Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9915 |
|
Vulnerability in google (CVE-2026-9915)
vulnerability in google (CVE-2026-9915). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9907 |
|
Out-of-Bounds Read in google (CVE-2026-9907)
vulnerability in google (CVE-2026-9907). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9906 |
|
Out-of-Bounds Write in google (CVE-2026-9906)
out-of-bounds write in google (CVE-2026-9906). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49094 |
|
Vulnerability in elk (CVE-2026-49094)
vulnerability in elk (CVE-2026-49094). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16` or later.
|
| CVE-2026-49093 |
|
SSRF (Server-Side Request Forgery) in elk (CVE-2026-49093)
SSRF in elk (CVE-2026-49093). Confidential information can be exposed externally. Mitigation: upgrade to `9.3.3` or later.
|
| CVE-2026-49095 |
|
Vulnerability in elk (CVE-2026-49095)
vulnerability in elk (CVE-2026-49095). Confidential information can be exposed externally. Mitigation: upgrade to `8.19.16, 9.3.5, 9.4.2` or later.
|
| CVE-2026-46827 |
|
Privilege Escalation in c (CVE-2026-46827)
vulnerability in c (CVE-2026-46827). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46826 |
|
Vulnerability in c (CVE-2026-46826)
vulnerability in c (CVE-2026-46826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46828 |
|
Vulnerability in c (CVE-2026-46828)
vulnerability in c (CVE-2026-46828). Confidential information can be exposed externally.
|
| CVE-2026-46837 |
|
Privilege Escalation in c (CVE-2026-46837)
vulnerability in c (CVE-2026-46837). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46818 |
|
Vulnerability in c (CVE-2026-46818)
vulnerability in c (CVE-2026-46818). Confidential information can be exposed externally.
|
| CVE-2026-46817 |
|
Privilege Escalation in c (CVE-2026-46817)
vulnerability in c (CVE-2026-46817). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46819 |
|
Vulnerability in c (CVE-2026-46819)
vulnerability in c (CVE-2026-46819). Confidential information can be exposed externally.
|
| CVE-2026-42398 |
|
SSRF (Server-Side Request Forgery) in elk (CVE-2026-42398)
SSRF in elk (CVE-2026-42398). Confidential information can be exposed externally. Mitigation: upgrade to `9.2.8, 9.3.2` or later.
|
| CVE-2026-42400 |
|
Vulnerability in elk (CVE-2026-42400)
vulnerability in elk (CVE-2026-42400). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5, 9.4.2` or later.
|
| CVE-2026-42399 |
|
Vulnerability in elk (CVE-2026-42399)
vulnerability in elk (CVE-2026-42399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5` or later.
|
| CVE-2026-42401 |
|
Cross-Site Scripting (XSS) in elk (CVE-2026-42401)
cross-site scripting in elk (CVE-2026-42401). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.4.0` or later.
|
| CVE-2026-33464 |
|
Vulnerability in elk (CVE-2026-33464)
vulnerability in elk (CVE-2026-33464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.4.2` or later.
|
| CVE-2026-33463 |
|
Vulnerability in elk (CVE-2026-33463)
vulnerability in elk (CVE-2026-33463). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5` or later.
|
| CVE-2026-33462 |
|
Path Traversal in elk (CVE-2026-33462)
path traversal in elk (CVE-2026-33462). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.19.16, 9.3.5` or later.
|
| CVE-2026-30761 |
|
Unrestricted File Upload in CVE-2026-30761 (CVE-2026-30761)
vulnerability in CVE-2026-30761 (CVE-2026-30761). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41160 |
|
Vulnerability in CVE-2026-41160 (CVE-2026-41160)
vulnerability in CVE-2026-41160 (CVE-2026-41160). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/Note/{id}/pin`. Mitigation: upgrade to `9.3.5` or later.
|
| CVE-2026-24444 |
|
Vulnerability in CVE-2026-24444 (CVE-2026-24444)
vulnerability in CVE-2026-24444 (CVE-2026-24444). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49237 |
|
Vulnerability in privilege-escalation (CVE-2026-49237)
vulnerability in privilege-escalation (CVE-2026-49237). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37266 |
|
Vulnerability in CVE-2026-37266 (CVE-2026-37266)
vulnerability in CVE-2026-37266 (CVE-2026-37266). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40914 |
|
Authorization Flaw in org.apache.artemis:artemis-stomp-protocol (CVE-2026-40914)
vulnerability in org.apache.artemis:artemis-stomp-protocol (CVE-2026-40914). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-48977 |
|
Vulnerability in org.apache.ignite:ignite-core (CVE-2025-48977)
vulnerability in org.apache.ignite:ignite-core (CVE-2025-48977). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.0` or later.
|
| CVE-2026-9807 |
|
Authorization Flaw in gitlab (CVE-2026-9807)
vulnerability in gitlab (CVE-2026-9807). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.1` or later.
|
| CVE-2026-4408 |
|
OS Command Injection in redhat (CVE-2026-4408)
OS command injection in redhat (CVE-2026-4408). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7797 |
|
SQL Injection in wordpress (CVE-2026-7797)
SQL injection in wordpress (CVE-2026-7797). Confidential information can be exposed externally.
|
| CVE-2026-9227 |
|
Unrestricted File Upload in wordpress (CVE-2026-9227)
vulnerability in wordpress (CVE-2026-9227). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6427 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6427)
cross-site scripting in wordpress (CVE-2026-6427). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6455 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6455)
vulnerability in wordpress (CVE-2026-6455). Data can be tampered with by attackers.
|
| CVE-2026-9009 |
|
Unrestricted File Upload in wordpress (CVE-2026-9009)
vulnerability in wordpress (CVE-2026-9009). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9241 |
|
Vulnerability in wordpress (CVE-2026-9241)
vulnerability in wordpress (CVE-2026-9241). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2374 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2374)
cross-site scripting in wordpress (CVE-2026-2374). Risk of unauthorized operations or information disclosure. Exploitable via ``login_nocaptcha_error``.
|
| CVE-2026-44886 |
|
SQL Injection in sqli (CVE-2026-44886)
SQL injection in sqli (CVE-2026-44886). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026-05-07` or later.
|
| CVE-2026-42877 |
|
Cross-Site Scripting (XSS) in facturascripts/facturascripts (CVE-2026-42877)
cross-site scripting in facturascripts/facturascripts (CVE-2026-42877). Risk of unauthorized operations or information disclosure. Exploitable via ``referencia``.
|
| CVE-2026-8716 |
|
Vulnerability in gitlab (CVE-2026-8716)
vulnerability in gitlab (CVE-2026-8716). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-6713 |
|
Authorization Flaw in gitlab (CVE-2026-6713)
vulnerability in gitlab (CVE-2026-6713). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-4868 |
|
Vulnerability in gitlab (CVE-2026-4868)
vulnerability in gitlab (CVE-2026-4868). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-5296 |
|
Vulnerability in gitlab (CVE-2026-5296)
vulnerability in gitlab (CVE-2026-5296). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-42878 |
|
Information Disclosure in facturascripts/facturascripts (CVE-2026-42878)
vulnerability in facturascripts/facturascripts (CVE-2026-42878). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2601 |
|
Vulnerability in gitlab (CVE-2026-2601)
vulnerability in gitlab (CVE-2026-2601). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-1402 |
|
Vulnerability in gitlab (CVE-2026-1402)
vulnerability in gitlab (CVE-2026-1402). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-44460 |
|
Information Disclosure in CVE-2026-44460 (CVE-2026-44460)
vulnerability in CVE-2026-44460 (CVE-2026-44460). Confidential information can be exposed externally. Mitigation: upgrade to `3.12.0` or later.
|
| CVE-2026-45027 |
|
Vulnerability in CVE-2026-45027 (CVE-2026-45027)
vulnerability in CVE-2026-45027 (CVE-2026-45027). Confidential information can be exposed externally. Mitigation: upgrade to `3.7.3` or later.
|
| CVE-2026-45335 |
|
Open Redirect in CVE-2026-45335 (CVE-2026-45335)
vulnerability in CVE-2026-45335 (CVE-2026-45335). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.3` or later.
|
| CVE-2026-42790 |
|
Vulnerability in erlang (CVE-2026-42790)
vulnerability in erlang (CVE-2026-42790). Confidential information can be exposed externally.
|
| CVE-2026-38931 |
|
Cross-Site Scripting (XSS) in CVE-2026-38931 (CVE-2026-38931)
cross-site scripting in CVE-2026-38931 (CVE-2026-38931). Risk of unauthorized operations or information disclosure.
|