Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-71314 |
|
Vulnerability in linux (CVE-2025-71314)
vulnerability in linux (CVE-2025-71314). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71313 |
|
Vulnerability in linux (CVE-2025-71313)
vulnerability in linux (CVE-2025-71313). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20175 |
|
Vulnerability in cisco (CVE-2026-20175)
vulnerability in cisco (CVE-2026-20175). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20230 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Cisco ssrf (CVE-2026-20230)
SSRF in Cisco ssrf (CVE-2026-20230). Data can be tampered with by attackers. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20233 |
|
Cross-Site Scripting (XSS) in Cisco webex-meetings (CVE-2026-20233)
cross-site scripting in Cisco webex-meetings (CVE-2026-20233). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6657 |
|
Vulnerability in jupyter (CVE-2026-6657)
vulnerability in jupyter (CVE-2026-6657). Successful exploitation can lead to full system takeover. Exploitable via ``allow_origin_pat``.
|
| CVE-2022-31114 |
|
Cross-Site Scripting (XSS) in backpack/crud (CVE-2022-31114)
cross-site scripting in backpack/crud (CVE-2022-31114). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.63` or later.
|
| CVE-2026-10770 |
|
Cross-Site Scripting (XSS) in drupal/cleantalk (CVE-2026-10770)
cross-site scripting in drupal/cleantalk (CVE-2026-10770). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.7.1` or later.
|
| CVE-2026-10769 |
|
Cross-Site Scripting (XSS) in drupal/commerce (CVE-2026-10769)
cross-site scripting in drupal/commerce (CVE-2026-10769). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.6` or later.
|
| CVE-2026-10768 |
|
Vulnerability in drupal/localgov_workflows (CVE-2026-10768)
vulnerability in drupal/localgov_workflows (CVE-2026-10768). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.6.0` or later.
|
| CVE-2026-47065 |
|
Unsafe Deserialization in apache (CVE-2026-47065)
vulnerability in apache (CVE-2026-47065). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10704 |
|
Vulnerability in sqli (CVE-2026-10704)
vulnerability in sqli (CVE-2026-10704). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10694 |
|
Vulnerability in CVE-2026-10694 (CVE-2026-10694)
vulnerability in CVE-2026-10694 (CVE-2026-10694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9732 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9732)
vulnerability in wordpress (CVE-2026-9732). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7421 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7421)
cross-site scripting in wordpress (CVE-2026-7421). Risk of unauthorized operations or information disclosure. Exploitable via ``shop_name``.
|
| CVE-2026-25861 |
|
Vulnerability in CVE-2026-25861 (CVE-2026-25861)
vulnerability in CVE-2026-25861 (CVE-2026-25861). Confidential information can be exposed externally.
|
| CVE-2010-0249 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2010-0249)
vulnerability in Microsoft internet-explorer (CVE-2010-0249). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-35482 |
|
Authorization Flaw in CVE-2026-35482 (CVE-2026-35482)
vulnerability in CVE-2026-35482 (CVE-2026-35482). Successful exploitation can lead to full system takeover. Exploitable via ``returnClass``.
|
| CVE-2026-10620 |
|
Vulnerability in sqli (CVE-2026-10620)
vulnerability in sqli (CVE-2026-10620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10624 |
|
Vulnerability in CVE-2026-10624 (CVE-2026-10624)
vulnerability in CVE-2026-10624 (CVE-2026-10624). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8035 |
|
Vulnerability in dos (CVE-2026-8035)
vulnerability in dos (CVE-2026-8035). Data can be tampered with by attackers.
|
| CVE-2026-8036 |
|
Vulnerability in privilege-escalation (CVE-2026-8036)
vulnerability in privilege-escalation (CVE-2026-8036). Confidential information can be exposed externally.
|
| CVE-2026-5073 |
|
SQL Injection in wordpress (CVE-2026-5073)
SQL injection in wordpress (CVE-2026-5073). Confidential information can be exposed externally.
|
| CVE-2026-5074 |
|
SQL Injection in wordpress (CVE-2026-5074)
SQL injection in wordpress (CVE-2026-5074). Confidential information can be exposed externally. Exploitable via ``get_private_content_data``.
|
| CVE-2026-5076 |
|
Authentication Bypass in wordpress (CVE-2026-5076)
authentication bypass in wordpress (CVE-2026-5076). Successful exploitation can lead to full system takeover. Exploitable via ``arm_reset_password_key``.
|
| CVE-2026-1829 |
|
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
|
| CVE-2026-10701 |
|
Buffer Overflow in mozilla (CVE-2026-10701)
vulnerability in mozilla (CVE-2026-10701). Confidential information can be exposed externally.
|
| CVE-2026-10702 |
|
Vulnerability in mozilla (CVE-2026-10702)
vulnerability in mozilla (CVE-2026-10702). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28299 |
|
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
|
| CVE-2026-10607 |
|
Vulnerability in sqli (CVE-2026-10607)
vulnerability in sqli (CVE-2026-10607). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10608 |
|
Vulnerability in sqli (CVE-2026-10608)
vulnerability in sqli (CVE-2026-10608). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64390 |
|
Vulnerability in privilege-escalation (CVE-2025-64390)
vulnerability in privilege-escalation (CVE-2025-64390). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40715 |
|
Vulnerability in privilege-escalation (CVE-2026-40715)
vulnerability in privilege-escalation (CVE-2026-40715). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40713 |
|
Vulnerability in dell (CVE-2026-40713)
vulnerability in dell (CVE-2026-40713). Confidential information can be exposed externally.
|
| CVE-2026-10606 |
|
Vulnerability in sqli (CVE-2026-10606)
vulnerability in sqli (CVE-2026-10606). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1871 |
|
Vulnerability in dos (CVE-2026-1871)
vulnerability in dos (CVE-2026-1871). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
|
| CVE-2026-40571 |
|
Vulnerability in CVE-2026-40571 (CVE-2026-40571)
vulnerability in CVE-2026-40571 (CVE-2026-40571). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35443 |
|
Vulnerability in CVE-2026-35443 (CVE-2026-35443)
vulnerability in CVE-2026-35443 (CVE-2026-35443). Risk of unauthorized operations or information disclosure. Exploitable via ``view_other_topics``.
|
| CVE-2026-35447 |
|
Vulnerability in CVE-2026-35447 (CVE-2026-35447)
vulnerability in CVE-2026-35447 (CVE-2026-35447). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40314 |
|
Vulnerability in CVE-2026-40314 (CVE-2026-40314)
vulnerability in CVE-2026-40314 (CVE-2026-40314). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44367 |
|
Vulnerability in apache (CVE-2026-44367)
vulnerability in apache (CVE-2026-44367). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45080 |
|
Information Disclosure in apache (CVE-2026-45080)
vulnerability in apache (CVE-2026-45080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33398 |
|
Vulnerability in CVE-2026-33398 (CVE-2026-33398)
vulnerability in CVE-2026-33398 (CVE-2026-33398). Risk of unauthorized operations or information disclosure. Exploitable via ``post``.
|
| CVE-2026-7195 |
|
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
|
| CVE-2026-7313 |
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
|
| CVE-2026-7312 |
|
Vulnerability in progress (CVE-2026-7312)
vulnerability in progress (CVE-2026-7312). Confidential information can be exposed externally.
|
| CVE-2026-7201 |
|
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
|
| CVE-2026-7198 |
|
Vulnerability in progress (CVE-2026-7198)
vulnerability in progress (CVE-2026-7198). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39552 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-39553 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|