Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-23272 |
|
Vulnerability in linux (CVE-2026-23272)
vulnerability in linux (CVE-2026-23272). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4447 |
|
Vulnerability in google (CVE-2026-4447)
vulnerability in google (CVE-2026-4447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32935 |
|
Vulnerability in phpseclib/phpseclib (CVE-2026-32935)
vulnerability in phpseclib/phpseclib (CVE-2026-32935). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.27` or later.
|
| CVE-2025-54068 KEV |
|
[KEV] Code Injection in Laravel livewire (CVE-2025-54068)
code injection in Laravel livewire (CVE-2025-54068). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-43510 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2025-43510)
vulnerability in Apple multiple-products (CVE-2025-43510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-43520 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2025-43520)
vulnerability in Apple multiple-products (CVE-2025-43520). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-31277 KEV |
|
[KEV] Buffer Overflow in Apple multiple-products (CVE-2025-31277)
vulnerability in Apple multiple-products (CVE-2025-31277). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-32432 KEV |
|
[KEV] Code Injection in Craft cms craft-cms (CVE-2025-32432)
code injection in Craft cms craft-cms (CVE-2025-32432). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-32022 |
|
Vulnerability in openclaw (CVE-2026-32022)
vulnerability in openclaw (CVE-2026-32022). Confidential information can be exposed externally. Exploitable via ``tools.exec.safeBins``. Mitigation: upgrade to `2026.2.21` or later.
|
| CVE-2026-20131 KEV |
|
[KEV] Unsafe Deserialization in Cisco secure-firewall-management-center-fmc (CVE-2026-20131)
vulnerability in Cisco secure-firewall-management-center-fmc (CVE-2026-20131). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-23257 |
|
Vulnerability in linux (CVE-2026-23257)
vulnerability in linux (CVE-2026-23257). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23256 |
|
Vulnerability in linux (CVE-2026-23256)
vulnerability in linux (CVE-2026-23256). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23255 |
|
Vulnerability in linux (CVE-2026-23255)
vulnerability in linux (CVE-2026-23255). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23251 |
|
Vulnerability in linux (CVE-2026-23251)
vulnerability in linux (CVE-2026-23251). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23264 |
|
Vulnerability in Kernel (CVE-2026-23264)
vulnerability in Kernel (CVE-2026-23264). Risk of unauthorized operations or information disclosure. Exploitable via ``amdgpu_aspm``. Mitigation: upgrade to `6.1.163, 6.6.124, 6.12.70, 6.18.10` or later.
|
| CVE-2026-23265 |
|
Vulnerability in c (CVE-2026-23265)
vulnerability in c (CVE-2026-23265). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23266 |
|
Vulnerability in Kernel (CVE-2026-23266)
vulnerability in Kernel (CVE-2026-23266). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.251, 5.15.201, 6.1.164, 6.6.127, 6.12.74, 6.18.13, 6.19.3` or later.
|
| CVE-2026-23267 |
|
Vulnerability in linux (CVE-2026-23267)
vulnerability in linux (CVE-2026-23267). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23258 |
|
Vulnerability in linux (CVE-2026-23258)
vulnerability in linux (CVE-2026-23258). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23259 |
|
Vulnerability in linux (CVE-2026-23259)
vulnerability in linux (CVE-2026-23259). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23260 |
|
Vulnerability in Kernel (CVE-2026-23260)
vulnerability in Kernel (CVE-2026-23260). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.6.124, 6.12.70, 6.18.10` or later.
|
| CVE-2026-23252 |
|
Vulnerability in linux (CVE-2026-23252)
vulnerability in linux (CVE-2026-23252). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23253 |
|
Vulnerability in Kernel (CVE-2026-23253)
vulnerability in Kernel (CVE-2026-23253). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
|
| CVE-2026-23254 |
|
Vulnerability in linux (CVE-2026-23254)
vulnerability in linux (CVE-2026-23254). Risk of unauthorized operations or information disclosure. Exploitable via ``encapsulation``.
|
| CVE-2025-71269 |
|
Vulnerability in Kernel (CVE-2025-71269)
vulnerability in Kernel (CVE-2025-71269). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.18.10` or later.
|
| CVE-2025-71270 |
|
Vulnerability in linux (CVE-2025-71270)
vulnerability in linux (CVE-2025-71270). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23249 |
|
Vulnerability in linux (CVE-2026-23249)
vulnerability in linux (CVE-2026-23249). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23250 |
|
Vulnerability in linux (CVE-2026-23250)
vulnerability in linux (CVE-2026-23250). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71268 |
|
Vulnerability in Kernel (CVE-2025-71268)
vulnerability in Kernel (CVE-2025-71268). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.163, 6.6.124, 6.12.70, 6.18.10` or later.
|
| CVE-2026-23269 |
|
Out-of-Bounds Read in Kernel (CVE-2026-23269)
vulnerability in Kernel (CVE-2026-23269). Confidential information can be exposed externally. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.18, 6.19.8` or later.
|
| CVE-2026-23268 |
|
Vulnerability in Kernel (CVE-2026-23268)
vulnerability in Kernel (CVE-2026-23268). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.18, 6.19.8` or later.
|
| CVE-2026-33001 |
|
Vulnerability in org.jenkins-ci.main:jenkins-core (CVE-2026-33001)
vulnerability in org.jenkins-ci.main:jenkins-core (CVE-2026-33001). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.555` or later.
|
| CVE-2026-23247 |
|
Vulnerability in linux (CVE-2026-23247)
vulnerability in linux (CVE-2026-23247). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71267 |
|
Vulnerability in dos (CVE-2025-71267)
vulnerability in dos (CVE-2025-71267). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23244 |
|
Out-of-Bounds Read in c (CVE-2026-23244)
vulnerability in c (CVE-2026-23244). Confidential information can be exposed externally.
|
| CVE-2026-23245 |
|
Vulnerability in Kernel (CVE-2026-23245)
vulnerability in Kernel (CVE-2026-23245). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.78, 6.18.18, 6.19.8` or later.
|
| CVE-2026-23248 |
|
Use-After-Free in linux (CVE-2026-23248)
vulnerability in linux (CVE-2026-23248). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71265 |
|
Vulnerability in dos (CVE-2025-71265)
vulnerability in dos (CVE-2025-71265). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71266 |
|
Vulnerability in dos (CVE-2025-71266)
vulnerability in dos (CVE-2025-71266). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23242 |
|
Vulnerability in linux (CVE-2026-23242)
vulnerability in linux (CVE-2026-23242). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23243 |
|
Out-of-Bounds Write in Kernel (CVE-2026-23243)
out-of-bounds write in Kernel (CVE-2026-23243). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4` or later.
|
| CVE-2026-22217 |
|
Vulnerability in openclaw (CVE-2026-22217)
vulnerability in openclaw (CVE-2026-22217). Data can be tampered with by attackers. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.2.23` or later.
|
| CVE-2025-66376 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20963 KEV |
|
[KEV] Unsafe Deserialization in Microsoft sharepoint (CVE-2026-20963)
vulnerability in Microsoft sharepoint (CVE-2026-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-32841 |
|
Vulnerability in edimax (CVE-2026-32841)
vulnerability in edimax (CVE-2026-32841). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23241 |
|
Vulnerability in linux (CVE-2026-23241)
vulnerability in linux (CVE-2026-23241). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71239 |
|
Vulnerability in linux (CVE-2025-71239)
vulnerability in linux (CVE-2025-71239). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50881 |
|
Code Injection in CVE-2025-50881 (CVE-2025-50881)
code injection in CVE-2025-50881 (CVE-2025-50881). Successful exploitation can lead to full system takeover. Exploitable via ``action``.
|
| CVE-2026-29516 |
|
Vulnerability in buffaloamericas (CVE-2026-29516)
vulnerability in buffaloamericas (CVE-2026-29516). Confidential information can be exposed externally.
|
| CVE-2026-23862 |
|
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local...
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
|