Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-38581 SQL Injection in sqli (CVE-2026-38581)
SQL injection in sqli (CVE-2026-38581). Successful exploitation can lead to full system takeover.
CVE-2026-48998 Vulnerability in guzzlehttp/psr7 (CVE-2026-48998)
vulnerability in guzzlehttp/psr7 (CVE-2026-48998). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `2.10.2` or later.
CVE-2026-49214 Vulnerability in guzzlehttp/psr7 (CVE-2026-49214)
vulnerability in guzzlehttp/psr7 (CVE-2026-49214). Risk of unauthorized operations or information disclosure. Exploitable via ``Uri``. Mitigation: upgrade to `2.10.2` or later.
CVE-2026-9204 SSRF (Server-Side Request Forgery) in gitlab (CVE-2026-9204)
SSRF in gitlab (CVE-2026-9204). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6976 Vulnerability in gitlab (CVE-2026-6976)
vulnerability in gitlab (CVE-2026-6976). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-9694 Vulnerability in gitlab (CVE-2026-9694)
vulnerability in gitlab (CVE-2026-9694). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-7250 Vulnerability in gitlab (CVE-2026-7250)
vulnerability in gitlab (CVE-2026-7250). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6277 Authorization Flaw in gitlab (CVE-2026-6277)
vulnerability in gitlab (CVE-2026-6277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-8589 Cross-Site Scripting (XSS) in gitlab (CVE-2026-8589)
cross-site scripting in gitlab (CVE-2026-8589). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6552 Vulnerability in gitlab (CVE-2026-6552)
vulnerability in gitlab (CVE-2026-6552). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6269 Authorization Flaw in gitlab (CVE-2026-6269)
vulnerability in gitlab (CVE-2026-6269). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-3553 Authorization Flaw in gitlab (CVE-2026-3553)
vulnerability in gitlab (CVE-2026-3553). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-10733 Vulnerability in gitlab (CVE-2026-10733)
vulnerability in gitlab (CVE-2026-10733). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-1500 Vulnerability in gitlab (CVE-2026-1500)
vulnerability in gitlab (CVE-2026-1500). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-10087 Cross-Site Scripting (XSS) in gitlab (CVE-2026-10087)
cross-site scripting in gitlab (CVE-2026-10087). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-41856 Vulnerability in vmware (CVE-2026-41856)
vulnerability in vmware (CVE-2026-41856). Confidential information can be exposed externally.
CVE-2026-41700 Vulnerability in vmware (CVE-2026-41700)
vulnerability in vmware (CVE-2026-41700). Confidential information can be exposed externally.
CVE-2026-41699 Unsafe Deserialization in deserialization (CVE-2026-41699)
vulnerability in deserialization (CVE-2026-41699). Successful exploitation can lead to full system takeover.
CVE-2026-41000 Vulnerability in c (CVE-2026-41000)
vulnerability in c (CVE-2026-41000). Risk of unauthorized operations or information disclosure.
CVE-2026-40996 Vulnerability in apache (CVE-2026-40996)
vulnerability in apache (CVE-2026-40996). Risk of unauthorized operations or information disclosure.
CVE-2026-10795 Vulnerability in wordpress (CVE-2026-10795)
vulnerability in wordpress (CVE-2026-10795). Successful exploitation can lead to full system takeover.
CVE-2026-35273 KEV [KEV] Vulnerability in Oracle c (CVE-2026-35273)
vulnerability in Oracle c (CVE-2026-35273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-2827 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2827)
cross-site scripting in wordpress (CVE-2026-2827). Risk of unauthorized operations or information disclosure.
CVE-2026-53460 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-53461 Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-53461)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-53461). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-53462 Use-After-Free in Magick.NET-Q16-AnyCPU (CVE-2026-53462)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53462). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-53463 Vulnerability in imagemagick (CVE-2026-53463)
vulnerability in imagemagick (CVE-2026-53463). Risk of unauthorized operations or information disclosure.
CVE-2026-53464 Vulnerability in imagemagick (CVE-2026-53464)
vulnerability in imagemagick (CVE-2026-53464). Risk of unauthorized operations or information disclosure.
CVE-2026-53465 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53465)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53465). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-48733 Vulnerability in imagemagick (CVE-2026-48733)
vulnerability in imagemagick (CVE-2026-48733). Risk of unauthorized operations or information disclosure.
CVE-2026-48734 Vulnerability in imagemagick (CVE-2026-48734)
vulnerability in imagemagick (CVE-2026-48734). Risk of unauthorized operations or information disclosure.
CVE-2026-48994 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-48994)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-48994). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-49218 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-49219 Path Traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219)
path traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219). Confidential information can be exposed externally. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-50223 Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
CVE-2026-48724 Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-48724)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-48724). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-47342 Vulnerability in apache (CVE-2026-47342)
vulnerability in apache (CVE-2026-47342). Successful exploitation can lead to full system takeover.
CVE-2026-53634 Vulnerability in code16/sharp (CVE-2026-53634)
vulnerability in code16/sharp (CVE-2026-53634). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.22.3` or later.
CVE-2022-48575 Authentication Bypass in apple (CVE-2022-48575)
authentication bypass in apple (CVE-2022-48575). Risk of unauthorized operations or information disclosure.
CVE-2022-26758 Vulnerability in apple (CVE-2022-26758)
vulnerability in apple (CVE-2022-26758). Confidential information can be exposed externally.
CVE-2026-1220 Vulnerability in google (CVE-2026-1220)
vulnerability in google (CVE-2026-1220). Successful exploitation can lead to full system takeover.
CVE-2026-48859 Vulnerability in erlang (CVE-2026-48859)
vulnerability in erlang (CVE-2026-48859). Risk of unauthorized operations or information disclosure.
CVE-2026-48860 Authorization Flaw in erlang (CVE-2026-48860)
vulnerability in erlang (CVE-2026-48860). Confidential information can be exposed externally.
CVE-2026-49759 Vulnerability in c (CVE-2026-49759)
vulnerability in c (CVE-2026-49759). Risk of unauthorized operations or information disclosure.
CVE-2026-49760 Vulnerability in c (CVE-2026-49760)
vulnerability in c (CVE-2026-49760). Risk of unauthorized operations or information disclosure.
CVE-2026-48858 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48858)
SSRF in ssrf (CVE-2026-48858). Risk of unauthorized operations or information disclosure.
CVE-2026-48856 Open Redirect in erlang (CVE-2026-48856)
vulnerability in erlang (CVE-2026-48856). Confidential information can be exposed externally. Exploitable via `Authorization header`.
CVE-2026-48855 Information Disclosure in erlang (CVE-2026-48855)
vulnerability in erlang (CVE-2026-48855). Confidential information can be exposed externally.
CVE-2026-45569 Path Traversal in c (CVE-2026-45569)
path traversal in c (CVE-2026-45569). Confidential information can be exposed externally.
CVE-2026-45565 Vulnerability in nginx (CVE-2026-45565)
vulnerability in nginx (CVE-2026-45565). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →