Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12023 |
|
Use-After-Free in google (CVE-2026-12023)
vulnerability in google (CVE-2026-12023). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12022 |
|
Vulnerability in google (CVE-2026-12022)
vulnerability in google (CVE-2026-12022). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12020 |
|
Use-After-Free in google (CVE-2026-12020)
vulnerability in google (CVE-2026-12020). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12018 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12018)
vulnerability in privilege-escalation (CVE-2026-12018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12008 |
|
Use-After-Free in google (CVE-2026-12008)
vulnerability in google (CVE-2026-12008). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12012 |
|
Use-After-Free in google (CVE-2026-12012)
vulnerability in google (CVE-2026-12012). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12014 |
|
Use-After-Free in google (CVE-2026-12014)
vulnerability in google (CVE-2026-12014). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12013 |
|
Use-After-Free in google (CVE-2026-12013)
vulnerability in google (CVE-2026-12013). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12011 |
|
Use-After-Free in google (CVE-2026-12011)
vulnerability in google (CVE-2026-12011). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12009 |
|
Vulnerability in google (CVE-2026-12009)
vulnerability in google (CVE-2026-12009). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12010 |
|
Vulnerability in google (CVE-2026-12010)
vulnerability in google (CVE-2026-12010). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12007 |
|
Use-After-Free in Google chrome (CVE-2026-12007)
vulnerability in Google chrome (CVE-2026-12007). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53807 |
|
Authorization Flaw in openclaw (CVE-2026-53807)
vulnerability in openclaw (CVE-2026-53807). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53808 |
|
Authorization Flaw in openclaw (CVE-2026-53808)
vulnerability in openclaw (CVE-2026-53808). Data can be tampered with by attackers.
|
| CVE-2026-53819 |
|
Vulnerability in openclaw (CVE-2026-53819)
vulnerability in openclaw (CVE-2026-53819). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.27` or later.
|
| CVE-2026-53818 |
|
Vulnerability in openclaw (CVE-2026-53818)
vulnerability in openclaw (CVE-2026-53818). Data can be tampered with by attackers. Mitigation: upgrade to `2026.4.24` or later.
|
| CVE-2026-53817 |
|
Vulnerability in openclaw (CVE-2026-53817)
vulnerability in openclaw (CVE-2026-53817). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.22` or later.
|
| CVE-2026-53816 |
|
Vulnerability in openclaw (CVE-2026-53816)
vulnerability in openclaw (CVE-2026-53816). Successful exploitation can lead to full system takeover. Exploitable via ``system.run``. Mitigation: upgrade to `2026.5.18` or later.
|
| CVE-2026-53815 |
|
Information Disclosure in openclaw (CVE-2026-53815)
vulnerability in openclaw (CVE-2026-53815). Confidential information can be exposed externally. Mitigation: upgrade to `2026.5.19` or later.
|
| CVE-2026-53814 |
|
Information Disclosure in openclaw (CVE-2026-53814)
vulnerability in openclaw (CVE-2026-53814). Confidential information can be exposed externally. Mitigation: upgrade to `2026.5.20` or later.
|
| CVE-2026-53813 |
|
Vulnerability in openclaw (CVE-2026-53813)
vulnerability in openclaw (CVE-2026-53813). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.4.25` or later.
|
| CVE-2026-53812 |
|
Vulnerability in openclaw (CVE-2026-53812)
vulnerability in openclaw (CVE-2026-53812). Confidential information can be exposed externally. Exploitable via ``act``. Mitigation: upgrade to `2026.5.18` or later.
|
| CVE-2026-53811 |
|
Vulnerability in openclaw (CVE-2026-53811)
vulnerability in openclaw (CVE-2026-53811). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.7` or later.
|
| CVE-2026-53810 |
|
OS Command Injection in openclaw (CVE-2026-53810)
OS command injection in openclaw (CVE-2026-53810). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.18` or later.
|
| CVE-2026-53809 |
|
Authorization Flaw in openclaw (CVE-2026-53809)
vulnerability in openclaw (CVE-2026-53809). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.4.25` or later.
|
| CVE-2026-53806 |
|
Vulnerability in openclaw (CVE-2026-53806)
vulnerability in openclaw (CVE-2026-53806). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.12` or later.
|
| CVE-2025-27511 |
|
Vulnerability in org.geoserver.extension:gs-db2 (CVE-2025-27511)
vulnerability in org.geoserver.extension:gs-db2 (CVE-2025-27511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.27.0` or later.
|
| CVE-2026-48067 |
|
Vulnerability in filament/tables (CVE-2026-48067)
vulnerability in filament/tables (CVE-2026-48067). Data can be tampered with by attackers. Exploitable via ``Select``. Mitigation: upgrade to `3.3.51` or later.
|
| CVE-2026-45175 |
|
Vulnerability in paloaltonetworks (CVE-2026-45175)
vulnerability in paloaltonetworks (CVE-2026-45175). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45176 |
|
Privilege Escalation in paloaltonetworks (CVE-2026-45176)
vulnerability in paloaltonetworks (CVE-2026-45176). Successful exploitation can lead to full system takeover.
|
| CVE-2025-46315 |
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
|
| CVE-2025-46313 |
|
Vulnerability in apple (CVE-2025-46313)
vulnerability in apple (CVE-2025-46313). Confidential information can be exposed externally.
|
| CVE-2025-46308 |
|
Vulnerability in apple (CVE-2025-46308)
vulnerability in apple (CVE-2025-46308). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46293 |
|
Vulnerability in apple (CVE-2025-46293)
vulnerability in apple (CVE-2025-46293). Confidential information can be exposed externally.
|
| CVE-2025-43339 |
|
Vulnerability in apple (CVE-2025-43339)
vulnerability in apple (CVE-2025-43339). Confidential information can be exposed externally.
|
| CVE-2025-43278 |
|
Vulnerability in apple (CVE-2025-43278)
vulnerability in apple (CVE-2025-43278). Confidential information can be exposed externally.
|
| CVE-2025-31272 |
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
|
| CVE-2025-30459 |
|
Vulnerability in apple (CVE-2025-30459)
vulnerability in apple (CVE-2025-30459). Confidential information can be exposed externally.
|
| CVE-2025-30431 |
|
Vulnerability in apple (CVE-2025-30431)
vulnerability in apple (CVE-2025-30431). Confidential information can be exposed externally.
|
| CVE-2025-24284 |
|
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
|
| CVE-2025-24268 |
|
Path Traversal in apple (CVE-2025-24268)
path traversal in apple (CVE-2025-24268). Confidential information can be exposed externally.
|
| CVE-2025-24165 |
|
Vulnerability in apple (CVE-2025-24165)
vulnerability in apple (CVE-2025-24165). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46698 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46698)
SSRF in wordpress (CVE-2026-46698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46697 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46697)
SSRF in wordpress (CVE-2026-46697). Confidential information can be exposed externally.
|
| CVE-2026-7870 |
|
Vulnerability in ibm (CVE-2026-7870)
vulnerability in ibm (CVE-2026-7870). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7787 |
|
Vulnerability in langflow (CVE-2026-7787)
vulnerability in langflow (CVE-2026-7787). Confidential information can be exposed externally.
|
| CVE-2026-4096 |
|
Vulnerability in ibm (CVE-2026-4096)
vulnerability in ibm (CVE-2026-4096). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-3341 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-3341)
SSRF in ssrf (CVE-2026-3341). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-45636 |
|
Vulnerability in ibm (CVE-2024-45636)
vulnerability in ibm (CVE-2024-45636). Confidential information can be exposed externally.
|
| CVE-2026-8406 |
|
Vulnerability in CVE-2026-8406 (CVE-2026-8406)
vulnerability in CVE-2026-8406 (CVE-2026-8406). Risk of unauthorized operations or information disclosure.
|