Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-23455 |
|
Out-of-Bounds Read in linux (CVE-2026-23455)
vulnerability in linux (CVE-2026-23455). Confidential information can be exposed externally.
|
| CVE-2026-23456 |
|
Out-of-Bounds Read in linux (CVE-2026-23456)
vulnerability in linux (CVE-2026-23456). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23457 |
|
Vulnerability in linux (CVE-2026-23457)
vulnerability in linux (CVE-2026-23457). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23458 |
|
Use-After-Free in linux (CVE-2026-23458)
vulnerability in linux (CVE-2026-23458). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23459 |
|
Vulnerability in linux (CVE-2026-23459)
vulnerability in linux (CVE-2026-23459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23460 |
|
Vulnerability in linux (CVE-2026-23460)
vulnerability in linux (CVE-2026-23460). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23449 |
|
Vulnerability in c (CVE-2026-23449)
vulnerability in c (CVE-2026-23449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23450 |
|
Use-After-Free in linux (CVE-2026-23450)
vulnerability in linux (CVE-2026-23450). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23451 |
|
Vulnerability in linux (CVE-2026-23451)
vulnerability in linux (CVE-2026-23451). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23452 |
|
Vulnerability in linux (CVE-2026-23452)
vulnerability in linux (CVE-2026-23452). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23453 |
|
Vulnerability in linux (CVE-2026-23453)
vulnerability in linux (CVE-2026-23453). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23454 |
|
Use-After-Free in linux (CVE-2026-23454)
vulnerability in linux (CVE-2026-23454). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23448 |
|
Vulnerability in express (CVE-2026-23448)
vulnerability in express (CVE-2026-23448). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23442 |
|
Vulnerability in linux (CVE-2026-23442)
vulnerability in linux (CVE-2026-23442). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23444 |
|
Vulnerability in linux (CVE-2026-23444)
vulnerability in linux (CVE-2026-23444). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7024 |
|
Vulnerability in airbus (CVE-2025-7024)
vulnerability in airbus (CVE-2025-7024). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35535 |
|
Vulnerability in privilege-escalation (CVE-2026-35535)
vulnerability in privilege-escalation (CVE-2026-35535). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41365 |
|
Authorization Flaw in openclaw (CVE-2026-41365)
vulnerability in openclaw (CVE-2026-41365). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.3.31` or later.
|
| CVE-2026-35385 |
|
Vulnerability in openbsd (CVE-2026-35385)
vulnerability in openbsd (CVE-2026-35385). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35386 |
|
Vulnerability in openbsd (CVE-2026-35386)
vulnerability in openbsd (CVE-2026-35386). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34877 |
|
Vulnerability in arm (CVE-2026-34877)
vulnerability in arm (CVE-2026-34877). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26895 |
|
Vulnerability in enhancesoft (CVE-2026-26895)
vulnerability in enhancesoft (CVE-2026-26895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3692 |
|
OS Command Injection in progress (CVE-2026-3692)
OS command injection in progress (CVE-2026-3692). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2737 |
|
Cross-Site Scripting (XSS) in progress (CVE-2026-2737)
cross-site scripting in progress (CVE-2026-2737). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3502 KEV |
|
[KEV] Vulnerability in Trueconf client (CVE-2026-3502)
vulnerability in Trueconf client (CVE-2026-3502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34871 |
|
Vulnerability in arm (CVE-2026-34871)
vulnerability in arm (CVE-2026-34871). Confidential information can be exposed externally.
|
| CVE-2026-25835 |
|
Vulnerability in arm (CVE-2026-25835)
vulnerability in arm (CVE-2026-25835). Confidential information can be exposed externally.
|
| CVE-2026-23401 |
|
Use-After-Free in c (CVE-2026-23401)
vulnerability in c (CVE-2026-23401). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5272 |
|
Vulnerability in google (CVE-2026-5272)
vulnerability in google (CVE-2026-5272). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5273 |
|
Use-After-Free in google (CVE-2026-5273)
vulnerability in google (CVE-2026-5273). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5281 KEV |
|
[KEV] Use-After-Free in Google dawn (CVE-2026-5281)
vulnerability in Google dawn (CVE-2026-5281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-22561 |
|
Vulnerability in privilege-escalation (CVE-2026-22561)
vulnerability in privilege-escalation (CVE-2026-22561). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33997 |
|
Vulnerability in docker (CVE-2026-33997)
vulnerability in docker (CVE-2026-33997). Confidential information can be exposed externally.
|
| CVE-2026-34237 |
|
Vulnerability in io.modelcontextprotocol.sdk:mcp-core (CVE-2026-34237)
vulnerability in io.modelcontextprotocol.sdk:mcp-core (CVE-2026-34237). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.18.3` or later.
|
| CVE-2026-2370 |
|
Vulnerability in gitlab (CVE-2026-2370)
vulnerability in gitlab (CVE-2026-2370). Confidential information can be exposed externally.
|
| CVE-2026-3055 KEV |
|
[KEV] Out-of-Bounds Read in Citrix netscaler (CVE-2026-3055)
vulnerability in Citrix netscaler (CVE-2026-3055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-23399 |
|
Vulnerability in Kernel (CVE-2026-23399)
vulnerability in Kernel (CVE-2026-23399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.12.78, 6.18.20, 6.19.10` or later.
|
| CVE-2026-34046 |
|
Vulnerability in langflow (CVE-2026-34046)
vulnerability in langflow (CVE-2026-34046). Successful exploitation can lead to full system takeover. Exploitable via ``_read_flow``.
|
| CVE-2026-30567 |
|
Cross-Site Scripting (XSS) in ahsanriaz26gmailcom (CVE-2026-30567)
cross-site scripting in ahsanriaz26gmailcom (CVE-2026-30567). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56358 |
|
Cross-Site Scripting (XSS) in n8n (CVE-2026-56358)
cross-site scripting in n8n (CVE-2026-56358). Risk of unauthorized operations or information disclosure. Exploitable via ``NODES_EXCLUDE``. Mitigation: upgrade to `1.123.25` or later.
|
| CVE-2026-34040 |
|
Vulnerability in github.com/moby/moby (CVE-2026-34040)
vulnerability in github.com/moby/moby (CVE-2026-34040). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `29.3.1` or later.
|
| CVE-2026-28367 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28367)
vulnerability in io.undertow:undertow-parent (CVE-2026-28367). Confidential information can be exposed externally.
|
| CVE-2026-32983 |
|
Vulnerability in dos (CVE-2026-32983)
vulnerability in dos (CVE-2026-32983). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32984 |
|
Out-of-Bounds Read in dos (CVE-2026-32984)
vulnerability in dos (CVE-2026-32984). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5010 |
|
Cross-Site Scripting (XSS) in CVE-2026-5010 (CVE-2026-5010)
cross-site scripting in CVE-2026-5010 (CVE-2026-5010). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33559 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-33559)
cross-site scripting in wordpress (CVE-2026-33559). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22744 |
|
Vulnerability in vmware (CVE-2026-22744)
vulnerability in vmware (CVE-2026-22744). Confidential information can be exposed externally.
|
| CVE-2026-22738 |
|
Vulnerability in org.springframework.ai:spring-ai-vector-store (CVE-2026-22738)
vulnerability in org.springframework.ai:spring-ai-vector-store (CVE-2026-22738). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.1.4` or later.
|
| CVE-2026-22742 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-22742)
SSRF in ssrf (CVE-2026-22742). Confidential information can be exposed externally.
|
| CVE-2026-33728 |
|
Unsafe Deserialization in com.datadoghq:dd-java-agent (CVE-2026-33728)
vulnerability in com.datadoghq:dd-java-agent (CVE-2026-33728). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.60.3` or later.
|