Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-48558 KEV |
|
[KEV] Vulnerability in Simplehelp simple-help (CVE-2026-48558)
vulnerability in Simplehelp simple-help (CVE-2026-48558). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-58175 |
|
Vulnerability in org.geoserver.web:gs-web-app (CVE-2025-58175)
vulnerability in org.geoserver.web:gs-web-app (CVE-2025-58175). Confidential information can be exposed externally. Exploitable via ``ENTITY_RESOLUTION_ALLOWLIST``. Mitigation: upgrade to `2.27.3` or later.
|
| CVE-2025-52465 |
|
Vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465)
vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.26.4` or later.
|
| CVE-2026-53787 |
|
Unrestricted File Upload in path-traversal (CVE-2026-53787)
vulnerability in path-traversal (CVE-2026-53787). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54133 |
|
Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
|
| CVE-2026-12066 |
|
Vulnerability in CVE-2026-12066 (CVE-2026-12066)
vulnerability in CVE-2026-12066 (CVE-2026-12066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50631 |
|
Vulnerability in apache (CVE-2026-50631)
vulnerability in apache (CVE-2026-50631). Confidential information can be exposed externally.
|
| CVE-2026-50632 |
|
Vulnerability in apache (CVE-2026-50632)
vulnerability in apache (CVE-2026-50632). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50633 |
|
Vulnerability in apache (CVE-2026-50633)
vulnerability in apache (CVE-2026-50633). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50634 |
|
Vulnerability in apache (CVE-2026-50634)
vulnerability in apache (CVE-2026-50634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50645 |
|
Vulnerability in apache (CVE-2026-50645)
vulnerability in apache (CVE-2026-50645). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49875 |
|
XXE (XML External Entity) in apache (CVE-2026-49875)
vulnerability in apache (CVE-2026-49875). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50623 |
|
Authentication Bypass in apache (CVE-2026-50623)
authentication bypass in apache (CVE-2026-50623). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50627 |
|
Vulnerability in apache (CVE-2026-50627)
vulnerability in apache (CVE-2026-50627). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50628 |
|
Vulnerability in apache (CVE-2026-50628)
vulnerability in apache (CVE-2026-50628). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50629 |
|
Vulnerability in apache (CVE-2026-50629)
vulnerability in apache (CVE-2026-50629). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50630 |
|
Vulnerability in apache (CVE-2026-50630)
vulnerability in apache (CVE-2026-50630). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45060 |
|
SQL Injection in sqli (CVE-2026-45060)
SQL injection in sqli (CVE-2026-45060). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45418 |
|
SQL Injection in sqli (CVE-2026-45418)
SQL injection in sqli (CVE-2026-45418). Successful exploitation can lead to full system takeover. Exploitable via `POST /actions/subtitle_edit.php`.
|
| CVE-2026-45173 |
|
Vulnerability in paloaltonetworks (CVE-2026-45173)
vulnerability in paloaltonetworks (CVE-2026-45173). Data can be tampered with by attackers.
|
| CVE-2026-12035 |
|
Use-After-Free in google (CVE-2026-12035)
vulnerability in google (CVE-2026-12035). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12033 |
|
Out-of-Bounds Read in google (CVE-2026-12033)
vulnerability in google (CVE-2026-12033). Confidential information can be exposed externally.
|
| CVE-2026-12031 |
|
Vulnerability in google (CVE-2026-12031)
vulnerability in google (CVE-2026-12031). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12029 |
|
Use-After-Free in google (CVE-2026-12029)
vulnerability in google (CVE-2026-12029). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12027 |
|
Vulnerability in google (CVE-2026-12027)
vulnerability in google (CVE-2026-12027). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12025 |
|
Vulnerability in google (CVE-2026-12025)
vulnerability in google (CVE-2026-12025). Confidential information can be exposed externally.
|
| CVE-2026-12034 |
|
Vulnerability in Google chrome (CVE-2026-12034)
vulnerability in Google chrome (CVE-2026-12034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12032 |
|
Vulnerability in google (CVE-2026-12032)
vulnerability in google (CVE-2026-12032). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12030 |
|
Vulnerability in google (CVE-2026-12030)
vulnerability in google (CVE-2026-12030). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12028 |
|
Use-After-Free in google (CVE-2026-12028)
vulnerability in google (CVE-2026-12028). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12026 |
|
Out-of-Bounds Read in google (CVE-2026-12026)
vulnerability in google (CVE-2026-12026). Confidential information can be exposed externally.
|
| CVE-2026-12020 |
|
Use-After-Free in google (CVE-2026-12020)
vulnerability in google (CVE-2026-12020). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12024 |
|
Vulnerability in google (CVE-2026-12024)
vulnerability in google (CVE-2026-12024). Data can be tampered with by attackers.
|
| CVE-2026-12018 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12018)
vulnerability in privilege-escalation (CVE-2026-12018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12017 |
|
Vulnerability in google (CVE-2026-12017)
vulnerability in google (CVE-2026-12017). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12016 |
|
Vulnerability in google (CVE-2026-12016)
vulnerability in google (CVE-2026-12016). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12015 |
|
Use-After-Free in google (CVE-2026-12015)
vulnerability in google (CVE-2026-12015). Confidential information can be exposed externally.
|
| CVE-2026-12022 |
|
Vulnerability in google (CVE-2026-12022)
vulnerability in google (CVE-2026-12022). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12023 |
|
Use-After-Free in google (CVE-2026-12023)
vulnerability in google (CVE-2026-12023). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12019 |
|
Out-of-Bounds Write in google (CVE-2026-12019)
out-of-bounds write in google (CVE-2026-12019). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12008 |
|
Use-After-Free in google (CVE-2026-12008)
vulnerability in google (CVE-2026-12008). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12009 |
|
Vulnerability in google (CVE-2026-12009)
vulnerability in google (CVE-2026-12009). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12012 |
|
Use-After-Free in google (CVE-2026-12012)
vulnerability in google (CVE-2026-12012). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12013 |
|
Use-After-Free in google (CVE-2026-12013)
vulnerability in google (CVE-2026-12013). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12014 |
|
Use-After-Free in google (CVE-2026-12014)
vulnerability in google (CVE-2026-12014). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12010 |
|
Vulnerability in google (CVE-2026-12010)
vulnerability in google (CVE-2026-12010). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12011 |
|
Use-After-Free in google (CVE-2026-12011)
vulnerability in google (CVE-2026-12011). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12007 |
|
Use-After-Free in Google chrome (CVE-2026-12007)
vulnerability in Google chrome (CVE-2026-12007). Successful exploitation can lead to full system takeover.
|
| CVE-2025-27511 |
|
Vulnerability in org.geoserver.extension:gs-db2 (CVE-2025-27511)
vulnerability in org.geoserver.extension:gs-db2 (CVE-2025-27511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.27.0` or later.
|
| CVE-2026-45175 |
|
Vulnerability in paloaltonetworks (CVE-2026-45175)
vulnerability in paloaltonetworks (CVE-2026-45175). Successful exploitation can lead to full system takeover.
|