Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-444 Clear
ID Title
CVE-2026-11541 Vulnerability in ibm (CVE-2026-11541)
vulnerability in ibm (CVE-2026-11541). Confidential information can be exposed externally.
CVE-2026-11806 Vulnerability in ibm (CVE-2026-11806)
vulnerability in ibm (CVE-2026-11806). Successful exploitation can lead to full system takeover.
CVE-2026-8646 Vulnerability in ibm (CVE-2026-8646)
vulnerability in ibm (CVE-2026-8646). Confidential information can be exposed externally.
CVE-2026-48979 Vulnerability in php-standard-library/h2 (CVE-2026-48979)
vulnerability in php-standard-library/h2 (CVE-2026-48979). Data can be tampered with by attackers. Exploitable via ``StreamException``. Mitigation: upgrade to `6.2.1` or later.
CVE-2026-52845 Authentication Bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845)
authentication bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845). Confidential information can be exposed externally. Exploitable via `GET /index.php`. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-41853 Vulnerability in spring (CVE-2026-41853)
vulnerability in spring (CVE-2026-41853). Risk of unauthorized operations or information disclosure.
CVE-2026-9170 Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
CVE-2026-8620 Vulnerability in ibm (CVE-2026-8620)
vulnerability in ibm (CVE-2026-8620). Confidential information can be exposed externally.
CVE-2026-40175 Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
CVE-2026-28367 Vulnerability in io.undertow:undertow-parent (CVE-2026-28367)
vulnerability in io.undertow:undertow-parent (CVE-2026-28367). Confidential information can be exposed externally.
CVE-2026-4700 Vulnerability in mozilla (CVE-2026-4700)
vulnerability in mozilla (CVE-2026-4700). Successful exploitation can lead to full system takeover.
CVE-2026-23941 Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
CVE-2026-20069 Vulnerability in cisco (CVE-2026-20069)
vulnerability in cisco (CVE-2026-20069). Risk of unauthorized operations or information disclosure.
CVE-2025-55018 Vulnerability in fortinet (CVE-2025-55018)
vulnerability in fortinet (CVE-2025-55018). Risk of unauthorized operations or information disclosure.
CVE-2023-48365 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-48365)
vulnerability in Qlik sense (CVE-2023-48365). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41265 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-22536 KEV [KEV] Vulnerability in Sap multiple-products (CVE-2022-22536)
vulnerability in Sap multiple-products (CVE-2022-22536). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41451 Vulnerability in tp-link (CVE-2021-41451)
vulnerability in tp-link (CVE-2021-41451). Risk of unauthorized operations or information disclosure.
CVE-2021-41450 Vulnerability in dos (CVE-2021-41450)
vulnerability in dos (CVE-2021-41450). Risk of unauthorized operations or information disclosure.
CVE-2021-41436 Vulnerability in dos (CVE-2021-41436)
vulnerability in dos (CVE-2021-41436). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →