Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44413 |
|
Vulnerability in jetbrains (CVE-2026-44413)
vulnerability in jetbrains (CVE-2026-44413). Confidential information can be exposed externally.
|
| CVE-2026-44993 |
|
Vulnerability in openclaw (CVE-2026-44993)
vulnerability in openclaw (CVE-2026-44993). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44997 |
|
Vulnerability in openclaw (CVE-2026-44997)
vulnerability in openclaw (CVE-2026-44997). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.4.22` or later.
|
| CVE-2026-44995 |
|
Vulnerability in openclaw (CVE-2026-44995)
vulnerability in openclaw (CVE-2026-44995). Successful exploitation can lead to full system takeover. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.20` or later.
|
| CVE-2026-44996 |
|
Path Traversal in openclaw (CVE-2026-44996)
path traversal in openclaw (CVE-2026-44996). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44992 |
|
Vulnerability in openclaw (CVE-2026-44992)
vulnerability in openclaw (CVE-2026-44992). Confidential information can be exposed externally. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.20` or later.
|
| CVE-2026-44994 |
|
Vulnerability in openclaw (CVE-2026-44994)
vulnerability in openclaw (CVE-2026-44994). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44999 |
|
Vulnerability in openclaw (CVE-2026-44999)
vulnerability in openclaw (CVE-2026-44999). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.20` or later.
|
| CVE-2026-44991 |
|
Vulnerability in openclaw (CVE-2026-44991)
vulnerability in openclaw (CVE-2026-44991). Risk of unauthorized operations or information disclosure. Exploitable via ``commands.ownerAllowFrom``. Mitigation: upgrade to `2026.4.21` or later.
|
| CVE-2026-36962 |
|
SQL Injection in sqli (CVE-2026-36962)
SQL injection in sqli (CVE-2026-36962). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34095 |
|
Vulnerability in mediawiki (CVE-2026-34095)
vulnerability in mediawiki (CVE-2026-34095). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34093 |
|
Information Disclosure in mediawiki (CVE-2026-34093)
vulnerability in mediawiki (CVE-2026-34093). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34094 |
|
Vulnerability in mediawiki (CVE-2026-34094)
vulnerability in mediawiki (CVE-2026-34094). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42607 |
|
Code Injection in getgrav/grav (CVE-2026-42607)
code injection in getgrav/grav (CVE-2026-42607). Successful exploitation can lead to full system takeover. Exploitable via ``directInstall``. Mitigation: upgrade to `2.0.0-beta.2` or later.
|
| CVE-2026-34092 |
|
Information Disclosure in mediawiki (CVE-2026-34092)
vulnerability in mediawiki (CVE-2026-34092). Confidential information can be exposed externally.
|
| CVE-2025-65416 |
|
Unrestricted File Upload in CVE-2025-65416 (CVE-2025-65416)
vulnerability in CVE-2025-65416 (CVE-2025-65416). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61308 |
|
Cross-Site Scripting (XSS) in CVE-2025-61308 (CVE-2025-61308)
cross-site scripting in CVE-2025-61308 (CVE-2025-61308). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61309 |
|
Cross-Site Scripting (XSS) in CVE-2025-61309 (CVE-2025-61309)
cross-site scripting in CVE-2025-61309 (CVE-2025-61309). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61310 |
|
Cross-Site Scripting (XSS) in CVE-2025-61310 (CVE-2025-61310)
cross-site scripting in CVE-2025-61310 (CVE-2025-61310). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61311 |
|
Cross-Site Scripting (XSS) in CVE-2025-61311 (CVE-2025-61311)
cross-site scripting in CVE-2025-61311 (CVE-2025-61311). Confidential information can be exposed externally.
|
| CVE-2025-61312 |
|
Cross-Site Scripting (XSS) in CVE-2025-61312 (CVE-2025-61312)
cross-site scripting in CVE-2025-61312 (CVE-2025-61312). Confidential information can be exposed externally.
|
| CVE-2025-61313 |
|
Cross-Site Scripting (XSS) in CVE-2025-61313 (CVE-2025-61313)
cross-site scripting in CVE-2025-61313 (CVE-2025-61313). Confidential information can be exposed externally.
|
| CVE-2025-61314 |
|
Cross-Site Scripting (XSS) in CVE-2025-61314 (CVE-2025-61314)
cross-site scripting in CVE-2025-61314 (CVE-2025-61314). Confidential information can be exposed externally.
|
| CVE-2025-61305 |
|
Cross-Site Scripting (XSS) in CVE-2025-61305 (CVE-2025-61305)
cross-site scripting in CVE-2025-61305 (CVE-2025-61305). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61306 |
|
Cross-Site Scripting (XSS) in CVE-2025-61306 (CVE-2025-61306)
cross-site scripting in CVE-2025-61306 (CVE-2025-61306). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61307 |
|
Cross-Site Scripting (XSS) in CVE-2025-61307 (CVE-2025-61307)
cross-site scripting in CVE-2025-61307 (CVE-2025-61307). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10470 |
|
Vulnerability in wso2 (CVE-2025-10470)
vulnerability in wso2 (CVE-2025-10470). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9973 |
|
Vulnerability in privilege-escalation (CVE-2025-9973)
vulnerability in privilege-escalation (CVE-2025-9973). Confidential information can be exposed externally.
|
| CVE-2026-6909 |
|
Cross-Site Scripting (XSS) in CVE-2026-6909 (CVE-2026-6909)
cross-site scripting in CVE-2026-6909 (CVE-2026-6909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6956 |
|
Cross-Site Scripting (XSS) in CVE-2026-6956 (CVE-2026-6956)
cross-site scripting in CVE-2026-6956 (CVE-2026-6956). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26946 |
|
Privilege Escalation in dell (CVE-2026-26946)
vulnerability in dell (CVE-2026-26946). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32658 |
|
Vulnerability in dell (CVE-2026-32658)
vulnerability in dell (CVE-2026-32658). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35157 |
|
Vulnerability in dell (CVE-2026-35157)
vulnerability in dell (CVE-2026-35157). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40636 |
|
Vulnerability in dell (CVE-2026-40636)
vulnerability in dell (CVE-2026-40636). Successful exploitation can lead to full system takeover.
|
| CVE-2025-8325 |
|
Vulnerability in wso2 (CVE-2025-8325)
vulnerability in wso2 (CVE-2025-8325). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10908 |
|
Authorization Flaw in c (CVE-2025-10908)
vulnerability in c (CVE-2025-10908). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-8154 |
|
Vulnerability in wso2 (CVE-2025-8154)
vulnerability in wso2 (CVE-2025-8154). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43992 |
|
Vulnerability in dell (CVE-2025-43992)
vulnerability in dell (CVE-2025-43992). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-0391 |
|
Vulnerability in wso2 (CVE-2024-0391)
vulnerability in wso2 (CVE-2024-0391). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43826 |
|
Vulnerability in apache-airflow-providers-opensearch (CVE-2026-43826)
vulnerability in apache-airflow-providers-opensearch (CVE-2026-43826). Confidential information can be exposed externally. Exploitable via ``host``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-41018 |
|
Vulnerability in apache-airflow-providers-elasticsearch (CVE-2026-41018)
vulnerability in apache-airflow-providers-elasticsearch (CVE-2026-41018). Confidential information can be exposed externally. Exploitable via ``host``. Mitigation: upgrade to `6.5.3` or later.
|
| CVE-2026-43500 |
|
Out-of-Bounds Write in linux (CVE-2026-43500)
out-of-bounds write in linux (CVE-2026-43500). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23918 |
|
Vulnerability in jvn (CVE-2026-23918)
vulnerability in jvn (CVE-2026-23918). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6433 |
|
Vulnerability in wordpress (CVE-2026-6433)
vulnerability in wordpress (CVE-2026-6433). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8265 |
|
Command Injection in tenda (CVE-2026-8265)
command injection in tenda (CVE-2026-8265). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8264 |
|
Command Injection in tenda (CVE-2026-8264)
command injection in tenda (CVE-2026-8264). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8263 |
|
Command Injection in tenda (CVE-2026-8263)
command injection in tenda (CVE-2026-8263). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8259 |
|
Command Injection in tenda (CVE-2026-8259)
command injection in tenda (CVE-2026-8259). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50970 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2022-50970)
cross-site scripting in wordpress (CVE-2022-50970). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50955 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2022-50955)
vulnerability in wordpress (CVE-2022-50955). Risk of unauthorized operations or information disclosure.
|