Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-2766 |
|
Use-After-Free in mozilla (CVE-2026-2766)
vulnerability in mozilla (CVE-2026-2766). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2762 |
|
Vulnerability in mozilla (CVE-2026-2762)
vulnerability in mozilla (CVE-2026-2762). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2764 |
|
Use-After-Free in mozilla (CVE-2026-2764)
vulnerability in mozilla (CVE-2026-2764). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2763 |
|
Use-After-Free in mozilla (CVE-2026-2763)
vulnerability in mozilla (CVE-2026-2763). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2765 |
|
Use-After-Free in mozilla (CVE-2026-2765)
vulnerability in mozilla (CVE-2026-2765). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2767 |
|
Use-After-Free in mozilla (CVE-2026-2767)
vulnerability in mozilla (CVE-2026-2767). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2758 |
|
Use-After-Free in mozilla (CVE-2026-2758)
vulnerability in mozilla (CVE-2026-2758). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2786 |
|
Use-After-Free in mozilla (CVE-2026-2786)
vulnerability in mozilla (CVE-2026-2786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25968 |
|
Vulnerability in c (CVE-2026-25968)
vulnerability in c (CVE-2026-25968). Confidential information can be exposed externally.
|
| CVE-2026-25969 |
|
Vulnerability in c (CVE-2026-25969)
vulnerability in c (CVE-2026-25969). Risk of unauthorized operations or information disclosure. Exploitable via ``WriteASHLARImage``.
|
| CVE-2026-25794 |
|
Vulnerability in c (CVE-2026-25794)
vulnerability in c (CVE-2026-25794). Risk of unauthorized operations or information disclosure. Exploitable via ``WriteUHDRImage``.
|
| CVE-2025-14905 |
|
Vulnerability in c (CVE-2025-14905)
vulnerability in c (CVE-2025-14905). Successful exploitation can lead to full system takeover. Exploitable via ``schema_attr_enum_callback``.
|
| CVE-2026-25747 |
|
Unsafe Deserialization in apache (CVE-2026-25747)
vulnerability in apache (CVE-2026-25747). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25896 |
|
Vulnerability in c (CVE-2026-25896)
vulnerability in c (CVE-2026-25896). Data can be tampered with by attackers. Mitigation: upgrade to `5.3.5` or later.
|
| CVE-2026-2472 |
|
Cross-Site Scripting (XSS) in CVE-2026-2472 (CVE-2026-2472)
cross-site scripting in CVE-2026-2472 (CVE-2026-2472). Confidential information can be exposed externally.
|
| CVE-2026-26318 |
|
OS Command Injection in systeminformation (CVE-2026-26318)
OS command injection in systeminformation (CVE-2026-26318). Successful exploitation can lead to full system takeover. Exploitable via ``locate``.
|
| CVE-2026-26278 |
|
Vulnerability in c (CVE-2026-26278)
vulnerability in c (CVE-2026-26278). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26280 |
|
OS Command Injection in systeminformation (CVE-2026-26280)
OS command injection in systeminformation (CVE-2026-26280). Successful exploitation can lead to full system takeover. Exploitable via ``iface``.
|
| CVE-2026-24834 |
|
Vulnerability in c (CVE-2026-24834)
vulnerability in c (CVE-2026-24834). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25940 |
|
Vulnerability in parall (CVE-2026-25940)
vulnerability in parall (CVE-2026-25940). Confidential information can be exposed externally.
|
| CVE-2026-25535 |
|
Vulnerability in dos (CVE-2026-25535)
vulnerability in dos (CVE-2026-25535). Risk of unauthorized operations or information disclosure. Exploitable via ``addImage``.
|
| CVE-2026-25755 |
|
Code Injection in parall (CVE-2026-25755)
code injection in parall (CVE-2026-25755). Confidential information can be exposed externally. Exploitable via ``addJS``.
|
| CVE-2026-2704 |
|
Buffer Overflow in openbabel (CVE-2026-2704)
vulnerability in openbabel (CVE-2026-2704). Risk of unauthorized operations or information disclosure. Exploitable via ``obabel``. Mitigation: upgrade to `3.2.0` or later.
|
| CVE-2026-26980 |
|
SQL Injection in ghost (CVE-2026-26980)
SQL injection in ghost (CVE-2026-26980). Confidential information can be exposed externally. Mitigation: upgrade to `6.19.1` or later.
|
| CVE-2026-22860 |
|
Path Traversal in rack (CVE-2026-22860)
path traversal in rack (CVE-2026-22860). Confidential information can be exposed externally.
|
| CVE-2025-14009 |
|
Code Injection in nltk (CVE-2025-14009)
code injection in nltk (CVE-2025-14009). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2025-7631 |
|
SQL Injection in c (CVE-2025-7631)
SQL injection in c (CVE-2025-7631). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23204 |
|
Out-of-Bounds Read in c (CVE-2026-23204)
vulnerability in c (CVE-2026-23204). Confidential information can be exposed externally.
|
| CVE-2026-23171 |
|
Use-After-Free in c (CVE-2026-23171)
vulnerability in c (CVE-2026-23171). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25990 |
|
Out-of-Bounds Write in pillow (CVE-2026-25990)
out-of-bounds write in pillow (CVE-2026-25990). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `12.1.1` or later.
|
| CVE-2025-69873 |
|
Vulnerability in dos (CVE-2025-69873)
vulnerability in dos (CVE-2025-69873). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69872 |
|
Code Injection in CVE-2025-69872 (CVE-2025-69872)
code injection in CVE-2025-69872 (CVE-2025-69872). Successful exploitation can lead to full system takeover.
|
| CVE-2025-12059 |
|
Vulnerability in c (CVE-2025-12059)
vulnerability in c (CVE-2025-12059). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26007 |
|
Vulnerability in cryptography (CVE-2026-26007)
vulnerability in cryptography (CVE-2026-26007). Confidential information can be exposed externally. Exploitable via ``public_key_from_numbers``. Mitigation: upgrade to `46.0.5` or later.
|
| CVE-2025-6967 |
|
Vulnerability in CVE-2025-6967 (CVE-2025-6967)
vulnerability in CVE-2025-6967 (CVE-2025-6967). Confidential information can be exposed externally.
|
| CVE-2026-25639 |
|
Vulnerability in axios (CVE-2026-25639)
vulnerability in axios (CVE-2026-25639). Risk of unauthorized operations or information disclosure. Exploitable via ``mergeConfig``. Mitigation: upgrade to `0.30.3` or later.
|
| CVE-2026-1615 |
|
Code Injection in CVE-2026-1615 (CVE-2026-1615)
code injection in CVE-2026-1615 (CVE-2026-1615). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25749 |
|
Vulnerability in c (CVE-2026-25749)
vulnerability in c (CVE-2026-25749). Data can be tampered with by attackers.
|
| CVE-2026-25580 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-25580)
SSRF in ssrf (CVE-2026-25580). Confidential information can be exposed externally. Mitigation: upgrade to `1.56.0` or later.
|
| CVE-2026-25640 |
|
Path Traversal in path-traversal (CVE-2026-25640)
path traversal in path-traversal (CVE-2026-25640). Confidential information can be exposed externally. Mitigation: upgrade to `1.51.0` or later.
|
| CVE-2026-25727 |
|
Vulnerability in dos (CVE-2026-25727)
vulnerability in dos (CVE-2026-25727). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25293 |
|
Vulnerability in c (CVE-2019-25293)
vulnerability in c (CVE-2019-25293). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61732 |
|
Code Injection in toolchain (CVE-2025-61732)
code injection in toolchain (CVE-2025-61732). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.24.13, 1.25.7` or later.
|
| CVE-2026-25521 |
|
Vulnerability in locutus (CVE-2026-25521)
vulnerability in locutus (CVE-2026-25521). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23052 |
|
Vulnerability in c (CVE-2026-23052)
vulnerability in c (CVE-2026-23052). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23099 |
|
Out-of-Bounds Read in c (CVE-2026-23099)
vulnerability in c (CVE-2026-23099). Confidential information can be exposed externally.
|
| CVE-2025-70545 |
|
Cross-Site Scripting (XSS) in belden (CVE-2025-70545)
cross-site scripting in belden (CVE-2025-70545). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25223 |
|
Vulnerability in fastify (CVE-2026-25223)
vulnerability in fastify (CVE-2026-25223). Data can be tampered with by attackers.
|
| CVE-2026-24737 |
|
Vulnerability in parall (CVE-2026-24737)
vulnerability in parall (CVE-2026-24737). Confidential information can be exposed externally.
|
| CVE-2026-23025 |
|
Vulnerability in c (CVE-2026-23025)
vulnerability in c (CVE-2026-23025). Successful exploitation can lead to full system takeover.
|