Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: cwe-95 Clear
ID Title
CVE-2026-47103 Vulnerability in python-statemachine (CVE-2026-47103)
vulnerability in python-statemachine (CVE-2026-47103). Successful exploitation can lead to full system takeover. Exploitable via ``SCXMLProcessor``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-52858 Code Injection in vim (CVE-2026-52858)
code injection in vim (CVE-2026-52858). Successful exploitation can lead to full system takeover.
CVE-2026-47167 Code Injection in vim (CVE-2026-47167)
code injection in vim (CVE-2026-47167). Risk of unauthorized operations or information disclosure.
CVE-2026-11422 Vulnerability in CVE-2026-11422 (CVE-2026-11422)
vulnerability in CVE-2026-11422 (CVE-2026-11422). Confidential information can be exposed externally.
CVE-2026-50733 Vulnerability in CVE-2026-50733 (CVE-2026-50733)
vulnerability in CVE-2026-50733 (CVE-2026-50733). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.8.28` or later.
CVE-2026-31254 Vulnerability in CVE-2026-31254 (CVE-2026-31254)
vulnerability in CVE-2026-31254 (CVE-2026-31254). Risk of unauthorized operations or information disclosure.
CVE-2026-44643 Vulnerability in angular-expressions (CVE-2026-44643)
vulnerability in angular-expressions (CVE-2026-44643). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.2` or later.
CVE-2026-40316 OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflo...
OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflows/regenerate-migrations.yml workflow. The workflow uses the pull_request_target trigger to run with...
CVE-2026-33017 KEV [KEV] Vulnerability in langflow (CVE-2026-33017)
vulnerability in langflow (CVE-2026-33017). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/build_public_tmp/{flow_id}/flow`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-29091 Vulnerability in locutus (CVE-2026-29091)
vulnerability in locutus (CVE-2026-29091). Successful exploitation can lead to full system takeover.
CVE-2021-22204 KEV [KEV] Vulnerability in Perl exiftool (CVE-2021-22204)
vulnerability in Perl exiftool (CVE-2021-22204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →