Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8084 |
|
Buffer Overflow in gdal (CVE-2026-8084)
vulnerability in gdal (CVE-2026-8084). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.0` or later.
|
| CVE-2026-41906 |
|
Vulnerability in laravel (CVE-2026-41906)
vulnerability in laravel (CVE-2026-41906). Data can be tampered with by attackers.
|
| CVE-2026-41902 |
|
Vulnerability in laravel (CVE-2026-41902)
vulnerability in laravel (CVE-2026-41902). Confidential information can be exposed externally. Exploitable via `Referer header`.
|
| CVE-2026-36387 |
|
Unrestricted File Upload in CVE-2026-36387 (CVE-2026-36387)
vulnerability in CVE-2026-36387 (CVE-2026-36387). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36388 |
|
Cross-Site Scripting (XSS) in CVE-2026-36388 (CVE-2026-36388)
cross-site scripting in CVE-2026-36388 (CVE-2026-36388). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36458 |
|
Code Injection in sqli (CVE-2026-36458)
code injection in sqli (CVE-2026-36458). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30496 |
|
Vulnerability in android (CVE-2026-30496)
vulnerability in android (CVE-2026-30496). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8091 |
|
Vulnerability in firefox (CVE-2026-8091)
vulnerability in firefox (CVE-2026-8091). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8092 |
|
Out-of-Bounds Read in mozilla (CVE-2026-8092)
vulnerability in mozilla (CVE-2026-8092). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8093 |
|
Buffer Overflow in mozilla (CVE-2026-8093)
vulnerability in mozilla (CVE-2026-8093). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8094 |
|
Code Injection in firefox (CVE-2026-8094)
code injection in firefox (CVE-2026-8094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8090 |
|
Use-After-Free in mozilla (CVE-2026-8090)
vulnerability in mozilla (CVE-2026-8090). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7924 |
|
Vulnerability in chromium (CVE-2026-7924)
vulnerability in chromium (CVE-2026-7924). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-7925 |
|
Vulnerability in chromium (CVE-2026-7925)
vulnerability in chromium (CVE-2026-7925). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-7923 |
|
Vulnerability in chromium (CVE-2026-7923)
vulnerability in chromium (CVE-2026-7923). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-42010 |
|
Vulnerability in gnu (CVE-2026-42010)
vulnerability in gnu (CVE-2026-42010). Confidential information can be exposed externally.
|
| CVE-2026-40981 |
|
Vulnerability in org.springframework.cloud:spring-cloud-config (CVE-2026-40981)
vulnerability in org.springframework.cloud:spring-cloud-config (CVE-2026-40981). Confidential information can be exposed externally. Mitigation: upgrade to `5.0.3` or later.
|
| CVE-2026-40982 |
|
Path Traversal in org.springframework.cloud:spring-cloud-config-server (CVE-2026-40982)
path traversal in org.springframework.cloud:spring-cloud-config-server (CVE-2026-40982). Confidential information can be exposed externally. Mitigation: upgrade to `5.0.3` or later.
|
| CVE-2026-41002 |
|
Vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41002)
vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41002). Confidential information can be exposed externally. Exploitable via ``spring.cloud.config.server.git.basedir``.
|
| CVE-2026-41004 |
|
Vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41004)
vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41004). Confidential information can be exposed externally.
|
| CVE-2026-8063 |
|
Vulnerability in mongodb (CVE-2026-8063)
vulnerability in mongodb (CVE-2026-8063). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.7` or later.
|
| CVE-2026-42216 |
|
Out-of-Bounds Read in openexr (CVE-2026-42216)
vulnerability in openexr (CVE-2026-42216). Confidential information can be exposed externally. Exploitable via ``c13e0e1320a6652e02c5c90c6dbd984d532efe44``.
|
| CVE-2026-42217 |
|
Vulnerability in openexr (CVE-2026-42217)
vulnerability in openexr (CVE-2026-42217). Successful exploitation can lead to full system takeover. Exploitable via ``ImfIDManifest.cpp``.
|
| SUSE-SU-2026:1732-1 |
|
Vulnerability in dos (SUSE-SU-2026:1732-1)
vulnerability in dos (SUSE-SU-2026:1732-1). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_var_load_item_variation_store``.
|
| SUSE-SU-2026:1731-1 |
|
Vulnerability in dos (SUSE-SU-2026:1731-1)
vulnerability in dos (SUSE-SU-2026:1731-1). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_var_load_item_variation_store``.
|
| CVE-2026-6973 KEV |
|
[KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| openSUSE-SU-2026:10716-1 |
|
Vulnerability in copacetic (openSUSE-SU-2026:10716-1)
vulnerability in copacetic (openSUSE-SU-2026:10716-1). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.14.0-1.1` or later.
|
| openSUSE-SU-2026:10718-1 |
|
Vulnerability in python-Django (openSUSE-SU-2026:10718-1)
vulnerability in python-Django (openSUSE-SU-2026:10718-1). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.2.14-1.1` or later.
|
| openSUSE-SU-2026:10719-1 |
|
Vulnerability in valkey (openSUSE-SU-2026:10719-1)
vulnerability in valkey (openSUSE-SU-2026:10719-1). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.4-1.1` or later.
|
| openSUSE-SU-2026:10717-1 |
|
Vulnerability in libexif (openSUSE-SU-2026:10717-1)
vulnerability in libexif (openSUSE-SU-2026:10717-1). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.26-1.1` or later.
|
| CVE-2026-8018 |
|
Vulnerability in google (CVE-2026-8018)
vulnerability in google (CVE-2026-8018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7989 |
|
Vulnerability in google (CVE-2026-7989)
vulnerability in google (CVE-2026-7989). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7979 |
|
Vulnerability in google (CVE-2026-7979)
vulnerability in google (CVE-2026-7979). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7959 |
|
Vulnerability in google (CVE-2026-7959)
vulnerability in google (CVE-2026-7959). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7946 |
|
Vulnerability in google (CVE-2026-7946)
vulnerability in google (CVE-2026-7946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7932 |
|
Vulnerability in chromium (CVE-2026-7932)
vulnerability in chromium (CVE-2026-7932). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-7915 |
|
Vulnerability in google (CVE-2026-7915)
vulnerability in google (CVE-2026-7915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7916 |
|
Vulnerability in google (CVE-2026-7916)
vulnerability in google (CVE-2026-7916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7910 |
|
Use-After-Free in google (CVE-2026-7910)
vulnerability in google (CVE-2026-7910). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7902 |
|
Out-of-Bounds Read in google (CVE-2026-7902)
vulnerability in google (CVE-2026-7902). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6691 |
|
Vulnerability in c (CVE-2026-6691)
vulnerability in c (CVE-2026-6691). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20195 |
|
Vulnerability in cisco (CVE-2026-20195)
vulnerability in cisco (CVE-2026-20195). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20169 |
|
Command Injection in cisco (CVE-2026-20169)
command injection in cisco (CVE-2026-20169). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20168 |
|
Vulnerability in cisco (CVE-2026-20168)
vulnerability in cisco (CVE-2026-20168). Confidential information can be exposed externally.
|
| CVE-2026-20035 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-20035)
SSRF in ssrf (CVE-2026-20035). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6787 |
|
Vulnerability in watchguard (CVE-2026-6787)
vulnerability in watchguard (CVE-2026-6787). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6788 |
|
Vulnerability in watchguard (CVE-2026-6788)
vulnerability in watchguard (CVE-2026-6788). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41288 |
|
Vulnerability in watchguard (CVE-2026-41288)
vulnerability in watchguard (CVE-2026-41288). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41286 |
|
Vulnerability in watchguard (CVE-2026-41286)
vulnerability in watchguard (CVE-2026-41286). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41287 |
|
Vulnerability in watchguard (CVE-2026-41287)
vulnerability in watchguard (CVE-2026-41287). Risk of unauthorized operations or information disclosure.
|