Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-45176 |
|
Privilege Escalation in paloaltonetworks (CVE-2026-45176)
vulnerability in paloaltonetworks (CVE-2026-45176). Successful exploitation can lead to full system takeover.
|
| CVE-2025-46315 |
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
|
| CVE-2025-46313 |
|
Vulnerability in apple (CVE-2025-46313)
vulnerability in apple (CVE-2025-46313). Confidential information can be exposed externally.
|
| CVE-2025-46308 |
|
Vulnerability in apple (CVE-2025-46308)
vulnerability in apple (CVE-2025-46308). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46293 |
|
Vulnerability in apple (CVE-2025-46293)
vulnerability in apple (CVE-2025-46293). Confidential information can be exposed externally.
|
| CVE-2025-43339 |
|
Vulnerability in apple (CVE-2025-43339)
vulnerability in apple (CVE-2025-43339). Confidential information can be exposed externally.
|
| CVE-2025-43278 |
|
Vulnerability in apple (CVE-2025-43278)
vulnerability in apple (CVE-2025-43278). Confidential information can be exposed externally.
|
| CVE-2025-30431 |
|
Vulnerability in apple (CVE-2025-30431)
vulnerability in apple (CVE-2025-30431). Confidential information can be exposed externally.
|
| CVE-2025-24268 |
|
Path Traversal in apple (CVE-2025-24268)
path traversal in apple (CVE-2025-24268). Confidential information can be exposed externally.
|
| CVE-2025-31272 |
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
|
| CVE-2025-30459 |
|
Vulnerability in apple (CVE-2025-30459)
vulnerability in apple (CVE-2025-30459). Confidential information can be exposed externally.
|
| CVE-2025-24284 |
|
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
|
| CVE-2025-24165 |
|
Vulnerability in apple (CVE-2025-24165)
vulnerability in apple (CVE-2025-24165). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46698 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46698)
SSRF in wordpress (CVE-2026-46698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46697 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46697)
SSRF in wordpress (CVE-2026-46697). Confidential information can be exposed externally.
|
| CVE-2026-7787 |
|
Vulnerability in langflow (CVE-2026-7787)
vulnerability in langflow (CVE-2026-7787). Confidential information can be exposed externally.
|
| CVE-2026-3341 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-3341)
SSRF in ssrf (CVE-2026-3341). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8406 |
|
Vulnerability in CVE-2026-8406 (CVE-2026-8406)
vulnerability in CVE-2026-8406 (CVE-2026-8406). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-38581 |
|
SQL Injection in sqli (CVE-2026-38581)
SQL injection in sqli (CVE-2026-38581). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48998 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-48998)
vulnerability in guzzlehttp/psr7 (CVE-2026-48998). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `2.10.2` or later.
|
| CVE-2026-49214 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-49214)
vulnerability in guzzlehttp/psr7 (CVE-2026-49214). Risk of unauthorized operations or information disclosure. Exploitable via ``Uri``. Mitigation: upgrade to `2.10.2` or later.
|
| CVE-2026-6976 |
|
Vulnerability in gitlab (CVE-2026-6976)
vulnerability in gitlab (CVE-2026-6976). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-9204 |
|
SSRF (Server-Side Request Forgery) in gitlab (CVE-2026-9204)
SSRF in gitlab (CVE-2026-9204). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-9694 |
|
Vulnerability in gitlab (CVE-2026-9694)
vulnerability in gitlab (CVE-2026-9694). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-7250 |
|
Vulnerability in gitlab (CVE-2026-7250)
vulnerability in gitlab (CVE-2026-7250). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-6277 |
|
Authorization Flaw in gitlab (CVE-2026-6277)
vulnerability in gitlab (CVE-2026-6277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-8589 |
|
Cross-Site Scripting (XSS) in gitlab (CVE-2026-8589)
cross-site scripting in gitlab (CVE-2026-8589). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-6552 |
|
Vulnerability in gitlab (CVE-2026-6552)
vulnerability in gitlab (CVE-2026-6552). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-6269 |
|
Authorization Flaw in gitlab (CVE-2026-6269)
vulnerability in gitlab (CVE-2026-6269). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-1500 |
|
Vulnerability in gitlab (CVE-2026-1500)
vulnerability in gitlab (CVE-2026-1500). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-10733 |
|
Vulnerability in gitlab (CVE-2026-10733)
vulnerability in gitlab (CVE-2026-10733). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-10087 |
|
Cross-Site Scripting (XSS) in gitlab (CVE-2026-10087)
cross-site scripting in gitlab (CVE-2026-10087). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-3553 |
|
Authorization Flaw in gitlab (CVE-2026-3553)
vulnerability in gitlab (CVE-2026-3553). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-41000 |
|
Vulnerability in c (CVE-2026-41000)
vulnerability in c (CVE-2026-41000). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40996 |
|
Vulnerability in apache (CVE-2026-40996)
vulnerability in apache (CVE-2026-40996). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53461 |
|
Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-53461)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-53461). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53460 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53462 |
|
Use-After-Free in Magick.NET-Q16-AnyCPU (CVE-2026-53462)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53462). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53463 |
|
Vulnerability in imagemagick (CVE-2026-53463)
vulnerability in imagemagick (CVE-2026-53463). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53464 |
|
Vulnerability in imagemagick (CVE-2026-53464)
vulnerability in imagemagick (CVE-2026-53464). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53465 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53465)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53465). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-48733 |
|
Vulnerability in imagemagick (CVE-2026-48733)
vulnerability in imagemagick (CVE-2026-48733). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50223 |
|
Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48734 |
|
Vulnerability in imagemagick (CVE-2026-48734)
vulnerability in imagemagick (CVE-2026-48734). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48994 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-48994)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-48994). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-49218 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-49219 |
|
Path Traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219)
path traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219). Confidential information can be exposed externally. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-48724 |
|
Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-48724)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-48724). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-47342 |
|
Vulnerability in apache (CVE-2026-47342)
vulnerability in apache (CVE-2026-47342). Successful exploitation can lead to full system takeover.
|
| CVE-2022-48575 |
|
Authentication Bypass in apple (CVE-2022-48575)
authentication bypass in apple (CVE-2022-48575). Risk of unauthorized operations or information disclosure.
|