Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-23371 Vulnerability in c (CVE-2026-23371)
vulnerability in c (CVE-2026-23371). Risk of unauthorized operations or information disclosure.
CVE-2026-23327 Out-of-Bounds Read in c (CVE-2026-23327)
vulnerability in c (CVE-2026-23327). Confidential information can be exposed externally.
CVE-2026-23304 Vulnerability in Kernel (CVE-2026-23304)
vulnerability in Kernel (CVE-2026-23304). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
CVE-2026-23308 Vulnerability in Kernel (CVE-2026-23308)
vulnerability in Kernel (CVE-2026-23308). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
CVE-2026-23297 Vulnerability in c (CVE-2026-23297)
vulnerability in c (CVE-2026-23297). Risk of unauthorized operations or information disclosure.
CVE-2026-33017 KEV [KEV] Vulnerability in langflow (CVE-2026-33017)
vulnerability in langflow (CVE-2026-33017). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/build_public_tmp/{flow_id}/flow`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-33331 Cross-Site Scripting (XSS) in orpc (CVE-2026-33331)
cross-site scripting in orpc (CVE-2026-33331). Confidential information can be exposed externally.
CVE-2026-4698 Vulnerability in mozilla (CVE-2026-4698)
vulnerability in mozilla (CVE-2026-4698). Successful exploitation can lead to full system takeover.
CVE-2026-33195 Path Traversal in activestorage (CVE-2026-33195)
path traversal in activestorage (CVE-2026-33195). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.2.3.1` or later.
CVE-2026-32851 Cross-Site Scripting (XSS) in mailenable (CVE-2026-32851)
cross-site scripting in mailenable (CVE-2026-32851). Risk of unauthorized operations or information disclosure.
CVE-2025-41008 SQL Injection in sqli (CVE-2025-41008)
SQL injection in sqli (CVE-2025-41008). Risk of unauthorized operations or information disclosure.
CVE-2025-41007 SQL Injection in sqli (CVE-2025-41007)
SQL injection in sqli (CVE-2025-41007). Risk of unauthorized operations or information disclosure.
CVE-2026-4602 Vulnerability in kjur (CVE-2026-4602)
vulnerability in kjur (CVE-2026-4602). Risk of unauthorized operations or information disclosure.
CVE-2026-4603 Vulnerability in kjur (CVE-2026-4603)
vulnerability in kjur (CVE-2026-4603). Risk of unauthorized operations or information disclosure.
CVE-2026-4598 Vulnerability in kjur (CVE-2026-4598)
vulnerability in kjur (CVE-2026-4598). Risk of unauthorized operations or information disclosure.
CVE-2026-4599 Vulnerability in kjur (CVE-2026-4599)
vulnerability in kjur (CVE-2026-4599). Confidential information can be exposed externally.
CVE-2026-4600 Vulnerability in kjur (CVE-2026-4600)
vulnerability in kjur (CVE-2026-4600). Confidential information can be exposed externally.
CVE-2026-4115 Vulnerability in c (CVE-2026-4115)
vulnerability in c (CVE-2026-4115). Risk of unauthorized operations or information disclosure.
CVE-2026-33236 Path Traversal in path-traversal (CVE-2026-33236)
path traversal in path-traversal (CVE-2026-33236). Data can be tampered with by attackers. Exploitable via ``subdir``.
CVE-2026-33228 Vulnerability in webreflection (CVE-2026-33228)
vulnerability in webreflection (CVE-2026-33228). Successful exploitation can lead to full system takeover.
CVE-2026-33231 Vulnerability in dos (CVE-2026-33231)
vulnerability in dos (CVE-2026-33231). Risk of unauthorized operations or information disclosure. Exploitable via `GET /SHUTDOWN`.
CVE-2026-33180 Information Disclosure in CVE-2026-33180 (CVE-2026-33180)
vulnerability in CVE-2026-33180 (CVE-2026-33180). Confidential information can be exposed externally.
CVE-2026-33210 Vulnerability in dos (CVE-2026-33210)
vulnerability in dos (CVE-2026-33210). Confidential information can be exposed externally.
CVE-2026-33186 Vulnerability in grpc (CVE-2026-33186)
vulnerability in grpc (CVE-2026-33186). Confidential information can be exposed externally. Exploitable via ``info.FullMethod``.
CVE-2026-4519 Vulnerability in CVE-2026-4519 (CVE-2026-4519)
vulnerability in CVE-2026-4519 (CVE-2026-4519). Risk of unauthorized operations or information disclosure.
CVE-2026-23277 Vulnerability in c (CVE-2026-23277)
vulnerability in c (CVE-2026-23277). Risk of unauthorized operations or information disclosure.
CVE-2026-23276 Vulnerability in Kernel (CVE-2026-23276)
vulnerability in Kernel (CVE-2026-23276). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.78, 6.18.19, 6.19.9` or later.
CVE-2026-23273 Vulnerability in Kernel (CVE-2026-23273)
vulnerability in Kernel (CVE-2026-23273). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4` or later.
CVE-2026-32935 Vulnerability in phpseclib/phpseclib (CVE-2026-32935)
vulnerability in phpseclib/phpseclib (CVE-2026-32935). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.27` or later.
CVE-2026-32889 Vulnerability in tinytag (CVE-2026-32889)
vulnerability in tinytag (CVE-2026-32889). Risk of unauthorized operations or information disclosure.
CVE-2026-32875 Vulnerability in c (CVE-2026-32875)
vulnerability in c (CVE-2026-32875). Risk of unauthorized operations or information disclosure.
CVE-2026-32874 Vulnerability in c (CVE-2026-32874)
vulnerability in c (CVE-2026-32874). Risk of unauthorized operations or information disclosure.
CVE-2026-32829 Vulnerability in pseitz (CVE-2026-32829)
vulnerability in pseitz (CVE-2026-32829). Confidential information can be exposed externally. Exploitable via ``decompress_into``.
CVE-2025-31277 KEV [KEV] Buffer Overflow in Apple multiple-products (CVE-2025-31277)
vulnerability in Apple multiple-products (CVE-2025-31277). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-69720 Vulnerability in c (CVE-2025-69720)
vulnerability in c (CVE-2025-69720). Confidential information can be exposed externally.
CVE-2026-27135 Vulnerability in c (CVE-2026-27135)
vulnerability in c (CVE-2026-27135). Risk of unauthorized operations or information disclosure. Exploitable via ``nghttp2_session_terminate_session``.
CVE-2026-23265 Vulnerability in c (CVE-2026-23265)
vulnerability in c (CVE-2026-23265). Risk of unauthorized operations or information disclosure.
CVE-2026-23266 Vulnerability in Kernel (CVE-2026-23266)
vulnerability in Kernel (CVE-2026-23266). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251, 5.15.201, 6.1.164, 6.6.127, 6.12.74, 6.18.13, 6.19.3` or later.
CVE-2026-23244 Out-of-Bounds Read in c (CVE-2026-23244)
vulnerability in c (CVE-2026-23244). Confidential information can be exposed externally.
CVE-2026-31938 Cross-Site Scripting (XSS) in parall (CVE-2026-31938)
cross-site scripting in parall (CVE-2026-31938). Confidential information can be exposed externally. Exploitable via ``options``.
CVE-2026-31898 Vulnerability in parall (CVE-2026-31898)
vulnerability in parall (CVE-2026-31898). Confidential information can be exposed externally. Exploitable via ``createAnnotation``.
CVE-2026-27459 Vulnerability in pyopenssl (CVE-2026-27459)
vulnerability in pyopenssl (CVE-2026-27459). Successful exploitation can lead to full system takeover. Exploitable via ``set_cookie_generate_callback``. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-30707 Vulnerability in csharp (CVE-2026-30707)
vulnerability in csharp (CVE-2026-30707). Confidential information can be exposed externally.
CVE-2025-50881 Code Injection in CVE-2025-50881 (CVE-2025-50881)
code injection in CVE-2025-50881 (CVE-2025-50881). Successful exploitation can lead to full system takeover. Exploitable via ``action``.
CVE-2026-29516 Vulnerability in buffaloamericas (CVE-2026-29516)
vulnerability in buffaloamericas (CVE-2026-29516). Confidential information can be exposed externally.
CVE-2026-3644 Vulnerability in CVE-2026-3644 (CVE-2026-3644)
vulnerability in CVE-2026-3644 (CVE-2026-3644). Data can be tampered with by attackers.
CVE-2026-28498 Vulnerability in authlib (CVE-2026-28498)
vulnerability in authlib (CVE-2026-28498). Data can be tampered with by attackers.
CVE-2026-27962 Vulnerability in deserialization (CVE-2026-27962)
vulnerability in deserialization (CVE-2026-27962). Confidential information can be exposed externally.
CVE-2016-20031 Vulnerability in c (CVE-2016-20031)
vulnerability in c (CVE-2016-20031). Confidential information can be exposed externally.
CVE-2016-20024 Vulnerability in csharp (CVE-2016-20024)
vulnerability in csharp (CVE-2016-20024). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →