Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-13501 |
|
Vulnerability in c (CVE-2026-13501)
vulnerability in c (CVE-2026-13501). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13499 |
|
Cross-Site Scripting (XSS) in CVE-2026-13499 (CVE-2026-13499)
cross-site scripting in CVE-2026-13499 (CVE-2026-13499). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13498 |
|
A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
|
| CVE-2026-13497 |
|
Vulnerability in sqli (CVE-2026-13497)
vulnerability in sqli (CVE-2026-13497). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13496 |
|
Vulnerability in sqli (CVE-2026-13496)
vulnerability in sqli (CVE-2026-13496). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13495 |
|
Vulnerability in sqli (CVE-2026-13495)
vulnerability in sqli (CVE-2026-13495). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13487 |
|
Vulnerability in sqli (CVE-2026-13487)
vulnerability in sqli (CVE-2026-13487). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13490 |
|
Vulnerability in CVE-2026-13490 (CVE-2026-13490)
vulnerability in CVE-2026-13490 (CVE-2026-13490). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13488 |
|
Vulnerability in sqli (CVE-2026-13488)
vulnerability in sqli (CVE-2026-13488). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13486 |
|
Vulnerability in sqli (CVE-2026-13486)
vulnerability in sqli (CVE-2026-13486). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13485 |
|
Vulnerability in sqli (CVE-2026-13485)
vulnerability in sqli (CVE-2026-13485). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10646 |
|
Use-After-Free in c (CVE-2026-10646)
vulnerability in c (CVE-2026-10646). Data can be tampered with by attackers.
|
| CVE-2026-10593 |
|
Vulnerability in c (CVE-2026-10593)
vulnerability in c (CVE-2026-10593). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10644 |
|
Out-of-Bounds Write in c (CVE-2026-10644)
out-of-bounds write in c (CVE-2026-10644). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58055 |
|
Vulnerability in c (CVE-2026-58055)
vulnerability in c (CVE-2026-58055). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58054 |
|
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
|
| CVE-2026-58049 |
|
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
|
| CVE-2026-8095 |
|
Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
|
| CVE-2026-10643 |
|
Out-of-Bounds Write in c (CVE-2026-10643)
out-of-bounds write in c (CVE-2026-10643). Data can be tampered with by attackers.
|
| CVE-2026-12432 |
|
Vulnerability in wordpress (CVE-2026-12432)
vulnerability in wordpress (CVE-2026-12432). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-37524 |
|
Vulnerability in csharp (CVE-2023-37524)
vulnerability in csharp (CVE-2023-37524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36478 |
|
Vulnerability in csharp (CVE-2026-36478)
vulnerability in csharp (CVE-2026-36478). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50015 |
|
Path Traversal in pnpm (CVE-2026-50015)
path traversal in pnpm (CVE-2026-50015). Data can be tampered with by attackers. Exploitable via ``patchedDependencies``. Mitigation: upgrade to `11.4.0` or later.
|
| CVE-2026-49869 |
|
OS Command Injection in kestra (CVE-2026-49869)
OS command injection in kestra (CVE-2026-49869). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.45` or later.
|
| CVE-2026-53313 |
|
Vulnerability in c (CVE-2026-53313)
vulnerability in c (CVE-2026-53313). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53306 |
|
Vulnerability in c (CVE-2026-53306)
vulnerability in c (CVE-2026-53306). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53314 |
|
Vulnerability in c (CVE-2026-53314)
vulnerability in c (CVE-2026-53314). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53311 |
|
Vulnerability in c (CVE-2026-53311)
vulnerability in c (CVE-2026-53311). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53292 |
|
Vulnerability in c (CVE-2026-53292)
vulnerability in c (CVE-2026-53292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53289 |
|
Vulnerability in c (CVE-2026-53289)
vulnerability in c (CVE-2026-53289). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53284 |
|
Vulnerability in c (CVE-2026-53284)
vulnerability in c (CVE-2026-53284). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-29509 |
|
Path Traversal in path-traversal (CVE-2026-29509)
path traversal in path-traversal (CVE-2026-29509). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52885 |
|
Vulnerability in cpp (CVE-2026-52885)
vulnerability in cpp (CVE-2026-52885). Data can be tampered with by attackers. Mitigation: upgrade to `8.9.6.4` or later.
|
| CVE-2026-48800 |
|
OS Command Injection in cpp (CVE-2026-48800)
OS command injection in cpp (CVE-2026-48800). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.1` or later.
|
| CVE-2026-48778 |
|
OS Command Injection in cpp (CVE-2026-48778)
OS command injection in cpp (CVE-2026-48778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.1` or later.
|
| CVE-2026-52884 |
|
Vulnerability in cpp (CVE-2026-52884)
vulnerability in cpp (CVE-2026-52884). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.2` or later.
|
| CVE-2026-55189 |
|
Vulnerability in CVE-2026-55189 (CVE-2026-55189)
vulnerability in CVE-2026-55189 (CVE-2026-55189). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
|
| CVE-2026-55188 |
|
Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
|
| CVE-2026-55838 |
|
Vulnerability in CVE-2026-55838 (CVE-2026-55838)
vulnerability in CVE-2026-55838 (CVE-2026-55838). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52783 |
|
Vulnerability in rails (CVE-2026-52783)
vulnerability in rails (CVE-2026-52783). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
|
| CVE-2026-52781 |
|
Cross-Site Scripting (XSS) in CVE-2026-52781 (CVE-2026-52781)
cross-site scripting in CVE-2026-52781 (CVE-2026-52781). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.3.3` or later.
|
| CVE-2026-49991 |
|
Path Traversal in path-traversal (CVE-2026-49991)
path traversal in path-traversal (CVE-2026-49991). Data can be tampered with by attackers.
|
| CVE-2026-46386 |
|
Unsafe Deserialization in rails (CVE-2026-46386)
vulnerability in rails (CVE-2026-46386). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57518 |
|
Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47778 |
|
Vulnerability in c (CVE-2026-47778)
vulnerability in c (CVE-2026-47778). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
|
| CVE-2026-48497 |
|
Vulnerability in c (CVE-2026-48497)
vulnerability in c (CVE-2026-48497). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
|
| CVE-2026-57652 |
|
Unauthenticated Insecure Direct Object References (IDOR) in JS Help Desk <= 3.1.0 versions.
Unauthenticated Insecure Direct Object References (IDOR) in JS Help Desk <= 3.1.0 versions.
|
| CVE-2026-57527 |
|
Unsafe Deserialization in deserialization (CVE-2026-57527)
vulnerability in deserialization (CVE-2026-57527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56032 |
|
Subscriber PHP Object Injection in Buddyboss Platform <= 3.0.4 versions.
Subscriber PHP Object Injection in Buddyboss Platform <= 3.0.4 versions.
|
| CVE-2026-56055 |
|
Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
|