Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43292 |
|
Vulnerability in c (CVE-2026-43292)
vulnerability in c (CVE-2026-43292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43293 |
|
Vulnerability in c (CVE-2026-43293)
vulnerability in c (CVE-2026-43293). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43294 |
|
Vulnerability in linux (CVE-2026-43294)
vulnerability in linux (CVE-2026-43294). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43295 |
|
Vulnerability in linux (CVE-2026-43295)
vulnerability in linux (CVE-2026-43295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43296 |
|
Vulnerability in linux (CVE-2026-43296)
vulnerability in linux (CVE-2026-43296). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43297 |
|
Vulnerability in linux (CVE-2026-43297)
vulnerability in linux (CVE-2026-43297). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43298 |
|
Vulnerability in c (CVE-2026-43298)
vulnerability in c (CVE-2026-43298). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43285 |
|
Vulnerability in linux (CVE-2026-43285)
vulnerability in linux (CVE-2026-43285). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43286 |
|
Vulnerability in linux (CVE-2026-43286)
vulnerability in linux (CVE-2026-43286). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43287 |
|
Vulnerability in linux (CVE-2026-43287)
vulnerability in linux (CVE-2026-43287). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43288 |
|
Vulnerability in c (CVE-2026-43288)
vulnerability in c (CVE-2026-43288). Risk of unauthorized operations or information disclosure. Exploitable via ``DOUBLE_CHECK``.
|
| CVE-2026-43289 |
|
Vulnerability in c (CVE-2026-43289)
vulnerability in c (CVE-2026-43289). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41512 |
|
Code Injection in gem (CVE-2026-41512)
code injection in gem (CVE-2026-41512). Successful exploitation can lead to full system takeover. Exploitable via `POST /targets/auto_detect_selectors`.
|
| CVE-2026-39816 |
|
Vulnerability in nifi (CVE-2026-39816)
vulnerability in nifi (CVE-2026-39816). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.9.0` or later.
|
| CVE-2025-71297 |
|
Vulnerability in c (CVE-2025-71297)
vulnerability in c (CVE-2025-71297). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71298 |
|
Vulnerability in c (CVE-2025-71298)
vulnerability in c (CVE-2025-71298). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71299 |
|
Vulnerability in c (CVE-2025-71299)
vulnerability in c (CVE-2025-71299). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71300 |
|
Vulnerability in linux (CVE-2025-71300)
vulnerability in linux (CVE-2025-71300). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71301 |
|
Vulnerability in c (CVE-2025-71301)
vulnerability in c (CVE-2025-71301). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71302 |
|
Vulnerability in linux (CVE-2025-71302)
vulnerability in linux (CVE-2025-71302). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32803 |
|
Vulnerability in dell (CVE-2026-32803)
vulnerability in dell (CVE-2026-32803). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71296 |
|
Vulnerability in c (CVE-2025-71296)
vulnerability in c (CVE-2025-71296). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25077 |
|
Code Injection in apache (CVE-2026-25077)
code injection in apache (CVE-2026-25077). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25199 |
|
Information Disclosure in apache (CVE-2026-25199)
vulnerability in apache (CVE-2026-25199). Confidential information can be exposed externally.
|
| CVE-2025-66170 |
|
Authorization Flaw in apache (CVE-2025-66170)
vulnerability in apache (CVE-2025-66170). Confidential information can be exposed externally.
|
| CVE-2025-66171 |
|
Vulnerability in apache (CVE-2025-66171)
vulnerability in apache (CVE-2025-66171). Confidential information can be exposed externally.
|
| CVE-2025-66172 |
|
Vulnerability in apache (CVE-2025-66172)
vulnerability in apache (CVE-2025-66172). Confidential information can be exposed externally.
|
| CVE-2025-66467 |
|
Vulnerability in apache (CVE-2025-66467)
vulnerability in apache (CVE-2025-66467). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69233 |
|
Vulnerability in apache (CVE-2025-69233)
vulnerability in apache (CVE-2025-69233). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7475 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7475)
cross-site scripting in wordpress (CVE-2026-7475). Risk of unauthorized operations or information disclosure. Exploitable via ``sky_script_content``.
|
| CVE-2026-7650 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7650)
cross-site scripting in wordpress (CVE-2026-7650). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5341 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5341)
cross-site scripting in wordpress (CVE-2026-5341). Risk of unauthorized operations or information disclosure. Exploitable via ``strava_nmr_connect``.
|
| CVE-2026-7330 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7330)
cross-site scripting in wordpress (CVE-2026-7330). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5127 |
|
Unsafe Deserialization in wordpress (CVE-2026-5127)
vulnerability in wordpress (CVE-2026-5127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32178 |
|
Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2026-26171 |
|
Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2013-10075 |
|
Vulnerability in apache (CVE-2013-10075)
vulnerability in apache (CVE-2013-10075). Confidential information can be exposed externally.
|
| CVE-2026-43284 |
|
Vulnerability in Google linux (CVE-2026-43284)
vulnerability in Google linux (CVE-2026-43284). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4935 |
|
SQL Injection in wordpress (CVE-2026-4935)
SQL injection in wordpress (CVE-2026-4935). Confidential information can be exposed externally.
|
| CVE-2025-67886 |
|
Unrestricted File Upload in CVE-2025-67886 (CVE-2025-67886)
vulnerability in CVE-2025-67886 (CVE-2025-67886). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-67887 |
|
Code Injection in CVE-2025-67887 (CVE-2025-67887)
code injection in CVE-2025-67887 (CVE-2025-67887). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67888 |
|
OS Command Injection in CVE-2025-67888 (CVE-2025-67888)
OS command injection in CVE-2025-67888 (CVE-2025-67888). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69690 |
|
Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69691 |
|
Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
|
| CVE-2024-51092 |
|
OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
|
| CVE-2024-33288 |
|
SQL Injection in sqli (CVE-2024-33288)
SQL injection in sqli (CVE-2024-33288). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-33722 |
|
SQL Injection in sqli (CVE-2024-33722)
SQL injection in sqli (CVE-2024-33722). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-33724 |
|
Cross-Site Scripting (XSS) in CVE-2024-33724 (CVE-2024-33724)
cross-site scripting in CVE-2024-33724 (CVE-2024-33724). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8138 |
|
Buffer Overflow in tenda (CVE-2026-8138)
vulnerability in tenda (CVE-2026-8138). Successful exploitation can lead to full system takeover.
|
| ROOT-OS-DEBIAN-13-CVE-2025-39958 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-13-CVE-2025-39958)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-13-CVE-2025-39958). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.12.90-2.root.io.130, 6.12.90-2.root.io.131, 6.12.90-2.root.io.132, 6.12.90-2.root.io.133, 6.12.90-2.root.io.134, 6.12.90-2.root.io.135, 6.12.90-2.root.io.136, 6.12.90-2.root.io.137, 6.12.90-2.root.io.138` or later.
|