Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2026-46242 Use-After-Free in linux (CVE-2026-46242)
vulnerability in linux (CVE-2026-46242). Successful exploitation can lead to full system takeover.
CVE-2026-7465 Privilege Escalation in wordpress (CVE-2026-7465)
vulnerability in wordpress (CVE-2026-7465). Successful exploitation can lead to full system takeover.
CVE-2026-9757 SQL Injection in wordpress (CVE-2026-9757)
SQL injection in wordpress (CVE-2026-9757). Confidential information can be exposed externally.
CVE-2026-7459 Vulnerability in wordpress (CVE-2026-7459)
vulnerability in wordpress (CVE-2026-7459). Successful exploitation can lead to full system takeover.
CVE-2026-10110 Vulnerability in sqli (CVE-2026-10110)
vulnerability in sqli (CVE-2026-10110). Risk of unauthorized operations or information disclosure.
CVE-2026-48840 Vulnerability in exim (CVE-2026-48840)
vulnerability in exim (CVE-2026-48840). Risk of unauthorized operations or information disclosure.
CVE-2026-48810 Vulnerability in laravel (CVE-2026-48810)
vulnerability in laravel (CVE-2026-48810). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.221` or later.
CVE-2026-48811 Vulnerability in laravel (CVE-2026-48811)
vulnerability in laravel (CVE-2026-48811). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.221` or later.
CVE-2026-47123 Vulnerability in laravel (CVE-2026-47123)
vulnerability in laravel (CVE-2026-47123). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.220` or later.
CVE-2026-48555 SSRF (Server-Side Request Forgery) in spatie/laravel-medialibrary (CVE-2026-48555)
SSRF in spatie/laravel-medialibrary (CVE-2026-48555). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.23.0` or later.
CVE-2026-48557 Spatie Laravel Media Library contains a file upload restriction bypass
Spatie Laravel Media Library contains a file upload restriction bypass
CVE-2026-45294 Vulnerability in laravel (CVE-2026-45294)
vulnerability in laravel (CVE-2026-45294). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.219` or later.
CVE-2026-34127 Cross-Site Scripting (XSS) in tp-link (CVE-2026-34127)
cross-site scripting in tp-link (CVE-2026-34127). Risk of unauthorized operations or information disclosure.
CVE-2026-49381 In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible
In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible
CVE-2026-49382 Vulnerability in jetbrains (CVE-2026-49382)
vulnerability in jetbrains (CVE-2026-49382). Risk of unauthorized operations or information disclosure.
CVE-2026-49383 In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible
In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible
CVE-2026-49384 In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
CVE-2026-49385 Vulnerability in jetbrains (CVE-2026-49385)
vulnerability in jetbrains (CVE-2026-49385). Data can be tampered with by attackers.
CVE-2026-49386 Vulnerability in jetbrains (CVE-2026-49386)
vulnerability in jetbrains (CVE-2026-49386). Confidential information can be exposed externally.
CVE-2026-49372 In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible
In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible
CVE-2026-49373 Vulnerability in jetbrains (CVE-2026-49373)
vulnerability in jetbrains (CVE-2026-49373). Confidential information can be exposed externally.
CVE-2026-49374 Vulnerability in jetbrains (CVE-2026-49374)
vulnerability in jetbrains (CVE-2026-49374). Confidential information can be exposed externally.
CVE-2026-49375 Cross-Site Scripting (XSS) in jetbrains (CVE-2026-49375)
cross-site scripting in jetbrains (CVE-2026-49375). Risk of unauthorized operations or information disclosure.
CVE-2026-49376 In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
CVE-2026-49377 In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters
In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters
CVE-2026-49378 Vulnerability in jetbrains (CVE-2026-49378)
vulnerability in jetbrains (CVE-2026-49378). Risk of unauthorized operations or information disclosure.
CVE-2026-49379 In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names
CVE-2026-49380 In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible
CVE-2026-49366 In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion
In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion
CVE-2026-49367 In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account
In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account
CVE-2026-49368 In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
CVE-2026-49369 Authorization Flaw in jetbrains (CVE-2026-49369)
vulnerability in jetbrains (CVE-2026-49369). Risk of unauthorized operations or information disclosure.
CVE-2026-49370 In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests
CVE-2026-49371 In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible
In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible
CVE-2026-35630 Vulnerability in openclaw (CVE-2026-35630)
vulnerability in openclaw (CVE-2026-35630). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.18` or later.
CVE-2026-35673 Authorization Flaw in ssrf (CVE-2026-35673)
vulnerability in ssrf (CVE-2026-35673). Confidential information can be exposed externally.
CVE-2026-35674 Authorization Flaw in openclaw (CVE-2026-35674)
vulnerability in openclaw (CVE-2026-35674). Successful exploitation can lead to full system takeover.
CVE-2026-36324 Cross-Site Scripting (XSS) in CVE-2026-36324 (CVE-2026-36324)
cross-site scripting in CVE-2026-36324 (CVE-2026-36324). Risk of unauthorized operations or information disclosure.
CVE-2026-39276 Path Traversal in path-traversal (CVE-2026-39276)
path traversal in path-traversal (CVE-2026-39276). Successful exploitation can lead to full system takeover.
CVE-2026-32905 Vulnerability in openclaw (CVE-2026-32905)
vulnerability in openclaw (CVE-2026-32905). Confidential information can be exposed externally.
CVE-2026-32906 Authorization Flaw in privilege-escalation (CVE-2026-32906)
vulnerability in privilege-escalation (CVE-2026-32906). Risk of unauthorized operations or information disclosure.
CVE-2026-34507 Authorization Flaw in openclaw (CVE-2026-34507)
vulnerability in openclaw (CVE-2026-34507). Risk of unauthorized operations or information disclosure.
CVE-2018-25403 SQL Injection in sqli (CVE-2018-25403)
SQL injection in sqli (CVE-2018-25403). Confidential information can be exposed externally.
CVE-2018-25404 SQL Injection in sqli (CVE-2018-25404)
SQL injection in sqli (CVE-2018-25404). Confidential information can be exposed externally.
CVE-2018-25397 Cross-Site Request Forgery (CSRF) in CVE-2018-25397 (CVE-2018-25397)
vulnerability in CVE-2018-25397 (CVE-2018-25397). Risk of unauthorized operations or information disclosure.
CVE-2018-25398 SQL Injection in sqli (CVE-2018-25398)
SQL injection in sqli (CVE-2018-25398). Confidential information can be exposed externally.
CVE-2018-25399 SQL Injection in sqli (CVE-2018-25399)
SQL injection in sqli (CVE-2018-25399). Confidential information can be exposed externally.
CVE-2018-25400 SQL Injection in sqli (CVE-2018-25400)
SQL injection in sqli (CVE-2018-25400). Confidential information can be exposed externally.
CVE-2018-25401 SQL Injection in sqli (CVE-2018-25401)
SQL injection in sqli (CVE-2018-25401). Confidential information can be exposed externally.
CVE-2018-25402 SQL Injection in sqli (CVE-2018-25402)
SQL injection in sqli (CVE-2018-25402). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →