Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-64390 |
|
Vulnerability in privilege-escalation (CVE-2025-64390)
vulnerability in privilege-escalation (CVE-2025-64390). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40715 |
|
Vulnerability in privilege-escalation (CVE-2026-40715)
vulnerability in privilege-escalation (CVE-2026-40715). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40713 |
|
Vulnerability in dell (CVE-2026-40713)
vulnerability in dell (CVE-2026-40713). Confidential information can be exposed externally.
|
| CVE-2026-10606 |
|
Vulnerability in sqli (CVE-2026-10606)
vulnerability in sqli (CVE-2026-10606). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1871 |
|
Vulnerability in dos (CVE-2026-1871)
vulnerability in dos (CVE-2026-1871). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
|
| CVE-2026-40571 |
|
Vulnerability in CVE-2026-40571 (CVE-2026-40571)
vulnerability in CVE-2026-40571 (CVE-2026-40571). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35443 |
|
Vulnerability in CVE-2026-35443 (CVE-2026-35443)
vulnerability in CVE-2026-35443 (CVE-2026-35443). Risk of unauthorized operations or information disclosure. Exploitable via ``view_other_topics``.
|
| CVE-2026-35447 |
|
Vulnerability in CVE-2026-35447 (CVE-2026-35447)
vulnerability in CVE-2026-35447 (CVE-2026-35447). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40314 |
|
Vulnerability in CVE-2026-40314 (CVE-2026-40314)
vulnerability in CVE-2026-40314 (CVE-2026-40314). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44367 |
|
Vulnerability in apache (CVE-2026-44367)
vulnerability in apache (CVE-2026-44367). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45080 |
|
Information Disclosure in apache (CVE-2026-45080)
vulnerability in apache (CVE-2026-45080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33398 |
|
Vulnerability in CVE-2026-33398 (CVE-2026-33398)
vulnerability in CVE-2026-33398 (CVE-2026-33398). Risk of unauthorized operations or information disclosure. Exploitable via ``post``.
|
| CVE-2026-7195 |
|
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
|
| CVE-2026-7313 |
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
|
| CVE-2026-7198 |
|
Vulnerability in progress (CVE-2026-7198)
vulnerability in progress (CVE-2026-7198). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7201 |
|
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
|
| CVE-2026-7312 |
|
Vulnerability in progress (CVE-2026-7312)
vulnerability in progress (CVE-2026-7312). Confidential information can be exposed externally.
|
| CVE-2026-39552 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-39553 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-39555 |
|
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection.
...
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection.
...
|
| CVE-2026-32250 |
|
Cross-Site Scripting (XSS) in CVE-2026-32250 (CVE-2026-32250)
cross-site scripting in CVE-2026-32250 (CVE-2026-32250). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-68886 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2025-69369 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2025-58707 |
|
Vulnerability in CVE-2025-58707 (CVE-2025-58707)
vulnerability in CVE-2025-58707 (CVE-2025-58707). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58897 |
|
Vulnerability in CVE-2025-58897 (CVE-2025-58897)
vulnerability in CVE-2025-58897 (CVE-2025-58897). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58024 |
|
Vulnerability in CVE-2025-58024 (CVE-2025-58024)
vulnerability in CVE-2025-58024 (CVE-2025-58024). Successful exploitation can lead to full system takeover.
|
| CVE-2025-58705 |
|
Vulnerability in CVE-2025-58705 (CVE-2025-58705)
vulnerability in CVE-2025-58705 (CVE-2025-58705). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53440 |
|
Vulnerability in CVE-2025-53440 (CVE-2025-53440)
vulnerability in CVE-2025-53440 (CVE-2025-53440). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5422 |
|
Vulnerability in jupyter-server (CVE-2026-5422)
vulnerability in jupyter-server (CVE-2026-5422). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.2` or later.
|
| CVE-2026-5191 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5191)
cross-site scripting in wordpress (CVE-2026-5191). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41115 |
|
Vulnerability in kafka (CVE-2026-41115)
vulnerability in kafka (CVE-2026-41115). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46718 |
|
Vulnerability in org.apache.calcite:calcite-core (CVE-2026-46718)
vulnerability in org.apache.calcite:calcite-core (CVE-2026-46718). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.42.0` or later.
|
| CVE-2026-8885 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8885)
cross-site scripting in wordpress (CVE-2026-8885). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-5085 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-5085)
cross-site scripting in wordpress (CVE-2025-5085). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1451 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-1451)
cross-site scripting in wordpress (CVE-2026-1451). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1450 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-1450)
cross-site scripting in wordpress (CVE-2026-1450). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4071 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-4071)
vulnerability in wordpress (CVE-2026-4071). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2382 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2382)
cross-site scripting in wordpress (CVE-2026-2382). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9722 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9722)
vulnerability in wordpress (CVE-2026-9722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9234 |
|
Vulnerability in wordpress (CVE-2026-9234)
vulnerability in wordpress (CVE-2026-9234). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8422 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8422)
vulnerability in wordpress (CVE-2026-8422). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9599 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9599)
vulnerability in wordpress (CVE-2026-9599). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9730 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9730)
vulnerability in wordpress (CVE-2026-9730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9723 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9723)
vulnerability in wordpress (CVE-2026-9723). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2425 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2425)
cross-site scripting in wordpress (CVE-2026-2425). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3620 |
|
Vulnerability in wordpress (CVE-2026-3620)
vulnerability in wordpress (CVE-2026-3620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4080 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4080)
cross-site scripting in wordpress (CVE-2026-4080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4081 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4081)
cross-site scripting in wordpress (CVE-2026-4081). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8293 |
|
Authentication Bypass in wordpress (CVE-2026-8293)
authentication bypass in wordpress (CVE-2026-8293). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8206 |
|
Privilege Escalation in wordpress (CVE-2026-8206)
vulnerability in wordpress (CVE-2026-8206). Successful exploitation can lead to full system takeover.
|