Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-43078 Out-of-Bounds Write in linux (CVE-2026-43078)
out-of-bounds write in linux (CVE-2026-43078). Successful exploitation can lead to full system takeover.
CVE-2026-43079 Vulnerability in c (CVE-2026-43079)
vulnerability in c (CVE-2026-43079). Risk of unauthorized operations or information disclosure.
CVE-2026-35253 Open Redirect in oracle (CVE-2026-35253)
vulnerability in oracle (CVE-2026-35253). Risk of unauthorized operations or information disclosure.
CVE-2026-7573 Vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7573)
vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7573). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.76.5` or later.
CVE-2026-7572 Vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7572)
vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7572). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.76.5` or later.
CVE-2025-71255 Vulnerability in dos (CVE-2025-71255)
vulnerability in dos (CVE-2025-71255). Risk of unauthorized operations or information disclosure.
CVE-2025-71256 Vulnerability in dos (CVE-2025-71256)
vulnerability in dos (CVE-2025-71256). Risk of unauthorized operations or information disclosure.
CVE-2025-71252 Vulnerability in dos (CVE-2025-71252)
vulnerability in dos (CVE-2025-71252). Risk of unauthorized operations or information disclosure.
CVE-2025-71253 Vulnerability in dos (CVE-2025-71253)
vulnerability in dos (CVE-2025-71253). Risk of unauthorized operations or information disclosure.
CVE-2025-71254 Vulnerability in dos (CVE-2025-71254)
vulnerability in dos (CVE-2025-71254). Risk of unauthorized operations or information disclosure.
CVE-2025-71251 Vulnerability in dos (CVE-2025-71251)
vulnerability in dos (CVE-2025-71251). Risk of unauthorized operations or information disclosure.
CVE-2026-28780 Vulnerability in apache (CVE-2026-28780)
vulnerability in apache (CVE-2026-28780). Successful exploitation can lead to full system takeover.
CVE-2026-0300 KEV [KEV] Out-of-Bounds Write in Palo alto networks palo-alto-networks (CVE-2026-0300)
out-of-bounds write in Palo alto networks palo-alto-networks (CVE-2026-0300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-43882 Vulnerability in wwbn/avideo (CVE-2026-43882)
vulnerability in wwbn/avideo (CVE-2026-43882). Risk of unauthorized operations or information disclosure. Exploitable via ``title``.
CVE-2026-44167 Vulnerability in phpseclib/phpseclib (CVE-2026-44167)
vulnerability in phpseclib/phpseclib (CVE-2026-44167). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.29` or later.
CVE-2026-39852 Authorization Flaw in io.quarkus:quarkus-vertx-http (CVE-2026-39852)
vulnerability in io.quarkus:quarkus-vertx-http (CVE-2026-39852). Confidential information can be exposed externally. Mitigation: upgrade to `3.35.1.1` or later.
CVE-2026-39849 Vulnerability in pi-hole (CVE-2026-39849)
vulnerability in pi-hole (CVE-2026-39849). Successful exploitation can lead to full system takeover. Exploitable via ``dns.interface``.
CVE-2026-35579 Authentication Bypass in github.com/coredns/coredns (CVE-2026-35579)
authentication bypass in github.com/coredns/coredns (CVE-2026-35579). Successful exploitation can lead to full system takeover. Exploitable via ``tsigStatus``. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-39383 SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383). Confidential information can be exposed externally. Exploitable via ``FilterDeadline``. Mitigation: upgrade to `8.31.0` or later.
CVE-2026-35453 Cross-Site Scripting (XSS) in phpoffice/phpspreadsheet (CVE-2026-35453)
cross-site scripting in phpoffice/phpspreadsheet (CVE-2026-35453). Risk of unauthorized operations or information disclosure. Exploitable via ``formatColor``. Mitigation: upgrade to `1.30.4` or later.
CVE-2026-35397 Path Traversal in jupyter-server (CVE-2026-35397)
path traversal in jupyter-server (CVE-2026-35397). Successful exploitation can lead to full system takeover. Exploitable via ``root_dir``. Mitigation: upgrade to `2.18.0` or later.
CVE-2026-34084 Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-34084)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-34084). Successful exploitation can lead to full system takeover. Exploitable via ``is_file``. Mitigation: upgrade to `1.30.3` or later.
CVE-2026-32936 Vulnerability in github.com/coredns/coredns (CVE-2026-32936)
vulnerability in github.com/coredns/coredns (CVE-2026-32936). Risk of unauthorized operations or information disclosure. Exploitable via ``dns``. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-33190 Authentication Bypass in github.com/coredns/coredns (CVE-2026-33190)
authentication bypass in github.com/coredns/coredns (CVE-2026-33190). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-33489 Vulnerability in github.com/coredns/coredns (CVE-2026-33489)
vulnerability in github.com/coredns/coredns (CVE-2026-33489). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-32934 Vulnerability in github.com/coredns/coredns (CVE-2026-32934)
vulnerability in github.com/coredns/coredns (CVE-2026-32934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-38428 SQL Injection in sqli (CVE-2026-38428)
SQL injection in sqli (CVE-2026-38428). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v1/main/flows/search`.
CVE-2026-43068 Vulnerability in linux (CVE-2026-43068)
vulnerability in linux (CVE-2026-43068). Risk of unauthorized operations or information disclosure.
CVE-2026-43072 Vulnerability in linux (CVE-2026-43072)
vulnerability in linux (CVE-2026-43072). Risk of unauthorized operations or information disclosure.
CVE-2026-43065 Vulnerability in c (CVE-2026-43065)
vulnerability in c (CVE-2026-43065). Risk of unauthorized operations or information disclosure.
CVE-2026-43066 Vulnerability in linux (CVE-2026-43066)
vulnerability in linux (CVE-2026-43066). Risk of unauthorized operations or information disclosure.
CVE-2026-43064 Vulnerability in linux (CVE-2026-43064)
vulnerability in linux (CVE-2026-43064). Risk of unauthorized operations or information disclosure.
CVE-2026-43069 Vulnerability in c (CVE-2026-43069)
vulnerability in c (CVE-2026-43069). Risk of unauthorized operations or information disclosure.
CVE-2026-43061 Vulnerability in linux (CVE-2026-43061)
vulnerability in linux (CVE-2026-43061). Risk of unauthorized operations or information disclosure. Exploitable via ``dmaengine_terminate_async``.
CVE-2026-23631 Use-After-Free in redis (CVE-2026-23631)
vulnerability in redis (CVE-2026-23631). Data can be tampered with by attackers.
CVE-2026-25243 Vulnerability in redis (CVE-2026-25243)
vulnerability in redis (CVE-2026-25243). Successful exploitation can lead to full system takeover.
CVE-2026-23479 Use-After-Free in redis (CVE-2026-23479)
vulnerability in redis (CVE-2026-23479). Successful exploitation can lead to full system takeover. Exploitable via ``processCommandAndResetClient``.
CVE-2026-40934 Vulnerability in jupyter-server (CVE-2026-40934)
vulnerability in jupyter-server (CVE-2026-40934). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.0` or later.
CVE-2026-40110 Vulnerability in jupyter-server (CVE-2026-40110)
vulnerability in jupyter-server (CVE-2026-40110). Confidential information can be exposed externally. Exploitable via ``allow_origin_pat``. Mitigation: upgrade to `057869a327c46730afede3eab0ca2d2` or later.
CVE-2025-61669 Open Redirect in jupyter-server (CVE-2025-61669)
vulnerability in jupyter-server (CVE-2025-61669). Risk of unauthorized operations or information disclosure. Exploitable via ``google.com``. Mitigation: upgrade to `2.18.0` or later.
CVE-2026-43070 Out-of-Bounds Read in linux (CVE-2026-43070)
vulnerability in linux (CVE-2026-43070). Successful exploitation can lead to full system takeover. Exploitable via ``__mark_reg_known``.
CVE-2026-43071 Vulnerability in c (CVE-2026-43071)
vulnerability in c (CVE-2026-43071). Confidential information can be exposed externally.
CVE-2026-43073 Vulnerability in linux (CVE-2026-43073)
vulnerability in linux (CVE-2026-43073). Risk of unauthorized operations or information disclosure.
CVE-2026-43062 Vulnerability in linux (CVE-2026-43062)
vulnerability in linux (CVE-2026-43062). Data can be tampered with by attackers.
CVE-2026-43063 Vulnerability in linux (CVE-2026-43063)
vulnerability in linux (CVE-2026-43063). Successful exploitation can lead to full system takeover.
CVE-2026-43067 Vulnerability in linux (CVE-2026-43067)
vulnerability in linux (CVE-2026-43067). Successful exploitation can lead to full system takeover.
CVE-2026-43869 Vulnerability in org.apache.thrift:libthrift (CVE-2026-43869)
vulnerability in org.apache.thrift:libthrift (CVE-2026-43869). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.23.0` or later.
CVE-2026-43868 Vulnerability in thrift (CVE-2026-43868)
vulnerability in thrift (CVE-2026-43868). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.23.0` or later.
CVE-2026-6418 Vulnerability in papercut (CVE-2026-6418)
vulnerability in papercut (CVE-2026-6418). Confidential information can be exposed externally.
CVE-2026-6180 Vulnerability in papercut (CVE-2026-6180)
vulnerability in papercut (CVE-2026-6180). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →