Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-770 Clear
ID Title
CVE-2026-42145 Unrestricted File Upload in CVE-2026-42145 (CVE-2026-42145)
vulnerability in CVE-2026-42145 (CVE-2026-42145). Risk of unauthorized operations or information disclosure.
CVE-2026-54428 Vulnerability in apache (CVE-2026-54428)
vulnerability in apache (CVE-2026-54428). Risk of unauthorized operations or information disclosure.
CVE-2026-56150 Vulnerability in dos (CVE-2026-56150)
vulnerability in dos (CVE-2026-56150). Risk of unauthorized operations or information disclosure.
CVE-2026-56149 Vulnerability in dos (CVE-2026-56149)
vulnerability in dos (CVE-2026-56149). Risk of unauthorized operations or information disclosure.
CVE-2026-49087 Vulnerability in dos (CVE-2026-49087)
vulnerability in dos (CVE-2026-49087). Risk of unauthorized operations or information disclosure.
CVE-2025-36319 Vulnerability in ibm (CVE-2025-36319)
vulnerability in ibm (CVE-2025-36319). Risk of unauthorized operations or information disclosure.
CVE-2026-54448 Vulnerability in aquasec (CVE-2026-54448)
vulnerability in aquasec (CVE-2026-54448). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.71.0` or later.
CVE-2026-12760 Vulnerability in dos (CVE-2026-12760)
vulnerability in dos (CVE-2026-12760). Risk of unauthorized operations or information disclosure.
CVE-2024-54178 Vulnerability in dos (CVE-2024-54178)
vulnerability in dos (CVE-2024-54178). Risk of unauthorized operations or information disclosure.
CVE-2026-7250 Vulnerability in gitlab (CVE-2026-7250)
vulnerability in gitlab (CVE-2026-7250). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-1500 Vulnerability in gitlab (CVE-2026-1500)
vulnerability in gitlab (CVE-2026-1500). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-53460 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-24720 Vulnerability in qnap (CVE-2026-24720)
vulnerability in qnap (CVE-2026-24720). Risk of unauthorized operations or information disclosure.
CVE-2026-41726 Vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41726)
vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41726). Risk of unauthorized operations or information disclosure.
CVE-2026-41716 Vulnerability in broadcom (CVE-2026-41716)
vulnerability in broadcom (CVE-2026-41716). Risk of unauthorized operations or information disclosure.
CVE-2026-45591 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.9` or later.
CVE-2026-41851 Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
CVE-2026-41007 Vulnerability in vmware (CVE-2026-41007)
vulnerability in vmware (CVE-2026-41007). Risk of unauthorized operations or information disclosure.
CVE-2026-44488 Vulnerability in axios (CVE-2026-44488)
vulnerability in axios (CVE-2026-44488). Risk of unauthorized operations or information disclosure. Exploitable via ``fetch``. Mitigation: upgrade to `1.16.0` or later.
CVE-2026-28299 SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
CVE-2026-40990 Vulnerability in vmware (CVE-2026-40990)
vulnerability in vmware (CVE-2026-40990). Risk of unauthorized operations or information disclosure.
CVE-2026-49361 Vulnerability in apache (CVE-2026-49361)
vulnerability in apache (CVE-2026-49361). Risk of unauthorized operations or information disclosure.
CVE-2026-1402 Vulnerability in gitlab (CVE-2026-1402)
vulnerability in gitlab (CVE-2026-1402). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
CVE-2026-1718 Vulnerability in dos (CVE-2026-1718)
vulnerability in dos (CVE-2026-1718). Risk of unauthorized operations or information disclosure.
CVE-2026-6053 Vulnerability in dos (CVE-2026-6053)
vulnerability in dos (CVE-2026-6053). Risk of unauthorized operations or information disclosure.
CVE-2026-8488 Vulnerability in progress (CVE-2026-8488)
vulnerability in progress (CVE-2026-8488). Risk of unauthorized operations or information disclosure.
CVE-2026-8486 Vulnerability in progress (CVE-2026-8486)
vulnerability in progress (CVE-2026-8486). Risk of unauthorized operations or information disclosure.
CVE-2026-45802 Vulnerability in setasign/fpdi (CVE-2026-45802)
vulnerability in setasign/fpdi (CVE-2026-45802). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.6.7` or later.
CVE-2026-45664 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45664)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45664). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.13.1` or later.
CVE-2026-45682 Vulnerability in go.opentelemetry.io/obi (CVE-2026-45682)
vulnerability in go.opentelemetry.io/obi (CVE-2026-45682). Risk of unauthorized operations or information disclosure. Exploitable via ``CappedConcurrentHashMap``. Mitigation: upgrade to `0.9.0` or later.
CVE-2026-45031 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45031)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-45031). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.13.1` or later.
CVE-2021-47959 WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows...
WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows...
CVE-2026-45292 Vulnerability in io.opentelemetry:opentelemetry-api (CVE-2026-45292)
vulnerability in io.opentelemetry:opentelemetry-api (CVE-2026-45292). Risk of unauthorized operations or information disclosure. Exploitable via ``W3CBaggagePropagator``. Mitigation: upgrade to `1.62.0` or later.
CVE-2026-8280 Vulnerability in gitlab (CVE-2026-8280)
vulnerability in gitlab (CVE-2026-8280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-1659 Vulnerability in gitlab (CVE-2026-1659)
vulnerability in gitlab (CVE-2026-1659). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2025-14870 Vulnerability in gitlab (CVE-2025-14870)
vulnerability in gitlab (CVE-2025-14870). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-41227 Vulnerability in dos (CVE-2026-41227)
vulnerability in dos (CVE-2026-41227). Risk of unauthorized operations or information disclosure.
CVE-2026-40629 Vulnerability in f5 (CVE-2026-40629)
vulnerability in f5 (CVE-2026-40629). Risk of unauthorized operations or information disclosure.
CVE-2026-40423 Vulnerability in f5 (CVE-2026-40423)
vulnerability in f5 (CVE-2026-40423). Risk of unauthorized operations or information disclosure.
CVE-2026-8202 Vulnerability in mongodb (CVE-2026-8202)
vulnerability in mongodb (CVE-2026-8202). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2026-40863 Vulnerability in phpoffice/phpspreadsheet (CVE-2026-40863)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-40863). Risk of unauthorized operations or information disclosure. Exploitable via ``cachedHighestRow``. Mitigation: upgrade to `1.30.4` or later.
CVE-2026-40902 Vulnerability in phpoffice/phpspreadsheet (CVE-2026-40902)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-40902). Risk of unauthorized operations or information disclosure. Exploitable via ``cachedHighestRow``. Mitigation: upgrade to `1.30.4` or later.
CVE-2026-41284 Vulnerability in tomcat (CVE-2026-41284)
vulnerability in tomcat (CVE-2026-41284). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
CVE-2026-22925 Vulnerability in siemens (CVE-2026-22925)
vulnerability in siemens (CVE-2026-22925). Risk of unauthorized operations or information disclosure.
CVE-2026-43329 Vulnerability in linux (CVE-2026-43329)
vulnerability in linux (CVE-2026-43329). Successful exploitation can lead to full system takeover.
CVE-2025-69233 Vulnerability in apache (CVE-2025-69233)
vulnerability in apache (CVE-2025-69233). Risk of unauthorized operations or information disclosure.
CVE-2026-20608 Vulnerability in java (CVE-2026-20608)
vulnerability in java (CVE-2026-20608). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2022-21294 Vulnerability in java (CVE-2022-21294)
vulnerability in java (CVE-2022-21294). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2026-32934 Vulnerability in github.com/coredns/coredns (CVE-2026-32934)
vulnerability in github.com/coredns/coredns (CVE-2026-32934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-42039 Vulnerability in axios (CVE-2026-42039)
vulnerability in axios (CVE-2026-42039). Risk of unauthorized operations or information disclosure. Exploitable via `POST /forward`. Mitigation: upgrade to `0.31.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →