Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2026-13521 A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
CVE-2026-13500 Vulnerability in CVE-2026-13500 (CVE-2026-13500)
vulnerability in CVE-2026-13500 (CVE-2026-13500). Risk of unauthorized operations or information disclosure.
CVE-2026-13498 A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
CVE-2026-13487 Vulnerability in sqli (CVE-2026-13487)
vulnerability in sqli (CVE-2026-13487). Risk of unauthorized operations or information disclosure.
CVE-2026-13488 Vulnerability in sqli (CVE-2026-13488)
vulnerability in sqli (CVE-2026-13488). Risk of unauthorized operations or information disclosure.
CVE-2026-13486 Vulnerability in sqli (CVE-2026-13486)
vulnerability in sqli (CVE-2026-13486). Risk of unauthorized operations or information disclosure.
CVE-2026-13485 Vulnerability in sqli (CVE-2026-13485)
vulnerability in sqli (CVE-2026-13485). Risk of unauthorized operations or information disclosure.
CVE-2026-10646 Use-After-Free in c (CVE-2026-10646)
vulnerability in c (CVE-2026-10646). Data can be tampered with by attackers.
CVE-2026-58054 MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
CVE-2026-58049 FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
CVE-2026-8095 Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
CVE-2026-10643 Out-of-Bounds Write in c (CVE-2026-10643)
out-of-bounds write in c (CVE-2026-10643). Data can be tampered with by attackers.
CVE-2023-37524 Vulnerability in csharp (CVE-2023-37524)
vulnerability in csharp (CVE-2023-37524). Successful exploitation can lead to full system takeover.
CVE-2026-36478 Vulnerability in csharp (CVE-2026-36478)
vulnerability in csharp (CVE-2026-36478). Risk of unauthorized operations or information disclosure.
CVE-2026-50015 Path Traversal in pnpm (CVE-2026-50015)
path traversal in pnpm (CVE-2026-50015). Data can be tampered with by attackers. Exploitable via ``patchedDependencies``. Mitigation: upgrade to `11.4.0` or later.
CVE-2026-53284 Vulnerability in c (CVE-2026-53284)
vulnerability in c (CVE-2026-53284). Risk of unauthorized operations or information disclosure.
CVE-2026-48778 OS Command Injection in cpp (CVE-2026-48778)
OS command injection in cpp (CVE-2026-48778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.1` or later.
CVE-2026-48800 OS Command Injection in cpp (CVE-2026-48800)
OS command injection in cpp (CVE-2026-48800). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.1` or later.
CVE-2026-52884 Vulnerability in cpp (CVE-2026-52884)
vulnerability in cpp (CVE-2026-52884). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.2` or later.
CVE-2026-55189 Vulnerability in CVE-2026-55189 (CVE-2026-55189)
vulnerability in CVE-2026-55189 (CVE-2026-55189). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-55188 Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-52783 Vulnerability in rails (CVE-2026-52783)
vulnerability in rails (CVE-2026-52783). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-49991 Path Traversal in path-traversal (CVE-2026-49991)
path traversal in path-traversal (CVE-2026-49991). Data can be tampered with by attackers.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2026-57527 Unsafe Deserialization in deserialization (CVE-2026-57527)
vulnerability in deserialization (CVE-2026-57527). Successful exploitation can lead to full system takeover.
CVE-2026-56031 Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
CVE-2026-56055 Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
CVE-2026-57918 Vulnerability in c (CVE-2026-57918)
vulnerability in c (CVE-2026-57918). Confidential information can be exposed externally.
CVE-2026-48933 Vulnerability in nodejs (CVE-2026-48933)
vulnerability in nodejs (CVE-2026-48933). Risk of unauthorized operations or information disclosure.
CVE-2026-48619 Vulnerability in nodejs (CVE-2026-48619)
vulnerability in nodejs (CVE-2026-48619). Risk of unauthorized operations or information disclosure.
CVE-2026-48615 Vulnerability in nodejs (CVE-2026-48615)
vulnerability in nodejs (CVE-2026-48615). Confidential information can be exposed externally. Exploitable via ``ERR_PROXY_TUNNEL``.
CVE-2025-71340 Unsafe Deserialization in CVE-2025-71340 (CVE-2025-71340)
vulnerability in CVE-2025-71340 (CVE-2025-71340). Confidential information can be exposed externally.
CVE-2026-40083 SQL Injection in sqli (CVE-2026-40083)
SQL injection in sqli (CVE-2026-40083). Successful exploitation can lead to full system takeover.
CVE-2026-37149 SQL Injection in sqli (CVE-2026-37149)
SQL injection in sqli (CVE-2026-37149). Confidential information can be exposed externally.
CVE-2025-60464 Use-After-Free in c (CVE-2025-60464)
vulnerability in c (CVE-2025-60464). Successful exploitation can lead to full system takeover.
CVE-2026-56790 Vulnerability in c (CVE-2026-56790)
vulnerability in c (CVE-2026-56790). Data can be tampered with by attackers.
CVE-2026-11999 Vulnerability in c (CVE-2026-11999)
vulnerability in c (CVE-2026-11999). Data can be tampered with by attackers.
CVE-2026-9086 Cross-Site Scripting (XSS) in redhat (CVE-2026-9086)
cross-site scripting in redhat (CVE-2026-9086). Confidential information can be exposed externally.
CVE-2026-45233 Path Traversal in path-traversal (CVE-2026-45233)
path traversal in path-traversal (CVE-2026-45233). Data can be tampered with by attackers.
CVE-2026-57455 Out-of-Bounds Write in c (CVE-2026-57455)
out-of-bounds write in c (CVE-2026-57455). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0698` or later.
CVE-2026-57456 Code Injection in vim (CVE-2026-57456)
code injection in vim (CVE-2026-57456). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0699` or later.
CVE-2026-55693 Out-of-Bounds Write in c (CVE-2026-55693)
out-of-bounds write in c (CVE-2026-55693). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0653` or later.
CVE-2026-56053 Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
CVE-2026-56054 Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
CVE-2026-57435 Use-After-Free in nokogiri (CVE-2026-57435)
vulnerability in nokogiri (CVE-2026-57435). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
CVE-2026-57434 Vulnerability in c (CVE-2026-57434)
vulnerability in c (CVE-2026-57434). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
CVE-2026-57235 Out-of-Bounds Read in nokogiri (CVE-2026-57235)
vulnerability in nokogiri (CVE-2026-57235). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
CVE-2026-57236 Use-After-Free in nokogiri (CVE-2026-57236)
vulnerability in nokogiri (CVE-2026-57236). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
CVE-2026-53275 Use-After-Free in c (CVE-2026-53275)
vulnerability in c (CVE-2026-53275). Successful exploitation can lead to full system takeover.
CVE-2026-53253 Vulnerability in c (CVE-2026-53253)
vulnerability in c (CVE-2026-53253). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →