Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-40725 Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
CVE-2026-40755 Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.
CVE-2026-40736 Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.
CVE-2026-40739 Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.
CVE-2026-40758 Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
CVE-2026-40759 Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
Unauthenticated PHP Object Injection in Esmée <= 1.4 versions.
CVE-2026-40735 Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
CVE-2026-40754 Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.
CVE-2026-40751 Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.
CVE-2026-40753 Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1 versions.
CVE-2026-39580 Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.
CVE-2026-39577 Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
CVE-2026-39557 Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
CVE-2026-39529 Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
CVE-2026-39573 Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions.
CVE-2026-39554 Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.
CVE-2026-39578 Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.
Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.
CVE-2026-39567 Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions.
CVE-2026-39539 Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
CVE-2026-39545 Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions.
CVE-2026-25470 Code Injection in wordpress (CVE-2026-25470)
code injection in wordpress (CVE-2026-25470). Successful exploitation can lead to full system takeover.
CVE-2026-28587 Vulnerability in google (CVE-2026-28587)
vulnerability in google (CVE-2026-28587). Confidential information can be exposed externally.
CVE-2026-28575 Vulnerability in dos (CVE-2026-28575)
vulnerability in dos (CVE-2026-28575). Risk of unauthorized operations or information disclosure.
CVE-2026-39446 Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.
CVE-2026-28576 SQL Injection in sqli (CVE-2026-28576)
SQL injection in sqli (CVE-2026-28576). Confidential information can be exposed externally.
CVE-2026-28615 Vulnerability in google (CVE-2026-28615)
vulnerability in google (CVE-2026-28615). Successful exploitation can lead to full system takeover.
CVE-2026-39443 Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.
CVE-2026-27868 Vulnerability in CVE-2026-27868 (CVE-2026-27868)
vulnerability in CVE-2026-27868 (CVE-2026-27868). Risk of unauthorized operations or information disclosure.
CVE-2026-27870 Cross-Site Scripting (XSS) in CVE-2026-27870 (CVE-2026-27870)
cross-site scripting in CVE-2026-27870 (CVE-2026-27870). Risk of unauthorized operations or information disclosure.
CVE-2026-27429 Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
CVE-2026-32967 Authorization Flaw in org.apache.dolphinscheduler:dolphinscheduler-api (CVE-2026-32967)
vulnerability in org.apache.dolphinscheduler:dolphinscheduler-api (CVE-2026-32967). Confidential information can be exposed externally. Mitigation: upgrade to `3.4.2` or later.
CVE-2026-32966 Authorization Flaw in org.apache.dolphinscheduler:dolphinscheduler-api (CVE-2026-32966)
vulnerability in org.apache.dolphinscheduler:dolphinscheduler-api (CVE-2026-32966). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.4.2` or later.
CVE-2026-22342 Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
CVE-2026-22343 Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
CVE-2026-12467 Use-After-Free in Google chrome (CVE-2026-12467)
vulnerability in Google chrome (CVE-2026-12467). Successful exploitation can lead to full system takeover.
CVE-2026-12468 Vulnerability in google (CVE-2026-12468)
vulnerability in google (CVE-2026-12468). Successful exploitation can lead to full system takeover.
CVE-2026-12466 Vulnerability in google (CVE-2026-12466)
vulnerability in google (CVE-2026-12466). Successful exploitation can lead to full system takeover.
CVE-2026-12469 Vulnerability in google (CVE-2026-12469)
vulnerability in google (CVE-2026-12469). Risk of unauthorized operations or information disclosure.
CVE-2026-12455 Use-After-Free in google (CVE-2026-12455)
vulnerability in google (CVE-2026-12455). Successful exploitation can lead to full system takeover.
CVE-2026-12459 Cross-Site Scripting (XSS) in google (CVE-2026-12459)
cross-site scripting in google (CVE-2026-12459). Risk of unauthorized operations or information disclosure.
CVE-2026-12443 Use-After-Free in google (CVE-2026-12443)
vulnerability in google (CVE-2026-12443). Successful exploitation can lead to full system takeover.
CVE-2026-12445 Use-After-Free in google (CVE-2026-12445)
vulnerability in google (CVE-2026-12445). Successful exploitation can lead to full system takeover.
CVE-2026-12450 Privilege Escalation in google (CVE-2026-12450)
vulnerability in google (CVE-2026-12450). Confidential information can be exposed externally.
CVE-2026-12444 Out-of-Bounds Read in google (CVE-2026-12444)
vulnerability in google (CVE-2026-12444). Confidential information can be exposed externally.
CVE-2026-12446 Authorization Flaw in google (CVE-2026-12446)
vulnerability in google (CVE-2026-12446). Risk of unauthorized operations or information disclosure.
CVE-2026-12453 Vulnerability in google (CVE-2026-12453)
vulnerability in google (CVE-2026-12453). Risk of unauthorized operations or information disclosure.
CVE-2026-12456 Vulnerability in google (CVE-2026-12456)
vulnerability in google (CVE-2026-12456). Risk of unauthorized operations or information disclosure.
CVE-2026-12462 Use-After-Free in google (CVE-2026-12462)
vulnerability in google (CVE-2026-12462). Successful exploitation can lead to full system takeover.
CVE-2026-12460 Vulnerability in google (CVE-2026-12460)
vulnerability in google (CVE-2026-12460). Risk of unauthorized operations or information disclosure.
CVE-2026-12447 Vulnerability in google (CVE-2026-12447)
vulnerability in google (CVE-2026-12447). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →