Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-13788 |
|
Use-After-Free in google (CVE-2026-13788)
vulnerability in google (CVE-2026-13788). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37106 |
|
Vulnerability in CVE-2026-37106 (CVE-2026-37106)
vulnerability in CVE-2026-37106 (CVE-2026-37106). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13774 |
|
Use-After-Free in Google chrome (CVE-2026-13774)
vulnerability in Google chrome (CVE-2026-13774). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55223 |
|
Unsafe Deserialization in apache (CVE-2026-55223)
vulnerability in apache (CVE-2026-55223). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11906 |
|
Vulnerability in dos (CVE-2026-11906)
vulnerability in dos (CVE-2026-11906). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10560 |
|
Authentication Bypass in dos (CVE-2026-10560)
authentication bypass in dos (CVE-2026-10560). Confidential information can be exposed externally.
|
| CVE-2026-7803 |
|
Vulnerability in langflow (CVE-2026-7803)
vulnerability in langflow (CVE-2026-7803). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10140 |
|
Vulnerability in langflow (CVE-2026-10140)
vulnerability in langflow (CVE-2026-10140). Confidential information can be exposed externally.
|
| CVE-2026-7871 |
|
Unsafe Deserialization in langflow (CVE-2026-7871)
vulnerability in langflow (CVE-2026-7871). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10564 |
|
SSRF (Server-Side Request Forgery) in c (CVE-2026-10564)
SSRF in c (CVE-2026-10564). Confidential information can be exposed externally.
|
| CVE-2026-10546 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10546)
SSRF in ssrf (CVE-2026-10546). Confidential information can be exposed externally.
|
| CVE-2026-7873 |
|
Code Injection in langflow (CVE-2026-7873)
code injection in langflow (CVE-2026-7873). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7874 |
|
Vulnerability in langflow (CVE-2026-7874)
vulnerability in langflow (CVE-2026-7874). Confidential information can be exposed externally.
|
| CVE-2026-7663 |
|
Vulnerability in langflow (CVE-2026-7663)
vulnerability in langflow (CVE-2026-7663). Confidential information can be exposed externally.
|
| CVE-2025-36372 |
|
Vulnerability in ibm (CVE-2025-36372)
vulnerability in ibm (CVE-2025-36372). Confidential information can be exposed externally.
|
| CVE-2026-10134 |
|
Code Injection in langflow (CVE-2026-10134)
code injection in langflow (CVE-2026-10134). Successful exploitation can lead to full system takeover. Exploitable via ``tool_code``.
|
| CVE-2026-10129 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10129)
SSRF in ssrf (CVE-2026-10129). Confidential information can be exposed externally.
|
| CVE-2026-58376 |
|
SQL Injection in sqli (CVE-2026-58376)
SQL injection in sqli (CVE-2026-58376). Confidential information can be exposed externally.
|
| CVE-2026-48315 |
|
Vulnerability in adobe (CVE-2026-48315)
vulnerability in adobe (CVE-2026-48315). Confidential information can be exposed externally.
|
| CVE-2026-48314 |
|
Path Traversal in path-traversal (CVE-2026-48314)
path traversal in path-traversal (CVE-2026-48314). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48285 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48285)
SSRF in ssrf (CVE-2026-48285). Confidential information can be exposed externally.
|
| CVE-2026-48283 |
|
Unrestricted File Upload in adobe (CVE-2026-48283)
vulnerability in adobe (CVE-2026-48283). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48282 KEV |
|
[KEV] Path Traversal in Adobe path-traversal (CVE-2026-48282)
path traversal in Adobe path-traversal (CVE-2026-48282). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-48313 |
|
Path Traversal in path-traversal (CVE-2026-48313)
path traversal in path-traversal (CVE-2026-48313). Confidential information can be exposed externally.
|
| CVE-2026-48286 |
|
Authorization Flaw in adobe (CVE-2026-48286)
vulnerability in adobe (CVE-2026-48286). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48307 |
|
Cross-Site Scripting (XSS) in adobe (CVE-2026-48307)
cross-site scripting in adobe (CVE-2026-48307). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48281 |
|
Vulnerability in adobe (CVE-2026-48281)
vulnerability in adobe (CVE-2026-48281). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48277 |
|
Vulnerability in adobe (CVE-2026-48277)
vulnerability in adobe (CVE-2026-48277). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48276 |
|
Unrestricted File Upload in adobe (CVE-2026-48276)
vulnerability in adobe (CVE-2026-48276). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14241 |
|
Buffer Overflow in c (CVE-2026-14241)
vulnerability in c (CVE-2026-14241). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53648 |
|
SQL Injection in apache (CVE-2025-53648)
SQL injection in apache (CVE-2025-53648). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27881 |
|
Vulnerability in CVE-2026-27881 (CVE-2026-27881)
vulnerability in CVE-2026-27881 (CVE-2026-27881). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/deployments/{uuid}`. Mitigation: upgrade to `4.0.0-beta.464` or later.
|
| CVE-2026-53690 |
|
SQL Injection in sqli (CVE-2026-53690)
SQL injection in sqli (CVE-2026-53690). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53691 |
|
Unrestricted File Upload in CVE-2026-53691 (CVE-2026-53691)
vulnerability in CVE-2026-53691 (CVE-2026-53691). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49877 |
|
Vulnerability in apache (CVE-2026-49877)
vulnerability in apache (CVE-2026-49877). Confidential information can be exposed externally.
|
| CVE-2026-50734 |
|
Vulnerability in apache (CVE-2026-50734)
vulnerability in apache (CVE-2026-50734). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54475 |
|
Vulnerability in apache (CVE-2026-54475)
vulnerability in apache (CVE-2026-54475). Data can be tampered with by attackers.
|
| CVE-2026-50750 |
|
Vulnerability in apache (CVE-2026-50750)
vulnerability in apache (CVE-2026-50750). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53917 |
|
Vulnerability in apache (CVE-2026-53917)
vulnerability in apache (CVE-2026-53917). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52760 |
|
Cross-Site Scripting (XSS) in apache (CVE-2026-52760)
cross-site scripting in apache (CVE-2026-52760). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53916 |
|
Vulnerability in apache (CVE-2026-53916)
vulnerability in apache (CVE-2026-53916). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49432 |
|
Vulnerability in apache (CVE-2026-49432)
vulnerability in apache (CVE-2026-49432). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49434 |
|
Vulnerability in apache (CVE-2026-49434)
vulnerability in apache (CVE-2026-49434). Data can be tampered with by attackers.
|
| CVE-2026-12240 |
|
Unsafe Deserialization in wordpress (CVE-2026-12240)
vulnerability in wordpress (CVE-2026-12240). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8944 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8944)
vulnerability in wordpress (CVE-2026-8944). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11367 |
|
Path Traversal in wordpress (CVE-2026-11367)
path traversal in wordpress (CVE-2026-11367). Confidential information can be exposed externally.
|
| CVE-2026-55955 |
|
Authentication Bypass in apache (CVE-2026-55955)
authentication bypass in apache (CVE-2026-55955). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50229 |
|
Vulnerability in apache (CVE-2026-50229)
vulnerability in apache (CVE-2026-50229). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53404 |
|
Vulnerability in apache (CVE-2026-53404)
vulnerability in apache (CVE-2026-53404). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53434 |
|
Vulnerability in apache (CVE-2026-53434)
vulnerability in apache (CVE-2026-53434). Confidential information can be exposed externally.
|