Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: cwe-20 Clear
ID Title
CVE-2026-41042 Vulnerability in apache (CVE-2026-41042)
vulnerability in apache (CVE-2026-41042). Confidential information can be exposed externally.
CVE-2026-49098 Vulnerability in c (CVE-2026-49098)
vulnerability in c (CVE-2026-49098). Risk of unauthorized operations or information disclosure.
CVE-2026-46453 Vulnerability in apache (CVE-2026-46453)
vulnerability in apache (CVE-2026-46453). Risk of unauthorized operations or information disclosure.
CVE-2026-14637 Vulnerability in deserialization (CVE-2026-14637)
vulnerability in deserialization (CVE-2026-14637). Risk of unauthorized operations or information disclosure.
CVE-2026-14631 Vulnerability in webpackjs (CVE-2026-14631)
vulnerability in webpackjs (CVE-2026-14631). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2026-38891 Vulnerability in cpp (CVE-2026-38891)
vulnerability in cpp (CVE-2026-38891). Risk of unauthorized operations or information disclosure.
CVE-2026-13706 Vulnerability in CVE-2026-13706 (CVE-2026-13706)
vulnerability in CVE-2026-13706 (CVE-2026-13706). Risk of unauthorized operations or information disclosure.
CVE-2026-13850 Vulnerability in c (CVE-2026-13850)
vulnerability in c (CVE-2026-13850). Successful exploitation can lead to full system takeover.
CVE-2026-13006 Vulnerability in CVE-2026-13006 (CVE-2026-13006)
vulnerability in CVE-2026-13006 (CVE-2026-13006). Risk of unauthorized operations or information disclosure.
CVE-2026-56762 Vulnerability in CVE-2026-56762 (CVE-2026-56762)
vulnerability in CVE-2026-56762 (CVE-2026-56762). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
CVE-2026-10651 Vulnerability in c (CVE-2026-10651)
vulnerability in c (CVE-2026-10651). Risk of unauthorized operations or information disclosure.
CVE-2026-54911 Vulnerability in ujson (CVE-2026-54911)
vulnerability in ujson (CVE-2026-54911). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.13.0` or later.
CVE-2026-55602 Vulnerability in http-proxy-middleware (CVE-2026-55602)
vulnerability in http-proxy-middleware (CVE-2026-55602). Data can be tampered with by attackers. Exploitable via ``router``. Mitigation: upgrade to `2.0.10` or later.
CVE-2026-50196 Vulnerability in Steeltoe.Discovery.Eureka (CVE-2026-50196)
vulnerability in Steeltoe.Discovery.Eureka (CVE-2026-50196). Risk of unauthorized operations or information disclosure. Exploitable via ``DataCenterInfo.FromJson``. Mitigation: upgrade to `3.4.0` or later.
CVE-2026-46910 Vulnerability in c (CVE-2026-46910)
vulnerability in c (CVE-2026-46910). Confidential information can be exposed externally.
CVE-2026-0142 Vulnerability in c (CVE-2026-0142)
vulnerability in c (CVE-2026-0142). Risk of unauthorized operations or information disclosure.
CVE-2026-49444 Vulnerability in n8n (CVE-2026-49444)
vulnerability in n8n (CVE-2026-49444). Confidential information can be exposed externally. Exploitable via ``NODES_EXCLUDE``. Mitigation: upgrade to `2.21.8` or later.
CVE-2026-53537 Vulnerability in python-multipart (CVE-2026-53537)
vulnerability in python-multipart (CVE-2026-53537). Risk of unauthorized operations or information disclosure. Exploitable via ``parse_options_header``. Mitigation: upgrade to `0.0.30` or later.
CVE-2026-12191 Vulnerability in deserialization (CVE-2026-12191)
vulnerability in deserialization (CVE-2026-12191). Successful exploitation can lead to full system takeover.
CVE-2026-54133 Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
CVE-2026-48109 Vulnerability in MessagePack (CVE-2026-48109)
vulnerability in MessagePack (CVE-2026-48109). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-49982 Vulnerability in tmp (CVE-2026-49982)
vulnerability in tmp (CVE-2026-49982). Data can be tampered with by attackers. Exploitable via ``_assertPath``. Mitigation: upgrade to `0.2.7` or later.
CVE-2026-48998 Vulnerability in guzzlehttp/psr7 (CVE-2026-48998)
vulnerability in guzzlehttp/psr7 (CVE-2026-48998). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `2.10.2` or later.
CVE-2026-49214 Vulnerability in guzzlehttp/psr7 (CVE-2026-49214)
vulnerability in guzzlehttp/psr7 (CVE-2026-49214). Risk of unauthorized operations or information disclosure. Exploitable via ``Uri``. Mitigation: upgrade to `2.10.2` or later.
CVE-2026-48110 Vulnerability in russh (CVE-2026-48110)
vulnerability in russh (CVE-2026-48110). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
CVE-2026-48108 Vulnerability in russh (CVE-2026-48108)
vulnerability in russh (CVE-2026-48108). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
CVE-2026-48107 Vulnerability in russh (CVE-2026-48107)
vulnerability in russh (CVE-2026-48107). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
CVE-2026-45558 Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
CVE-2026-45329 ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c vali...
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked....
CVE-2026-45328 Vulnerability in c (CVE-2026-45328)
vulnerability in c (CVE-2026-45328). Successful exploitation can lead to full system takeover.
CVE-2026-9212 Vulnerability in c (CVE-2026-9212)
vulnerability in c (CVE-2026-9212). Successful exploitation can lead to full system takeover.
CVE-2026-11691 Vulnerability in c (CVE-2026-11691)
vulnerability in c (CVE-2026-11691). Risk of unauthorized operations or information disclosure.
CVE-2026-10912 Vulnerability in c (CVE-2026-10912)
vulnerability in c (CVE-2026-10912). Data can be tampered with by attackers.
CVE-2026-10863 Vulnerability in sqli (CVE-2026-10863)
vulnerability in sqli (CVE-2026-10863). Confidential information can be exposed externally.
CVE-2026-37460 Vulnerability in c (CVE-2026-37460)
vulnerability in c (CVE-2026-37460). Risk of unauthorized operations or information disclosure.
CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CVE-2026-28578 Vulnerability in dos (CVE-2026-28578)
vulnerability in dos (CVE-2026-28578). Risk of unauthorized operations or information disclosure.
CVE-2026-0085 Vulnerability in dos (CVE-2026-0085)
vulnerability in dos (CVE-2026-0085). Risk of unauthorized operations or information disclosure.
CVE-2026-0070 Vulnerability in dos (CVE-2026-0070)
vulnerability in dos (CVE-2026-0070). Risk of unauthorized operations or information disclosure.
CVE-2026-0078 Vulnerability in google (CVE-2026-0078)
vulnerability in google (CVE-2026-0078). Successful exploitation can lead to full system takeover.
CVE-2026-0051 Vulnerability in cpp (CVE-2026-0051)
vulnerability in cpp (CVE-2026-0051). Risk of unauthorized operations or information disclosure.
CVE-2026-0018 Vulnerability in dos (CVE-2026-0018)
vulnerability in dos (CVE-2026-0018). Risk of unauthorized operations or information disclosure.
CVE-2026-45352 Vulnerability in c (CVE-2026-45352)
vulnerability in c (CVE-2026-45352). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.43.4` or later.
CVE-2026-44518 Vulnerability in c (CVE-2026-44518)
vulnerability in c (CVE-2026-44518). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.16.0` or later.
CVE-2026-45628 Vulnerability in c (CVE-2026-45628)
vulnerability in c (CVE-2026-45628). Confidential information can be exposed externally.
CVE-2026-45615 Vulnerability in c (CVE-2026-45615)
vulnerability in c (CVE-2026-45615). Risk of unauthorized operations or information disclosure. Exploitable via ``INTEGER_decode_oer``.
CVE-2026-5072 Vulnerability in c (CVE-2026-5072)
vulnerability in c (CVE-2026-5072). Risk of unauthorized operations or information disclosure.
CVE-2026-46679 Vulnerability in @libp2p/gossipsub (CVE-2026-46679)
vulnerability in @libp2p/gossipsub (CVE-2026-46679). Risk of unauthorized operations or information disclosure. Exploitable via ``handleReceivedSubscription``. Mitigation: upgrade to `15.0.23` or later.
CVE-2026-45783 Vulnerability in @libp2p/kad-dht (CVE-2026-45783)
vulnerability in @libp2p/kad-dht (CVE-2026-45783). Risk of unauthorized operations or information disclosure. Exploitable via ``PUT_VALUE``. Mitigation: upgrade to `16.2.6` or later.
CVE-2026-46357 Vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46357)
vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46357). Risk of unauthorized operations or information disclosure. Exploitable via ``createSite``. Mitigation: upgrade to `26.0.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →