Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-42039 Vulnerability in axios (CVE-2026-42039)
vulnerability in axios (CVE-2026-42039). Risk of unauthorized operations or information disclosure. Exploitable via `POST /forward`. Mitigation: upgrade to `0.31.1` or later.
CVE-2026-38751 Unrestricted File Upload in devcode-it/openstamanager (CVE-2026-38751)
vulnerability in devcode-it/openstamanager (CVE-2026-38751). Successful exploitation can lead to full system takeover.
CVE-2026-44113 Vulnerability in openclaw (CVE-2026-44113)
vulnerability in openclaw (CVE-2026-44113). Confidential information can be exposed externally. Mitigation: upgrade to `2026.4.22` or later.
CVE-2026-44112 Vulnerability in openclaw (CVE-2026-44112)
vulnerability in openclaw (CVE-2026-44112). Data can be tampered with by attackers. Mitigation: upgrade to `2026.4.22` or later.
CVE-2026-25863 Vulnerability in wordpress (CVE-2026-25863)
vulnerability in wordpress (CVE-2026-25863). Risk of unauthorized operations or information disclosure.
CVE-2026-42027 Vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42027)
vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42027). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0.0-M3` or later.
CVE-2026-42440 Vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42440)
vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-42440). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.0-M3` or later.
CVE-2026-42809 Vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42809)
vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42809). Successful exploitation can lead to full system takeover. Exploitable via ``location``. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-42810 Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42810)
vulnerability in org.apache.polaris:polaris-core (CVE-2026-42810). Successful exploitation can lead to full system takeover. Exploitable via ``TABLE_CREATE``. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-42811 Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811)
vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-42812 Vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42812)
vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42812). Successful exploitation can lead to full system takeover. Exploitable via ``write.metadata.path``. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-40682 XXE (XML External Entity) in org.apache.opennlp:opennlp-tools (CVE-2026-40682)
vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-40682). Confidential information can be exposed externally. Mitigation: upgrade to `3.0.0-M3` or later.
CVE-2026-41471 Vulnerability in wordpress (CVE-2026-41471)
vulnerability in wordpress (CVE-2026-41471). Confidential information can be exposed externally.
CVE-2026-32834 Vulnerability in wordpress (CVE-2026-32834)
vulnerability in wordpress (CVE-2026-32834). Confidential information can be exposed externally.
CVE-2026-40075 Path Traversal in org.openmrs.web:openmrs-web (CVE-2026-40075)
path traversal in org.openmrs.web:openmrs-web (CVE-2026-40075). Confidential information can be exposed externally. Exploitable via ``ModuleResourcesServlet``. Mitigation: upgrade to `2.8.6` or later.
CVE-2026-26956 Vulnerability in vm2-project (CVE-2026-26956)
vulnerability in vm2-project (CVE-2026-26956). Successful exploitation can lead to full system takeover. Exploitable via ``catch``.
CVE-2026-24082 Use-After-Free in qualcomm (CVE-2026-24082)
vulnerability in qualcomm (CVE-2026-24082). Successful exploitation can lead to full system takeover.
CVE-2026-35527 SSRF (Server-Side Request Forgery) in github.com/lxc/incus/v6/cmd/incusd (CVE-2026-35527)
SSRF in github.com/lxc/incus/v6/cmd/incusd (CVE-2026-35527). Risk of unauthorized operations or information disclosure. Exploitable via ``restricted.images.servers``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-42364 OS Command Injection in geovision (CVE-2026-42364)
OS command injection in geovision (CVE-2026-42364). Successful exploitation can lead to full system takeover.
CVE-2026-42365 Vulnerability in geovision (CVE-2026-42365)
vulnerability in geovision (CVE-2026-42365). Confidential information can be exposed externally.
CVE-2026-42367 Vulnerability in c (CVE-2026-42367)
vulnerability in c (CVE-2026-42367). Confidential information can be exposed externally.
CVE-2026-42370 Out-of-Bounds Write in geovision (CVE-2026-42370)
out-of-bounds write in geovision (CVE-2026-42370). Successful exploitation can lead to full system takeover.
CVE-2026-42368 Vulnerability in privilege-escalation (CVE-2026-42368)
vulnerability in privilege-escalation (CVE-2026-42368). Successful exploitation can lead to full system takeover.
CVE-2026-7161 Vulnerability in geovision (CVE-2026-7161)
vulnerability in geovision (CVE-2026-7161). Confidential information can be exposed externally.
CVE-2026-43058 Vulnerability in linux (CVE-2026-43058)
vulnerability in linux (CVE-2026-43058). Risk of unauthorized operations or information disclosure.
CVE-2026-42475 SQL Injection in sqli (CVE-2026-42475)
SQL injection in sqli (CVE-2026-42475). Risk of unauthorized operations or information disclosure.
CVE-2026-37503 Cross-Site Scripting (XSS) in v2board (CVE-2026-37503)
cross-site scripting in v2board (CVE-2026-37503). Confidential information can be exposed externally.
CVE-2026-37504 Vulnerability in v2board (CVE-2026-37504)
vulnerability in v2board (CVE-2026-37504). Confidential information can be exposed externally. Exploitable via `Referer header`.
CVE-2026-37505 SQL Injection in sqli (CVE-2026-37505)
SQL injection in sqli (CVE-2026-37505). Confidential information can be exposed externally.
CVE-2026-37552 Unsafe Deserialization in deserialization (CVE-2026-37552)
vulnerability in deserialization (CVE-2026-37552). Successful exploitation can lead to full system takeover.
CVE-2026-43037 Out-of-Bounds Write in linux (CVE-2026-43037)
out-of-bounds write in linux (CVE-2026-43037). Successful exploitation can lead to full system takeover.
CVE-2026-43004 Vulnerability in linux (CVE-2026-43004)
vulnerability in linux (CVE-2026-43004). Risk of unauthorized operations or information disclosure.
CVE-2026-43010 Vulnerability in linux (CVE-2026-43010)
vulnerability in linux (CVE-2026-43010). Risk of unauthorized operations or information disclosure.
CVE-2026-31769 Use-After-Free in linux (CVE-2026-31769)
vulnerability in linux (CVE-2026-31769). Successful exploitation can lead to full system takeover.
CVE-2026-31778 Out-of-Bounds Read in c (CVE-2026-31778)
vulnerability in c (CVE-2026-31778). Confidential information can be exposed externally.
CVE-2026-31779 Out-of-Bounds Read in linux (CVE-2026-31779)
vulnerability in linux (CVE-2026-31779). Confidential information can be exposed externally.
CVE-2026-31765 Vulnerability in linux (CVE-2026-31765)
vulnerability in linux (CVE-2026-31765). Risk of unauthorized operations or information disclosure.
CVE-2026-31767 Vulnerability in linux (CVE-2026-31767)
vulnerability in linux (CVE-2026-31767). Risk of unauthorized operations or information disclosure.
CVE-2026-31770 Vulnerability in linux (CVE-2026-31770)
vulnerability in linux (CVE-2026-31770). Risk of unauthorized operations or information disclosure.
CVE-2026-31732 Vulnerability in linux (CVE-2026-31732)
vulnerability in linux (CVE-2026-31732). Risk of unauthorized operations or information disclosure. Exploitable via ``gdev``.
CVE-2026-43047 Out-of-Bounds Write in linux (CVE-2026-43047)
out-of-bounds write in linux (CVE-2026-43047). Successful exploitation can lead to full system takeover.
CVE-2026-43052 Vulnerability in linux (CVE-2026-43052)
vulnerability in linux (CVE-2026-43052). Data can be tampered with by attackers.
CVE-2026-43039 Vulnerability in linux (CVE-2026-43039)
vulnerability in linux (CVE-2026-43039). Successful exploitation can lead to full system takeover.
CVE-2026-43040 Vulnerability in linux (CVE-2026-43040)
vulnerability in linux (CVE-2026-43040). Confidential information can be exposed externally.
CVE-2026-43041 Vulnerability in linux (CVE-2026-43041)
vulnerability in linux (CVE-2026-43041). Risk of unauthorized operations or information disclosure.
CVE-2026-43042 Out-of-Bounds Read in linux (CVE-2026-43042)
vulnerability in linux (CVE-2026-43042). Confidential information can be exposed externally.
CVE-2026-43043 Vulnerability in linux (CVE-2026-43043)
vulnerability in linux (CVE-2026-43043). Risk of unauthorized operations or information disclosure.
CVE-2026-43044 Vulnerability in linux (CVE-2026-43044)
vulnerability in linux (CVE-2026-43044). Successful exploitation can lead to full system takeover.
CVE-2026-43045 Vulnerability in linux (CVE-2026-43045)
vulnerability in linux (CVE-2026-43045). Risk of unauthorized operations or information disclosure.
CVE-2026-43046 Vulnerability in c (CVE-2026-43046)
vulnerability in c (CVE-2026-43046). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →