Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8401 |
|
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
|
| CVE-2026-8111 |
|
SQL Injection in sqli (CVE-2026-8111)
SQL injection in sqli (CVE-2026-8111). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8043 |
|
Vulnerability in ivanti (CVE-2026-8043)
vulnerability in ivanti (CVE-2026-8043). Confidential information can be exposed externally.
|
| CVE-2026-8051 |
|
OS Command Injection in ivanti (CVE-2026-8051)
OS command injection in ivanti (CVE-2026-8051). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8109 |
|
Vulnerability in ivanti (CVE-2026-8109)
vulnerability in ivanti (CVE-2026-8109). Confidential information can be exposed externally.
|
| CVE-2026-8110 |
|
Vulnerability in ivanti (CVE-2026-8110)
vulnerability in ivanti (CVE-2026-8110). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7432 |
|
Vulnerability in ivanti (CVE-2026-7432)
vulnerability in ivanti (CVE-2026-7432). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7431 |
|
Vulnerability in ivanti (CVE-2026-7431)
vulnerability in ivanti (CVE-2026-7431). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6866 |
|
Vulnerability in schneider-electric (CVE-2026-6866)
vulnerability in schneider-electric (CVE-2026-6866). Confidential information can be exposed externally.
|
| CVE-2026-45091 |
|
Information Disclosure in sealed-env (CVE-2026-45091)
vulnerability in sealed-env (CVE-2026-45091). Confidential information can be exposed externally. Mitigation: upgrade to `0.1.0-alpha.4` or later.
|
| CVE-2026-8390 |
|
Use-After-Free in mozilla (CVE-2026-8390)
vulnerability in mozilla (CVE-2026-8390). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8391 |
|
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3.
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3.
|
| CVE-2026-8388 |
|
Buffer Overflow in mozilla (CVE-2026-8388)
vulnerability in mozilla (CVE-2026-8388). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8389 |
|
Buffer Overflow in mozilla (CVE-2026-8389)
vulnerability in mozilla (CVE-2026-8389). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40638 |
|
Vulnerability in dell (CVE-2026-40638)
vulnerability in dell (CVE-2026-40638). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35071 |
|
OS Command Injection in dell (CVE-2026-35071)
OS command injection in dell (CVE-2026-35071). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45218 |
|
SQL Injection in wordpress (CVE-2026-45218)
SQL injection in wordpress (CVE-2026-45218). Confidential information can be exposed externally.
|
| CVE-2026-45212 |
|
Vulnerability in c (CVE-2026-45212)
vulnerability in c (CVE-2026-45212). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45215 |
|
Vulnerability in wordpress (CVE-2026-45215)
vulnerability in wordpress (CVE-2026-45215). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41712 |
|
Vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41712)
vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41712). Confidential information can be exposed externally. Mitigation: upgrade to `2.0.0-M6` or later.
|
| CVE-2026-41713 |
|
Vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41713)
vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41713). Data can be tampered with by attackers. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2026-6800 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6800)
cross-site scripting in wordpress (CVE-2026-6800). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6813 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6813)
cross-site scripting in wordpress (CVE-2026-6813). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44411 |
|
Vulnerability in siemens (CVE-2026-44411)
vulnerability in siemens (CVE-2026-44411). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33862 |
|
Cross-Site Scripting (XSS) in siemens (CVE-2026-33862)
cross-site scripting in siemens (CVE-2026-33862). Confidential information can be exposed externally.
|
| CVE-2026-33893 |
|
Vulnerability in siemens (CVE-2026-33893)
vulnerability in siemens (CVE-2026-33893). Confidential information can be exposed externally.
|
| CVE-2026-22925 |
|
Vulnerability in siemens (CVE-2026-22925)
vulnerability in siemens (CVE-2026-22925). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40947 |
|
OS Command Injection in siemens (CVE-2025-40947)
OS command injection in siemens (CVE-2025-40947). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40948 |
|
Vulnerability in siemens (CVE-2025-40948)
vulnerability in siemens (CVE-2025-40948). Confidential information can be exposed externally.
|
| CVE-2025-40949 |
|
OS Command Injection in siemens (CVE-2025-40949)
OS command injection in siemens (CVE-2025-40949). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22924 |
|
Vulnerability in siemens (CVE-2026-22924)
vulnerability in siemens (CVE-2026-22924). Data can be tampered with by attackers.
|
| CVE-2026-1934 |
|
Vulnerability in wordpress (CVE-2026-1934)
vulnerability in wordpress (CVE-2026-1934). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7661 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7661)
cross-site scripting in wordpress (CVE-2026-7661). Risk of unauthorized operations or information disclosure. Exploitable via ``box``.
|
| CVE-2026-6932 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6932)
vulnerability in wordpress (CVE-2026-6932). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6663 |
|
Vulnerability in wordpress (CVE-2026-6663)
vulnerability in wordpress (CVE-2026-6663). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7616 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7616)
vulnerability in wordpress (CVE-2026-7616). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6256 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6256)
cross-site scripting in wordpress (CVE-2026-6256). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6690 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6690)
cross-site scripting in wordpress (CVE-2026-6690). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_nopriv_lp_update_mds``.
|
| CVE-2026-6708 |
|
Vulnerability in wordpress (CVE-2026-6708)
vulnerability in wordpress (CVE-2026-6708). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7437 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7437)
cross-site scripting in wordpress (CVE-2026-7437). Risk of unauthorized operations or information disclosure. Exploitable via ``editpos_hidden``.
|
| CVE-2026-6710 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6710)
vulnerability in wordpress (CVE-2026-6710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7050 |
|
Vulnerability in wordpress (CVE-2026-7050)
vulnerability in wordpress (CVE-2026-7050). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7562 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7562)
vulnerability in wordpress (CVE-2026-7562). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6808 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6808)
cross-site scripting in wordpress (CVE-2026-6808). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7464 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7464)
cross-site scripting in wordpress (CVE-2026-7464). Risk of unauthorized operations or information disclosure. Exploitable via ``page``.
|
| CVE-2026-6709 |
|
Vulnerability in wordpress (CVE-2026-6709)
vulnerability in wordpress (CVE-2026-6709). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7626 |
|
Information Disclosure in wordpress (CVE-2026-7626)
vulnerability in wordpress (CVE-2026-7626). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7561 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7561)
vulnerability in wordpress (CVE-2026-7561). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7659 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7659)
cross-site scripting in wordpress (CVE-2026-7659). Risk of unauthorized operations or information disclosure. Exploitable via ``social``.
|
| CVE-2026-6913 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6913)
cross-site scripting in wordpress (CVE-2026-6913). Risk of unauthorized operations or information disclosure.
|