Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-48205 |
|
Vulnerability in apache (CVE-2026-48205)
vulnerability in apache (CVE-2026-48205). Confidential information can be exposed externally.
|
| CVE-2026-55993 |
|
Vulnerability in apache (CVE-2026-55993)
vulnerability in apache (CVE-2026-55993). Confidential information can be exposed externally.
|
| CVE-2026-55994 |
|
Vulnerability in apache (CVE-2026-55994)
vulnerability in apache (CVE-2026-55994). Confidential information can be exposed externally.
|
| CVE-2026-46726 |
|
Vulnerability in apache (CVE-2026-46726)
vulnerability in apache (CVE-2026-46726). Confidential information can be exposed externally.
|
| CVE-2026-48203 |
|
Vulnerability in apache (CVE-2026-48203)
vulnerability in apache (CVE-2026-48203). Confidential information can be exposed externally.
|
| CVE-2026-57993 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57993)
SSRF in ssrf (CVE-2026-57993). Confidential information can be exposed externally.
|
| CVE-2026-58278 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-58278)
SSRF in ssrf (CVE-2026-58278). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57987 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57987)
SSRF in ssrf (CVE-2026-57987). Confidential information can be exposed externally.
|
| CVE-2026-11397 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11397)
SSRF in wordpress (CVE-2026-11397). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57100 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57100)
SSRF in ssrf (CVE-2026-57100). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45499 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45499)
SSRF in ssrf (CVE-2026-45499). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24242 |
|
SSRF (Server-Side Request Forgery) in nvidia (CVE-2026-24242)
SSRF in nvidia (CVE-2026-24242). Successful exploitation can lead to full system takeover.
|
| CVE-2025-36324 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-36324)
SSRF in ssrf (CVE-2025-36324). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13773 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10546 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10546)
SSRF in ssrf (CVE-2026-10546). Confidential information can be exposed externally.
|
| CVE-2026-10564 |
|
SSRF (Server-Side Request Forgery) in c (CVE-2026-10564)
SSRF in c (CVE-2026-10564). Confidential information can be exposed externally.
|
| CVE-2026-11714 |
|
SSRF (Server-Side Request Forgery) in ibm (CVE-2026-11714)
SSRF in ibm (CVE-2026-11714). Confidential information can be exposed externally.
|
| CVE-2026-11546 |
|
SSRF (Server-Side Request Forgery) in ibm (CVE-2026-11546)
SSRF in ibm (CVE-2026-11546). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10129 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10129)
SSRF in ssrf (CVE-2026-10129). Confidential information can be exposed externally.
|
| CVE-2026-48285 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48285)
SSRF in ssrf (CVE-2026-48285). Confidential information can be exposed externally.
|
| CVE-2026-57940 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57940)
SSRF in ssrf (CVE-2026-57940). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2053 |
|
SSRF (Server-Side Request Forgery) in wso2 (CVE-2026-2053)
SSRF in wso2 (CVE-2026-2053). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57303 |
|
SSRF (Server-Side Request Forgery) in jenkins (CVE-2026-57303)
SSRF in jenkins (CVE-2026-57303). Confidential information can be exposed externally.
|
| CVE-2026-12100 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12100)
SSRF in wordpress (CVE-2026-12100). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12095 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12095)
SSRF in wordpress (CVE-2026-12095). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11370 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11370)
SSRF in wordpress (CVE-2026-11370). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56275 |
|
SSRF (Server-Side Request Forgery) in flowiseai (CVE-2026-56275)
SSRF in flowiseai (CVE-2026-56275). Confidential information can be exposed externally.
|
| CVE-2026-55599 |
|
SSRF (Server-Side Request Forgery) in phpseclib/phpseclib (CVE-2026-55599)
SSRF in phpseclib/phpseclib (CVE-2026-55599). Risk of unauthorized operations or information disclosure. Exploitable via `GET /ssrf`. Mitigation: upgrade to `3.0.54` or later.
|
| CVE-2026-9006 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9006)
SSRF in ssrf (CVE-2026-9006). Confidential information can be exposed externally.
|
| CVE-2026-7253 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-7253)
SSRF in ssrf (CVE-2026-7253). Confidential information can be exposed externally.
|
| CVE-2026-56342 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-56342 (CVE-2026-56342)
SSRF in CVE-2026-56342 (CVE-2026-56342). Confidential information can be exposed externally.
|
| CVE-2026-49359 |
|
SSRF (Server-Side Request Forgery) in pontedilana/php-weasyprint (CVE-2026-49359)
SSRF in pontedilana/php-weasyprint (CVE-2026-49359). Confidential information can be exposed externally. Exploitable via ``attachment``. Mitigation: upgrade to `2.6.0` or later.
|
| CVE-2026-4328 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-4328)
SSRF in wordpress (CVE-2026-4328). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11989 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11989)
SSRF in wordpress (CVE-2026-11989). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11395 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11395)
SSRF in wordpress (CVE-2026-11395). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53859 |
|
Vulnerability in openclaw (CVE-2026-53859)
vulnerability in openclaw (CVE-2026-53859). Confidential information can be exposed externally. Mitigation: upgrade to `2026.5.26` or later.
|
| CVE-2026-53827 |
|
SSRF (Server-Side Request Forgery) in openclaw (CVE-2026-53827)
SSRF in openclaw (CVE-2026-53827). Confidential information can be exposed externally.
|
| CVE-2025-58175 |
|
Vulnerability in org.geoserver.web:gs-web-app (CVE-2025-58175)
vulnerability in org.geoserver.web:gs-web-app (CVE-2025-58175). Confidential information can be exposed externally. Exploitable via ``ENTITY_RESOLUTION_ALLOWLIST``. Mitigation: upgrade to `2.27.3` or later.
|
| CVE-2026-53812 |
|
Vulnerability in openclaw (CVE-2026-53812)
vulnerability in openclaw (CVE-2026-53812). Confidential information can be exposed externally. Exploitable via ``act``. Mitigation: upgrade to `2026.5.18` or later.
|
| CVE-2026-46698 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46698)
SSRF in wordpress (CVE-2026-46698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46697 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46697)
SSRF in wordpress (CVE-2026-46697). Confidential information can be exposed externally.
|
| CVE-2026-3341 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-3341)
SSRF in ssrf (CVE-2026-3341). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48998 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-48998)
vulnerability in guzzlehttp/psr7 (CVE-2026-48998). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `2.10.2` or later.
|
| CVE-2026-9204 |
|
SSRF (Server-Side Request Forgery) in gitlab (CVE-2026-9204)
SSRF in gitlab (CVE-2026-9204). Confidential information can be exposed externally. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
|
| CVE-2026-48858 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48858)
SSRF in ssrf (CVE-2026-48858). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45561 |
|
SSRF (Server-Side Request Forgery) in flask (CVE-2026-45561)
SSRF in flask (CVE-2026-45561). Confidential information can be exposed externally.
|
| CVE-2026-45504 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45504)
SSRF in ssrf (CVE-2026-45504). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45501 |
|
Cross-Site Scripting (XSS) in ssrf (CVE-2026-45501)
cross-site scripting in ssrf (CVE-2026-45501). Confidential information can be exposed externally.
|
| CVE-2026-45502 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45502)
SSRF in ssrf (CVE-2026-45502). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45503 |
|
Vulnerability in ssrf (CVE-2026-45503)
vulnerability in ssrf (CVE-2026-45503). Confidential information can be exposed externally.
|