Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-40365 Vulnerability in microsoft (CVE-2026-40365)
vulnerability in microsoft (CVE-2026-40365). Successful exploitation can lead to full system takeover.
CVE-2026-34663 Out-of-Bounds Read in adobe (CVE-2026-34663)
vulnerability in adobe (CVE-2026-34663). Confidential information can be exposed externally.
CVE-2026-34637 Out-of-Bounds Write in adobe (CVE-2026-34637)
out-of-bounds write in adobe (CVE-2026-34637). Successful exploitation can lead to full system takeover.
CVE-2026-34662 Vulnerability in adobe (CVE-2026-34662)
vulnerability in adobe (CVE-2026-34662). Risk of unauthorized operations or information disclosure.
CVE-2026-34638 Use-After-Free in adobe (CVE-2026-34638)
vulnerability in adobe (CVE-2026-34638). Successful exploitation can lead to full system takeover.
CVE-2026-34661 Out-of-Bounds Write in adobe (CVE-2026-34661)
out-of-bounds write in adobe (CVE-2026-34661). Successful exploitation can lead to full system takeover.
CVE-2026-34636 Out-of-Bounds Write in adobe (CVE-2026-34636)
out-of-bounds write in adobe (CVE-2026-34636). Successful exploitation can lead to full system takeover.
CVE-2026-33110 Unsafe Deserialization in deserialization (CVE-2026-33110)
vulnerability in deserialization (CVE-2026-33110). Successful exploitation can lead to full system takeover.
CVE-2026-33112 Unsafe Deserialization in deserialization (CVE-2026-33112)
vulnerability in deserialization (CVE-2026-33112). Successful exploitation can lead to full system takeover.
CVE-2025-46311 Vulnerability in apple (CVE-2025-46311)
vulnerability in apple (CVE-2025-46311). Confidential information can be exposed externally.
CVE-2025-43524 Vulnerability in apple (CVE-2025-43524)
vulnerability in apple (CVE-2025-43524). Successful exploitation can lead to full system takeover.
CVE-2026-29204 Vulnerability in CVE-2026-29204 (CVE-2026-29204)
vulnerability in CVE-2026-29204 (CVE-2026-29204). Confidential information can be exposed externally. Exploitable via ``clientarea.php``.
CVE-2025-53844 Out-of-Bounds Write in fortinet (CVE-2025-53844)
out-of-bounds write in fortinet (CVE-2025-53844). Successful exploitation can lead to full system takeover.
CVE-2025-67604 Vulnerability in fortinet (CVE-2025-67604)
vulnerability in fortinet (CVE-2025-67604). Risk of unauthorized operations or information disclosure.
CVE-2026-42899 Vulnerability in dotnet (CVE-2026-42899)
vulnerability in dotnet (CVE-2026-42899). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.27, 9.0.16, 10.0.8` or later.
CVE-2026-42048 Path Traversal in langflow (CVE-2026-42048)
path traversal in langflow (CVE-2026-42048). Data can be tampered with by attackers. Exploitable via `DELETE /api/v1/knowledge_bases`. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-35433 Vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433)
vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433). Confidential information can be exposed externally. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-32177 Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32175 Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-43513 Vulnerability in tomcat (CVE-2026-43513)
vulnerability in tomcat (CVE-2026-43513). Confidential information can be exposed externally. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-43514 Vulnerability in tomcat (CVE-2026-43514)
vulnerability in tomcat (CVE-2026-43514). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-43515 Vulnerability in tomcat (CVE-2026-43515)
vulnerability in tomcat (CVE-2026-43515). Confidential information can be exposed externally. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-41293 Vulnerability in tomcat (CVE-2026-41293)
vulnerability in tomcat (CVE-2026-41293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-42498 Information Disclosure in tomcat (CVE-2026-42498)
vulnerability in tomcat (CVE-2026-42498). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-43512 Authentication Bypass in tomcat (CVE-2026-43512)
authentication bypass in tomcat (CVE-2026-43512). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-41284 Vulnerability in tomcat (CVE-2026-41284)
vulnerability in tomcat (CVE-2026-41284). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2023-27753 Unrestricted File Upload in CVE-2023-27753 (CVE-2023-27753)
vulnerability in CVE-2023-27753 (CVE-2023-27753). Successful exploitation can lead to full system takeover.
CVE-2026-8401 Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
CVE-2026-8051 OS Command Injection in ivanti (CVE-2026-8051)
OS command injection in ivanti (CVE-2026-8051). Successful exploitation can lead to full system takeover.
CVE-2026-7432 Vulnerability in ivanti (CVE-2026-7432)
vulnerability in ivanti (CVE-2026-7432). Successful exploitation can lead to full system takeover.
CVE-2026-7431 Vulnerability in ivanti (CVE-2026-7431)
vulnerability in ivanti (CVE-2026-7431). Risk of unauthorized operations or information disclosure.
CVE-2026-8390 Use-After-Free in mozilla (CVE-2026-8390)
vulnerability in mozilla (CVE-2026-8390). Risk of unauthorized operations or information disclosure.
CVE-2026-8391 Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3.
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3.
CVE-2026-8388 Buffer Overflow in mozilla (CVE-2026-8388)
vulnerability in mozilla (CVE-2026-8388). Risk of unauthorized operations or information disclosure.
CVE-2026-8389 Buffer Overflow in mozilla (CVE-2026-8389)
vulnerability in mozilla (CVE-2026-8389). Successful exploitation can lead to full system takeover.
CVE-2026-7616 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7616)
vulnerability in wordpress (CVE-2026-7616). Risk of unauthorized operations or information disclosure.
CVE-2026-6663 Vulnerability in wordpress (CVE-2026-6663)
vulnerability in wordpress (CVE-2026-6663). Risk of unauthorized operations or information disclosure.
CVE-2026-6932 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6932)
vulnerability in wordpress (CVE-2026-6932). Risk of unauthorized operations or information disclosure.
CVE-2026-22796 Vulnerability in jvn (CVE-2026-22796)
vulnerability in jvn (CVE-2026-22796). Risk of unauthorized operations or information disclosure.
CVE-2026-3921 Vulnerability in Google chrome (CVE-2026-3921)
vulnerability in Google chrome (CVE-2026-3921). Risk of unauthorized operations or information disclosure.
CVE-2026-43885 Information Disclosure in wwbn/avideo (CVE-2026-43885)
vulnerability in wwbn/avideo (CVE-2026-43885). Risk of unauthorized operations or information disclosure. Exploitable via ``APISecret``.
CVE-2026-43884 SSRF (Server-Side Request Forgery) in wwbn/avideo (CVE-2026-43884)
SSRF in wwbn/avideo (CVE-2026-43884). Confidential information can be exposed externally. Exploitable via `POST /plugin/AI/receiveAsync.json.php`.
CVE-2026-43877 Cross-Site Request Forgery (CSRF) in wwbn/avideo (CVE-2026-43877)
vulnerability in wwbn/avideo (CVE-2026-43877). Risk of unauthorized operations or information disclosure. Exploitable via ``autoCSRFGuard``.
CVE-2026-43878 Cross-Site Scripting (XSS) in wwbn/avideo (CVE-2026-43878)
cross-site scripting in wwbn/avideo (CVE-2026-43878). Risk of unauthorized operations or information disclosure. Exploitable via ``user``.
CVE-2026-43879 SSRF (Server-Side Request Forgery) in wwbn/avideo (CVE-2026-43879)
SSRF in wwbn/avideo (CVE-2026-43879). Risk of unauthorized operations or information disclosure. Exploitable via `POST /internal/admin/action`.
CVE-2026-43883 Vulnerability in wwbn/avideo (CVE-2026-43883)
vulnerability in wwbn/avideo (CVE-2026-43883). Risk of unauthorized operations or information disclosure. Exploitable via ``agreement``.
CVE-2026-43881 Vulnerability in wwbn/avideo (CVE-2026-43881)
vulnerability in wwbn/avideo (CVE-2026-43881). Risk of unauthorized operations or information disclosure. Exploitable via ``isCompany``.
CVE-2026-43880 Vulnerability in wwbn/avideo (CVE-2026-43880)
vulnerability in wwbn/avideo (CVE-2026-43880). Risk of unauthorized operations or information disclosure. Exploitable via `POST /objects/sendEmail.json.php`.
CVE-2026-43873 Vulnerability in wwbn/avideo (CVE-2026-43873)
vulnerability in wwbn/avideo (CVE-2026-43873). Confidential information can be exposed externally. Exploitable via ``cloneSiteURL``.
CVE-2026-43876 Cross-Site Scripting (XSS) in wwbn/avideo (CVE-2026-43876)
cross-site scripting in wwbn/avideo (CVE-2026-43876). Risk of unauthorized operations or information disclosure. Exploitable via ``message``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →