Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-9383 Vulnerability in sqli (CVE-2026-9383)
vulnerability in sqli (CVE-2026-9383). Risk of unauthorized operations or information disclosure.
CVE-2026-9364 Vulnerability in sqli (CVE-2026-9364)
vulnerability in sqli (CVE-2026-9364). Risk of unauthorized operations or information disclosure.
CVE-2026-9355 Vulnerability in sqli (CVE-2026-9355)
vulnerability in sqli (CVE-2026-9355). Risk of unauthorized operations or information disclosure.
CVE-2026-9356 Vulnerability in sqli (CVE-2026-9356)
vulnerability in sqli (CVE-2026-9356). Risk of unauthorized operations or information disclosure.
CVE-2026-9342 Vulnerability in sqli (CVE-2026-9342)
vulnerability in sqli (CVE-2026-9342). Risk of unauthorized operations or information disclosure.
CVE-2018-25357 Code Injection in dolibarr/dolibarr (CVE-2018-25357)
code injection in dolibarr/dolibarr (CVE-2018-25357). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.0.8` or later.
CVE-2018-25352 SQL Injection in wordpress (CVE-2018-25352)
SQL injection in wordpress (CVE-2018-25352). Confidential information can be exposed externally.
CVE-2018-25349 Cross-Site Scripting (XSS) in CVE-2018-25349 (CVE-2018-25349)
cross-site scripting in CVE-2018-25349 (CVE-2018-25349). Risk of unauthorized operations or information disclosure.
CVE-2018-25350 Vulnerability in CVE-2018-25350 (CVE-2018-25350)
vulnerability in CVE-2018-25350 (CVE-2018-25350). Successful exploitation can lead to full system takeover.
CVE-2018-25343 Cross-Site Request Forgery (CSRF) in CVE-2018-25343 (CVE-2018-25343)
vulnerability in CVE-2018-25343 (CVE-2018-25343). Risk of unauthorized operations or information disclosure.
CVE-2018-25341 SQL Injection in sqli (CVE-2018-25341)
SQL injection in sqli (CVE-2018-25341). Confidential information can be exposed externally.
CVE-2018-25342 SQL Injection in sqli (CVE-2018-25342)
SQL injection in sqli (CVE-2018-25342). Confidential information can be exposed externally.
CVE-2026-9302 Vulnerability in CVE-2026-9302 (CVE-2026-9302)
vulnerability in CVE-2026-9302 (CVE-2026-9302). Risk of unauthorized operations or information disclosure.
CVE-2018-25340 SQL Injection in sqli (CVE-2018-25340)
SQL injection in sqli (CVE-2018-25340). Confidential information can be exposed externally.
CVE-2026-45659 KEV [KEV] Unsafe Deserialization in Microsoft deserialization (CVE-2026-45659)
vulnerability in Microsoft deserialization (CVE-2026-45659). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-23652 Command Injection in microsoft (CVE-2026-23652)
command injection in microsoft (CVE-2026-23652). Successful exploitation can lead to full system takeover.
CVE-2026-5843 Vulnerability in docker (CVE-2026-5843)
vulnerability in docker (CVE-2026-5843). Successful exploitation can lead to full system takeover.
CVE-2026-5817 Vulnerability in docker (CVE-2026-5817)
vulnerability in docker (CVE-2026-5817). Successful exploitation can lead to full system takeover.
CVE-2026-6406 Authorization Flaw in docker (CVE-2026-6406)
vulnerability in docker (CVE-2026-6406). Successful exploitation can lead to full system takeover.
CVE-2026-8670 Vulnerability in avantra (CVE-2026-8670)
vulnerability in avantra (CVE-2026-8670). Successful exploitation can lead to full system takeover.
CVE-2026-8672 Vulnerability in avantra (CVE-2026-8672)
vulnerability in avantra (CVE-2026-8672). Confidential information can be exposed externally.
CVE-2026-8673 Vulnerability in avantra (CVE-2026-8673)
vulnerability in avantra (CVE-2026-8673). Confidential information can be exposed externally.
CVE-2026-8671 Vulnerability in avantra (CVE-2026-8671)
vulnerability in avantra (CVE-2026-8671). Data can be tampered with by attackers.
CVE-2026-44930 Vulnerability in org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (CVE-2026-44930)
vulnerability in org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (CVE-2026-44930). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.6.11` or later.
CVE-2026-44417 Vulnerability in org.apache.cxf:cxf-rt-transports-jms (CVE-2026-44417)
vulnerability in org.apache.cxf:cxf-rt-transports-jms (CVE-2026-44417). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.6.11` or later.
CVE-2026-5289 Vulnerability in Google chrome (CVE-2026-5289)
vulnerability in Google chrome (CVE-2026-5289). Risk of unauthorized operations or information disclosure.
CVE-2026-47166 Out-of-Bounds Read in Magick.NET-Q16-AnyCPU (CVE-2026-47166)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-47166). Confidential information can be exposed externally. Mitigation: upgrade to `14.12.0` or later.
CVE-2026-47165 Information Disclosure in Magick.NET-Q16-AnyCPU (CVE-2026-47165)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-47165). Confidential information can be exposed externally. Mitigation: upgrade to `14.12.0` or later.
CVE-2026-46693 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-46693)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-46693). Confidential information can be exposed externally. Mitigation: upgrade to `14.12.0` or later.
CVE-2026-46692 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-46692)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-46692). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.12.0` or later.
CVE-2026-7879 Vulnerability in concrete5/concrete5 (CVE-2026-7879)
vulnerability in concrete5/concrete5 (CVE-2026-7879). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8417 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8417)
vulnerability in concrete5/concrete5 (CVE-2026-8417). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8426 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8426)
vulnerability in concrete5/concrete5 (CVE-2026-8426). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8421 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8421)
vulnerability in concrete5/concrete5 (CVE-2026-8421). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8428 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8428)
vulnerability in concrete5/concrete5 (CVE-2026-8428). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8350 Authorization Flaw in concrete5/concrete5 (CVE-2026-8350)
vulnerability in concrete5/concrete5 (CVE-2026-8350). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-47102 Authorization Flaw in litellm (CVE-2026-47102)
vulnerability in litellm (CVE-2026-47102). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.10` or later.
CVE-2026-8134 Vulnerability in concrete5/concrete5 (CVE-2026-8134)
vulnerability in concrete5/concrete5 (CVE-2026-8134). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8140 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8140)
vulnerability in concrete5/concrete5 (CVE-2026-8140). Data can be tampered with by attackers. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8197 Cross-Site Scripting (XSS) in concrete5/concrete5 (CVE-2026-8197)
cross-site scripting in concrete5/concrete5 (CVE-2026-8197). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8135 Unsafe Deserialization in concrete5/concrete5 (CVE-2026-8135)
vulnerability in concrete5/concrete5 (CVE-2026-8135). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-47101 Authorization Flaw in litellm (CVE-2026-47101)
vulnerability in litellm (CVE-2026-47101). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.14` or later.
CVE-2026-46643 OS Command Injection in KnpLabs/knp-snappy (CVE-2026-46643)
OS command injection in KnpLabs/knp-snappy (CVE-2026-46643). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.1` or later.
CVE-2026-46683 SSRF (Server-Side Request Forgery) in knplabs/knp-snappy (CVE-2026-46683)
SSRF in knplabs/knp-snappy (CVE-2026-46683). Risk of unauthorized operations or information disclosure. Exploitable via ``http``. Mitigation: upgrade to `1.7.0` or later.
CVE-2026-48246 Vulnerability in CVE-2026-48246 (CVE-2026-48246)
vulnerability in CVE-2026-48246 (CVE-2026-48246). Confidential information can be exposed externally.
CVE-2026-48245 Vulnerability in CVE-2026-48245 (CVE-2026-48245)
vulnerability in CVE-2026-48245 (CVE-2026-48245). Risk of unauthorized operations or information disclosure.
CVE-2026-48248 Vulnerability in CVE-2026-48248 (CVE-2026-48248)
vulnerability in CVE-2026-48248 (CVE-2026-48248). Confidential information can be exposed externally.
CVE-2026-48247 Vulnerability in CVE-2026-48247 (CVE-2026-48247)
vulnerability in CVE-2026-48247 (CVE-2026-48247). Confidential information can be exposed externally.
CVE-2026-48249 Vulnerability in CVE-2026-48249 (CVE-2026-48249)
vulnerability in CVE-2026-48249 (CVE-2026-48249). Confidential information can be exposed externally.
CVE-2026-48244 Vulnerability in CVE-2026-48244 (CVE-2026-48244)
vulnerability in CVE-2026-48244 (CVE-2026-48244). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →