Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2026-21513 KEV [KEV] Vulnerability in Microsoft windows (CVE-2026-21513)
vulnerability in Microsoft windows (CVE-2026-21513). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-24423 KEV [KEV] Vulnerability in Smartertools smartermail (CVE-2026-24423)
vulnerability in Smartertools smartermail (CVE-2026-24423). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-11953 KEV [KEV] OS Command Injection in React native community react-native-community (CVE-2025-11953)
OS command injection in React native community react-native-community (CVE-2025-11953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-64328 KEV [KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328)
OS command injection in Sangoma freepbx (CVE-2025-64328). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-40551 KEV [KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-40551)
vulnerability in Solarwinds web-help-desk (CVE-2025-40551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-19006 KEV [KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006)
authentication bypass in Sangoma freepbx (CVE-2019-19006). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2021-39935 KEV [KEV] SSRF (Server-Side Request Forgery) in Gitlab community-and-enterprise-editions (CVE-2021-39935)
SSRF in Gitlab community-and-enterprise-editions (CVE-2021-39935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24293 Command Injection in CVE-2025-24293 (CVE-2025-24293)
command injection in CVE-2025-24293 (CVE-2025-24293). Successful exploitation can lead to full system takeover.
CGA-7jqj-8457-jm46 Vulnerability in amazon-ecs-agent-fips (CGA-7jqj-8457-jm46)
vulnerability in amazon-ecs-agent-fips (CGA-7jqj-8457-jm46). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.100.1-r2` or later.
CVE-2026-1281 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-24869 Use-After-Free in mozilla (CVE-2026-24869)
vulnerability in mozilla (CVE-2026-24869). Successful exploitation can lead to full system takeover.
CVE-2026-22795 Vulnerability in dos (CVE-2026-22795)
vulnerability in dos (CVE-2026-22795). Risk of unauthorized operations or information disclosure.
CVE-2025-69420 Vulnerability in dos (CVE-2025-69420)
vulnerability in dos (CVE-2025-69420). Risk of unauthorized operations or information disclosure.
CVE-2025-69421 Vulnerability in dos (CVE-2025-69421)
vulnerability in dos (CVE-2025-69421). Risk of unauthorized operations or information disclosure.
CVE-2025-69419 Out-of-Bounds Write in dos (CVE-2025-69419)
out-of-bounds write in dos (CVE-2025-69419). Confidential information can be exposed externally.
CVE-2025-69418 Vulnerability in openssl (CVE-2025-69418)
vulnerability in openssl (CVE-2025-69418). Risk of unauthorized operations or information disclosure.
CVE-2025-68160 Out-of-Bounds Write in dos (CVE-2025-68160)
out-of-bounds write in dos (CVE-2025-68160). Risk of unauthorized operations or information disclosure.
CVE-2025-15467 Out-of-Bounds Write in cisa (CVE-2025-15467)
out-of-bounds write in cisa (CVE-2025-15467). Successful exploitation can lead to full system takeover.
CVE-2026-21721 Authorization Flaw in privilege-escalation (CVE-2026-21721)
vulnerability in privilege-escalation (CVE-2026-21721). Confidential information can be exposed externally.
CVE-2026-21720 Vulnerability in grafana (CVE-2026-21720)
vulnerability in grafana (CVE-2026-21720). Risk of unauthorized operations or information disclosure.
CVE-2026-24858 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858)
vulnerability in Fortinet multiple-products (CVE-2026-24858). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-23760 KEV [KEV] Vulnerability in Smartertools smartermail (CVE-2026-23760)
vulnerability in Smartertools smartermail (CVE-2026-23760). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-14634 KEV [KEV] Vulnerability in Linux kernel (CVE-2018-14634)
vulnerability in Linux kernel (CVE-2018-14634). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-52691 KEV [KEV] Unrestricted File Upload in Smartertools smartermail (CVE-2025-52691)
vulnerability in Smartertools smartermail (CVE-2025-52691). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-24061 KEV [KEV] Vulnerability in Gnu inetutils (CVE-2026-24061)
vulnerability in Gnu inetutils (CVE-2026-24061). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-21509 KEV [KEV] Vulnerability in Microsoft office (CVE-2026-21509)
vulnerability in Microsoft office (CVE-2026-21509). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-52023 Vulnerability in aptsys (CVE-2025-52023)
vulnerability in aptsys (CVE-2025-52023). Risk of unauthorized operations or information disclosure.
CVE-2025-52022 Vulnerability in aptsys (CVE-2025-52022)
vulnerability in aptsys (CVE-2025-52022). Risk of unauthorized operations or information disclosure.
CVE-2024-37079 KEV [KEV] Out-of-Bounds Write in Broadcom vmware-vcenter-server (CVE-2024-37079)
out-of-bounds write in Broadcom vmware-vcenter-server (CVE-2024-37079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-54313 KEV [KEV] Vulnerability in prettier (CVE-2025-54313)
vulnerability in prettier (CVE-2025-54313). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-34026 KEV [KEV] Vulnerability in Versa concerto (CVE-2025-34026)
vulnerability in Versa concerto (CVE-2025-34026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-31125 KEV [KEV] Information Disclosure in vite (CVE-2025-31125)
vulnerability in vite (CVE-2025-31125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-68645 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2025-68645)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2025-68645). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-20045 KEV [KEV] Code Injection in Cisco unified-communications-manager (CVE-2026-20045)
code injection in Cisco unified-communications-manager (CVE-2026-20045). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-23876 Vulnerability in imagemagick (CVE-2026-23876)
vulnerability in imagemagick (CVE-2026-23876). Successful exploitation can lead to full system takeover.
CVE-2025-25249 Vulnerability in fortinet (CVE-2025-25249)
vulnerability in fortinet (CVE-2025-25249). Successful exploitation can lead to full system takeover.
CVE-2026-0878 Vulnerability in mozilla (CVE-2026-0878)
vulnerability in mozilla (CVE-2026-0878). Confidential information can be exposed externally.
CVE-2026-0879 Buffer Overflow in mozilla (CVE-2026-0879)
vulnerability in mozilla (CVE-2026-0879). Successful exploitation can lead to full system takeover.
CVE-2026-0877 Vulnerability in mozilla (CVE-2026-0877)
vulnerability in mozilla (CVE-2026-0877). Confidential information can be exposed externally.
CVE-2026-0891 Buffer Overflow in mozilla (CVE-2026-0891)
vulnerability in mozilla (CVE-2026-0891). Successful exploitation can lead to full system takeover.
CVE-2026-0882 Use-After-Free in mozilla (CVE-2026-0882)
vulnerability in mozilla (CVE-2026-0882). Successful exploitation can lead to full system takeover.
CVE-2026-0880 Vulnerability in mozilla (CVE-2026-0880)
vulnerability in mozilla (CVE-2026-0880). Successful exploitation can lead to full system takeover.
CVE-2026-0881 Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147.
Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147.
CVE-2026-20805 KEV [KEV] Information Disclosure in Microsoft windows (CVE-2026-20805)
vulnerability in Microsoft windows (CVE-2026-20805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-22771 Code Injection in envoyproxy (CVE-2026-22771)
code injection in envoyproxy (CVE-2026-22771). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.7` or later.
CVE-2025-8110 KEV [KEV] Path Traversal in gogs (CVE-2025-8110)
path traversal in gogs (CVE-2025-8110). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-68493 XXE (XML External Entity) in apache (CVE-2025-68493)
vulnerability in apache (CVE-2025-68493). Confidential information can be exposed externally.
CVE-2025-9222 Cross-Site Scripting (XSS) in gitlab (CVE-2025-9222)
cross-site scripting in gitlab (CVE-2025-9222). Confidential information can be exposed externally.
CVE-2025-13772 Vulnerability in gitlab (CVE-2025-13772)
vulnerability in gitlab (CVE-2025-13772). Confidential information can be exposed externally.
CVE-2025-13761 Cross-Site Scripting (XSS) in c (CVE-2025-13761)
cross-site scripting in c (CVE-2025-13761). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →