Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-4696 Use-After-Free in mozilla (CVE-2026-4696)
vulnerability in mozilla (CVE-2026-4696). Successful exploitation can lead to full system takeover.
CVE-2026-4688 Use-After-Free in mozilla (CVE-2026-4688)
vulnerability in mozilla (CVE-2026-4688). Successful exploitation can lead to full system takeover.
CVE-2026-4684 Vulnerability in mozilla (CVE-2026-4684)
vulnerability in mozilla (CVE-2026-4684). Successful exploitation can lead to full system takeover.
CVE-2026-4687 Vulnerability in mozilla (CVE-2026-4687)
vulnerability in mozilla (CVE-2026-4687). Risk of unauthorized operations or information disclosure.
CVE-2026-4690 Vulnerability in mozilla (CVE-2026-4690)
vulnerability in mozilla (CVE-2026-4690). Risk of unauthorized operations or information disclosure.
CVE-2026-4692 Vulnerability in mozilla (CVE-2026-4692)
vulnerability in mozilla (CVE-2026-4692). Successful exploitation can lead to full system takeover.
CVE-2026-4686 Vulnerability in mozilla (CVE-2026-4686)
vulnerability in mozilla (CVE-2026-4686). Risk of unauthorized operations or information disclosure.
CVE-2026-4685 Vulnerability in mozilla (CVE-2026-4685)
vulnerability in mozilla (CVE-2026-4685). Risk of unauthorized operations or information disclosure.
CVE-2026-4693 Vulnerability in mozilla (CVE-2026-4693)
vulnerability in mozilla (CVE-2026-4693). Risk of unauthorized operations or information disclosure.
CVE-2026-4689 Vulnerability in mozilla (CVE-2026-4689)
vulnerability in mozilla (CVE-2026-4689). Successful exploitation can lead to full system takeover.
CVE-2026-4691 Use-After-Free in mozilla (CVE-2026-4691)
vulnerability in mozilla (CVE-2026-4691). Successful exploitation can lead to full system takeover.
CVE-2026-4698 Vulnerability in mozilla (CVE-2026-4698)
vulnerability in mozilla (CVE-2026-4698). Successful exploitation can lead to full system takeover.
CVE-2026-32642 Authorization Flaw in apache (CVE-2026-32642)
vulnerability in apache (CVE-2026-32642). Risk of unauthorized operations or information disclosure.
CVE-2025-41008 SQL Injection in sqli (CVE-2025-41008)
SQL injection in sqli (CVE-2025-41008). Risk of unauthorized operations or information disclosure.
CVE-2025-41007 SQL Injection in sqli (CVE-2025-41007)
SQL injection in sqli (CVE-2025-41007). Risk of unauthorized operations or information disclosure.
CVE-2026-4447 Vulnerability in google (CVE-2026-4447)
vulnerability in google (CVE-2026-4447). Successful exploitation can lead to full system takeover.
CVE-2026-32935 Vulnerability in phpseclib/phpseclib (CVE-2026-32935)
vulnerability in phpseclib/phpseclib (CVE-2026-32935). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.27` or later.
CVE-2025-32432 KEV [KEV] Code Injection in Craft cms craft-cms (CVE-2025-32432)
code injection in Craft cms craft-cms (CVE-2025-32432). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-43520 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2025-43520)
vulnerability in Apple multiple-products (CVE-2025-43520). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-54068 KEV [KEV] Code Injection in Laravel livewire (CVE-2025-54068)
code injection in Laravel livewire (CVE-2025-54068). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-31277 KEV [KEV] Buffer Overflow in Apple multiple-products (CVE-2025-31277)
vulnerability in Apple multiple-products (CVE-2025-31277). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-43510 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2025-43510)
vulnerability in Apple multiple-products (CVE-2025-43510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-20131 KEV [KEV] Unsafe Deserialization in Cisco secure-firewall-management-center-fmc (CVE-2026-20131)
vulnerability in Cisco secure-firewall-management-center-fmc (CVE-2026-20131). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-33001 Vulnerability in org.jenkins-ci.main:jenkins-core (CVE-2026-33001)
vulnerability in org.jenkins-ci.main:jenkins-core (CVE-2026-33001). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.555` or later.
CVE-2026-20963 KEV [KEV] Unsafe Deserialization in Microsoft sharepoint (CVE-2026-20963)
vulnerability in Microsoft sharepoint (CVE-2026-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66376 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-50881 Code Injection in CVE-2025-50881 (CVE-2025-50881)
code injection in CVE-2025-50881 (CVE-2025-50881). Successful exploitation can lead to full system takeover. Exploitable via ``action``.
CVE-2026-29516 Vulnerability in buffaloamericas (CVE-2026-29516)
vulnerability in buffaloamericas (CVE-2026-29516). Confidential information can be exposed externally.
CVE-2026-3227 OS Command Injection in tp-link (CVE-2026-3227)
OS command injection in tp-link (CVE-2026-3227). Successful exploitation can lead to full system takeover.
CVE-2016-20026 Vulnerability in apache (CVE-2016-20026)
vulnerability in apache (CVE-2016-20026). Successful exploitation can lead to full system takeover.
CVE-2025-47813 KEV [KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-2673 Vulnerability in openssl (CVE-2026-2673)
vulnerability in openssl (CVE-2026-2673). Risk of unauthorized operations or information disclosure.
CVE-2026-23942 Path Traversal in path-traversal (CVE-2026-23942)
path traversal in path-traversal (CVE-2026-23942). Risk of unauthorized operations or information disclosure.
CVE-2026-23943 Vulnerability in dos (CVE-2026-23943)
vulnerability in dos (CVE-2026-23943). Risk of unauthorized operations or information disclosure.
CVE-2026-23941 Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
CVE-2026-3910 KEV [KEV] Buffer Overflow in Google chromium-v8 (CVE-2026-3910)
vulnerability in Google chromium-v8 (CVE-2026-3910). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-3909 KEV [KEV] Out-of-Bounds Write in Google skia (CVE-2026-3909)
out-of-bounds write in Google skia (CVE-2026-3909). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-13913 Unsafe Deserialization in inductiveautomation (CVE-2025-13913)
vulnerability in inductiveautomation (CVE-2025-13913). Successful exploitation can lead to full system takeover.
CVE-2023-43010 Out-of-Bounds Write in apple (CVE-2023-43010)
out-of-bounds write in apple (CVE-2023-43010). Successful exploitation can lead to full system takeover.
CVE-2026-20046 Vulnerability in cisco (CVE-2026-20046)
vulnerability in cisco (CVE-2026-20046). Successful exploitation can lead to full system takeover.
CVE-2025-68613 KEV [KEV] Vulnerability in n8n (CVE-2025-68613)
vulnerability in n8n (CVE-2025-68613). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-26134 Vulnerability in microsoft (CVE-2026-26134)
vulnerability in microsoft (CVE-2026-26134). Successful exploitation can lead to full system takeover.
CVE-2026-26110 Vulnerability in microsoft (CVE-2026-26110)
vulnerability in microsoft (CVE-2026-26110). Successful exploitation can lead to full system takeover.
CVE-2026-25180 Out-of-Bounds Read in microsoft (CVE-2026-25180)
vulnerability in microsoft (CVE-2026-25180). Confidential information can be exposed externally.
CVE-2026-24285 Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-28691 Vulnerability in imagemagick (CVE-2026-28691)
vulnerability in imagemagick (CVE-2026-28691). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.2-16` or later.
CVE-2026-28693 Out-of-Bounds Read in imagemagick (CVE-2026-28693)
vulnerability in imagemagick (CVE-2026-28693). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2-16` or later.
CVE-2026-25604 Vulnerability in apache (CVE-2026-25604)
vulnerability in apache (CVE-2026-25604). Risk of unauthorized operations or information disclosure.
CVE-2026-1603 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603)
vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-26399 KEV [KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-26399)
vulnerability in Solarwinds web-help-desk (CVE-2025-26399). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →