Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-45566 |
|
Open Redirect in nginx (CVE-2026-45566)
vulnerability in nginx (CVE-2026-45566). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45567 |
|
Authentication Bypass in nginx (CVE-2026-45567)
authentication bypass in nginx (CVE-2026-45567). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25700 |
|
Vulnerability in apache (CVE-2026-25700)
vulnerability in apache (CVE-2026-25700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45561 |
|
SSRF (Server-Side Request Forgery) in flask (CVE-2026-45561)
SSRF in flask (CVE-2026-45561). Confidential information can be exposed externally.
|
| CVE-2026-45563 |
|
Vulnerability in nginx (CVE-2026-45563)
vulnerability in nginx (CVE-2026-45563). Risk of unauthorized operations or information disclosure. Exploitable via `GET /history/`.
|
| CVE-2026-45564 |
|
OS Command Injection in c (CVE-2026-45564)
OS command injection in c (CVE-2026-45564). Successful exploitation can lead to full system takeover. Exploitable via `POST /config/versions/`.
|
| CVE-2026-45550 |
|
Vulnerability in nginx (CVE-2026-45550)
vulnerability in nginx (CVE-2026-45550). Data can be tampered with by attackers. Exploitable via `PUT /smon/check`.
|
| CVE-2026-45552 |
|
Vulnerability in nginx (CVE-2026-45552)
vulnerability in nginx (CVE-2026-45552). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45556 |
|
Vulnerability in nginx (CVE-2026-45556)
vulnerability in nginx (CVE-2026-45556). Successful exploitation can lead to full system takeover. Exploitable via `POST /waf/`.
|
| CVE-2026-45558 |
|
Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
|
| CVE-2026-45559 |
|
Vulnerability in nginx (CVE-2026-45559)
vulnerability in nginx (CVE-2026-45559). Confidential information can be exposed externally.
|
| CVE-2026-45560 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-45560)
cross-site scripting in c (CVE-2026-45560). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45549 |
|
Vulnerability in nginx (CVE-2026-45549)
vulnerability in nginx (CVE-2026-45549). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53441 |
|
Cross-Site Scripting (XSS) in org.jenkins-ci.main:jenkins-core (CVE-2026-53441)
cross-site scripting in org.jenkins-ci.main:jenkins-core (CVE-2026-53441). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.568` or later.
|
| CVE-2026-53442 |
|
Vulnerability in jenkins (CVE-2026-53442)
vulnerability in jenkins (CVE-2026-53442). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53435 |
|
Unsafe Deserialization in jenkins (CVE-2026-53435)
vulnerability in jenkins (CVE-2026-53435). Successful exploitation can lead to full system takeover. Exploitable via ``config.xml``. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53436 |
|
Open Redirect in jenkins (CVE-2026-53436)
vulnerability in jenkins (CVE-2026-53436). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53437 |
|
Open Redirect in jenkins (CVE-2026-53437)
vulnerability in jenkins (CVE-2026-53437). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53438 |
|
Vulnerability in jenkins (CVE-2026-53438)
vulnerability in jenkins (CVE-2026-53438). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53439 |
|
Vulnerability in jenkins (CVE-2026-53439)
vulnerability in jenkins (CVE-2026-53439). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53440 |
|
Open Redirect in jenkins (CVE-2026-53440)
vulnerability in jenkins (CVE-2026-53440). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-3018 |
|
SQL Injection in wordpress (CVE-2026-3018)
SQL injection in wordpress (CVE-2026-3018). Confidential information can be exposed externally.
|
| CVE-2025-6254 |
|
Privilege Escalation in wordpress (CVE-2025-6254)
vulnerability in wordpress (CVE-2025-6254). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9019 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9019)
cross-site scripting in wordpress (CVE-2026-9019). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8853 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8853)
cross-site scripting in wordpress (CVE-2026-8853). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8613 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8613)
cross-site scripting in wordpress (CVE-2026-8613). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10721 |
|
Unsafe Deserialization in CVE-2026-10721 (CVE-2026-10721)
vulnerability in CVE-2026-10721 (CVE-2026-10721). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9067 |
|
Unrestricted File Upload in wordpress (CVE-2026-9067)
vulnerability in wordpress (CVE-2026-9067). Confidential information can be exposed externally.
|
| CVE-2026-9060 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9060)
cross-site scripting in wordpress (CVE-2026-9060). Risk of unauthorized operations or information disclosure. Exploitable via ``unfiltered_html``.
|
| CVE-2026-8071 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8071)
cross-site scripting in wordpress (CVE-2026-8071). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3326 |
|
SQL Injection in wordpress (CVE-2026-3326)
SQL injection in wordpress (CVE-2026-3326). Confidential information can be exposed externally.
|
| CVE-2026-26241 |
|
Vulnerability in qnap (CVE-2026-26241)
vulnerability in qnap (CVE-2026-26241). Data can be tampered with by attackers.
|
| CVE-2026-26240 |
|
Vulnerability in qnap (CVE-2026-26240)
vulnerability in qnap (CVE-2026-26240). Data can be tampered with by attackers.
|
| CVE-2025-8444 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-8444)
cross-site scripting in wordpress (CVE-2025-8444). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26239 |
|
Vulnerability in qnap (CVE-2026-26239)
vulnerability in qnap (CVE-2026-26239). Data can be tampered with by attackers.
|
| CVE-2026-26237 |
|
Vulnerability in qnap (CVE-2026-26237)
vulnerability in qnap (CVE-2026-26237). Confidential information can be exposed externally.
|
| CVE-2026-24719 |
|
OS Command Injection in qnap (CVE-2026-24719)
OS command injection in qnap (CVE-2026-24719). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24720 |
|
Vulnerability in qnap (CVE-2026-24720)
vulnerability in qnap (CVE-2026-24720). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24724 |
|
Authorization Flaw in qnap (CVE-2026-24724)
vulnerability in qnap (CVE-2026-24724). Confidential information can be exposed externally.
|
| CVE-2026-22899 |
|
Vulnerability in dos (CVE-2026-22899)
vulnerability in dos (CVE-2026-22899). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24716 |
|
Vulnerability in dos (CVE-2026-24716)
vulnerability in dos (CVE-2026-24716). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24717 |
|
Path Traversal in path-traversal (CVE-2026-24717)
path traversal in path-traversal (CVE-2026-24717). Confidential information can be exposed externally.
|
| CVE-2025-66281 |
|
Vulnerability in dos (CVE-2025-66281)
vulnerability in dos (CVE-2025-66281). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22893 |
|
OS Command Injection in qnap (CVE-2026-22893)
OS command injection in qnap (CVE-2026-22893). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66273 |
|
OS Command Injection in qnap (CVE-2025-66273)
OS command injection in qnap (CVE-2025-66273). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66279 |
|
OS Command Injection in qnap (CVE-2025-66279)
OS command injection in qnap (CVE-2025-66279). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66280 |
|
Vulnerability in qnap (CVE-2025-66280)
vulnerability in qnap (CVE-2025-66280). Successful exploitation can lead to full system takeover.
|
| CVE-2025-62851 |
|
Path Traversal in path-traversal (CVE-2025-62851)
path traversal in path-traversal (CVE-2025-62851). Confidential information can be exposed externally.
|
| CVE-2025-62850 |
|
Vulnerability in dos (CVE-2025-62850)
vulnerability in dos (CVE-2025-62850). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66276 |
|
Vulnerability in qnap (CVE-2025-66276)
vulnerability in qnap (CVE-2025-66276). Successful exploitation can lead to full system takeover.
|