Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-25077 Code Injection in apache (CVE-2026-25077)
code injection in apache (CVE-2026-25077). Successful exploitation can lead to full system takeover.
CVE-2025-69233 Vulnerability in apache (CVE-2025-69233)
vulnerability in apache (CVE-2025-69233). Risk of unauthorized operations or information disclosure.
CVE-2025-66467 Vulnerability in apache (CVE-2025-66467)
vulnerability in apache (CVE-2025-66467). Successful exploitation can lead to full system takeover.
CVE-2025-66172 Vulnerability in apache (CVE-2025-66172)
vulnerability in apache (CVE-2025-66172). Confidential information can be exposed externally.
CVE-2025-66171 Vulnerability in apache (CVE-2025-66171)
vulnerability in apache (CVE-2025-66171). Confidential information can be exposed externally.
CVE-2025-66170 Authorization Flaw in apache (CVE-2025-66170)
vulnerability in apache (CVE-2025-66170). Confidential information can be exposed externally.
CVE-2026-5127 Unsafe Deserialization in wordpress (CVE-2026-5127)
vulnerability in wordpress (CVE-2026-5127). Successful exploitation can lead to full system takeover.
CVE-2026-32178 Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
CVE-2026-26171 Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
CVE-2026-43284 Vulnerability in Google linux (CVE-2026-43284)
vulnerability in Google linux (CVE-2026-43284). Successful exploitation can lead to full system takeover.
CVE-2013-10075 Vulnerability in apache (CVE-2013-10075)
vulnerability in apache (CVE-2013-10075). Confidential information can be exposed externally.
CVE-2025-69691 Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
CVE-2025-69690 Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
CVE-2025-67888 OS Command Injection in CVE-2025-67888 (CVE-2025-67888)
OS command injection in CVE-2025-67888 (CVE-2025-67888). Risk of unauthorized operations or information disclosure.
CVE-2025-67887 Code Injection in CVE-2025-67887 (CVE-2025-67887)
code injection in CVE-2025-67887 (CVE-2025-67887). Successful exploitation can lead to full system takeover.
CVE-2025-67886 Unrestricted File Upload in CVE-2025-67886 (CVE-2025-67886)
vulnerability in CVE-2025-67886 (CVE-2025-67886). Risk of unauthorized operations or information disclosure.
CVE-2024-51092 OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
CVE-2024-33724 Cross-Site Scripting (XSS) in CVE-2024-33724 (CVE-2024-33724)
cross-site scripting in CVE-2024-33724 (CVE-2024-33724). Risk of unauthorized operations or information disclosure.
CVE-2024-33288 SQL Injection in sqli (CVE-2024-33288)
SQL injection in sqli (CVE-2024-33288). Risk of unauthorized operations or information disclosure.
CVE-2024-33722 SQL Injection in sqli (CVE-2024-33722)
SQL injection in sqli (CVE-2024-33722). Risk of unauthorized operations or information disclosure.
CVE-2026-8133 Vulnerability in sqli (CVE-2026-8133)
vulnerability in sqli (CVE-2026-8133). Risk of unauthorized operations or information disclosure.
CVE-2026-8136 Cross-Site Scripting (XSS) in CVE-2026-8136 (CVE-2026-8136)
cross-site scripting in CVE-2026-8136 (CVE-2026-8136). Risk of unauthorized operations or information disclosure.
CVE-2026-8132 Vulnerability in sqli (CVE-2026-8132)
vulnerability in sqli (CVE-2026-8132). Risk of unauthorized operations or information disclosure.
CVE-2026-44298 Path Traversal in kimai/kimai (CVE-2026-44298)
path traversal in kimai/kimai (CVE-2026-44298). Risk of unauthorized operations or information disclosure. Exploitable via ``ROLE_SYSTE_ADMIN``. Mitigation: upgrade to `2.56` or later.
CVE-2026-43944 Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
CVE-2026-8129 Vulnerability in sqli (CVE-2026-8129)
vulnerability in sqli (CVE-2026-8129). Risk of unauthorized operations or information disclosure.
CVE-2026-8130 Vulnerability in sqli (CVE-2026-8130)
vulnerability in sqli (CVE-2026-8130). Risk of unauthorized operations or information disclosure.
CVE-2026-8131 Vulnerability in sqli (CVE-2026-8131)
vulnerability in sqli (CVE-2026-8131). Risk of unauthorized operations or information disclosure.
CVE-2026-43941 Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
CVE-2026-42271 KEV [KEV] Command Injection in Berriai litellm (CVE-2026-42271)
command injection in Berriai litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.83.7` or later.
CVE-2026-42203 Vulnerability in litellm (CVE-2026-42203)
vulnerability in litellm (CVE-2026-42203). Successful exploitation can lead to full system takeover. Exploitable via `POST /prompts/test`. Mitigation: upgrade to `1.83.7` or later.
CVE-2026-41500 Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-8126 Vulnerability in sqli (CVE-2026-8126)
vulnerability in sqli (CVE-2026-8126). Risk of unauthorized operations or information disclosure.
CVE-2026-8128 Vulnerability in sqli (CVE-2026-8128)
vulnerability in sqli (CVE-2026-8128). Risk of unauthorized operations or information disclosure.
CVE-2026-8125 Vulnerability in sqli (CVE-2026-8125)
vulnerability in sqli (CVE-2026-8125). Risk of unauthorized operations or information disclosure.
CVE-2026-8117 Cross-Site Scripting (XSS) in CVE-2026-8117 (CVE-2026-8117)
cross-site scripting in CVE-2026-8117 (CVE-2026-8117). Risk of unauthorized operations or information disclosure.
CVE-2026-42208 KEV [KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
CVE-2026-34327 Vulnerability in microsoft (CVE-2026-34327)
vulnerability in microsoft (CVE-2026-34327). Confidential information can be exposed externally.
CVE-2026-33109 Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
CVE-2026-33844 Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
CVE-2026-8098 Vulnerability in sqli (CVE-2026-8098)
vulnerability in sqli (CVE-2026-8098). Risk of unauthorized operations or information disclosure.
CVE-2026-8097 Vulnerability in sqli (CVE-2026-8097)
vulnerability in sqli (CVE-2026-8097). Risk of unauthorized operations or information disclosure.
CVE-2026-33814 Vulnerability in golang (CVE-2026-33814)
vulnerability in golang (CVE-2026-33814). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.10, 1.26.3` or later.
CVE-2026-42879 Unrestricted File Upload in facturascripts/facturascripts (CVE-2026-42879)
vulnerability in facturascripts/facturascripts (CVE-2026-42879). Risk of unauthorized operations or information disclosure. Exploitable via ``PHPSESSID``.
CVE-2026-41906 Vulnerability in laravel (CVE-2026-41906)
vulnerability in laravel (CVE-2026-41906). Data can be tampered with by attackers.
CVE-2026-41902 Vulnerability in laravel (CVE-2026-41902)
vulnerability in laravel (CVE-2026-41902). Confidential information can be exposed externally. Exploitable via `Referer header`.
CVE-2026-36387 Unrestricted File Upload in CVE-2026-36387 (CVE-2026-36387)
vulnerability in CVE-2026-36387 (CVE-2026-36387). Risk of unauthorized operations or information disclosure.
CVE-2026-36388 Cross-Site Scripting (XSS) in CVE-2026-36388 (CVE-2026-36388)
cross-site scripting in CVE-2026-36388 (CVE-2026-36388). Risk of unauthorized operations or information disclosure.
CVE-2026-8091 Vulnerability in firefox (CVE-2026-8091)
vulnerability in firefox (CVE-2026-8091). Successful exploitation can lead to full system takeover.
CVE-2026-8093 Buffer Overflow in mozilla (CVE-2026-8093)
vulnerability in mozilla (CVE-2026-8093). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →