Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| ROOT-OS-DEBIAN-11-CVE-2025-38445 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38445)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38445). Confidential information can be exposed externally. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-56715 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-56715)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-56715). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-38700 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38700)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38700). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2023-53282 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2023-53282)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2023-53282). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2022-49935 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2022-49935)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2022-49935). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-40975 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-40975)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-40975). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-39744 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-39744)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-39744). Confidential information can be exposed externally. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2022-50116 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2022-50116)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2022-50116). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-21792 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-21792)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-21792). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-38708 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38708)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-38708). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-37830 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37830)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-37830). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2023-53149 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2023-53149)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2023-53149). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2026-43047 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43047)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43047). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2022-49138 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2022-49138)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2022-49138). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-41062 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-41062)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-41062). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2024-49905 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-49905)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2024-49905). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2026-43011 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43011)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2026-43011). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| ROOT-OS-DEBIAN-11-CVE-2025-68819 |
|
Vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-68819)
vulnerability in rootio-linux (ROOT-OS-DEBIAN-11-CVE-2025-68819). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.257-1.root.io.92, 5.10.257-1.root.io.93, 5.10.257-1.root.io.94, 5.10.257-1.root.io.95, 5.10.257-1.root.io.96, 5.10.257-1.root.io.97, 5.10.257-1.root.io.98, 5.10.257-1.root.io.99` or later.
|
| CVE-2026-8133 |
|
Vulnerability in sqli (CVE-2026-8133)
vulnerability in sqli (CVE-2026-8133). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8136 |
|
Cross-Site Scripting (XSS) in CVE-2026-8136 (CVE-2026-8136)
cross-site scripting in CVE-2026-8136 (CVE-2026-8136). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8132 |
|
Vulnerability in sqli (CVE-2026-8132)
vulnerability in sqli (CVE-2026-8132). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44298 |
|
Path Traversal in kimai/kimai (CVE-2026-44298)
path traversal in kimai/kimai (CVE-2026-44298). Risk of unauthorized operations or information disclosure. Exploitable via ``ROLE_SYSTE_ADMIN``. Mitigation: upgrade to `2.56` or later.
|
| CVE-2026-8129 |
|
Vulnerability in sqli (CVE-2026-8129)
vulnerability in sqli (CVE-2026-8129). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8130 |
|
Vulnerability in sqli (CVE-2026-8130)
vulnerability in sqli (CVE-2026-8130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8131 |
|
Vulnerability in sqli (CVE-2026-8131)
vulnerability in sqli (CVE-2026-8131). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42264 |
|
Vulnerability in axios (CVE-2026-42264)
vulnerability in axios (CVE-2026-42264). Confidential information can be exposed externally. Exploitable via ``hasOwnProperty``. Mitigation: upgrade to `1.15.2` or later.
|
| CVE-2026-8126 |
|
Vulnerability in sqli (CVE-2026-8126)
vulnerability in sqli (CVE-2026-8126). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8128 |
|
Vulnerability in sqli (CVE-2026-8128)
vulnerability in sqli (CVE-2026-8128). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8127 |
|
Vulnerability in CVE-2026-8127 (CVE-2026-8127)
vulnerability in CVE-2026-8127 (CVE-2026-8127). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8125 |
|
Vulnerability in sqli (CVE-2026-8125)
vulnerability in sqli (CVE-2026-8125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8117 |
|
Cross-Site Scripting (XSS) in CVE-2026-8117 (CVE-2026-8117)
cross-site scripting in CVE-2026-8117 (CVE-2026-8117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42208 KEV |
|
[KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
|
| CVE-2026-41105 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-41105)
SSRF in ssrf (CVE-2026-41105). Confidential information can be exposed externally.
|
| CVE-2026-42826 |
|
Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33109 |
|
Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33111 |
|
Command Injection in microsoft (CVE-2026-33111)
command injection in microsoft (CVE-2026-33111). Confidential information can be exposed externally.
|
| CVE-2026-33823 |
|
Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34327 |
|
Vulnerability in microsoft (CVE-2026-34327)
vulnerability in microsoft (CVE-2026-34327). Confidential information can be exposed externally.
|
| CVE-2026-35428 |
|
Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35435 |
|
Vulnerability in microsoft (CVE-2026-35435)
vulnerability in microsoft (CVE-2026-35435). Confidential information can be exposed externally.
|
| CVE-2026-26129 |
|
Vulnerability in microsoft (CVE-2026-26129)
vulnerability in microsoft (CVE-2026-26129). Confidential information can be exposed externally.
|
| CVE-2026-26164 |
|
Vulnerability in microsoft (CVE-2026-26164)
vulnerability in microsoft (CVE-2026-26164). Confidential information can be exposed externally.
|
| CVE-2026-32207 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2026-32207)
cross-site scripting in microsoft (CVE-2026-32207). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8097 |
|
Vulnerability in sqli (CVE-2026-8097)
vulnerability in sqli (CVE-2026-8097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8098 |
|
Vulnerability in sqli (CVE-2026-8098)
vulnerability in sqli (CVE-2026-8098). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8087 |
|
Buffer Overflow in GDAL (CVE-2026-8087)
vulnerability in GDAL (CVE-2026-8087). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-8088 |
|
Buffer Overflow in GDAL (CVE-2026-8088)
vulnerability in GDAL (CVE-2026-8088). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-42879 |
|
Unrestricted File Upload in facturascripts/facturascripts (CVE-2026-42879)
vulnerability in facturascripts/facturascripts (CVE-2026-42879). Risk of unauthorized operations or information disclosure. Exploitable via ``PHPSESSID``.
|
| CVE-2026-8086 |
|
Buffer Overflow in gdal (CVE-2026-8086)
vulnerability in gdal (CVE-2026-8086). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|