Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-40372 Vulnerability in csharp (CVE-2026-40372)
vulnerability in csharp (CVE-2026-40372). Confidential information can be exposed externally.
CVE-2026-30452 Vulnerability in textpattern (CVE-2026-30452)
vulnerability in textpattern (CVE-2026-30452). Data can be tampered with by attackers.
CVE-2025-41029 SQL Injection in sqli (CVE-2025-41029)
SQL injection in sqli (CVE-2025-41029). Risk of unauthorized operations or information disclosure.
CVE-2026-6784 Out-of-Bounds Read in mozilla (CVE-2026-6784)
vulnerability in mozilla (CVE-2026-6784). Successful exploitation can lead to full system takeover.
CVE-2026-6754 Use-After-Free in mozilla (CVE-2026-6754)
vulnerability in mozilla (CVE-2026-6754). Risk of unauthorized operations or information disclosure.
CVE-2026-6746 Use-After-Free in mozilla (CVE-2026-6746)
vulnerability in mozilla (CVE-2026-6746). Risk of unauthorized operations or information disclosure.
CVE-2026-6747 Use-After-Free in mozilla (CVE-2026-6747)
vulnerability in mozilla (CVE-2026-6747). Risk of unauthorized operations or information disclosure.
CVE-2026-6749 Vulnerability in mozilla (CVE-2026-6749)
vulnerability in mozilla (CVE-2026-6749). Confidential information can be exposed externally.
CVE-2026-6748 Vulnerability in mozilla (CVE-2026-6748)
vulnerability in mozilla (CVE-2026-6748). Successful exploitation can lead to full system takeover.
CVE-2026-6750 Privilege Escalation in privilege-escalation (CVE-2026-6750)
vulnerability in privilege-escalation (CVE-2026-6750). Successful exploitation can lead to full system takeover.
CVE-2026-6753 Buffer Overflow in mozilla (CVE-2026-6753)
vulnerability in mozilla (CVE-2026-6753). Risk of unauthorized operations or information disclosure.
CVE-2026-6752 Buffer Overflow in mozilla (CVE-2026-6752)
vulnerability in mozilla (CVE-2026-6752). Risk of unauthorized operations or information disclosure.
CVE-2026-6751 Vulnerability in mozilla (CVE-2026-6751)
vulnerability in mozilla (CVE-2026-6751). Risk of unauthorized operations or information disclosure.
CVE-2026-31018 Code Injection in dolibarr (CVE-2026-31018)
code injection in dolibarr (CVE-2026-31018). Successful exploitation can lead to full system takeover.
CVE-2026-31019 OS Command Injection in dolibarr (CVE-2026-31019)
OS command injection in dolibarr (CVE-2026-31019). Successful exploitation can lead to full system takeover.
CVE-2025-10354 Cross-Site Scripting (XSS) in CVE-2025-10354 (CVE-2025-10354)
cross-site scripting in CVE-2025-10354 (CVE-2025-10354). Risk of unauthorized operations or information disclosure.
CVE-2026-32147 Path Traversal in path-traversal (CVE-2026-32147)
path traversal in path-traversal (CVE-2026-32147). Risk of unauthorized operations or information disclosure.
CVE-2026-6058 Vulnerability in c (CVE-2026-6058)
vulnerability in c (CVE-2026-6058). Risk of unauthorized operations or information disclosure.
CVE-2026-35154 Privilege Escalation in dell (CVE-2026-35154)
vulnerability in dell (CVE-2026-35154). Successful exploitation can lead to full system takeover.
CVE-2026-41245 Path Traversal in path-traversal (CVE-2026-41245)
path traversal in path-traversal (CVE-2026-41245). Data can be tampered with by attackers. Exploitable via ``LocalFolderExtractor``.
CVE-2026-33557 Vulnerability in apache (CVE-2026-33557)
vulnerability in apache (CVE-2026-33557). Confidential information can be exposed externally. Exploitable via ``sasl.oauthbearer.jwt.validator.class``.
CVE-2026-31430 Out-of-Bounds Read in linux (CVE-2026-31430)
vulnerability in linux (CVE-2026-31430). Confidential information can be exposed externally.
CVE-2026-6654 Vulnerability in mozilla (CVE-2026-6654)
vulnerability in mozilla (CVE-2026-6654). Risk of unauthorized operations or information disclosure.
CVE-2026-31429 Vulnerability in linux (CVE-2026-31429)
vulnerability in linux (CVE-2026-31429). Risk of unauthorized operations or information disclosure.
CVE-2026-5966 Vulnerability in path-traversal (CVE-2026-5966)
vulnerability in path-traversal (CVE-2026-5966). Data can be tampered with by attackers.
CVE-2026-5967 OS Command Injection in privilege-escalation (CVE-2026-5967)
OS command injection in privilege-escalation (CVE-2026-5967). Successful exploitation can lead to full system takeover.
CVE-2024-7083 Cross-Site Scripting (XSS) in wordpress (CVE-2024-7083)
cross-site scripting in wordpress (CVE-2024-7083). Risk of unauthorized operations or information disclosure.
CVE-2026-20122 KEV [KEV] Vulnerability in Cisco catalyst-sd-wan-manger (CVE-2026-20122)
vulnerability in Cisco catalyst-sd-wan-manger (CVE-2026-20122). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-20133 KEV [KEV] Information Disclosure in Cisco catalyst-sd-wan-manager (CVE-2026-20133)
vulnerability in Cisco catalyst-sd-wan-manager (CVE-2026-20133). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-20128 KEV [KEV] Vulnerability in Cisco catalyst-sd-wan-manager (CVE-2026-20128)
vulnerability in Cisco catalyst-sd-wan-manager (CVE-2026-20128). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2749 KEV [KEV] Path Traversal in Kentico path-traversal (CVE-2025-2749)
path traversal in Kentico path-traversal (CVE-2025-2749). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-27351 KEV [KEV] Authentication Bypass in Papercut ngmf (CVE-2023-27351)
authentication bypass in Papercut ngmf (CVE-2023-27351). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-48700 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-48700)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-48700). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-32975 KEV [KEV] Authentication Bypass in Quest kace-systems-management-appliance-sma (CVE-2025-32975)
authentication bypass in Quest kace-systems-management-appliance-sma (CVE-2025-32975). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-27199 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27199)
vulnerability in Jetbrains teamcity (CVE-2024-27199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-40948 Cross-Site Request Forgery (CSRF) in apache (CVE-2026-40948)
vulnerability in apache (CVE-2026-40948). Risk of unauthorized operations or information disclosure. Exploitable via ``state``.
CVE-2026-40477 Vulnerability in thymeleaf (CVE-2026-40477)
vulnerability in thymeleaf (CVE-2026-40477). Successful exploitation can lead to full system takeover.
CVE-2026-40478 Vulnerability in thymeleaf (CVE-2026-40478)
vulnerability in thymeleaf (CVE-2026-40478). Successful exploitation can lead to full system takeover.
CVE-2026-5718 Unrestricted File Upload in wordpress (CVE-2026-5718)
vulnerability in wordpress (CVE-2026-5718). Successful exploitation can lead to full system takeover.
CVE-2025-46605 Vulnerability in dell (CVE-2025-46605)
vulnerability in dell (CVE-2025-46605). Confidential information can be exposed externally.
CVE-2025-46606 Vulnerability in dell (CVE-2025-46606)
vulnerability in dell (CVE-2025-46606). Confidential information can be exposed externally.
CVE-2026-35072 OS Command Injection in dell (CVE-2026-35072)
OS command injection in dell (CVE-2026-35072). Successful exploitation can lead to full system takeover.
CVE-2026-35073 OS Command Injection in dell (CVE-2026-35073)
OS command injection in dell (CVE-2026-35073). Successful exploitation can lead to full system takeover.
CVE-2026-35074 OS Command Injection in dell (CVE-2026-35074)
OS command injection in dell (CVE-2026-35074). Successful exploitation can lead to full system takeover.
CVE-2026-35153 Vulnerability in dell (CVE-2026-35153)
vulnerability in dell (CVE-2026-35153). Successful exploitation can lead to full system takeover.
CVE-2026-23853 Vulnerability in dell (CVE-2026-23853)
vulnerability in dell (CVE-2026-23853). Successful exploitation can lead to full system takeover.
CVE-2026-43995 SSRF (Server-Side Request Forgery) in flowise (CVE-2026-43995)
SSRF in flowise (CVE-2026-43995). Successful exploitation can lead to full system takeover. Exploitable via ``httpSecurity.ts``. Mitigation: upgrade to `3.1.0` or later.
CVE-2026-56269 Vulnerability in flowise (CVE-2026-56269)
vulnerability in flowise (CVE-2026-56269). Confidential information can be exposed externally. Mitigation: upgrade to `3.1.0` or later.
CVE-2026-56270 Vulnerability in flowise (CVE-2026-56270)
vulnerability in flowise (CVE-2026-56270). Confidential information can be exposed externally. Exploitable via `GET /api/v1/loginmethod`. Mitigation: upgrade to `3.1.0` or later.
CVE-2026-30459 Vulnerability in thedaylightstudio (CVE-2026-30459)
vulnerability in thedaylightstudio (CVE-2026-30459). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →