Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-32640 Code Injection in simpleeval (CVE-2026-32640)
code injection in simpleeval (CVE-2026-32640). Successful exploitation can lead to full system takeover. Exploitable via ``names``. Mitigation: upgrade to `1.0.5` or later.
CVE-2026-32304 Code Injection in locutus (CVE-2026-32304)
code injection in locutus (CVE-2026-32304). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0.14` or later.
CVE-2025-13702 Cross-Site Scripting (XSS) in ibm (CVE-2025-13702)
cross-site scripting in ibm (CVE-2025-13702). Risk of unauthorized operations or information disclosure.
CVE-2026-32597 Vulnerability in pyjwt (CVE-2026-32597)
vulnerability in pyjwt (CVE-2026-32597). Data can be tampered with by attackers. Exploitable via ``crit``. Mitigation: upgrade to `2.12.0` or later.
CVE-2026-2229 Vulnerability in c (CVE-2026-2229)
vulnerability in c (CVE-2026-2229). Risk of unauthorized operations or information disclosure.
CVE-2026-1526 Vulnerability in nodejs (CVE-2026-1526)
vulnerability in nodejs (CVE-2026-1526). Risk of unauthorized operations or information disclosure.
CVE-2026-32274 Path Traversal in black (CVE-2026-32274)
path traversal in black (CVE-2026-32274). Data can be tampered with by attackers.
CVE-2025-61154 Vulnerability in c (CVE-2025-61154)
vulnerability in c (CVE-2025-61154). Risk of unauthorized operations or information disclosure.
CVE-2025-13462 Vulnerability in CVE-2025-13462 (CVE-2025-13462)
vulnerability in CVE-2025-13462 (CVE-2025-13462). Risk of unauthorized operations or information disclosure.
CVE-2026-32141 Vulnerability in webreflection (CVE-2026-32141)
vulnerability in webreflection (CVE-2026-32141). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.4.0` or later.
CVE-2026-28356 Vulnerability in dos (CVE-2026-28356)
vulnerability in dos (CVE-2026-28356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.2` or later.
CVE-2026-30951 SQL Injection in sqli (CVE-2026-30951)
SQL injection in sqli (CVE-2026-30951). Confidential information can be exposed externally. Mitigation: upgrade to `6.37.8` or later.
CVE-2026-31812 Vulnerability in dos (CVE-2026-31812)
vulnerability in dos (CVE-2026-31812). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.11.14` or later.
CVE-2026-28292 OS Command Injection in simple-git-project (CVE-2026-28292)
OS command injection in simple-git-project (CVE-2026-28292). Successful exploitation can lead to full system takeover.
CVE-2026-26130 Vulnerability in csharp (CVE-2026-26130)
vulnerability in csharp (CVE-2026-26130). Risk of unauthorized operations or information disclosure.
CVE-2025-13902 Cross-Site Scripting (XSS) in schneider-electric (CVE-2025-13902)
cross-site scripting in schneider-electric (CVE-2025-13902). Risk of unauthorized operations or information disclosure.
CVE-2026-29786 Path Traversal in c (CVE-2026-29786)
path traversal in c (CVE-2026-29786). Data can be tampered with by attackers.
CVE-2026-29186 Vulnerability in linuxfoundation (CVE-2026-29186)
vulnerability in linuxfoundation (CVE-2026-29186). Confidential information can be exposed externally.
CVE-2026-25679 Vulnerability in stdlib (CVE-2026-25679)
vulnerability in stdlib (CVE-2026-25679). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.8, 1.26.1` or later.
CVE-2026-27137 Vulnerability in stdlib (CVE-2026-27137)
vulnerability in stdlib (CVE-2026-27137). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.26.1` or later.
CVE-2025-69654 Vulnerability in dos (CVE-2025-69654)
vulnerability in dos (CVE-2025-69654). Risk of unauthorized operations or information disclosure. Exploitable via ``qjs``.
CVE-2026-29063 Vulnerability in immutable-js (CVE-2026-29063)
vulnerability in immutable-js (CVE-2026-29063). Successful exploitation can lead to full system takeover.
CVE-2025-69653 Vulnerability in c (CVE-2025-69653)
vulnerability in c (CVE-2025-69653). Risk of unauthorized operations or information disclosure.
CVE-2026-29091 Vulnerability in locutus (CVE-2026-29091)
vulnerability in locutus (CVE-2026-29091). Successful exploitation can lead to full system takeover.
CVE-2026-2752 Vulnerability in csharp (CVE-2026-2752)
vulnerability in csharp (CVE-2026-2752). Risk of unauthorized operations or information disclosure.
CVE-2026-29062 Vulnerability in dos (CVE-2026-29062)
vulnerability in dos (CVE-2026-29062). Risk of unauthorized operations or information disclosure.
CVE-2026-29074 Vulnerability in svgo (CVE-2026-29074)
vulnerability in svgo (CVE-2026-29074). Risk of unauthorized operations or information disclosure.
CVE-2026-28802 Vulnerability in authlib (CVE-2026-28802)
vulnerability in authlib (CVE-2026-28802). Successful exploitation can lead to full system takeover.
CVE-2025-69534 Vulnerability in markdown (CVE-2025-69534)
vulnerability in markdown (CVE-2025-69534). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.8.1` or later.
CVE-2026-3520 Vulnerability in dos (CVE-2026-3520)
vulnerability in dos (CVE-2026-3520). Risk of unauthorized operations or information disclosure.
CVE-2025-15558 Vulnerability in c (CVE-2025-15558)
vulnerability in c (CVE-2025-15558). Successful exploitation can lead to full system takeover.
CVE-2026-23238 Vulnerability in c (CVE-2026-23238)
vulnerability in c (CVE-2026-23238). Risk of unauthorized operations or information disclosure.
CVE-2026-29049 Vulnerability in chainguard.dev/melange (CVE-2026-29049)
vulnerability in chainguard.dev/melange (CVE-2026-29049). Risk of unauthorized operations or information disclosure. Exploitable via ``io.Copy``. Mitigation: upgrade to `0.43.4` or later.
CVE-2026-28517 OS Command Injection in opendcim (CVE-2026-28517)
OS command injection in opendcim (CVE-2026-28517). Successful exploitation can lead to full system takeover.
CVE-2026-2293 Authorization Flaw in nestjs (CVE-2026-2293)
vulnerability in nestjs (CVE-2026-2293). Successful exploitation can lead to full system takeover.
CVE-2026-3304 Vulnerability in dos (CVE-2026-3304)
vulnerability in dos (CVE-2026-3304). Risk of unauthorized operations or information disclosure.
CVE-2026-2359 Vulnerability in dos (CVE-2026-2359)
vulnerability in dos (CVE-2026-2359). Risk of unauthorized operations or information disclosure.
CVE-2026-24351 Cross-Site Scripting (XSS) in pluxml (CVE-2026-24351)
cross-site scripting in pluxml (CVE-2026-24351). Risk of unauthorized operations or information disclosure.
CVE-2026-28364 Vulnerability in c (CVE-2026-28364)
vulnerability in c (CVE-2026-28364). Confidential information can be exposed externally.
CVE-2026-27509 Vulnerability in unitree (CVE-2026-27509)
vulnerability in unitree (CVE-2026-27509). Successful exploitation can lead to full system takeover.
CVE-2026-27970 Cross-Site Scripting (XSS) in angular (CVE-2026-27970)
cross-site scripting in angular (CVE-2026-27970). Risk of unauthorized operations or information disclosure.
CVE-2026-27959 Vulnerability in koajs (CVE-2026-27959)
vulnerability in koajs (CVE-2026-27959). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2026-27830 Code Injection in deserialization (CVE-2026-27830)
code injection in deserialization (CVE-2026-27830). Successful exploitation can lead to full system takeover. Exploitable via ``javax.naming.Reference``.
CVE-2026-26955 Out-of-Bounds Write in c (CVE-2026-26955)
out-of-bounds write in c (CVE-2026-26955). Successful exploitation can lead to full system takeover. Exploitable via ``xfreerdp``.
CVE-2026-27727 Vulnerability in mchange (CVE-2026-27727)
vulnerability in mchange (CVE-2026-27727). Successful exploitation can lead to full system takeover. Exploitable via ``factoryClassLocation``.
CVE-2026-27606 Path Traversal in path-traversal (CVE-2026-27606)
path traversal in path-traversal (CVE-2026-27606). Successful exploitation can lead to full system takeover.
CVE-2026-26351 Cross-Site Scripting (XSS) in getsimple-ce (CVE-2026-26351)
cross-site scripting in getsimple-ce (CVE-2026-26351). Risk of unauthorized operations or information disclosure.
CVE-2026-2797 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
CVE-2026-2795 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
CVE-2026-2796 Vulnerability in mozilla (CVE-2026-2796)
vulnerability in mozilla (CVE-2026-2796). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →