Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-14655 |
|
Cross-Site Scripting (XSS) in CVE-2026-14655 (CVE-2026-14655)
cross-site scripting in CVE-2026-14655 (CVE-2026-14655). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14657 |
|
Vulnerability in sqli (CVE-2026-14657)
vulnerability in sqli (CVE-2026-14657). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14652 |
|
Vulnerability in sqli (CVE-2026-14652)
vulnerability in sqli (CVE-2026-14652). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14653 |
|
Vulnerability in sqli (CVE-2026-14653)
vulnerability in sqli (CVE-2026-14653). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14654 |
|
Vulnerability in sqli (CVE-2026-14654)
vulnerability in sqli (CVE-2026-14654). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14649 |
|
Vulnerability in sqli (CVE-2026-14649)
vulnerability in sqli (CVE-2026-14649). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14648 |
|
Vulnerability in sqli (CVE-2026-14648)
vulnerability in sqli (CVE-2026-14648). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14641 |
|
Vulnerability in sqli (CVE-2026-14641)
vulnerability in sqli (CVE-2026-14641). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14640 |
|
Vulnerability in sqli (CVE-2026-14640)
vulnerability in sqli (CVE-2026-14640). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14642 |
|
Vulnerability in sqli (CVE-2026-14642)
vulnerability in sqli (CVE-2026-14642). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14639 |
|
Vulnerability in sqli (CVE-2026-14639)
vulnerability in sqli (CVE-2026-14639). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14638 |
|
Vulnerability in sqli (CVE-2026-14638)
vulnerability in sqli (CVE-2026-14638). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14637 |
|
Vulnerability in deserialization (CVE-2026-14637)
vulnerability in deserialization (CVE-2026-14637). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14636 |
|
Path Traversal in path-traversal (CVE-2026-14636)
path traversal in path-traversal (CVE-2026-14636). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14635 |
|
Path Traversal in path-traversal (CVE-2026-14635)
path traversal in path-traversal (CVE-2026-14635). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14634 |
|
Cross-Site Scripting (XSS) in CVE-2026-14634 (CVE-2026-14634)
cross-site scripting in CVE-2026-14634 (CVE-2026-14634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14632 |
|
Open Redirect in CVE-2026-14632 (CVE-2026-14632)
vulnerability in CVE-2026-14632 (CVE-2026-14632). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14633 |
|
Cross-Site Scripting (XSS) in CVE-2026-14633 (CVE-2026-14633)
cross-site scripting in CVE-2026-14633 (CVE-2026-14633). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14622 |
|
Authentication Bypass in CVE-2026-14622 (CVE-2026-14622)
authentication bypass in CVE-2026-14622 (CVE-2026-14622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14619 |
|
Vulnerability in sqli (CVE-2026-14619)
vulnerability in sqli (CVE-2026-14619). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12194 |
|
Vulnerability in CVE-2026-12194 (CVE-2026-12194)
vulnerability in CVE-2026-12194 (CVE-2026-12194). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14355 |
|
Vulnerability in debian (CVE-2026-14355)
vulnerability in debian (CVE-2026-14355). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14608 |
|
Vulnerability in CVE-2026-14608 (CVE-2026-14608)
vulnerability in CVE-2026-14608 (CVE-2026-14608). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59234 |
|
Vulnerability in CVE-2026-59234 (CVE-2026-59234)
vulnerability in CVE-2026-59234 (CVE-2026-59234). Risk of unauthorized operations or information disclosure. Exploitable via `GET /calendar/event/delete/{id}`.
|
| CVE-2026-5137 |
|
Vulnerability in wordpress (CVE-2026-5137)
vulnerability in wordpress (CVE-2026-5137). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47896 |
|
Path Traversal in csharp (CVE-2026-47896)
path traversal in csharp (CVE-2026-47896). Confidential information can be exposed externally.
|
| CVE-2026-47897 |
|
Path Traversal in csharp (CVE-2026-47897)
path traversal in csharp (CVE-2026-47897). Data can be tampered with by attackers.
|
| CVE-2026-47898 |
|
XXE (XML External Entity) in csharp (CVE-2026-47898)
vulnerability in csharp (CVE-2026-47898). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9725 |
|
Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
|
| CVE-2026-9180 |
|
Vulnerability in wordpress (CVE-2026-9180)
vulnerability in wordpress (CVE-2026-9180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /motopress/appointment/v1/bookings`.
|
| CVE-2026-54998 |
|
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
|
| CVE-2026-58467 |
|
Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
|
| CVE-2026-7311 |
|
Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
|
| CVE-2026-55952 |
|
Vulnerability in erlang (CVE-2026-55952)
vulnerability in erlang (CVE-2026-55952). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54886 |
|
Vulnerability in dos (CVE-2026-54886)
vulnerability in dos (CVE-2026-54886). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55950 |
|
Vulnerability in dos (CVE-2026-55950)
vulnerability in dos (CVE-2026-55950). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54887 |
|
Vulnerability in erlang (CVE-2026-54887)
vulnerability in erlang (CVE-2026-54887). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54891 |
|
Vulnerability in erlang (CVE-2026-54891)
vulnerability in erlang (CVE-2026-54891). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53422 |
|
Vulnerability in erlang (CVE-2026-53422)
vulnerability in erlang (CVE-2026-53422). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50281 |
|
Vulnerability in craftcms/cms (CVE-2026-50281)
vulnerability in craftcms/cms (CVE-2026-50281). Risk of unauthorized operations or information disclosure. Exploitable via ``newAttributes``. Mitigation: upgrade to `5.9.21` or later.
|
| CVE-2026-58455 |
|
OS Command Injection in CVE-2026-58455 (CVE-2026-58455)
OS command injection in CVE-2026-58455 (CVE-2026-58455). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57621 |
|
Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions.
Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions.
|
| CVE-2026-57677 |
|
Unsafe Deserialization in CVE-2026-57677 (CVE-2026-57677)
vulnerability in CVE-2026-57677 (CVE-2026-57677). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27414 |
|
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.
|
| CVE-2026-27060 |
|
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
|
| CVE-2026-9834 |
|
Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
|
| CVE-2026-9145 |
|
Path Traversal in wordpress (CVE-2026-9145)
path traversal in wordpress (CVE-2026-9145). Confidential information can be exposed externally.
|
| CVE-2026-14249 |
|
Vulnerability in wordpress (CVE-2026-14249)
vulnerability in wordpress (CVE-2026-14249). Data can be tampered with by attackers.
|
| CVE-2026-14424 |
|
Use-After-Free in google (CVE-2026-14424)
vulnerability in google (CVE-2026-14424). Successful exploitation can lead to full system takeover.
|