Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| ROOT-OS-DEBIAN-11-CVE-2021-47432 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2021-47432)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2021-47432). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-37819 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37819)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37819). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-43900 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-43900)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-43900). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-38576 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38576)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38576). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-37958 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37958)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37958). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-56703 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-56703)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-56703). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2026-31431 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-31431)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-31431). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2026-43024 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43024)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43024). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-37909 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37909)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37909). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2023-53197 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2023-53197)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2023-53197). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-49917 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-49917)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-49917). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2026-43025 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43025)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43025). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-71228 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-71228)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-71228). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-26807 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-26807)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-26807). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251-3.root.io.76, 5.10.251-3.root.io.78, 5.10.251-3.root.io.79, 5.10.251-3.root.io.77, 5.10.251-3.root.io.75` or later.
|
| CVE-2026-8136 |
|
Cross-Site Scripting (XSS) in CVE-2026-8136 (CVE-2026-8136)
cross-site scripting in CVE-2026-8136 (CVE-2026-8136). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8133 |
|
Vulnerability in sqli (CVE-2026-8133)
vulnerability in sqli (CVE-2026-8133). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8132 |
|
Vulnerability in sqli (CVE-2026-8132)
vulnerability in sqli (CVE-2026-8132). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44298 |
|
Path Traversal in kimai/kimai (CVE-2026-44298)
path traversal in kimai/kimai (CVE-2026-44298). Risk of unauthorized operations or information disclosure. Exploitable via ``ROLE_SYSTE_ADMIN``. Mitigation: upgrade to `2.56` or later.
|
| CVE-2026-8131 |
|
Vulnerability in sqli (CVE-2026-8131)
vulnerability in sqli (CVE-2026-8131). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8130 |
|
Vulnerability in sqli (CVE-2026-8130)
vulnerability in sqli (CVE-2026-8130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8129 |
|
Vulnerability in sqli (CVE-2026-8129)
vulnerability in sqli (CVE-2026-8129). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8126 |
|
Vulnerability in sqli (CVE-2026-8126)
vulnerability in sqli (CVE-2026-8126). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8127 |
|
Vulnerability in CVE-2026-8127 (CVE-2026-8127)
vulnerability in CVE-2026-8127 (CVE-2026-8127). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8128 |
|
Vulnerability in sqli (CVE-2026-8128)
vulnerability in sqli (CVE-2026-8128). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8125 |
|
Vulnerability in sqli (CVE-2026-8125)
vulnerability in sqli (CVE-2026-8125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8117 |
|
Cross-Site Scripting (XSS) in CVE-2026-8117 (CVE-2026-8117)
cross-site scripting in CVE-2026-8117 (CVE-2026-8117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42208 KEV |
|
[KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
|
| CVE-2026-42826 |
|
Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35435 |
|
Vulnerability in microsoft (CVE-2026-35435)
vulnerability in microsoft (CVE-2026-35435). Confidential information can be exposed externally.
|
| CVE-2026-35428 |
|
Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34327 |
|
Vulnerability in microsoft (CVE-2026-34327)
vulnerability in microsoft (CVE-2026-34327). Confidential information can be exposed externally.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33823 |
|
Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
|
| CVE-2026-33109 |
|
Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32207 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2026-32207)
cross-site scripting in microsoft (CVE-2026-32207). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26164 |
|
Vulnerability in microsoft (CVE-2026-26164)
vulnerability in microsoft (CVE-2026-26164). Confidential information can be exposed externally.
|
| CVE-2026-26129 |
|
Vulnerability in microsoft (CVE-2026-26129)
vulnerability in microsoft (CVE-2026-26129). Confidential information can be exposed externally.
|
| CVE-2026-8087 |
|
Buffer Overflow in c (CVE-2026-8087)
vulnerability in c (CVE-2026-8087). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8088 |
|
Buffer Overflow in c (CVE-2026-8088)
vulnerability in c (CVE-2026-8088). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8086 |
|
Buffer Overflow in gdal (CVE-2026-8086)
vulnerability in gdal (CVE-2026-8086). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8084 |
|
Buffer Overflow in gdal (CVE-2026-8084)
vulnerability in gdal (CVE-2026-8084). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41906 |
|
Vulnerability in laravel (CVE-2026-41906)
vulnerability in laravel (CVE-2026-41906). Data can be tampered with by attackers.
|
| CVE-2026-41902 |
|
Vulnerability in laravel (CVE-2026-41902)
vulnerability in laravel (CVE-2026-41902). Confidential information can be exposed externally. Exploitable via `Referer header`.
|
| CVE-2026-36458 |
|
Code Injection in sqli (CVE-2026-36458)
code injection in sqli (CVE-2026-36458). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30496 |
|
Vulnerability in android (CVE-2026-30496)
vulnerability in android (CVE-2026-30496). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8094 |
|
Code Injection in firefox (CVE-2026-8094)
code injection in firefox (CVE-2026-8094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8091 |
|
Vulnerability in firefox (CVE-2026-8091)
vulnerability in firefox (CVE-2026-8091). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8090 |
|
Use-After-Free in mozilla (CVE-2026-8090)
vulnerability in mozilla (CVE-2026-8090). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7924 |
|
Vulnerability in chromium (CVE-2026-7924)
vulnerability in chromium (CVE-2026-7924). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-7925 |
|
Vulnerability in chromium (CVE-2026-7925)
vulnerability in chromium (CVE-2026-7925). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|