Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-3442 |
|
Out-of-Bounds Read in dos (CVE-2026-3442)
vulnerability in dos (CVE-2026-3442). Confidential information can be exposed externally.
|
| CVE-2026-3441 |
|
Out-of-Bounds Read in dos (CVE-2026-3441)
vulnerability in dos (CVE-2026-3441). Confidential information can be exposed externally.
|
| CVE-2026-3227 |
|
OS Command Injection in tp-link (CVE-2026-3227)
OS command injection in tp-link (CVE-2026-3227). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20994 |
|
Open Redirect in samsung (CVE-2026-20994)
vulnerability in samsung (CVE-2026-20994). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20026 |
|
Vulnerability in apache (CVE-2016-20026)
vulnerability in apache (CVE-2016-20026). Successful exploitation can lead to full system takeover.
|
| CVE-2025-47813 KEV |
|
[KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2673 |
|
Vulnerability in openssl (CVE-2026-2673)
vulnerability in openssl (CVE-2026-2673). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23941 |
|
Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
|
| CVE-2026-23942 |
|
Path Traversal in path-traversal (CVE-2026-23942)
path traversal in path-traversal (CVE-2026-23942). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23943 |
|
Vulnerability in dos (CVE-2026-23943)
vulnerability in dos (CVE-2026-23943). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13702 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-13702)
cross-site scripting in ibm (CVE-2025-13702). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3910 KEV |
|
[KEV] Buffer Overflow in Google chromium-v8 (CVE-2026-3910)
vulnerability in Google chromium-v8 (CVE-2026-3910). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-3909 KEV |
|
[KEV] Out-of-Bounds Write in Google skia (CVE-2026-3909)
out-of-bounds write in Google skia (CVE-2026-3909). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-3497 |
|
Vulnerability in canonical (CVE-2026-3497)
vulnerability in canonical (CVE-2026-3497). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61154 |
|
Vulnerability in c (CVE-2025-61154)
vulnerability in c (CVE-2025-61154). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21708 |
|
SQL Injection in veeam (CVE-2026-21708)
SQL injection in veeam (CVE-2026-21708). Confidential information can be exposed externally.
|
| CVE-2026-21668 |
|
Vulnerability in veeam (CVE-2026-21668)
vulnerability in veeam (CVE-2026-21668). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21669 |
|
Code Injection in veeam (CVE-2026-21669)
code injection in veeam (CVE-2026-21669). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21670 |
|
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
|
| CVE-2026-21671 |
|
Code Injection in veeam (CVE-2026-21671)
code injection in veeam (CVE-2026-21671). Successful exploitation can lead to full system takeover.
|
| CVE-2023-43010 |
|
Out-of-Bounds Write in apple (CVE-2023-43010)
out-of-bounds write in apple (CVE-2023-43010). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20046 |
|
Vulnerability in cisco (CVE-2026-20046)
vulnerability in cisco (CVE-2026-20046). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20117 |
|
Cross-Site Scripting (XSS) in express (CVE-2026-20117)
cross-site scripting in express (CVE-2026-20117). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32062 |
|
Vulnerability in openclaw (CVE-2026-32062)
vulnerability in openclaw (CVE-2026-32062). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.2.22` or later.
|
| CVE-2025-68613 KEV |
|
[KEV] Vulnerability in n8n (CVE-2025-68613)
vulnerability in n8n (CVE-2025-68613). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-25187 |
|
Vulnerability in microsoft (CVE-2026-25187)
vulnerability in microsoft (CVE-2026-25187). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26128 |
|
Authentication Bypass in microsoft (CVE-2026-26128)
authentication bypass in microsoft (CVE-2026-26128). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24294 |
|
Authentication Bypass in microsoft (CVE-2026-24294)
authentication bypass in microsoft (CVE-2026-24294). Successful exploitation can lead to full system takeover.
|
| CVE-2025-11739 |
|
Unsafe Deserialization in deserialization (CVE-2025-11739)
vulnerability in deserialization (CVE-2025-11739). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2273 |
|
Code Injection in schneider-electric (CVE-2026-2273)
code injection in schneider-electric (CVE-2026-2273). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26134 |
|
Vulnerability in microsoft (CVE-2026-26134)
vulnerability in microsoft (CVE-2026-26134). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26130 |
|
Vulnerability in csharp (CVE-2026-26130)
vulnerability in csharp (CVE-2026-26130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26110 |
|
Vulnerability in microsoft (CVE-2026-26110)
vulnerability in microsoft (CVE-2026-26110). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25836 |
|
OS Command Injection in fortinet (CVE-2026-25836)
OS command injection in fortinet (CVE-2026-25836). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25180 |
|
Out-of-Bounds Read in microsoft (CVE-2026-25180)
vulnerability in microsoft (CVE-2026-25180). Confidential information can be exposed externally.
|
| CVE-2026-24293 |
|
Vulnerability in microsoft (CVE-2026-24293)
vulnerability in microsoft (CVE-2026-24293). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24289 |
|
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-24285 |
|
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-23239 |
|
Vulnerability in Kernel (CVE-2026-23239)
vulnerability in Kernel (CVE-2026-23239). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.12.75, 6.18.16, 6.19.6` or later.
|
| CVE-2026-23240 |
|
Vulnerability in Kernel (CVE-2026-23240)
vulnerability in Kernel (CVE-2026-23240). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.12.75, 6.18.16, 6.19.6` or later.
|
| CVE-2026-21262 |
|
Vulnerability in microsoft (CVE-2026-21262)
vulnerability in microsoft (CVE-2026-21262). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1286 |
|
Unsafe Deserialization in deserialization (CVE-2026-1286)
vulnerability in deserialization (CVE-2026-1286). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13901 |
|
Vulnerability in dos (CVE-2025-13901)
vulnerability in dos (CVE-2025-13901). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13902 |
|
Cross-Site Scripting (XSS) in schneider-electric (CVE-2025-13902)
cross-site scripting in schneider-electric (CVE-2025-13902). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27688 |
|
Vulnerability in sap (CVE-2026-27688)
vulnerability in sap (CVE-2026-27688). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24310 |
|
Vulnerability in sap (CVE-2026-24310)
vulnerability in sap (CVE-2026-24310). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24316 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-24316)
SSRF in ssrf (CVE-2026-24316). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24309 |
|
Vulnerability in sap (CVE-2026-24309)
vulnerability in sap (CVE-2026-24309). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28691 |
|
Vulnerability in imagemagick (CVE-2026-28691)
vulnerability in imagemagick (CVE-2026-28691). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.2-16` or later.
|
| CVE-2026-28693 |
|
Out-of-Bounds Read in imagemagick (CVE-2026-28693)
vulnerability in imagemagick (CVE-2026-28693). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.1.2-16` or later.
|