE-2026-34072). Confidential information can be exposed externally.
CVE-2026-23401 Use-After-Free in c (CVE-2026-23401)
vulnerability in c (CVE-2026-23401). Risk of unauthorized operations or information disclosure.
CVE-2026-30279 Path Traversal in c (CVE-2026-30279)
path traversal in c (CVE-2026-30279). Successful exploitation can lead to full system takeover.
CVE-2026-34060 Code Injection in shopify (CVE-2026-34060)
code injection in shopify (CVE-2026-34060). Successful exploitation can lead to full system takeover.
CVE-2026-33984 Vulnerability in c (CVE-2026-33984)
vulnerability in c (CVE-2026-33984). Successful exploitation can lead to full system takeover.
CVE-2026-33986 Vulnerability in c (CVE-2026-33986)
vulnerability in c (CVE-2026-33986). Successful exploitation can lead to full system takeover.
CVE-2026-21710 Vulnerability in CVE-2026-21710 (CVE-2026-21710)
vulnerability in CVE-2026-21710 (CVE-2026-21710). Risk of unauthorized operations or information disclosure. Exploitable via ``TypeError``.
CVE-2026-21717 Vulnerability in CVE-2026-21717 (CVE-2026-21717)
vulnerability in CVE-2026-21717 (CVE-2026-21717). Risk of unauthorized operations or information disclosure.
CVE-2026-21713 Vulnerability in CVE-2026-21713 (CVE-2026-21713)
vulnerability in CVE-2026-21713 (CVE-2026-21713). Confidential information can be exposed externally.
CVE-2026-34237 Vulnerability in io.modelcontextprotocol.sdk:mcp-core (CVE-2026-34237)
vulnerability in io.modelcontextprotocol.sdk:mcp-core (CVE-2026-34237). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.18.3` or later.
CVE-2026-21712 Vulnerability in CVE-2026-21712 (CVE-2026-21712)
vulnerability in CVE-2026-21712 (CVE-2026-21712). Risk of unauthorized operations or information disclosure.
CVE-2026-34226 Vulnerability in capricorn86 (CVE-2026-34226)
vulnerability in capricorn86 (CVE-2026-34226). Confidential information can be exposed externally. Exploitable via ``window.location``.
CVE-2026-33943 Code Injection in capricorn86 (CVE-2026-33943)
code injection in capricorn86 (CVE-2026-33943). Successful exploitation can lead to full system takeover. Exploitable via ``ECMAScriptModuleCompiler``.
CVE-2026-33941 Cross-Site Scripting (XSS) in handlebarsjs (CVE-2026-33941)
cross-site scripting in handlebarsjs (CVE-2026-33941). Successful exploitation can lead to full system takeover.
CVE-2026-33940 Code Injection in handlebarsjs (CVE-2026-33940)
code injection in handlebarsjs (CVE-2026-33940). Successful exploitation can lead to full system takeover. Exploitable via ``undefined``.
CVE-2026-33939 Vulnerability in dos (CVE-2026-33939)
vulnerability in dos (CVE-2026-33939). Risk of unauthorized operations or information disclosure. Exploitable via ``undefined``.
CVE-2026-33937 Code Injection in handlebarsjs (CVE-2026-33937)
code injection in handlebarsjs (CVE-2026-33937). Successful exploitation can lead to full system takeover. Exploitable via ``value``.
CVE-2026-33938 Code Injection in handlebarsjs (CVE-2026-33938)
code injection in handlebarsjs (CVE-2026-33938). Successful exploitation can lead to full system takeover.
CVE-2026-33895 Vulnerability in digitalbazaar (CVE-2026-33895)
vulnerability in digitalbazaar (CVE-2026-33895). Data can be tampered with by attackers. Exploitable via ``crypto.verify``.
CVE-2026-33896 Vulnerability in digitalbazaar (CVE-2026-33896)
vulnerability in digitalbazaar (CVE-2026-33896). Confidential information can be exposed externally. Exploitable via ``basicConstraints``.
CVE-2026-33891 Vulnerability in dos (CVE-2026-33891)
vulnerability in dos (CVE-2026-33891). Risk of unauthorized operations or information disclosure.
CVE-2026-33894 Vulnerability in digitalbazaar (CVE-2026-33894)
vulnerability in digitalbazaar (CVE-2026-33894). Data can be tampered with by attackers.
CVE-2026-30567 Cross-Site Scripting (XSS) in ahsanriaz26gmailcom (CVE-2026-30567)
cross-site scripting in ahsanriaz26gmailcom (CVE-2026-30567). Risk of unauthorized operations or information disclosure.
CVE-2026-5010 Cross-Site Scripting (XSS) in CVE-2026-5010 (CVE-2026-5010)
cross-site scripting in CVE-2026-5010 (CVE-2026-5010). Risk of unauthorized operations or information disclosure.
CVE-2026-33728 Unsafe Deserialization in com.datadoghq:dd-java-agent (CVE-2026-33728)
vulnerability in com.datadoghq:dd-java-agent (CVE-2026-33728). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.60.3` or later.
CVE-2026-33701 Unsafe Deserialization in linuxfoundation (CVE-2026-33701)
vulnerability in linuxfoundation (CVE-2026-33701). Successful exploitation can lead to full system takeover.
CVE-2026-4926 Vulnerability in c (CVE-2026-4926)
vulnerability in c (CVE-2026-4926). Risk of unauthorized operations or information disclosure.
CVE-2026-30463 SQL Injection in sqli (CVE-2026-30463)
SQL injection in sqli (CVE-2026-30463). Confidential information can be exposed externally.
CVE-2026-30457 Code Injection in thedaylightstudio (CVE-2026-30457)
code injection in thedaylightstudio (CVE-2026-30457). Successful exploitation can lead to full system takeover.
CVE-2026-34071 Cross-Site Scripting (XSS) in stirling (CVE-2026-34071)
cross-site scripting in stirling (CVE-2026-34071). Risk of unauthorized operations or information disclosure.
CVE-2026-29934 Cross-Site Scripting (XSS) in lightcms-project (CVE-2026-29934)
cross-site scripting in lightcms-project (CVE-2026-29934). Risk of unauthorized operations or information disclosure.
CVE-2026-4809 Unrestricted File Upload in laravel (CVE-2026-4809)
vulnerability in laravel (CVE-2026-4809). Successful exploitation can lead to full system takeover.
CVE-2026-30587 Cross-Site Scripting (XSS) in seafile (CVE-2026-30587)
cross-site scripting in seafile (CVE-2026-30587). Confidential information can be exposed externally. Mitigation: upgrade to `13.0.17` or later.
CVE-2026-34085 Vulnerability in c (CVE-2026-34085)
vulnerability in c (CVE-2026-34085). Risk of unauthorized operations or information disclosure.
CVE-2026-26832 OS Command Injection in zapolnoch (CVE-2026-26832)
OS command injection in zapolnoch (CVE-2026-26832). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →