Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41605 |
|
Vulnerability in apache (CVE-2026-41605)
vulnerability in apache (CVE-2026-41605). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41606 |
|
Vulnerability in apache (CVE-2026-41606)
vulnerability in apache (CVE-2026-41606). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-48431 |
|
Vulnerability in apache (CVE-2025-48431)
vulnerability in apache (CVE-2025-48431). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41602 |
|
Vulnerability in apache (CVE-2026-41602)
vulnerability in apache (CVE-2026-41602). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0711 |
|
OS Command Injection in zyxel (CVE-2026-0711)
OS command injection in zyxel (CVE-2026-0711). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1460 |
|
OS Command Injection in zyxel (CVE-2026-1460)
OS command injection in zyxel (CVE-2026-1460). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40976 |
|
Vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976)
vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.6` or later.
|
| CVE-2026-40974 |
|
Vulnerability in spring (CVE-2026-40974)
vulnerability in spring (CVE-2026-40974). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40975 |
|
Vulnerability in spring (CVE-2026-40975)
vulnerability in spring (CVE-2026-40975). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-1708 KEV |
|
[KEV] Path Traversal in Connectwise screenconnect (CVE-2024-1708)
path traversal in Connectwise screenconnect (CVE-2024-1708). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-32202 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-32202)
vulnerability in Microsoft windows (CVE-2026-32202). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-40971 |
|
Vulnerability in spring (CVE-2026-40971)
vulnerability in spring (CVE-2026-40971). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3087 |
|
Path Traversal in libpython (CVE-2026-3087)
path traversal in libpython (CVE-2026-3087). Data can be tampered with by attackers. Mitigation: upgrade to `3.14.5` or later.
|
| CVE-2026-40970 |
|
Vulnerability in spring (CVE-2026-40970)
vulnerability in spring (CVE-2026-40970). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31686 |
|
Vulnerability in linux (CVE-2026-31686)
vulnerability in linux (CVE-2026-31686). Successful exploitation can lead to full system takeover.
|
| CVE-2026-38934 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-38934 (CVE-2026-38934)
vulnerability in CVE-2026-38934 (CVE-2026-38934). Successful exploitation can lead to full system takeover.
|
| CVE-2026-38935 |
|
Cross-Site Scripting (XSS) in CVE-2026-38935 (CVE-2026-38935)
cross-site scripting in CVE-2026-38935 (CVE-2026-38935). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-38936 |
|
Cross-Site Scripting (XSS) in CVE-2026-38936 (CVE-2026-38936)
cross-site scripting in CVE-2026-38936 (CVE-2026-38936). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41465 |
|
Path Traversal in path-traversal (CVE-2026-41465)
path traversal in path-traversal (CVE-2026-41465). Confidential information can be exposed externally.
|
| CVE-2026-40514 |
|
Vulnerability in smartertools (CVE-2026-40514)
vulnerability in smartertools (CVE-2026-40514). Confidential information can be exposed externally.
|
| CVE-2026-40022 |
|
Vulnerability in org.apache.camel:camel-platform-http-main (CVE-2026-40022)
vulnerability in org.apache.camel:camel-platform-http-main (CVE-2026-40022). Confidential information can be exposed externally. Mitigation: upgrade to `4.20.0` or later.
|
| CVE-2026-33453 |
|
Vulnerability in apache (CVE-2026-33453)
vulnerability in apache (CVE-2026-33453). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27172 |
|
Unsafe Deserialization in apache (CVE-2026-27172)
vulnerability in apache (CVE-2026-27172). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40858 |
|
Unsafe Deserialization in apache (CVE-2026-40858)
vulnerability in apache (CVE-2026-40858). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33454 |
|
Unsafe Deserialization in apache (CVE-2026-33454)
vulnerability in apache (CVE-2026-33454). Confidential information can be exposed externally.
|
| CVE-2026-40453 |
|
Vulnerability in org.apache.camel:camel-coap (CVE-2026-40453)
vulnerability in org.apache.camel:camel-coap (CVE-2026-40453). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.20.0` or later.
|
| CVE-2026-40860 |
|
Unsafe Deserialization in apache (CVE-2026-40860)
vulnerability in apache (CVE-2026-40860). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7101 |
|
Buffer Overflow in tenda (CVE-2026-7101)
vulnerability in tenda (CVE-2026-7101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40048 |
|
Unsafe Deserialization in apache (CVE-2026-40048)
vulnerability in apache (CVE-2026-40048). Successful exploitation can lead to full system takeover. Exploitable via ``java.security.KeyPair``.
|
| CVE-2026-40473 |
|
Unsafe Deserialization in apache (CVE-2026-40473)
vulnerability in apache (CVE-2026-40473). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6786 |
|
Out-of-Bounds Read in mozilla (CVE-2026-6786)
vulnerability in mozilla (CVE-2026-6786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6785 |
|
Out-of-Bounds Read in mozilla (CVE-2026-6785)
vulnerability in mozilla (CVE-2026-6785). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31684 |
|
Vulnerability in linux (CVE-2026-31684)
vulnerability in linux (CVE-2026-31684). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31685 |
|
Vulnerability in linux (CVE-2026-31685)
vulnerability in linux (CVE-2026-31685). Confidential information can be exposed externally.
|
| CVE-2026-31676 |
|
Vulnerability in linux (CVE-2026-31676)
vulnerability in linux (CVE-2026-31676). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31681 |
|
Vulnerability in linux (CVE-2026-31681)
vulnerability in linux (CVE-2026-31681). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31673 |
|
Vulnerability in linux (CVE-2026-31673)
vulnerability in linux (CVE-2026-31673). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41433 |
|
Path Traversal in opentelemetry (CVE-2026-41433)
path traversal in opentelemetry (CVE-2026-41433). Data can be tampered with by attackers. Mitigation: upgrade to `0.8.0` or later.
|
| CVE-2026-42041 |
|
Authentication Bypass in axios (CVE-2026-42041)
authentication bypass in axios (CVE-2026-42041). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.15.1` or later.
|
| CVE-2026-42043 |
|
Vulnerability in axios (CVE-2026-42043)
vulnerability in axios (CVE-2026-42043). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.15.1` or later.
|
| CVE-2026-42044 |
|
Vulnerability in privilege-escalation (CVE-2026-42044)
vulnerability in privilege-escalation (CVE-2026-42044). Data can be tampered with by attackers. Mitigation: upgrade to `1.15.2` or later.
|
| CVE-2026-42033 |
|
Vulnerability in axios (CVE-2026-42033)
vulnerability in axios (CVE-2026-42033). Confidential information can be exposed externally. Mitigation: upgrade to `1.15.1` or later.
|
| CVE-2026-6553 |
|
Vulnerability in typo3/cms-backend (CVE-2026-6553)
vulnerability in typo3/cms-backend (CVE-2026-6553). Confidential information can be exposed externally. Exploitable via ``SetupModuleController``. Mitigation: upgrade to `14.3.0` or later.
|
| CVE-2026-31635 |
|
Vulnerability in c (CVE-2026-31635)
vulnerability in c (CVE-2026-31635). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31641 |
|
Out-of-Bounds Read in linux (CVE-2026-31641)
vulnerability in linux (CVE-2026-31641). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31664 |
|
Vulnerability in linux (CVE-2026-31664)
vulnerability in linux (CVE-2026-31664). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31656 |
|
Vulnerability in linux (CVE-2026-31656)
vulnerability in linux (CVE-2026-31656). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31657 |
|
Vulnerability in linux (CVE-2026-31657)
vulnerability in linux (CVE-2026-31657). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31663 |
|
Vulnerability in linux (CVE-2026-31663)
vulnerability in linux (CVE-2026-31663). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31637 |
|
Vulnerability in linux (CVE-2026-31637)
vulnerability in linux (CVE-2026-31637). Successful exploitation can lead to full system takeover.
|