Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-35030 Authentication Bypass in litellm (CVE-2026-35030)
authentication bypass in litellm (CVE-2026-35030). Confidential information can be exposed externally. Mitigation: upgrade to `1.83.0` or later.
CVE-2026-35616 KEV [KEV] Vulnerability in Fortinet forticlient-ems (CVE-2026-35616)
vulnerability in Fortinet forticlient-ems (CVE-2026-35616). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-28373 Path Traversal in path-traversal (CVE-2026-28373)
path traversal in path-traversal (CVE-2026-28373). Successful exploitation can lead to full system takeover.
CVE-2025-7024 Vulnerability in airbus (CVE-2025-7024)
vulnerability in airbus (CVE-2025-7024). Successful exploitation can lead to full system takeover.
CVE-2026-35535 Vulnerability in privilege-escalation (CVE-2026-35535)
vulnerability in privilege-escalation (CVE-2026-35535). Successful exploitation can lead to full system takeover.
CVE-2026-26895 Vulnerability in enhancesoft (CVE-2026-26895)
vulnerability in enhancesoft (CVE-2026-26895). Risk of unauthorized operations or information disclosure.
CVE-2026-3502 KEV [KEV] Vulnerability in Trueconf client (CVE-2026-3502)
vulnerability in Trueconf client (CVE-2026-3502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-5273 Use-After-Free in google (CVE-2026-5273)
vulnerability in google (CVE-2026-5273). Risk of unauthorized operations or information disclosure.
CVE-2026-5272 Vulnerability in google (CVE-2026-5272)
vulnerability in google (CVE-2026-5272). Successful exploitation can lead to full system takeover.
CVE-2026-5281 KEV [KEV] Use-After-Free in Google dawn (CVE-2026-5281)
vulnerability in Google dawn (CVE-2026-5281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-22561 Vulnerability in privilege-escalation (CVE-2026-22561)
vulnerability in privilege-escalation (CVE-2026-22561). Successful exploitation can lead to full system takeover.
CVE-2026-2370 Vulnerability in gitlab (CVE-2026-2370)
vulnerability in gitlab (CVE-2026-2370). Confidential information can be exposed externally.
CVE-2026-3055 KEV [KEV] Out-of-Bounds Read in Citrix netscaler (CVE-2026-3055)
vulnerability in Citrix netscaler (CVE-2026-3055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-34046 Vulnerability in langflow (CVE-2026-34046)
vulnerability in langflow (CVE-2026-34046). Successful exploitation can lead to full system takeover. Exploitable via ``_read_flow``.
CVE-2026-30567 Cross-Site Scripting (XSS) in ahsanriaz26gmailcom (CVE-2026-30567)
cross-site scripting in ahsanriaz26gmailcom (CVE-2026-30567). Risk of unauthorized operations or information disclosure.
CVE-2026-56358 Cross-Site Scripting (XSS) in n8n (CVE-2026-56358)
cross-site scripting in n8n (CVE-2026-56358). Risk of unauthorized operations or information disclosure. Exploitable via ``NODES_EXCLUDE``. Mitigation: upgrade to `1.123.25` or later.
CVE-2026-28367 Vulnerability in io.undertow:undertow-parent (CVE-2026-28367)
vulnerability in io.undertow:undertow-parent (CVE-2026-28367). Confidential information can be exposed externally.
CVE-2026-5010 Cross-Site Scripting (XSS) in CVE-2026-5010 (CVE-2026-5010)
cross-site scripting in CVE-2026-5010 (CVE-2026-5010). Risk of unauthorized operations or information disclosure.
CVE-2026-27880 Out-of-Bounds Write in grafana (CVE-2026-27880)
out-of-bounds write in grafana (CVE-2026-27880). Risk of unauthorized operations or information disclosure.
CVE-2026-27877 Vulnerability in github.com/grafana/grafana (CVE-2026-27877)
vulnerability in github.com/grafana/grafana (CVE-2026-27877). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.2-0.20260325055210-3522153e07b4` or later.
CVE-2026-27876 Code Injection in grafana (CVE-2026-27876)
code injection in grafana (CVE-2026-27876). Successful exploitation can lead to full system takeover.
CVE-2025-53521 KEV [KEV] Vulnerability in F5 big-ip (CVE-2025-53521)
vulnerability in F5 big-ip (CVE-2025-53521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-30458 Vulnerability in thedaylightstudio (CVE-2026-30458)
vulnerability in thedaylightstudio (CVE-2026-30458). Confidential information can be exposed externally.
CVE-2026-30463 SQL Injection in sqli (CVE-2026-30463)
SQL injection in sqli (CVE-2026-30463). Confidential information can be exposed externally.
CVE-2026-30457 Code Injection in thedaylightstudio (CVE-2026-30457)
code injection in thedaylightstudio (CVE-2026-30457). Successful exploitation can lead to full system takeover.
CVE-2026-4809 Unrestricted File Upload in laravel (CVE-2026-4809)
vulnerability in laravel (CVE-2026-4809). Successful exploitation can lead to full system takeover.
CVE-2026-33634 KEV [KEV] Vulnerability in Aquasecurity trivy (CVE-2026-33634)
vulnerability in Aquasecurity trivy (CVE-2026-33634). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-28859 Out-of-Bounds Read in apple (CVE-2026-28859)
vulnerability in apple (CVE-2026-28859). Risk of unauthorized operations or information disclosure.
CVE-2026-28857 Out-of-Bounds Read in apple (CVE-2026-28857)
vulnerability in apple (CVE-2026-28857). Risk of unauthorized operations or information disclosure.
CVE-2026-28882 Vulnerability in apple (CVE-2026-28882)
vulnerability in apple (CVE-2026-28882). Risk of unauthorized operations or information disclosure.
CVE-2026-28878 Information Disclosure in apple (CVE-2026-28878)
vulnerability in apple (CVE-2026-28878). Risk of unauthorized operations or information disclosure.
CVE-2026-28877 Information Disclosure in apple (CVE-2026-28877)
vulnerability in apple (CVE-2026-28877). Confidential information can be exposed externally.
CVE-2026-28870 Vulnerability in apple (CVE-2026-28870)
vulnerability in apple (CVE-2026-28870). Confidential information can be exposed externally.
CVE-2026-28826 Vulnerability in apple (CVE-2026-28826)
vulnerability in apple (CVE-2026-28826). Risk of unauthorized operations or information disclosure.
CVE-2026-20664 Out-of-Bounds Write in apple (CVE-2026-20664)
out-of-bounds write in apple (CVE-2026-20664). Risk of unauthorized operations or information disclosure.
CVE-2026-20657 Buffer Overflow in apple (CVE-2026-20657)
vulnerability in apple (CVE-2026-20657). Risk of unauthorized operations or information disclosure.
CVE-2026-28861 Cross-Site Scripting (XSS) in apple (CVE-2026-28861)
cross-site scripting in apple (CVE-2026-28861). Risk of unauthorized operations or information disclosure.
CVE-2026-28863 Vulnerability in apple (CVE-2026-28863)
vulnerability in apple (CVE-2026-28863). Confidential information can be exposed externally.
CVE-2026-28838 Vulnerability in apple (CVE-2026-28838)
vulnerability in apple (CVE-2026-28838). Risk of unauthorized operations or information disclosure.
CVE-2026-28833 Vulnerability in apple (CVE-2026-28833)
vulnerability in apple (CVE-2026-28833). Confidential information can be exposed externally.
CVE-2026-20684 Vulnerability in apple (CVE-2026-20684)
vulnerability in apple (CVE-2026-20684). Risk of unauthorized operations or information disclosure.
CVE-2026-33017 KEV [KEV] Vulnerability in langflow (CVE-2026-33017)
vulnerability in langflow (CVE-2026-33017). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/build_public_tmp/{flow_id}/flow`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-4721 Vulnerability in mozilla (CVE-2026-4721)
vulnerability in mozilla (CVE-2026-4721). Successful exploitation can lead to full system takeover.
CVE-2026-4720 Vulnerability in mozilla (CVE-2026-4720)
vulnerability in mozilla (CVE-2026-4720). Successful exploitation can lead to full system takeover.
CVE-2026-4729 Vulnerability in mozilla (CVE-2026-4729)
vulnerability in mozilla (CVE-2026-4729). Successful exploitation can lead to full system takeover.
CVE-2026-4699 Vulnerability in mozilla (CVE-2026-4699)
vulnerability in mozilla (CVE-2026-4699). Risk of unauthorized operations or information disclosure.
CVE-2026-4700 Vulnerability in mozilla (CVE-2026-4700)
vulnerability in mozilla (CVE-2026-4700). Successful exploitation can lead to full system takeover.
CVE-2026-4695 Vulnerability in mozilla (CVE-2026-4695)
vulnerability in mozilla (CVE-2026-4695). Risk of unauthorized operations or information disclosure.
CVE-2026-4697 Vulnerability in mozilla (CVE-2026-4697)
vulnerability in mozilla (CVE-2026-4697). Risk of unauthorized operations or information disclosure.
CVE-2026-4694 Vulnerability in mozilla (CVE-2026-4694)
vulnerability in mozilla (CVE-2026-4694). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →