Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-33557 |
|
Vulnerability in apache (CVE-2026-33557)
vulnerability in apache (CVE-2026-33557). Confidential information can be exposed externally. Exploitable via ``sasl.oauthbearer.jwt.validator.class``.
|
| CVE-2026-31843 |
|
Vulnerability in laravel (CVE-2026-31843)
vulnerability in laravel (CVE-2026-31843). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6296 |
|
Vulnerability in google (CVE-2026-6296)
vulnerability in google (CVE-2026-6296). Successful exploitation can lead to full system takeover.
|
| CVE-2025-41118 |
|
Vulnerability in c (CVE-2025-41118)
vulnerability in c (CVE-2025-41118). Confidential information can be exposed externally.
|
| CVE-2026-20186 |
|
Command Injection in dos (CVE-2026-20186)
command injection in dos (CVE-2026-20186). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31845 |
|
Cross-Site Scripting (XSS) in CVE-2026-31845 (CVE-2026-31845)
cross-site scripting in CVE-2026-31845 (CVE-2026-31845). Confidential information can be exposed externally.
|
| CVE-2026-39962 |
|
Vulnerability in misp-project (CVE-2026-39962)
vulnerability in misp-project (CVE-2026-39962). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.5.36` or later.
|
| CVE-2026-31789 |
|
Out-of-Bounds Write in openssl (CVE-2026-31789)
out-of-bounds write in openssl (CVE-2026-31789). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5734 |
|
Out-of-Bounds Write in mozilla (CVE-2026-5734)
out-of-bounds write in mozilla (CVE-2026-5734). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5731 |
|
Buffer Overflow in mozilla (CVE-2026-5731)
vulnerability in mozilla (CVE-2026-5731). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5735 |
|
Out-of-Bounds Write in mozilla (CVE-2026-5735)
out-of-bounds write in mozilla (CVE-2026-5735). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28808 |
|
Authorization Flaw in erlang (CVE-2026-28808)
vulnerability in erlang (CVE-2026-28808). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35030 |
|
Authentication Bypass in litellm (CVE-2026-35030)
authentication bypass in litellm (CVE-2026-35030). Confidential information can be exposed externally. Mitigation: upgrade to `1.83.0` or later.
|
| CVE-2026-28373 |
|
Path Traversal in path-traversal (CVE-2026-28373)
path traversal in path-traversal (CVE-2026-28373). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27876 |
|
Code Injection in grafana (CVE-2026-27876)
code injection in grafana (CVE-2026-27876). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30458 |
|
Vulnerability in thedaylightstudio (CVE-2026-30458)
vulnerability in thedaylightstudio (CVE-2026-30458). Confidential information can be exposed externally.
|
| CVE-2026-30457 |
|
Code Injection in thedaylightstudio (CVE-2026-30457)
code injection in thedaylightstudio (CVE-2026-30457). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4809 |
|
Unrestricted File Upload in laravel (CVE-2026-4809)
vulnerability in laravel (CVE-2026-4809). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33017 KEV |
|
[KEV] Vulnerability in langflow (CVE-2026-33017)
vulnerability in langflow (CVE-2026-33017). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/build_public_tmp/{flow_id}/flow`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.9.0` or later.
|
| CVE-2026-4721 |
|
Vulnerability in mozilla (CVE-2026-4721)
vulnerability in mozilla (CVE-2026-4721). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4720 |
|
Vulnerability in mozilla (CVE-2026-4720)
vulnerability in mozilla (CVE-2026-4720). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4729 |
|
Vulnerability in mozilla (CVE-2026-4729)
vulnerability in mozilla (CVE-2026-4729). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4696 |
|
Use-After-Free in mozilla (CVE-2026-4696)
vulnerability in mozilla (CVE-2026-4696). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4700 |
|
Vulnerability in mozilla (CVE-2026-4700)
vulnerability in mozilla (CVE-2026-4700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4691 |
|
Use-After-Free in mozilla (CVE-2026-4691)
vulnerability in mozilla (CVE-2026-4691). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4689 |
|
Vulnerability in mozilla (CVE-2026-4689)
vulnerability in mozilla (CVE-2026-4689). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4692 |
|
Vulnerability in mozilla (CVE-2026-4692)
vulnerability in mozilla (CVE-2026-4692). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4688 |
|
Use-After-Free in mozilla (CVE-2026-4688)
vulnerability in mozilla (CVE-2026-4688). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4698 |
|
Vulnerability in mozilla (CVE-2026-4698)
vulnerability in mozilla (CVE-2026-4698). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20026 |
|
Vulnerability in apache (CVE-2016-20026)
vulnerability in apache (CVE-2016-20026). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23941 |
|
Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
|
| CVE-2026-30789 |
|
Vulnerability in rustdesk (CVE-2026-30789)
vulnerability in rustdesk (CVE-2026-30789). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30790 |
|
Vulnerability in rustdesk (CVE-2026-30790)
vulnerability in rustdesk (CVE-2026-30790). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30783 |
|
Vulnerability in rustdesk (CVE-2026-30783)
vulnerability in rustdesk (CVE-2026-30783). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27446 |
|
Vulnerability in org.apache.activemq:artemis-server (CVE-2026-27446)
vulnerability in org.apache.activemq:artemis-server (CVE-2026-27446). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.52.0` or later.
|
| CVE-2026-28517 |
|
OS Command Injection in opendcim (CVE-2026-28517)
OS command injection in opendcim (CVE-2026-28517). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20127 KEV |
|
[KEV] Authentication Bypass in Cisco catalyst-sd-wan-controller-and-manager (CVE-2026-20127)
authentication bypass in Cisco catalyst-sd-wan-controller-and-manager (CVE-2026-20127). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2807 |
|
Out-of-Bounds Write in mozilla (CVE-2026-2807)
out-of-bounds write in mozilla (CVE-2026-2807). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2797 |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
|
| CVE-2026-2778 |
|
Buffer Overflow in mozilla (CVE-2026-2778)
vulnerability in mozilla (CVE-2026-2778). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2796 |
|
Vulnerability in mozilla (CVE-2026-2796)
vulnerability in mozilla (CVE-2026-2796). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2799 |
|
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
|
| CVE-2026-2793 |
|
Out-of-Bounds Write in mozilla (CVE-2026-2793)
out-of-bounds write in mozilla (CVE-2026-2793). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2795 |
|
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
|
| CVE-2026-2792 |
|
Out-of-Bounds Write in mozilla (CVE-2026-2792)
out-of-bounds write in mozilla (CVE-2026-2792). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2777 |
|
Privilege Escalation in privilege-escalation (CVE-2026-2777)
vulnerability in privilege-escalation (CVE-2026-2777). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2773 |
|
Buffer Overflow in mozilla (CVE-2026-2773)
vulnerability in mozilla (CVE-2026-2773). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2758 |
|
Use-After-Free in mozilla (CVE-2026-2758)
vulnerability in mozilla (CVE-2026-2758). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2762 |
|
Vulnerability in mozilla (CVE-2026-2762)
vulnerability in mozilla (CVE-2026-2762). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2761 |
|
Vulnerability in mozilla (CVE-2026-2761)
vulnerability in mozilla (CVE-2026-2761). Successful exploitation can lead to full system takeover.
|