Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-42145 |
|
Unrestricted File Upload in CVE-2026-42145 (CVE-2026-42145)
vulnerability in CVE-2026-42145 (CVE-2026-42145). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54428 |
|
Vulnerability in apache (CVE-2026-54428)
vulnerability in apache (CVE-2026-54428). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56150 |
|
Vulnerability in dos (CVE-2026-56150)
vulnerability in dos (CVE-2026-56150). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56149 |
|
Vulnerability in dos (CVE-2026-56149)
vulnerability in dos (CVE-2026-56149). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49087 |
|
Vulnerability in dos (CVE-2026-49087)
vulnerability in dos (CVE-2026-49087). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36319 |
|
Vulnerability in ibm (CVE-2025-36319)
vulnerability in ibm (CVE-2025-36319). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54448 |
|
Vulnerability in aquasec (CVE-2026-54448)
vulnerability in aquasec (CVE-2026-54448). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.71.0` or later.
|
| CVE-2026-12760 |
|
Vulnerability in dos (CVE-2026-12760)
vulnerability in dos (CVE-2026-12760). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-54178 |
|
Vulnerability in dos (CVE-2024-54178)
vulnerability in dos (CVE-2024-54178). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7250 |
|
Vulnerability in gitlab (CVE-2026-7250)
vulnerability in gitlab (CVE-2026-7250). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-1500 |
|
Vulnerability in gitlab (CVE-2026-1500)
vulnerability in gitlab (CVE-2026-1500). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-53460 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
|
| CVE-2026-24720 |
|
Vulnerability in qnap (CVE-2026-24720)
vulnerability in qnap (CVE-2026-24720). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41726 |
|
Vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41726)
vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41726). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41716 |
|
Vulnerability in broadcom (CVE-2026-41716)
vulnerability in broadcom (CVE-2026-41716). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45591 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.9` or later.
|
| CVE-2026-41851 |
|
Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41007 |
|
Vulnerability in vmware (CVE-2026-41007)
vulnerability in vmware (CVE-2026-41007). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44488 |
|
Vulnerability in axios (CVE-2026-44488)
vulnerability in axios (CVE-2026-44488). Risk of unauthorized operations or information disclosure. Exploitable via ``fetch``. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-28299 |
|
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
|
| CVE-2026-40990 |
|
Vulnerability in vmware (CVE-2026-40990)
vulnerability in vmware (CVE-2026-40990). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49361 |
|
Vulnerability in apache (CVE-2026-49361)
vulnerability in apache (CVE-2026-49361). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1402 |
|
Vulnerability in gitlab (CVE-2026-1402)
vulnerability in gitlab (CVE-2026-1402). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-1718 |
|
Vulnerability in dos (CVE-2026-1718)
vulnerability in dos (CVE-2026-1718). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6053 |
|
Vulnerability in dos (CVE-2026-6053)
vulnerability in dos (CVE-2026-6053). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8488 |
|
Vulnerability in progress (CVE-2026-8488)
vulnerability in progress (CVE-2026-8488). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8486 |
|
Vulnerability in progress (CVE-2026-8486)
vulnerability in progress (CVE-2026-8486). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45802 |
|
Vulnerability in setasign/fpdi (CVE-2026-45802)
vulnerability in setasign/fpdi (CVE-2026-45802). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.6.7` or later.
|
| CVE-2026-45664 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45664)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45664). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.13.1` or later.
|
| CVE-2026-45682 |
|
Vulnerability in go.opentelemetry.io/obi (CVE-2026-45682)
vulnerability in go.opentelemetry.io/obi (CVE-2026-45682). Risk of unauthorized operations or information disclosure. Exploitable via ``CappedConcurrentHashMap``. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2026-45031 |
|
Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45031)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45031). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.13.1` or later.
|
| CVE-2021-47959 |
|
WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows...
WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows...
|
| CVE-2026-45292 |
|
Vulnerability in io.opentelemetry:opentelemetry-api (CVE-2026-45292)
vulnerability in io.opentelemetry:opentelemetry-api (CVE-2026-45292). Risk of unauthorized operations or information disclosure. Exploitable via ``W3CBaggagePropagator``. Mitigation: upgrade to `1.62.0` or later.
|
| CVE-2026-8280 |
|
Vulnerability in gitlab (CVE-2026-8280)
vulnerability in gitlab (CVE-2026-8280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
|
| CVE-2026-1659 |
|
Vulnerability in gitlab (CVE-2026-1659)
vulnerability in gitlab (CVE-2026-1659). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
|
| CVE-2025-14870 |
|
Vulnerability in gitlab (CVE-2025-14870)
vulnerability in gitlab (CVE-2025-14870). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
|
| CVE-2026-41227 |
|
Vulnerability in dos (CVE-2026-41227)
vulnerability in dos (CVE-2026-41227). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40629 |
|
Vulnerability in f5 (CVE-2026-40629)
vulnerability in f5 (CVE-2026-40629). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40423 |
|
Vulnerability in f5 (CVE-2026-40423)
vulnerability in f5 (CVE-2026-40423). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8202 |
|
Vulnerability in mongodb (CVE-2026-8202)
vulnerability in mongodb (CVE-2026-8202). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
|
| CVE-2026-40863 |
|
Vulnerability in phpoffice/phpspreadsheet (CVE-2026-40863)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-40863). Risk of unauthorized operations or information disclosure. Exploitable via ``cachedHighestRow``. Mitigation: upgrade to `1.30.4` or later.
|
| CVE-2026-40902 |
|
Vulnerability in phpoffice/phpspreadsheet (CVE-2026-40902)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-40902). Risk of unauthorized operations or information disclosure. Exploitable via ``cachedHighestRow``. Mitigation: upgrade to `1.30.4` or later.
|
| CVE-2026-41284 |
|
Vulnerability in tomcat (CVE-2026-41284)
vulnerability in tomcat (CVE-2026-41284). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-22925 |
|
Vulnerability in siemens (CVE-2026-22925)
vulnerability in siemens (CVE-2026-22925). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43329 |
|
Vulnerability in linux (CVE-2026-43329)
vulnerability in linux (CVE-2026-43329). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69233 |
|
Vulnerability in apache (CVE-2025-69233)
vulnerability in apache (CVE-2025-69233). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20608 |
|
Vulnerability in java (CVE-2026-20608)
vulnerability in java (CVE-2026-20608). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
|
| CVE-2022-21294 |
|
Vulnerability in java (CVE-2022-21294)
vulnerability in java (CVE-2022-21294). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2026-32934 |
|
Vulnerability in github.com/coredns/coredns (CVE-2026-32934)
vulnerability in github.com/coredns/coredns (CVE-2026-32934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-42039 |
|
Vulnerability in axios (CVE-2026-42039)
vulnerability in axios (CVE-2026-42039). Risk of unauthorized operations or information disclosure. Exploitable via `POST /forward`. Mitigation: upgrade to `0.31.1` or later.
|