Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12009 |
|
Vulnerability in google (CVE-2026-12009)
vulnerability in google (CVE-2026-12009). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12010 |
|
Vulnerability in google (CVE-2026-12010)
vulnerability in google (CVE-2026-12010). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12014 |
|
Use-After-Free in google (CVE-2026-12014)
vulnerability in google (CVE-2026-12014). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12013 |
|
Use-After-Free in google (CVE-2026-12013)
vulnerability in google (CVE-2026-12013). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12012 |
|
Use-After-Free in google (CVE-2026-12012)
vulnerability in google (CVE-2026-12012). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12011 |
|
Use-After-Free in google (CVE-2026-12011)
vulnerability in google (CVE-2026-12011). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12008 |
|
Use-After-Free in google (CVE-2026-12008)
vulnerability in google (CVE-2026-12008). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12007 |
|
Use-After-Free in Google chrome (CVE-2026-12007)
vulnerability in Google chrome (CVE-2026-12007). Successful exploitation can lead to full system takeover.
|
| CVE-2025-27511 |
|
Vulnerability in org.geoserver.extension:gs-db2 (CVE-2025-27511)
vulnerability in org.geoserver.extension:gs-db2 (CVE-2025-27511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.27.0` or later.
|
| CVE-2026-45175 |
|
Vulnerability in paloaltonetworks (CVE-2026-45175)
vulnerability in paloaltonetworks (CVE-2026-45175). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45176 |
|
Privilege Escalation in paloaltonetworks (CVE-2026-45176)
vulnerability in paloaltonetworks (CVE-2026-45176). Successful exploitation can lead to full system takeover.
|
| CVE-2025-46315 |
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
|
| CVE-2025-24284 |
|
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
|
| CVE-2025-31272 |
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
|
| CVE-2026-46697 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46697)
SSRF in wordpress (CVE-2026-46697). Confidential information can be exposed externally.
|
| CVE-2026-7787 |
|
Vulnerability in langflow (CVE-2026-7787)
vulnerability in langflow (CVE-2026-7787). Confidential information can be exposed externally.
|
| CVE-2026-6552 |
|
Vulnerability in gitlab (CVE-2026-6552)
vulnerability in gitlab (CVE-2026-6552). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-8589 |
|
Cross-Site Scripting (XSS) in gitlab (CVE-2026-8589)
cross-site scripting in gitlab (CVE-2026-8589). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-7250 |
|
Vulnerability in gitlab (CVE-2026-7250)
vulnerability in gitlab (CVE-2026-7250). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-10087 |
|
Cross-Site Scripting (XSS) in gitlab (CVE-2026-10087)
cross-site scripting in gitlab (CVE-2026-10087). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-53461 |
|
Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-53461)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-53461). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-53460 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-50223 |
|
Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49218 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-47342 |
|
Vulnerability in apache (CVE-2026-47342)
vulnerability in apache (CVE-2026-47342). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26758 |
|
Vulnerability in apple (CVE-2022-26758)
vulnerability in apple (CVE-2022-26758). Confidential information can be exposed externally.
|
| CVE-2026-1220 |
|
Vulnerability in google (CVE-2026-1220)
vulnerability in google (CVE-2026-1220). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49759 |
|
Vulnerability in c (CVE-2026-49759)
vulnerability in c (CVE-2026-49759). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45569 |
|
Path Traversal in c (CVE-2026-45569)
path traversal in c (CVE-2026-45569). Confidential information can be exposed externally.
|
| CVE-2026-45567 |
|
Authentication Bypass in nginx (CVE-2026-45567)
authentication bypass in nginx (CVE-2026-45567). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45565 |
|
Vulnerability in nginx (CVE-2026-45565)
vulnerability in nginx (CVE-2026-45565). Confidential information can be exposed externally.
|
| CVE-2026-25700 |
|
Vulnerability in apache (CVE-2026-25700)
vulnerability in apache (CVE-2026-25700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45564 |
|
OS Command Injection in c (CVE-2026-45564)
OS command injection in c (CVE-2026-45564). Successful exploitation can lead to full system takeover. Exploitable via `POST /config/versions/`.
|
| CVE-2026-45549 |
|
Vulnerability in nginx (CVE-2026-45549)
vulnerability in nginx (CVE-2026-45549). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53435 |
|
Unsafe Deserialization in jenkins (CVE-2026-53435)
vulnerability in jenkins (CVE-2026-53435). Successful exploitation can lead to full system takeover. Exploitable via ``config.xml``. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-24719 |
|
OS Command Injection in qnap (CVE-2026-24719)
OS command injection in qnap (CVE-2026-24719). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24716 |
|
Vulnerability in dos (CVE-2026-24716)
vulnerability in dos (CVE-2026-24716). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22893 |
|
OS Command Injection in qnap (CVE-2026-22893)
OS command injection in qnap (CVE-2026-22893). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66281 |
|
Vulnerability in dos (CVE-2025-66281)
vulnerability in dos (CVE-2025-66281). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66280 |
|
Vulnerability in qnap (CVE-2025-66280)
vulnerability in qnap (CVE-2025-66280). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66279 |
|
OS Command Injection in qnap (CVE-2025-66279)
OS command injection in qnap (CVE-2025-66279). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66273 |
|
OS Command Injection in qnap (CVE-2025-66273)
OS command injection in qnap (CVE-2025-66273). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41732 |
|
Unsafe Deserialization in apache (CVE-2026-41732)
vulnerability in apache (CVE-2026-41732). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41731 |
|
Unsafe Deserialization in org.springframework.kafka:spring-kafka (CVE-2026-41731)
vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41731). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41716 |
|
Vulnerability in broadcom (CVE-2026-41716)
vulnerability in broadcom (CVE-2026-41716). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41695 |
|
Vulnerability in dos (CVE-2026-41695)
vulnerability in dos (CVE-2026-41695). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34711 |
|
Vulnerability in adobe (CVE-2026-34711)
vulnerability in adobe (CVE-2026-34711). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47960 |
|
XXE (XML External Entity) in adobe (CVE-2026-47960)
vulnerability in adobe (CVE-2026-47960). Confidential information can be exposed externally.
|
| CVE-2026-47952 |
|
Vulnerability in adobe (CVE-2026-47952)
vulnerability in adobe (CVE-2026-47952). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47929 |
|
Authorization Flaw in adobe (CVE-2026-47929)
vulnerability in adobe (CVE-2026-47929). Successful exploitation can lead to full system takeover.
|