Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57285 |
|
Vulnerability in jenkins (CVE-2026-57285)
vulnerability in jenkins (CVE-2026-57285). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57286 |
|
Vulnerability in jenkins (CVE-2026-57286)
vulnerability in jenkins (CVE-2026-57286). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57287 |
|
Vulnerability in jenkins (CVE-2026-57287)
vulnerability in jenkins (CVE-2026-57287). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57280 |
|
Vulnerability in jenkins (CVE-2026-57280)
vulnerability in jenkins (CVE-2026-57280). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12242 |
|
Code Injection in wordpress (CVE-2026-12242)
code injection in wordpress (CVE-2026-12242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9643 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9643)
cross-site scripting in wordpress (CVE-2026-9643). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_wpms_links.link_url``.
|
| CVE-2026-9612 |
|
Information Disclosure in wordpress (CVE-2026-9612)
vulnerability in wordpress (CVE-2026-9612). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8628 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8628)
cross-site scripting in wordpress (CVE-2026-8628). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8705 |
|
SQL Injection in wordpress (CVE-2026-8705)
SQL injection in wordpress (CVE-2026-8705). Confidential information can be exposed externally. Exploitable via ``clearsale_total_push``.
|
| CVE-2026-12417 |
|
Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
|
| CVE-2026-10749 |
|
Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3652 |
|
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
|
| CVE-2020-9711 |
|
Out-of-Bounds Read in adobe (CVE-2020-9711)
vulnerability in adobe (CVE-2020-9711). Confidential information can be exposed externally.
|
| CVE-2020-9713 |
|
Out-of-Bounds Read in adobe (CVE-2020-9713)
vulnerability in adobe (CVE-2020-9713). Confidential information can be exposed externally.
|
| CVE-2020-9695 |
|
Out-of-Bounds Write in adobe (CVE-2020-9695)
out-of-bounds write in adobe (CVE-2020-9695). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44958 |
|
Vulnerability in CVE-2026-44958 (CVE-2026-44958)
vulnerability in CVE-2026-44958 (CVE-2026-44958). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44959 |
|
Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44956 |
|
Cross-Site Scripting (XSS) in CVE-2026-44956 (CVE-2026-44956)
cross-site scripting in CVE-2026-44956 (CVE-2026-44956). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34912 |
|
Vulnerability in CVE-2026-34912 (CVE-2026-34912)
vulnerability in CVE-2026-34912 (CVE-2026-34912). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34913 |
|
Vulnerability in CVE-2026-34913 (CVE-2026-34913)
vulnerability in CVE-2026-34913 (CVE-2026-34913). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34914 |
|
SQL Injection in sqli (CVE-2026-34914)
SQL injection in sqli (CVE-2026-34914). Data can be tampered with by attackers.
|
| CVE-2026-34915 |
|
Cross-Site Scripting (XSS) in sqli (CVE-2026-34915)
cross-site scripting in sqli (CVE-2026-34915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34916 |
|
Code Injection in CVE-2026-34916 (CVE-2026-34916)
code injection in CVE-2026-34916 (CVE-2026-34916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11772 |
|
Cross-Site Scripting (XSS) in CVE-2026-11772 (CVE-2026-11772)
cross-site scripting in CVE-2026-11772 (CVE-2026-11772). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56371 |
|
Vulnerability in c (CVE-2026-56371)
vulnerability in c (CVE-2026-56371). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56376 |
|
Use-After-Free in dos (CVE-2026-56376)
vulnerability in dos (CVE-2026-56376). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56379 |
|
Vulnerability in imagemagick (CVE-2026-56379)
vulnerability in imagemagick (CVE-2026-56379). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55599 |
|
SSRF (Server-Side Request Forgery) in phpseclib/phpseclib (CVE-2026-55599)
SSRF in phpseclib/phpseclib (CVE-2026-55599). Risk of unauthorized operations or information disclosure. Exploitable via `GET /ssrf`. Mitigation: upgrade to `3.0.54` or later.
|
| CVE-2026-42127 |
|
Vulnerability in dos (CVE-2026-42127)
vulnerability in dos (CVE-2026-42127). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9320 |
|
Vulnerability in dos (CVE-2026-9320)
vulnerability in dos (CVE-2026-9320). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9071 |
|
Vulnerability in dos (CVE-2026-9071)
vulnerability in dos (CVE-2026-9071). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9006 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9006)
SSRF in ssrf (CVE-2026-9006). Confidential information can be exposed externally.
|
| CVE-2026-8646 |
|
Vulnerability in ibm (CVE-2026-8646)
vulnerability in ibm (CVE-2026-8646). Confidential information can be exposed externally.
|
| CVE-2026-7664 |
|
Authentication Bypass in langflow (CVE-2026-7664)
authentication bypass in langflow (CVE-2026-7664). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10845 |
|
Authentication Bypass in ibm (CVE-2026-10845)
authentication bypass in ibm (CVE-2026-10845). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9029 |
|
The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug....
The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug....
|
| CVE-2026-56425 |
|
Vulnerability in csrf (CVE-2026-56425)
vulnerability in csrf (CVE-2026-56425). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2026-56446 |
|
Code Injection in misp-project (CVE-2026-56446)
code injection in misp-project (CVE-2026-56446). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54100 |
|
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
|
| CVE-2026-54099 |
|
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
|
| CVE-2026-42129 |
|
The Loki datasource plugin's callResource handler contains a path traversal vulnerability. An...
The Loki datasource plugin's callResource handler contains a path traversal vulnerability. An...
|
| CVE-2026-28381 |
|
Vulnerability in grafana (CVE-2026-28381)
vulnerability in grafana (CVE-2026-28381). Confidential information can be exposed externally.
|
| CVE-2026-10601 |
|
Path Traversal in path-traversal (CVE-2026-10601)
path traversal in path-traversal (CVE-2026-10601). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10561 |
|
Code Injection in langflow (CVE-2026-10561)
code injection in langflow (CVE-2026-10561). Successful exploitation can lead to full system takeover.
|
| CVE-2025-62198 |
|
Vulnerability in apache (CVE-2025-62198)
vulnerability in apache (CVE-2025-62198). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54665 |
|
Vulnerability in apache (CVE-2026-54665)
vulnerability in apache (CVE-2026-54665). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2025-66336 |
|
SQL Injection in apache (CVE-2025-66336)
SQL injection in apache (CVE-2025-66336). Confidential information can be exposed externally.
|
| CVE-2026-44913 |
|
Vulnerability in apache (CVE-2026-44913)
vulnerability in apache (CVE-2026-44913). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44914 |
|
Vulnerability in apache (CVE-2026-44914)
vulnerability in apache (CVE-2026-44914). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44911 |
|
Authorization Flaw in apache (CVE-2026-44911)
vulnerability in apache (CVE-2026-44911). Risk of unauthorized operations or information disclosure.
|