Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-13828 |
|
Vulnerability in c (CVE-2026-13828)
vulnerability in c (CVE-2026-13828). Confidential information can be exposed externally.
|
| CVE-2026-13782 |
|
Use-After-Free in c (CVE-2026-13782)
vulnerability in c (CVE-2026-13782). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49402 |
|
OS Command Injection in deno (CVE-2026-49402)
OS command injection in deno (CVE-2026-49402). Successful exploitation can lead to full system takeover. Exploitable via ``spawn``. Mitigation: upgrade to `2.7.10` or later.
|
| CVE-2026-53571 |
|
Path Traversal in vite (CVE-2026-53571)
path traversal in vite (CVE-2026-53571). Confidential information can be exposed externally. Exploitable via ``server.fs.deny``. Mitigation: upgrade to `6.4.3` or later.
|
| CVE-2026-47906 |
|
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
|
| CVE-2026-45490 |
|
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-34694 |
|
Cross-Site Scripting (XSS) in adobe (CVE-2026-34694)
cross-site scripting in adobe (CVE-2026-34694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34691 |
|
Cross-Site Scripting (XSS) in adobe (CVE-2026-34691)
cross-site scripting in adobe (CVE-2026-34691). Confidential information can be exposed externally.
|
| CVE-2026-45591 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.9` or later.
|
| CVE-2026-45491 |
|
Vulnerability in Microsoft.NETCore.App.Runtime.linux-x64 (CVE-2026-45491)
vulnerability in Microsoft.NETCore.App.Runtime.linux-x64 (CVE-2026-45491). Data can be tampered with by attackers. Exploitable via ``TarFile.ExtractToDirectory``. Mitigation: upgrade to `10.0.9` or later.
|
| CVE-2026-11691 |
|
Vulnerability in c (CVE-2026-11691)
vulnerability in c (CVE-2026-11691). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11693 |
|
Vulnerability in c (CVE-2026-11693)
vulnerability in c (CVE-2026-11693). Confidential information can be exposed externally.
|
| CVE-2026-11014 |
|
Vulnerability in c (CVE-2026-11014)
vulnerability in c (CVE-2026-11014). Data can be tampered with by attackers.
|
| CVE-2026-10940 |
|
Vulnerability in c (CVE-2026-10940)
vulnerability in c (CVE-2026-10940). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10912 |
|
Vulnerability in c (CVE-2026-10912)
vulnerability in c (CVE-2026-10912). Data can be tampered with by attackers.
|
| CVE-2026-10905 |
|
Use-After-Free in c (CVE-2026-10905)
vulnerability in c (CVE-2026-10905). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9998 |
|
Vulnerability in c (CVE-2026-9998)
vulnerability in c (CVE-2026-9998). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8528 |
|
Vulnerability in c (CVE-2026-8528)
vulnerability in c (CVE-2026-8528). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8519 |
|
Vulnerability in c (CVE-2026-8519)
vulnerability in c (CVE-2026-8519). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42899 |
|
Vulnerability in dotnet (CVE-2026-42899)
vulnerability in dotnet (CVE-2026-42899). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.27, 9.0.16, 10.0.8` or later.
|
| CVE-2026-35433 |
|
Vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433)
vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433). Confidential information can be exposed externally. Mitigation: upgrade to `10.0.8` or later.
|
| CVE-2026-32175 |
|
Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
|
| CVE-2026-32177 |
|
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
|
| CVE-2026-32178 |
|
Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2026-26171 |
|
Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2026-43941 |
|
Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
|
| CVE-2026-32202 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-32202)
vulnerability in Microsoft windows (CVE-2026-32202). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-3087 |
|
Path Traversal in libpython (CVE-2026-3087)
path traversal in libpython (CVE-2026-3087). Data can be tampered with by attackers. Mitigation: upgrade to `3.14.5` or later.
|
| CVE-2026-33116 |
|
Vulnerability in csharp (CVE-2026-33116)
vulnerability in csharp (CVE-2026-33116). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32203 |
|
Vulnerability in csharp (CVE-2026-32203)
vulnerability in csharp (CVE-2026-32203). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69624 |
|
Vulnerability in gonitro (CVE-2025-69624)
vulnerability in gonitro (CVE-2025-69624). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69627 |
|
Use-After-Free in gonitro (CVE-2025-69627)
vulnerability in gonitro (CVE-2025-69627). Successful exploitation can lead to full system takeover.
|
| CVE-2025-15558 |
|
Vulnerability in c (CVE-2025-15558)
vulnerability in c (CVE-2025-15558). Successful exploitation can lead to full system takeover.
|
| CVE-2024-3566 |
|
Command Injection in node (CVE-2024-3566)
command injection in node (CVE-2024-3566). Successful exploitation can lead to full system takeover. Exploitable via ``cmd.exe``. Mitigation: upgrade to `18.19.0` or later.
|
| CVE-2021-28927 |
|
OS Command Injection in c (CVE-2021-28927)
OS command injection in c (CVE-2021-28927). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17671 |
|
Path Traversal in apache (CVE-2017-17671)
path traversal in apache (CVE-2017-17671). Successful exploitation can lead to full system takeover.
|
| CVE-2014-2845 |
|
Vulnerability in c (CVE-2014-2845)
vulnerability in c (CVE-2014-2845). Confidential information can be exposed externally.
|
| CVE-2017-5118 |
|
Vulnerability in google (CVE-2017-5118)
vulnerability in google (CVE-2017-5118). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5078 |
|
Vulnerability in c (CVE-2017-5078)
vulnerability in c (CVE-2017-5078). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5094 |
|
Vulnerability in c (CVE-2017-5094)
vulnerability in c (CVE-2017-5094). Data can be tampered with by attackers.
|
| CVE-2015-7359 |
|
Vulnerability in c (CVE-2015-7359)
vulnerability in c (CVE-2015-7359). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7358 |
|
Vulnerability in c (CVE-2015-7358)
vulnerability in c (CVE-2015-7358). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12814 |
|
Buffer Overflow in perl (CVE-2017-12814)
vulnerability in perl (CVE-2017-12814). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14686 |
|
Buffer Overflow in c (CVE-2017-14686)
vulnerability in c (CVE-2017-14686). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14685 |
|
Buffer Overflow in c (CVE-2017-14685)
vulnerability in c (CVE-2017-14685). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3113 |
|
Use-After-Free in adobe (CVE-2017-3113)
vulnerability in adobe (CVE-2017-3113). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11254 |
|
Use-After-Free in adobe (CVE-2017-11254)
vulnerability in adobe (CVE-2017-11254). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11742 |
|
Vulnerability in c (CVE-2017-11742)
vulnerability in c (CVE-2017-11742). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9428 |
|
Path Traversal in path-traversal (CVE-2017-9428)
path traversal in path-traversal (CVE-2017-9428). Confidential information can be exposed externally.
|
| CVE-2017-5029 |
|
Out-of-Bounds Write in c (CVE-2017-5029)
out-of-bounds write in c (CVE-2017-5029). Successful exploitation can lead to full system takeover.
|