Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-10892 |
|
Out-of-Bounds Write in google (CVE-2026-10892)
out-of-bounds write in google (CVE-2026-10892). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10886 |
|
Use-After-Free in google (CVE-2026-10886)
vulnerability in google (CVE-2026-10886). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10881 |
|
Out-of-Bounds Read in Google chrome (CVE-2026-10881)
vulnerability in Google chrome (CVE-2026-10881). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50076 |
|
Unsafe Deserialization in apache (CVE-2026-50076)
vulnerability in apache (CVE-2026-50076). Confidential information can be exposed externally.
|
| CVE-2019-25738 |
|
Vulnerability in wordpress (CVE-2019-25738)
vulnerability in wordpress (CVE-2019-25738). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25729 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2019-25729)
vulnerability in csrf (CVE-2019-25729). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25727 |
|
Path Traversal in wordpress (CVE-2019-25727)
path traversal in wordpress (CVE-2019-25727). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47065 |
|
Unsafe Deserialization in apache (CVE-2026-47065)
vulnerability in apache (CVE-2026-47065). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42252 |
|
Vulnerability in apache-airflow (CVE-2026-42252)
vulnerability in apache-airflow (CVE-2026-42252). Confidential information can be exposed externally. Exploitable via ``Dag.can_trigger``. Mitigation: upgrade to `3.2.2` or later.
|
| CVE-2018-25412 |
|
Vulnerability in deltasql-project (CVE-2018-25412)
vulnerability in deltasql-project (CVE-2018-25412). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46376 |
|
Vulnerability in sangoma (CVE-2026-46376)
vulnerability in sangoma (CVE-2026-46376). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.45` or later.
|
| CVE-2026-9559 |
|
Path Traversal in mautic/core (CVE-2026-9559)
path traversal in mautic/core (CVE-2026-9559). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2` or later.
|
| CVE-2026-9967 |
|
Out-of-Bounds Write in google (CVE-2026-9967)
out-of-bounds write in google (CVE-2026-9967). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9918 |
|
Privilege Escalation in google (CVE-2026-9918)
vulnerability in google (CVE-2026-9918). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9881 |
|
Use-After-Free in google (CVE-2026-9881)
vulnerability in google (CVE-2026-9881). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9886 |
|
Use-After-Free in google (CVE-2026-9886)
vulnerability in google (CVE-2026-9886). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9891 |
|
Use-After-Free in google (CVE-2026-9891)
vulnerability in google (CVE-2026-9891). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9876 |
|
Use-After-Free in google (CVE-2026-9876)
vulnerability in google (CVE-2026-9876). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9875 |
|
Out-of-Bounds Read in google (CVE-2026-9875)
vulnerability in google (CVE-2026-9875). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9874 |
|
Use-After-Free in google (CVE-2026-9874)
vulnerability in google (CVE-2026-9874). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9872 |
|
Out-of-Bounds Write in Google chrome (CVE-2026-9872)
out-of-bounds write in Google chrome (CVE-2026-9872). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46817 |
|
Privilege Escalation in c (CVE-2026-46817)
vulnerability in c (CVE-2026-46817). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46819 |
|
Vulnerability in c (CVE-2026-46819)
vulnerability in c (CVE-2026-46819). Confidential information can be exposed externally.
|
| CVE-2026-24444 |
|
Vulnerability in CVE-2026-24444 (CVE-2026-24444)
vulnerability in CVE-2026-24444 (CVE-2026-24444). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4408 |
|
OS Command Injection in redhat (CVE-2026-4408)
OS command injection in redhat (CVE-2026-4408). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7524 |
|
Path Traversal in langflow (CVE-2026-7524)
path traversal in langflow (CVE-2026-7524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9170 |
|
Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48904 |
|
Vulnerability in joomla (CVE-2026-48904)
vulnerability in joomla (CVE-2026-48904). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-48898 |
|
Joomla! Core - [20260513] - Privilege escalation through com_users batch task
Joomla! Core - [20260513] - Privilege escalation through com_users batch task
|
| CVE-2026-48899 |
|
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
|
| CVE-2026-48902 |
|
Vulnerability in joomla (CVE-2026-48902)
vulnerability in joomla (CVE-2026-48902). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-40383 |
|
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
|
| CVE-2026-35223 |
|
Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
|
| CVE-2026-35221 |
|
SQL Injection in joomla (CVE-2026-35221)
SQL injection in joomla (CVE-2026-35221). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-35222 |
|
Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
|
| CVE-2026-48687 |
|
OS Command Injection in c (CVE-2026-48687)
OS command injection in c (CVE-2026-48687). Successful exploitation can lead to full system takeover. Exploitable via ``date``.
|
| CVE-2026-4480 |
|
OS Command Injection in redhat (CVE-2026-4480)
OS command injection in redhat (CVE-2026-4480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45247 KEV |
|
[KEV] Unsafe Deserialization in Mirasvit full-page-cache-warmer (CVE-2026-45247)
vulnerability in Mirasvit full-page-cache-warmer (CVE-2026-45247). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2018-25357 |
|
Code Injection in dolibarr/dolibarr (CVE-2018-25357)
code injection in dolibarr/dolibarr (CVE-2018-25357). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.0.8` or later.
|
| CVE-2018-25350 |
|
Vulnerability in CVE-2018-25350 (CVE-2018-25350)
vulnerability in CVE-2018-25350 (CVE-2018-25350). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23652 |
|
Command Injection in microsoft (CVE-2026-23652)
command injection in microsoft (CVE-2026-23652). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8670 |
|
Vulnerability in avantra (CVE-2026-8670)
vulnerability in avantra (CVE-2026-8670). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44930 |
|
Vulnerability in org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (CVE-2026-44930)
vulnerability in org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (CVE-2026-44930). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.6.11` or later.
|
| CVE-2026-48207 |
|
Unsafe Deserialization in pyfory (CVE-2026-48207)
vulnerability in pyfory (CVE-2026-48207). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.0` or later.
|
| CVE-2026-6279 |
|
Vulnerability in wordpress (CVE-2026-6279)
vulnerability in wordpress (CVE-2026-6279). Successful exploitation can lead to full system takeover. Exploitable via ``wp_conditional_tags``.
|
| CVE-2026-7637 |
|
Unsafe Deserialization in wordpress (CVE-2026-7637)
vulnerability in wordpress (CVE-2026-7637). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6555 |
|
Unrestricted File Upload in wordpress (CVE-2026-6555)
vulnerability in wordpress (CVE-2026-6555). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34234 |
|
OS Command Injection in CVE-2026-34234 (CVE-2026-34234)
OS command injection in CVE-2026-34234 (CVE-2026-34234). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8605 |
|
Vulnerability in scadabr (CVE-2026-8605)
vulnerability in scadabr (CVE-2026-8605). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8603 |
|
OS Command Injection in scadabr (CVE-2026-8603)
OS command injection in scadabr (CVE-2026-8603). Successful exploitation can lead to full system takeover.
|