Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2020-7796 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite (CVE-2020-7796)
SSRF in Synacor zimbra-collaboration-suite (CVE-2020-7796). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-7694 KEV |
|
[KEV] Unrestricted File Upload in Teamt5 threatsonar-anti-ransomware (CVE-2024-7694)
vulnerability in Teamt5 threatsonar-anti-ransomware (CVE-2024-7694). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2441 KEV |
|
[KEV] Use-After-Free in Google chromium (CVE-2026-2441)
vulnerability in Google chromium (CVE-2026-2441). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2008-0015 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2008-0015)
vulnerability in Microsoft windows (CVE-2008-0015). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2447 |
|
Vulnerability in mozilla (CVE-2026-2447)
vulnerability in mozilla (CVE-2026-2447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23185 |
|
Use-After-Free in linux (CVE-2026-23185)
vulnerability in linux (CVE-2026-23185). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71221 |
|
Vulnerability in linux (CVE-2025-71221)
vulnerability in linux (CVE-2025-71221). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23204 |
|
Out-of-Bounds Read in c (CVE-2026-23204)
vulnerability in c (CVE-2026-23204). Confidential information can be exposed externally.
|
| CVE-2026-23171 |
|
Use-After-Free in c (CVE-2026-23171)
vulnerability in c (CVE-2026-23171). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23151 |
|
Vulnerability in linux (CVE-2026-23151)
vulnerability in linux (CVE-2026-23151). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23157 |
|
Vulnerability in linux (CVE-2026-23157)
vulnerability in linux (CVE-2026-23157). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23141 |
|
Vulnerability in linux (CVE-2026-23141)
vulnerability in linux (CVE-2026-23141). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23111 |
|
Use-After-Free in privilege-escalation (CVE-2026-23111)
vulnerability in privilege-escalation (CVE-2026-23111). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23112 |
|
Out-of-Bounds Write in linux (CVE-2026-23112)
out-of-bounds write in linux (CVE-2026-23112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1731 KEV |
|
[KEV] OS Command Injection in Beyondtrust remote-support-rs-and-privileged-remote-access-pra (CVE-2026-1731)
OS command injection in Beyondtrust remote-support-rs-and-privileged-remote-access-pra (CVE-2026-1731). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-40536 KEV |
|
[KEV] Vulnerability in Solarwinds web-help-desk (CVE-2025-40536)
vulnerability in Solarwinds web-help-desk (CVE-2025-40536). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-15556 KEV |
|
[KEV] Vulnerability in Notepad++ notepad (CVE-2025-15556)
vulnerability in Notepad++ notepad (CVE-2025-15556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20700 KEV |
|
[KEV] Buffer Overflow in Apple multiple-products (CVE-2026-20700)
vulnerability in Apple multiple-products (CVE-2026-20700). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-43468 KEV |
|
[KEV] SQL Injection in Microsoft configuration-manager (CVE-2024-43468)
SQL injection in Microsoft configuration-manager (CVE-2024-43468). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-46310 |
|
Privilege Escalation in apple (CVE-2025-46310)
vulnerability in apple (CVE-2025-46310). Data can be tampered with by attackers.
|
| CVE-2025-43403 |
|
Vulnerability in apple (CVE-2025-43403)
vulnerability in apple (CVE-2025-43403). Confidential information can be exposed externally.
|
| CVE-2025-66274 |
|
Vulnerability in dos (CVE-2025-66274)
vulnerability in dos (CVE-2025-66274). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21527 |
|
Vulnerability in microsoft (CVE-2026-21527)
vulnerability in microsoft (CVE-2026-21527). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64157 |
|
Vulnerability in fortinet (CVE-2025-64157)
vulnerability in fortinet (CVE-2025-64157). Successful exploitation can lead to full system takeover.
|
| CVE-2025-55018 |
|
Vulnerability in fortinet (CVE-2025-55018)
vulnerability in fortinet (CVE-2025-55018). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23687 |
|
Vulnerability in sap (CVE-2026-23687)
vulnerability in sap (CVE-2026-23687). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21513 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21513)
vulnerability in Microsoft windows (CVE-2026-21513). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21525 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21525)
vulnerability in Microsoft windows (CVE-2026-21525). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21510 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21510)
vulnerability in Microsoft windows (CVE-2026-21510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21533 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2026-21533)
vulnerability in Microsoft windows (CVE-2026-21533). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21519 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21519)
vulnerability in Microsoft windows (CVE-2026-21519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21514 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2026-21514)
vulnerability in Microsoft office (CVE-2026-21514). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-25639 |
|
Vulnerability in axios (CVE-2026-25639)
vulnerability in axios (CVE-2026-25639). Risk of unauthorized operations or information disclosure. Exploitable via ``mergeConfig``. Mitigation: upgrade to `0.30.3` or later.
|
| CVE-2025-11953 KEV |
|
[KEV] OS Command Injection in React native community react-native-community (CVE-2025-11953)
OS command injection in React native community react-native-community (CVE-2025-11953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-24423 KEV |
|
[KEV] Vulnerability in Smartertools smartermail (CVE-2026-24423)
vulnerability in Smartertools smartermail (CVE-2026-24423). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-23074 |
|
Use-After-Free in linux (CVE-2026-23074)
vulnerability in linux (CVE-2026-23074). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23099 |
|
Out-of-Bounds Read in c (CVE-2026-23099)
vulnerability in c (CVE-2026-23099). Confidential information can be exposed externally.
|
| CVE-2026-23066 |
|
Vulnerability in linux (CVE-2026-23066)
vulnerability in linux (CVE-2026-23066). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20111 |
|
Vulnerability in cisco (CVE-2026-20111)
vulnerability in cisco (CVE-2026-20111). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20123 |
|
Open Redirect in cisco (CVE-2026-20123)
vulnerability in cisco (CVE-2026-20123). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37094 |
|
Vulnerability in espocrm (CVE-2020-37094)
vulnerability in espocrm (CVE-2020-37094). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2025-40551 KEV |
|
[KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-40551)
vulnerability in Solarwinds web-help-desk (CVE-2025-40551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-39935 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Gitlab community-and-enterprise-editions (CVE-2021-39935)
SSRF in Gitlab community-and-enterprise-editions (CVE-2021-39935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-64328 KEV |
|
[KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328)
OS command injection in Sangoma freepbx (CVE-2025-64328). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2019-19006 KEV |
|
[KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006)
authentication bypass in Sangoma freepbx (CVE-2019-19006). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-22226 |
|
OS Command Injection in tp-link (CVE-2026-22226)
OS command injection in tp-link (CVE-2026-22226). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23025 |
|
Vulnerability in c (CVE-2026-23025)
vulnerability in c (CVE-2026-23025). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23026 |
|
Vulnerability in linux (CVE-2026-23026)
vulnerability in linux (CVE-2026-23026). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71188 |
|
Vulnerability in linux (CVE-2025-71188)
vulnerability in linux (CVE-2025-71188). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71189 |
|
Vulnerability in linux (CVE-2025-71189)
vulnerability in linux (CVE-2025-71189). Risk of unauthorized operations or information disclosure.
|