Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-6174 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6174)
cross-site scripting in wordpress (CVE-2026-6174). Risk of unauthorized operations or information disclosure.
CVE-2026-6510 Vulnerability in wordpress (CVE-2026-6510)
vulnerability in wordpress (CVE-2026-6510). Successful exploitation can lead to full system takeover.
CVE-2026-6670 Path Traversal in wordpress (CVE-2026-6670)
path traversal in wordpress (CVE-2026-6670). Confidential information can be exposed externally.
CVE-2026-5365 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-5365)
vulnerability in wordpress (CVE-2026-5365). Risk of unauthorized operations or information disclosure.
CVE-2026-5395 Vulnerability in wordpress (CVE-2026-5395)
vulnerability in wordpress (CVE-2026-5395). Confidential information can be exposed externally.
CVE-2026-6225 SQL Injection in wordpress (CVE-2026-6225)
SQL injection in wordpress (CVE-2026-6225). Confidential information can be exposed externally.
CVE-2026-6252 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6252)
cross-site scripting in wordpress (CVE-2026-6252). Risk of unauthorized operations or information disclosure.
CVE-2026-6271 Unrestricted File Upload in wordpress (CVE-2026-6271)
vulnerability in wordpress (CVE-2026-6271). Successful exploitation can lead to full system takeover.
CVE-2026-6506 Vulnerability in wordpress (CVE-2026-6506)
vulnerability in wordpress (CVE-2026-6506). Successful exploitation can lead to full system takeover.
CVE-2026-3718 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3718)
cross-site scripting in wordpress (CVE-2026-3718). Risk of unauthorized operations or information disclosure.
CVE-2026-3892 Vulnerability in wordpress (CVE-2026-3892)
vulnerability in wordpress (CVE-2026-3892). Data can be tampered with by attackers.
CVE-2026-5193 Privilege Escalation in wordpress (CVE-2026-5193)
vulnerability in wordpress (CVE-2026-5193). Data can be tampered with by attackers.
CVE-2026-3694 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3694)
cross-site scripting in wordpress (CVE-2026-3694). Risk of unauthorized operations or information disclosure.
CVE-2026-8181 Authentication Bypass in wordpress (CVE-2026-8181)
authentication bypass in wordpress (CVE-2026-8181). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`.
CVE-2026-7481 Cross-Site Scripting (XSS) in gitlab (CVE-2026-7481)
cross-site scripting in gitlab (CVE-2026-7481). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-7377 Cross-Site Scripting (XSS) in gitlab (CVE-2026-7377)
cross-site scripting in gitlab (CVE-2026-7377). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-6335 Cross-Site Scripting (XSS) in gitlab (CVE-2026-6335)
cross-site scripting in gitlab (CVE-2026-6335). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.11.3` or later.
CVE-2026-8144 Vulnerability in gitlab (CVE-2026-8144)
vulnerability in gitlab (CVE-2026-8144). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-7471 SSRF (Server-Side Request Forgery) in gitlab (CVE-2026-7471)
SSRF in gitlab (CVE-2026-7471). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-6883 Vulnerability in gitlab (CVE-2026-6883)
vulnerability in gitlab (CVE-2026-6883). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-8280 Vulnerability in gitlab (CVE-2026-8280)
vulnerability in gitlab (CVE-2026-8280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-1322 Vulnerability in gitlab (CVE-2026-1322)
vulnerability in gitlab (CVE-2026-1322). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-1338 Vulnerability in gitlab (CVE-2026-1338)
vulnerability in gitlab (CVE-2026-1338). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2025-14870 Vulnerability in gitlab (CVE-2025-14870)
vulnerability in gitlab (CVE-2025-14870). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-2900 Vulnerability in gitlab (CVE-2026-2900)
vulnerability in gitlab (CVE-2026-2900). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-4527 Cross-Site Request Forgery (CSRF) in gitlab (CVE-2026-4527)
vulnerability in gitlab (CVE-2026-4527). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-1659 Vulnerability in gitlab (CVE-2026-1659)
vulnerability in gitlab (CVE-2026-1659). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-1184 Unsafe Deserialization in gitlab (CVE-2026-1184)
vulnerability in gitlab (CVE-2026-1184). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-3074 Vulnerability in gitlab (CVE-2026-3074)
vulnerability in gitlab (CVE-2026-3074). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-6063 Vulnerability in gitlab (CVE-2026-6063)
vulnerability in gitlab (CVE-2026-6063). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-4524 Vulnerability in gitlab (CVE-2026-4524)
vulnerability in gitlab (CVE-2026-4524). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-3160 Vulnerability in gitlab (CVE-2026-3160)
vulnerability in gitlab (CVE-2026-3160). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-3073 Vulnerability in gitlab (CVE-2026-3073)
vulnerability in gitlab (CVE-2026-3073). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-6073 Cross-Site Scripting (XSS) in gitlab (CVE-2026-6073)
cross-site scripting in gitlab (CVE-2026-6073). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-3607 Vulnerability in gitlab (CVE-2026-3607)
vulnerability in gitlab (CVE-2026-3607). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-6417 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6417)
cross-site scripting in wordpress (CVE-2026-6417). Risk of unauthorized operations or information disclosure.
CVE-2026-5396 Vulnerability in wordpress (CVE-2026-5396)
vulnerability in wordpress (CVE-2026-5396). Confidential information can be exposed externally. Exploitable via ``form_id``.
CVE-2025-15345 Vulnerability in wordpress (CVE-2025-15345)
vulnerability in wordpress (CVE-2025-15345). Risk of unauthorized operations or information disclosure.
CVE-2026-5243 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5243)
cross-site scripting in wordpress (CVE-2026-5243). Risk of unauthorized operations or information disclosure. Exploitable via ``menu_hover_click``.
CVE-2026-3829 Vulnerability in wordpress (CVE-2026-3829)
vulnerability in wordpress (CVE-2026-3829). Risk of unauthorized operations or information disclosure.
CVE-2025-12669 Code Injection in gitlab (CVE-2025-12669)
code injection in gitlab (CVE-2025-12669). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2025-14869 Vulnerability in gitlab (CVE-2025-14869)
vulnerability in gitlab (CVE-2025-14869). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2025-13874 Vulnerability in gitlab (CVE-2025-13874)
vulnerability in gitlab (CVE-2025-13874). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-7648 Vulnerability in wordpress (CVE-2026-7648)
vulnerability in wordpress (CVE-2026-7648). Risk of unauthorized operations or information disclosure.
CVE-2026-7525 Vulnerability in wordpress (CVE-2026-7525)
vulnerability in wordpress (CVE-2026-7525). Risk of unauthorized operations or information disclosure.
CVE-2026-5361 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5361)
cross-site scripting in wordpress (CVE-2026-5361). Risk of unauthorized operations or information disclosure.
CVE-2026-5486 SQL Injection in wordpress (CVE-2026-5486)
SQL injection in wordpress (CVE-2026-5486). Confidential information can be exposed externally.
CVE-2026-46419 Vulnerability in CVE-2026-46419 (CVE-2026-46419)
vulnerability in CVE-2026-46419 (CVE-2026-46419). Successful exploitation can lead to full system takeover.
CVE-2026-46300 Out-of-Bounds Write in Amazon aws (CVE-2026-46300)
out-of-bounds write in Amazon aws (CVE-2026-46300). Successful exploitation can lead to full system takeover.
CVE-2026-44194 OS Command Injection in opnsense (CVE-2026-44194)
OS command injection in opnsense (CVE-2026-44194). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `26.1.8` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →