Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2025-27852 Cross-Site Scripting (XSS) in garmin (CVE-2025-27852)
cross-site scripting in garmin (CVE-2025-27852). Risk of unauthorized operations or information disclosure.
CVE-2026-45053 Unrestricted File Upload in CVE-2026-45053 (CVE-2026-45053)
vulnerability in CVE-2026-45053 (CVE-2026-45053). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/files`. Mitigation: upgrade to `6.7.0` or later.
CVE-2026-45054 SQL Injection in CVE-2026-45054 (CVE-2026-45054)
SQL injection in CVE-2026-45054 (CVE-2026-45054). Confidential information can be exposed externally. Mitigation: upgrade to `6.7.0` or later.
CVE-2026-45055 Vulnerability in CVE-2026-45055 (CVE-2026-45055)
vulnerability in CVE-2026-45055 (CVE-2026-45055). Confidential information can be exposed externally. Exploitable via `POST /index.php`. Mitigation: upgrade to `6.7.2` or later.
CVE-2026-45708 Code Injection in CVE-2026-45708 (CVE-2026-45708)
code injection in CVE-2026-45708 (CVE-2026-45708). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.7.3` or later.
CVE-2026-44376 Cross-Site Scripting (XSS) in CVE-2026-44376 (CVE-2026-44376)
cross-site scripting in CVE-2026-44376 (CVE-2026-44376). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.7.0` or later.
CVE-2026-44377 Code Injection in CVE-2026-44377 (CVE-2026-44377)
code injection in CVE-2026-44377 (CVE-2026-44377). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.7.0` or later.
CVE-2026-42550 SQL Injection in flightphp/core (CVE-2026-42550)
SQL injection in flightphp/core (CVE-2026-42550). Successful exploitation can lead to full system takeover. Exploitable via ``UPDATE``. Mitigation: upgrade to `3.18.1` or later.
CVE-2026-42551 Vulnerability in flightphp/core (CVE-2026-42551)
vulnerability in flightphp/core (CVE-2026-42551). Data can be tampered with by attackers. Exploitable via `GET /item/42`. Mitigation: upgrade to `3.18.1` or later.
CVE-2026-42552 Vulnerability in flightphp/core (CVE-2026-42552)
vulnerability in flightphp/core (CVE-2026-42552). Confidential information can be exposed externally. Exploitable via ``flight.debug``. Mitigation: upgrade to `3.18.1` or later.
CVE-2026-42548 Cross-Site Scripting (XSS) in flightphp/core (CVE-2026-42548)
cross-site scripting in flightphp/core (CVE-2026-42548). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api`. Mitigation: upgrade to `3.18.1` or later.
CVE-2026-42549 Path Traversal in flightphp/core (CVE-2026-42549)
path traversal in flightphp/core (CVE-2026-42549). Risk of unauthorized operations or information disclosure. Exploitable via ``b8dd23a``. Mitigation: upgrade to `3.18.1` or later.
CVE-2026-0257 KEV [KEV] Vulnerability in Palo alto networks paloaltonetworks (CVE-2026-0257)
vulnerability in Palo alto networks paloaltonetworks (CVE-2026-0257). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2026-21015 Vulnerability in samsung (CVE-2026-21015)
vulnerability in samsung (CVE-2026-21015). Confidential information can be exposed externally.
CVE-2026-21016 Vulnerability in samsung (CVE-2026-21016)
vulnerability in samsung (CVE-2026-21016). Confidential information can be exposed externally.
CVE-2026-8495 Vulnerability in drupal/date_ical (CVE-2026-8495)
vulnerability in drupal/date_ical (CVE-2026-8495). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.15` or later.
CVE-2026-8493 Cross-Site Scripting (XSS) in drupal/colorbox_inline (CVE-2026-8493)
cross-site scripting in drupal/colorbox_inline (CVE-2026-8493). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.1.1` or later.
CVE-2026-8492 Vulnerability in drupal/gtranslate (CVE-2026-8492)
vulnerability in drupal/gtranslate (CVE-2026-8492). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.5` or later.
CVE-2026-8491 Vulnerability in drupal/node_view_permissions (CVE-2026-8491)
vulnerability in drupal/node_view_permissions (CVE-2026-8491). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 2.0.1` or later.
CVE-2026-44470 Vulnerability in privilege-escalation (CVE-2026-44470)
vulnerability in privilege-escalation (CVE-2026-44470). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.3834.0` or later.
CVE-2026-43488 Vulnerability in linux (CVE-2026-43488)
vulnerability in linux (CVE-2026-43488). Risk of unauthorized operations or information disclosure.
CVE-2026-43489 Vulnerability in linux (CVE-2026-43489)
vulnerability in linux (CVE-2026-43489). Risk of unauthorized operations or information disclosure.
CVE-2026-43479 Vulnerability in c (CVE-2026-43479)
vulnerability in c (CVE-2026-43479). Risk of unauthorized operations or information disclosure.
CVE-2026-43480 Vulnerability in linux (CVE-2026-43480)
vulnerability in linux (CVE-2026-43480). Risk of unauthorized operations or information disclosure.
CVE-2026-43481 Vulnerability in linux (CVE-2026-43481)
vulnerability in linux (CVE-2026-43481). Successful exploitation can lead to full system takeover.
CVE-2026-43482 Vulnerability in linux (CVE-2026-43482)
vulnerability in linux (CVE-2026-43482). Risk of unauthorized operations or information disclosure.
CVE-2026-43483 Vulnerability in linux (CVE-2026-43483)
vulnerability in linux (CVE-2026-43483). Risk of unauthorized operations or information disclosure.
CVE-2026-43484 Vulnerability in linux (CVE-2026-43484)
vulnerability in linux (CVE-2026-43484). Risk of unauthorized operations or information disclosure.
CVE-2026-43485 Vulnerability in linux (CVE-2026-43485)
vulnerability in linux (CVE-2026-43485). Risk of unauthorized operations or information disclosure.
CVE-2026-43486 Vulnerability in linux (CVE-2026-43486)
vulnerability in linux (CVE-2026-43486). Risk of unauthorized operations or information disclosure.
CVE-2026-43487 Vulnerability in linux (CVE-2026-43487)
vulnerability in linux (CVE-2026-43487). Risk of unauthorized operations or information disclosure.
CVE-2026-43476 Vulnerability in linux (CVE-2026-43476)
vulnerability in linux (CVE-2026-43476). Successful exploitation can lead to full system takeover.
CVE-2026-43477 Vulnerability in c (CVE-2026-43477)
vulnerability in c (CVE-2026-43477). Risk of unauthorized operations or information disclosure.
CVE-2026-43478 Vulnerability in linux (CVE-2026-43478)
vulnerability in linux (CVE-2026-43478). Risk of unauthorized operations or information disclosure.
CVE-2026-42937 Vulnerability in f5 (CVE-2026-42937)
vulnerability in f5 (CVE-2026-42937). Confidential information can be exposed externally.
CVE-2026-42945 Vulnerability in nginx (CVE-2026-42945)
vulnerability in nginx (CVE-2026-42945). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.30.1` or later.
CVE-2026-42946 Vulnerability in nginx (CVE-2026-42946)
vulnerability in nginx (CVE-2026-42946). Confidential information can be exposed externally. Mitigation: upgrade to `1.30.1` or later.
CVE-2026-42919 Vulnerability in f5 (CVE-2026-42919)
vulnerability in f5 (CVE-2026-42919). Data can be tampered with by attackers.
CVE-2026-42920 Vulnerability in f5 (CVE-2026-42920)
vulnerability in f5 (CVE-2026-42920). Risk of unauthorized operations or information disclosure.
CVE-2026-42924 OS Command Injection in privilege-escalation (CVE-2026-42924)
OS command injection in privilege-escalation (CVE-2026-42924). Confidential information can be exposed externally.
CVE-2026-42926 Vulnerability in nginx (CVE-2026-42926)
vulnerability in nginx (CVE-2026-42926). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.30.1` or later.
CVE-2026-42930 Vulnerability in f5 (CVE-2026-42930)
vulnerability in f5 (CVE-2026-42930). Confidential information can be exposed externally.
CVE-2026-42934 Out-of-Bounds Read in nginx (CVE-2026-42934)
vulnerability in nginx (CVE-2026-42934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.30.1` or later.
CVE-2026-42780 Path Traversal in path-traversal (CVE-2026-42780)
path traversal in path-traversal (CVE-2026-42780). Data can be tampered with by attackers.
CVE-2026-42781 Vulnerability in f5 (CVE-2026-42781)
vulnerability in f5 (CVE-2026-42781). Risk of unauthorized operations or information disclosure.
CVE-2026-42406 Vulnerability in f5 (CVE-2026-42406)
vulnerability in f5 (CVE-2026-42406). Confidential information can be exposed externally.
CVE-2026-42408 Vulnerability in f5 (CVE-2026-42408)
vulnerability in f5 (CVE-2026-42408). Confidential information can be exposed externally.
CVE-2026-42409 Vulnerability in f5 (CVE-2026-42409)
vulnerability in f5 (CVE-2026-42409). Risk of unauthorized operations or information disclosure.
CVE-2026-41959 Vulnerability in f5 (CVE-2026-41959)
vulnerability in f5 (CVE-2026-41959). Confidential information can be exposed externally.
CVE-2026-42058 Vulnerability in f5 (CVE-2026-42058)
vulnerability in f5 (CVE-2026-42058). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →