Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-13521 |
|
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
|
| CVE-2026-13500 |
|
Vulnerability in CVE-2026-13500 (CVE-2026-13500)
vulnerability in CVE-2026-13500 (CVE-2026-13500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13498 |
|
A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an...
|
| CVE-2026-13487 |
|
Vulnerability in sqli (CVE-2026-13487)
vulnerability in sqli (CVE-2026-13487). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13488 |
|
Vulnerability in sqli (CVE-2026-13488)
vulnerability in sqli (CVE-2026-13488). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13486 |
|
Vulnerability in sqli (CVE-2026-13486)
vulnerability in sqli (CVE-2026-13486). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13485 |
|
Vulnerability in sqli (CVE-2026-13485)
vulnerability in sqli (CVE-2026-13485). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10646 |
|
Use-After-Free in c (CVE-2026-10646)
vulnerability in c (CVE-2026-10646). Data can be tampered with by attackers.
|
| CVE-2026-58054 |
|
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
|
| CVE-2026-58049 |
|
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
|
| CVE-2026-8095 |
|
Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
|
| CVE-2026-10643 |
|
Out-of-Bounds Write in c (CVE-2026-10643)
out-of-bounds write in c (CVE-2026-10643). Data can be tampered with by attackers.
|
| CVE-2023-37524 |
|
Vulnerability in csharp (CVE-2023-37524)
vulnerability in csharp (CVE-2023-37524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36478 |
|
Vulnerability in csharp (CVE-2026-36478)
vulnerability in csharp (CVE-2026-36478). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50015 |
|
Path Traversal in pnpm (CVE-2026-50015)
path traversal in pnpm (CVE-2026-50015). Data can be tampered with by attackers. Exploitable via ``patchedDependencies``. Mitigation: upgrade to `11.4.0` or later.
|
| CVE-2026-53284 |
|
Vulnerability in c (CVE-2026-53284)
vulnerability in c (CVE-2026-53284). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48778 |
|
OS Command Injection in cpp (CVE-2026-48778)
OS command injection in cpp (CVE-2026-48778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.1` or later.
|
| CVE-2026-48800 |
|
OS Command Injection in cpp (CVE-2026-48800)
OS command injection in cpp (CVE-2026-48800). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.1` or later.
|
| CVE-2026-52884 |
|
Vulnerability in cpp (CVE-2026-52884)
vulnerability in cpp (CVE-2026-52884). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.2` or later.
|
| CVE-2026-55189 |
|
Vulnerability in CVE-2026-55189 (CVE-2026-55189)
vulnerability in CVE-2026-55189 (CVE-2026-55189). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
|
| CVE-2026-55188 |
|
Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
|
| CVE-2026-52783 |
|
Vulnerability in rails (CVE-2026-52783)
vulnerability in rails (CVE-2026-52783). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
|
| CVE-2026-49991 |
|
Path Traversal in path-traversal (CVE-2026-49991)
path traversal in path-traversal (CVE-2026-49991). Data can be tampered with by attackers.
|
| CVE-2026-57518 |
|
Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57527 |
|
Unsafe Deserialization in deserialization (CVE-2026-57527)
vulnerability in deserialization (CVE-2026-57527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56031 |
|
Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions.
|
| CVE-2026-56055 |
|
Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
Subscriber PHP Object Injection in RealHomes <= 4.5.3 versions.
|
| CVE-2026-57918 |
|
Vulnerability in c (CVE-2026-57918)
vulnerability in c (CVE-2026-57918). Confidential information can be exposed externally.
|
| CVE-2026-48933 |
|
Vulnerability in nodejs (CVE-2026-48933)
vulnerability in nodejs (CVE-2026-48933). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48619 |
|
Vulnerability in nodejs (CVE-2026-48619)
vulnerability in nodejs (CVE-2026-48619). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48615 |
|
Vulnerability in nodejs (CVE-2026-48615)
vulnerability in nodejs (CVE-2026-48615). Confidential information can be exposed externally. Exploitable via ``ERR_PROXY_TUNNEL``.
|
| CVE-2025-71340 |
|
Unsafe Deserialization in CVE-2025-71340 (CVE-2025-71340)
vulnerability in CVE-2025-71340 (CVE-2025-71340). Confidential information can be exposed externally.
|
| CVE-2026-40083 |
|
SQL Injection in sqli (CVE-2026-40083)
SQL injection in sqli (CVE-2026-40083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37149 |
|
SQL Injection in sqli (CVE-2026-37149)
SQL injection in sqli (CVE-2026-37149). Confidential information can be exposed externally.
|
| CVE-2025-60464 |
|
Use-After-Free in c (CVE-2025-60464)
vulnerability in c (CVE-2025-60464). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56790 |
|
Vulnerability in c (CVE-2026-56790)
vulnerability in c (CVE-2026-56790). Data can be tampered with by attackers.
|
| CVE-2026-11999 |
|
Vulnerability in c (CVE-2026-11999)
vulnerability in c (CVE-2026-11999). Data can be tampered with by attackers.
|
| CVE-2026-9086 |
|
Cross-Site Scripting (XSS) in redhat (CVE-2026-9086)
cross-site scripting in redhat (CVE-2026-9086). Confidential information can be exposed externally.
|
| CVE-2026-45233 |
|
Path Traversal in path-traversal (CVE-2026-45233)
path traversal in path-traversal (CVE-2026-45233). Data can be tampered with by attackers.
|
| CVE-2026-57455 |
|
Out-of-Bounds Write in c (CVE-2026-57455)
out-of-bounds write in c (CVE-2026-57455). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0698` or later.
|
| CVE-2026-57456 |
|
Code Injection in vim (CVE-2026-57456)
code injection in vim (CVE-2026-57456). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0699` or later.
|
| CVE-2026-55693 |
|
Out-of-Bounds Write in c (CVE-2026-55693)
out-of-bounds write in c (CVE-2026-55693). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0653` or later.
|
| CVE-2026-56053 |
|
Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
|
| CVE-2026-56054 |
|
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
|
| CVE-2026-57435 |
|
Use-After-Free in nokogiri (CVE-2026-57435)
vulnerability in nokogiri (CVE-2026-57435). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
|
| CVE-2026-57434 |
|
Vulnerability in c (CVE-2026-57434)
vulnerability in c (CVE-2026-57434). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
|
| CVE-2026-57235 |
|
Out-of-Bounds Read in nokogiri (CVE-2026-57235)
vulnerability in nokogiri (CVE-2026-57235). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
|
| CVE-2026-57236 |
|
Use-After-Free in nokogiri (CVE-2026-57236)
vulnerability in nokogiri (CVE-2026-57236). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
|
| CVE-2026-53275 |
|
Use-After-Free in c (CVE-2026-53275)
vulnerability in c (CVE-2026-53275). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53253 |
|
Vulnerability in c (CVE-2026-53253)
vulnerability in c (CVE-2026-53253). Risk of unauthorized operations or information disclosure.
|