Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-4859 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4859)
cross-site scripting in wordpress (CVE-2026-4859). Risk of unauthorized operations or information disclosure. Exploitable via ``wpsbd_post_carousel``.
CVE-2026-4920 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4920)
cross-site scripting in wordpress (CVE-2026-4920). Risk of unauthorized operations or information disclosure.
CVE-2026-4663 Vulnerability in wordpress (CVE-2026-4663)
vulnerability in wordpress (CVE-2026-4663). Risk of unauthorized operations or information disclosure.
CVE-2026-4301 Vulnerability in wordpress (CVE-2026-4301)
vulnerability in wordpress (CVE-2026-4301). Risk of unauthorized operations or information disclosure.
CVE-2026-5693 Vulnerability in wordpress (CVE-2026-5693)
vulnerability in wordpress (CVE-2026-5693). Risk of unauthorized operations or information disclosure.
CVE-2026-6237 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6237)
cross-site scripting in wordpress (CVE-2026-6237). Risk of unauthorized operations or information disclosure.
CVE-2026-5340 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5340)
cross-site scripting in wordpress (CVE-2026-5340). Risk of unauthorized operations or information disclosure.
CVE-2026-5715 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5715)
cross-site scripting in wordpress (CVE-2026-5715). Risk of unauthorized operations or information disclosure.
CVE-2026-6247 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6247)
cross-site scripting in wordpress (CVE-2026-6247). Risk of unauthorized operations or information disclosure.
CVE-2026-5028 SQL Injection in wordpress (CVE-2026-5028)
SQL injection in wordpress (CVE-2026-5028). Confidential information can be exposed externally.
CVE-2026-2300 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2300)
cross-site scripting in wordpress (CVE-2026-2300). Risk of unauthorized operations or information disclosure. Exploitable via ``preg_replace``.
CVE-2026-3604 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3604)
cross-site scripting in wordpress (CVE-2026-3604). Risk of unauthorized operations or information disclosure. Exploitable via ``_kcseo_ative_tab``.
CVE-2026-2993 SQL Injection in wordpress (CVE-2026-2993)
SQL injection in wordpress (CVE-2026-2993). Confidential information can be exposed externally.
CVE-2026-7255 Vulnerability in zyxel (CVE-2026-7255)
vulnerability in zyxel (CVE-2026-7255). Confidential information can be exposed externally.
CVE-2026-7256 OS Command Injection in zyxel (CVE-2026-7256)
OS command injection in zyxel (CVE-2026-7256). Successful exploitation can lead to full system takeover.
CVE-2026-7257 Vulnerability in zyxel (CVE-2026-7257)
vulnerability in zyxel (CVE-2026-7257). Confidential information can be exposed externally.
CVE-2026-7287 Vulnerability in dos (CVE-2026-7287)
vulnerability in dos (CVE-2026-7287). Risk of unauthorized operations or information disclosure.
CVE-2026-40135 Command Injection in sap (CVE-2026-40135)
command injection in sap (CVE-2026-40135). Data can be tampered with by attackers.
CVE-2026-27682 Cross-Site Scripting (XSS) in sap (CVE-2026-27682)
cross-site scripting in sap (CVE-2026-27682). Risk of unauthorized operations or information disclosure.
CVE-2026-22796 Vulnerability in jvn (CVE-2026-22796)
vulnerability in jvn (CVE-2026-22796). Risk of unauthorized operations or information disclosure.
CVE-2026-3921 Vulnerability in Google chrome (CVE-2026-3921)
vulnerability in Google chrome (CVE-2026-3921). Risk of unauthorized operations or information disclosure.
CVE-2026-43884 SSRF (Server-Side Request Forgery) in wwbn/avideo (CVE-2026-43884)
SSRF in wwbn/avideo (CVE-2026-43884). Confidential information can be exposed externally. Exploitable via `POST /plugin/AI/receiveAsync.json.php`.
CVE-2026-43885 Information Disclosure in wwbn/avideo (CVE-2026-43885)
vulnerability in wwbn/avideo (CVE-2026-43885). Risk of unauthorized operations or information disclosure. Exploitable via ``APISecret``.
CVE-2026-43877 Cross-Site Request Forgery (CSRF) in wwbn/avideo (CVE-2026-43877)
vulnerability in wwbn/avideo (CVE-2026-43877). Risk of unauthorized operations or information disclosure. Exploitable via ``autoCSRFGuard``.
CVE-2026-43878 Cross-Site Scripting (XSS) in wwbn/avideo (CVE-2026-43878)
cross-site scripting in wwbn/avideo (CVE-2026-43878). Risk of unauthorized operations or information disclosure. Exploitable via ``user``.
CVE-2026-43879 SSRF (Server-Side Request Forgery) in wwbn/avideo (CVE-2026-43879)
SSRF in wwbn/avideo (CVE-2026-43879). Risk of unauthorized operations or information disclosure. Exploitable via `POST /internal/admin/action`.
CVE-2026-43880 Vulnerability in wwbn/avideo (CVE-2026-43880)
vulnerability in wwbn/avideo (CVE-2026-43880). Risk of unauthorized operations or information disclosure. Exploitable via `POST /objects/sendEmail.json.php`.
CVE-2026-43881 Vulnerability in wwbn/avideo (CVE-2026-43881)
vulnerability in wwbn/avideo (CVE-2026-43881). Risk of unauthorized operations or information disclosure. Exploitable via ``isCompany``.
CVE-2026-43883 Vulnerability in wwbn/avideo (CVE-2026-43883)
vulnerability in wwbn/avideo (CVE-2026-43883). Risk of unauthorized operations or information disclosure. Exploitable via ``agreement``.
CVE-2026-43873 Vulnerability in wwbn/avideo (CVE-2026-43873)
vulnerability in wwbn/avideo (CVE-2026-43873). Confidential information can be exposed externally. Exploitable via ``cloneSiteURL``.
CVE-2026-43875 Vulnerability in wwbn/avideo (CVE-2026-43875)
vulnerability in wwbn/avideo (CVE-2026-43875). Confidential information can be exposed externally. Exploitable via `GET /plugin/MobileManager/oauth2.php`.
CVE-2026-43876 Cross-Site Scripting (XSS) in wwbn/avideo (CVE-2026-43876)
cross-site scripting in wwbn/avideo (CVE-2026-43876). Risk of unauthorized operations or information disclosure. Exploitable via ``message``.
CVE-2026-42188 SSRF (Server-Side Request Forgery) in org.geysermc.geyser:core (CVE-2026-42188)
SSRF in org.geysermc.geyser:core (CVE-2026-42188). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.9.3` or later.
CVE-2026-42600 Path Traversal in github.com/minio/minio (CVE-2026-42600)
path traversal in github.com/minio/minio (CVE-2026-42600). Confidential information can be exposed externally. Exploitable via `POST /minio/storage/{drivePath}/v63/rmpl`. Mitigation: upgrade to `0.0.0-20260414213245` or later.
CVE-2026-39871 Vulnerability in apple (CVE-2026-39871)
vulnerability in apple (CVE-2026-39871). Confidential information can be exposed externally.
CVE-2026-43653 Vulnerability in apple (CVE-2026-43653)
vulnerability in apple (CVE-2026-43653). Confidential information can be exposed externally.
CVE-2026-39869 Vulnerability in apple (CVE-2026-39869)
vulnerability in apple (CVE-2026-39869). Risk of unauthorized operations or information disclosure.
CVE-2026-43661 Vulnerability in apple (CVE-2026-43661)
vulnerability in apple (CVE-2026-43661). Risk of unauthorized operations or information disclosure.
CVE-2026-43654 Vulnerability in apple (CVE-2026-43654)
vulnerability in apple (CVE-2026-43654). Confidential information can be exposed externally.
CVE-2026-43659 Vulnerability in apple (CVE-2026-43659)
vulnerability in apple (CVE-2026-43659). Confidential information can be exposed externally.
CVE-2026-28996 Vulnerability in apple (CVE-2026-28996)
vulnerability in apple (CVE-2026-28996). Confidential information can be exposed externally.
CVE-2026-43668 Use-After-Free in apple (CVE-2026-43668)
vulnerability in apple (CVE-2026-43668). Risk of unauthorized operations or information disclosure.
CVE-2026-43660 Vulnerability in apple (CVE-2026-43660)
vulnerability in apple (CVE-2026-43660). Confidential information can be exposed externally.
CVE-2026-43656 Out-of-Bounds Write in apple (CVE-2026-43656)
out-of-bounds write in apple (CVE-2026-43656). Risk of unauthorized operations or information disclosure.
CVE-2026-43666 Out-of-Bounds Write in apple (CVE-2026-43666)
out-of-bounds write in apple (CVE-2026-43666). Risk of unauthorized operations or information disclosure.
CVE-2026-39870 Buffer Overflow in apple (CVE-2026-39870)
vulnerability in apple (CVE-2026-39870). Confidential information can be exposed externally.
CVE-2026-43658 Buffer Overflow in apple (CVE-2026-43658)
vulnerability in apple (CVE-2026-43658). Confidential information can be exposed externally.
CVE-2026-43652 Vulnerability in apple (CVE-2026-43652)
vulnerability in apple (CVE-2026-43652). Confidential information can be exposed externally.
CVE-2026-43655 Out-of-Bounds Read in apple (CVE-2026-43655)
vulnerability in apple (CVE-2026-43655). Risk of unauthorized operations or information disclosure.
CVE-2026-28954 Vulnerability in apple (CVE-2026-28954)
vulnerability in apple (CVE-2026-28954). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →