Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-21643 KEV [KEV] SQL Injection in Fortinet forticlient-ems (CVE-2026-21643)
SQL injection in Fortinet forticlient-ems (CVE-2026-21643). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-31413 Out-of-Bounds Read in linux (CVE-2026-31413)
vulnerability in linux (CVE-2026-31413). Successful exploitation can lead to full system takeover.
CVE-2026-31845 Cross-Site Scripting (XSS) in CVE-2026-31845 (CVE-2026-31845)
cross-site scripting in CVE-2026-31845 (CVE-2026-31845). Confidential information can be exposed externally.
CVE-2026-33118 Vulnerability in microsoft (CVE-2026-33118)
vulnerability in microsoft (CVE-2026-33118). Risk of unauthorized operations or information disclosure.
CVE-2026-40194 Vulnerability in phpseclib/phpseclib (CVE-2026-40194)
vulnerability in phpseclib/phpseclib (CVE-2026-40194). Risk of unauthorized operations or information disclosure. Exploitable via ``e819a163c``. Mitigation: upgrade to `1.0.28` or later.
CVE-2026-40175 Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
CVE-2026-34481 Vulnerability in apache (CVE-2026-34481)
vulnerability in apache (CVE-2026-34481). Data can be tampered with by attackers.
CVE-2026-39304 Vulnerability in apache (CVE-2026-39304)
vulnerability in apache (CVE-2026-39304). Risk of unauthorized operations or information disclosure.
CVE-2026-31412 Vulnerability in linux (CVE-2026-31412)
vulnerability in linux (CVE-2026-31412). Risk of unauthorized operations or information disclosure.
CVE-2026-5525 Vulnerability in notepad-plus-plus (CVE-2026-5525)
vulnerability in notepad-plus-plus (CVE-2026-5525). Confidential information can be exposed externally.
CVE-2026-22750 Vulnerability in vmware (CVE-2026-22750)
vulnerability in vmware (CVE-2026-22750). Data can be tampered with by attackers.
CVE-2026-4482 Vulnerability in rapid7 (CVE-2026-4482)
vulnerability in rapid7 (CVE-2026-4482). Confidential information can be exposed externally.
CVE-2026-21915 Vulnerability in juniper (CVE-2026-21915)
vulnerability in juniper (CVE-2026-21915). Successful exploitation can lead to full system takeover.
CVE-2026-39848 Vulnerability in csrf (CVE-2026-39848)
vulnerability in csrf (CVE-2026-39848). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.0` or later.
CVE-2026-33788 Vulnerability in juniper (CVE-2026-33788)
vulnerability in juniper (CVE-2026-33788). Successful exploitation can lead to full system takeover.
CVE-2026-33784 Vulnerability in juniper (CVE-2026-33784)
vulnerability in juniper (CVE-2026-33784). Successful exploitation can lead to full system takeover.
CVE-2026-33771 Vulnerability in juniper (CVE-2026-33771)
vulnerability in juniper (CVE-2026-33771). Confidential information can be exposed externally.
CVE-2026-33774 Vulnerability in juniper (CVE-2026-33774)
vulnerability in juniper (CVE-2026-33774). Risk of unauthorized operations or information disclosure.
CVE-2026-21904 Cross-Site Scripting (XSS) in juniper (CVE-2026-21904)
cross-site scripting in juniper (CVE-2026-21904). Risk of unauthorized operations or information disclosure.
CVE-2025-13914 Vulnerability in juniper (CVE-2025-13914)
vulnerability in juniper (CVE-2025-13914). Confidential information can be exposed externally.
CVE-2026-34486 Vulnerability in tomcat (CVE-2026-34486)
vulnerability in tomcat (CVE-2026-34486). Confidential information can be exposed externally. Mitigation: upgrade to `9.0.117, 10.1.54, 11.0.21` or later.
CVE-2026-29146 Vulnerability in apache (CVE-2026-29146)
vulnerability in apache (CVE-2026-29146). Confidential information can be exposed externally.
CVE-2026-1584 Vulnerability in dos (CVE-2026-1584)
vulnerability in dos (CVE-2026-1584). Risk of unauthorized operations or information disclosure.
CVE-2025-62718 Vulnerability in axios (CVE-2025-62718)
vulnerability in axios (CVE-2025-62718). Confidential information can be exposed externally. Exploitable via ``NO_PROXY``. Mitigation: upgrade to `0.31.0` or later.
CVE-2026-39976 Authentication Bypass in laravel (CVE-2026-39976)
authentication bypass in laravel (CVE-2026-39976). Confidential information can be exposed externally. Mitigation: upgrade to `13.7.1` or later.
CVE-2026-39962 Vulnerability in misp-project (CVE-2026-39962)
vulnerability in misp-project (CVE-2026-39962). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.5.36` or later.
CVE-2026-35204 Path Traversal in helm (CVE-2026-35204)
path traversal in helm (CVE-2026-35204). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.4` or later.
CVE-2026-35205 Vulnerability in helm (CVE-2026-35205)
vulnerability in helm (CVE-2026-35205). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.4` or later.
CVE-2025-70364 Code Injection in CVE-2025-70364 (CVE-2025-70364)
code injection in CVE-2025-70364 (CVE-2025-70364). Successful exploitation can lead to full system takeover.
CVE-2026-4116 Vulnerability in sonicwall (CVE-2026-4116)
vulnerability in sonicwall (CVE-2026-4116). Successful exploitation can lead to full system takeover.
CVE-2026-4112 SQL Injection in sqli (CVE-2026-4112)
SQL injection in sqli (CVE-2026-4112). Successful exploitation can lead to full system takeover.
CVE-2026-4114 Vulnerability in sonicwall (CVE-2026-4114)
vulnerability in sonicwall (CVE-2026-4114). Successful exploitation can lead to full system takeover.
CVE-2026-4113 Vulnerability in sonicwall (CVE-2026-4113)
vulnerability in sonicwall (CVE-2026-4113). Successful exploitation can lead to full system takeover.
CVE-2026-5863 Vulnerability in google (CVE-2026-5863)
vulnerability in google (CVE-2026-5863). Successful exploitation can lead to full system takeover.
CVE-2026-5911 Vulnerability in google (CVE-2026-5911)
vulnerability in google (CVE-2026-5911). Risk of unauthorized operations or information disclosure.
CVE-2026-5890 Vulnerability in google (CVE-2026-5890)
vulnerability in google (CVE-2026-5890). Confidential information can be exposed externally.
CVE-2026-5883 Use-After-Free in google (CVE-2026-5883)
vulnerability in google (CVE-2026-5883). Successful exploitation can lead to full system takeover.
CVE-2026-5879 Vulnerability in google (CVE-2026-5879)
vulnerability in google (CVE-2026-5879). Successful exploitation can lead to full system takeover.
CVE-2026-5865 Vulnerability in google (CVE-2026-5865)
vulnerability in google (CVE-2026-5865). Successful exploitation can lead to full system takeover.
CVE-2026-5867 Vulnerability in google (CVE-2026-5867)
vulnerability in google (CVE-2026-5867). Risk of unauthorized operations or information disclosure.
CVE-2026-5860 Use-After-Free in google (CVE-2026-5860)
vulnerability in google (CVE-2026-5860). Successful exploitation can lead to full system takeover.
CVE-2026-35023 Vulnerability in wimi-teamwork (CVE-2026-35023)
vulnerability in wimi-teamwork (CVE-2026-35023). Risk of unauthorized operations or information disclosure.
CVE-2026-31411 Vulnerability in linux (CVE-2026-31411)
vulnerability in linux (CVE-2026-31411). Risk of unauthorized operations or information disclosure.
CVE-2026-28264 Vulnerability in dell (CVE-2026-28264)
vulnerability in dell (CVE-2026-28264). Risk of unauthorized operations or information disclosure.
CVE-2026-1340 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1340)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1340). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-31789 Out-of-Bounds Write in openssl (CVE-2026-31789)
out-of-bounds write in openssl (CVE-2026-31789). Successful exploitation can lead to full system takeover.
CVE-2026-28389 Vulnerability in dos (CVE-2026-28389)
vulnerability in dos (CVE-2026-28389). Risk of unauthorized operations or information disclosure.
CVE-2026-28390 Vulnerability in dos (CVE-2026-28390)
vulnerability in dos (CVE-2026-28390). Risk of unauthorized operations or information disclosure.
CVE-2026-31790 Vulnerability in openssl (CVE-2026-31790)
vulnerability in openssl (CVE-2026-31790). Confidential information can be exposed externally.
CVE-2026-28387 Use-After-Free in openssl (CVE-2026-28387)
vulnerability in openssl (CVE-2026-28387). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →