Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-8093 Buffer Overflow in mozilla (CVE-2026-8093)
vulnerability in mozilla (CVE-2026-8093). Successful exploitation can lead to full system takeover.
CVE-2026-8094 Code Injection in firefox (CVE-2026-8094)
code injection in firefox (CVE-2026-8094). Successful exploitation can lead to full system takeover.
CVE-2026-8090 Use-After-Free in mozilla (CVE-2026-8090)
vulnerability in mozilla (CVE-2026-8090). Risk of unauthorized operations or information disclosure.
CVE-2026-7924 Vulnerability in chromium (CVE-2026-7924)
vulnerability in chromium (CVE-2026-7924). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
CVE-2026-7925 Vulnerability in chromium (CVE-2026-7925)
vulnerability in chromium (CVE-2026-7925). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
CVE-2026-7923 Vulnerability in chromium (CVE-2026-7923)
vulnerability in chromium (CVE-2026-7923). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
CVE-2026-6973 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-8018 Vulnerability in google (CVE-2026-8018)
vulnerability in google (CVE-2026-8018). Successful exploitation can lead to full system takeover.
CVE-2026-7989 Vulnerability in google (CVE-2026-7989)
vulnerability in google (CVE-2026-7989). Risk of unauthorized operations or information disclosure.
CVE-2026-7979 Vulnerability in google (CVE-2026-7979)
vulnerability in google (CVE-2026-7979). Risk of unauthorized operations or information disclosure.
CVE-2026-7959 Vulnerability in google (CVE-2026-7959)
vulnerability in google (CVE-2026-7959). Risk of unauthorized operations or information disclosure.
CVE-2026-7946 Vulnerability in google (CVE-2026-7946)
vulnerability in google (CVE-2026-7946). Risk of unauthorized operations or information disclosure.
CVE-2026-7932 Vulnerability in chromium (CVE-2026-7932)
vulnerability in chromium (CVE-2026-7932). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
CVE-2026-7910 Use-After-Free in google (CVE-2026-7910)
vulnerability in google (CVE-2026-7910). Successful exploitation can lead to full system takeover.
CVE-2026-7915 Vulnerability in google (CVE-2026-7915)
vulnerability in google (CVE-2026-7915). Risk of unauthorized operations or information disclosure.
CVE-2026-7916 Vulnerability in google (CVE-2026-7916)
vulnerability in google (CVE-2026-7916). Successful exploitation can lead to full system takeover.
CVE-2026-7902 Out-of-Bounds Read in google (CVE-2026-7902)
vulnerability in google (CVE-2026-7902). Successful exploitation can lead to full system takeover.
CVE-2026-20195 Vulnerability in cisco (CVE-2026-20195)
vulnerability in cisco (CVE-2026-20195). Risk of unauthorized operations or information disclosure.
CVE-2026-20652 Vulnerability in java (CVE-2026-20652)
vulnerability in java (CVE-2026-20652). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20644 Buffer Overflow in java (CVE-2026-20644)
vulnerability in java (CVE-2026-20644). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20636 Buffer Overflow in java (CVE-2026-20636)
vulnerability in java (CVE-2026-20636). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20635 Buffer Overflow in java (CVE-2026-20635)
vulnerability in java (CVE-2026-20635). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20608 Vulnerability in java (CVE-2026-20608)
vulnerability in java (CVE-2026-20608). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2025-43457 Use-After-Free in java (CVE-2025-43457)
vulnerability in java (CVE-2025-43457). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-5081 Vulnerability in apache (CVE-2026-5081)
vulnerability in apache (CVE-2026-5081). Confidential information can be exposed externally.
CVE-2026-43208 Vulnerability in linux (CVE-2026-43208)
vulnerability in linux (CVE-2026-43208). Successful exploitation can lead to full system takeover.
CVE-2026-43186 Vulnerability in c (CVE-2026-43186)
vulnerability in c (CVE-2026-43186). Successful exploitation can lead to full system takeover.
CVE-2026-43185 Vulnerability in linux (CVE-2026-43185)
vulnerability in linux (CVE-2026-43185). Successful exploitation can lead to full system takeover.
CVE-2026-43125 Out-of-Bounds Write in linux (CVE-2026-43125)
out-of-bounds write in linux (CVE-2026-43125). Successful exploitation can lead to full system takeover.
CVE-2026-43114 Vulnerability in c (CVE-2026-43114)
vulnerability in c (CVE-2026-43114). Confidential information can be exposed externally.
CVE-2026-43083 Vulnerability in linux (CVE-2026-43083)
vulnerability in linux (CVE-2026-43083). Confidential information can be exposed externally.
CVE-2026-7572 Vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7572)
vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7572). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.76.5` or later.
CVE-2026-28780 Vulnerability in apache (CVE-2026-28780)
vulnerability in apache (CVE-2026-28780). Successful exploitation can lead to full system takeover.
CVE-2026-0300 KEV [KEV] Out-of-Bounds Write in Palo alto networks palo-alto-networks (CVE-2026-0300)
out-of-bounds write in Palo alto networks palo-alto-networks (CVE-2026-0300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-43882 Vulnerability in wwbn/avideo (CVE-2026-43882)
vulnerability in wwbn/avideo (CVE-2026-43882). Risk of unauthorized operations or information disclosure. Exploitable via ``title``.
CVE-2026-44167 Vulnerability in phpseclib/phpseclib (CVE-2026-44167)
vulnerability in phpseclib/phpseclib (CVE-2026-44167). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.29` or later.
CVE-2026-35453 Cross-Site Scripting (XSS) in phpoffice/phpspreadsheet (CVE-2026-35453)
cross-site scripting in phpoffice/phpspreadsheet (CVE-2026-35453). Risk of unauthorized operations or information disclosure. Exploitable via ``formatColor``. Mitigation: upgrade to `1.30.4` or later.
CVE-2026-34084 Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-34084)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-34084). Successful exploitation can lead to full system takeover. Exploitable via ``is_file``. Mitigation: upgrade to `1.30.3` or later.
CVE-2026-38428 SQL Injection in sqli (CVE-2026-38428)
SQL injection in sqli (CVE-2026-38428). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v1/main/flows/search`.
CVE-2026-43071 Vulnerability in c (CVE-2026-43071)
vulnerability in c (CVE-2026-43071). Confidential information can be exposed externally.
CVE-2026-43067 Vulnerability in linux (CVE-2026-43067)
vulnerability in linux (CVE-2026-43067). Successful exploitation can lead to full system takeover.
CVE-2026-43868 Vulnerability in thrift (CVE-2026-43868)
vulnerability in thrift (CVE-2026-43868). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.23.0` or later.
CVE-2026-43869 Vulnerability in org.apache.thrift:libthrift (CVE-2026-43869)
vulnerability in org.apache.thrift:libthrift (CVE-2026-43869). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.23.0` or later.
CVE-2026-38751 Unrestricted File Upload in devcode-it/openstamanager (CVE-2026-38751)
vulnerability in devcode-it/openstamanager (CVE-2026-38751). Successful exploitation can lead to full system takeover.
CVE-2026-25863 Vulnerability in wordpress (CVE-2026-25863)
vulnerability in wordpress (CVE-2026-25863). Risk of unauthorized operations or information disclosure.
CVE-2026-42811 Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811)
vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-42027 Vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42027)
vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42027). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0.0-M3` or later.
CVE-2026-42809 Vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42809)
vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42809). Successful exploitation can lead to full system takeover. Exploitable via ``location``. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-42440 Vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42440)
vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42440). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.0-M3` or later.
CVE-2026-42812 Vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42812)
vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42812). Successful exploitation can lead to full system takeover. Exploitable via ``write.metadata.path``. Mitigation: upgrade to `1.4.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →