Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43921 |
|
Code Injection in CVE-2026-43921 (CVE-2026-43921)
code injection in CVE-2026-43921 (CVE-2026-43921). Risk of unauthorized operations or information disclosure. Exploitable via ``config.php``.
|
| CVE-2026-14791 |
|
Cross-Site Scripting (XSS) in CVE-2026-14791 (CVE-2026-14791)
cross-site scripting in CVE-2026-14791 (CVE-2026-14791). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14752 |
|
Cross-Site Scripting (XSS) in CVE-2026-14752 (CVE-2026-14752)
cross-site scripting in CVE-2026-14752 (CVE-2026-14752). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14749 |
|
Vulnerability in CVE-2026-14749 (CVE-2026-14749)
vulnerability in CVE-2026-14749 (CVE-2026-14749). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14691 |
|
Vulnerability in CVE-2026-14691 (CVE-2026-14691)
vulnerability in CVE-2026-14691 (CVE-2026-14691). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14656 |
|
Cross-Site Scripting (XSS) in CVE-2026-14656 (CVE-2026-14656)
cross-site scripting in CVE-2026-14656 (CVE-2026-14656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14655 |
|
Cross-Site Scripting (XSS) in CVE-2026-14655 (CVE-2026-14655)
cross-site scripting in CVE-2026-14655 (CVE-2026-14655). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14634 |
|
Cross-Site Scripting (XSS) in CVE-2026-14634 (CVE-2026-14634)
cross-site scripting in CVE-2026-14634 (CVE-2026-14634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14633 |
|
Cross-Site Scripting (XSS) in CVE-2026-14633 (CVE-2026-14633)
cross-site scripting in CVE-2026-14633 (CVE-2026-14633). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12252 |
|
Code Injection in nltk (CVE-2026-12252)
code injection in nltk (CVE-2026-12252). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11778 |
|
Code Injection in wordpress (CVE-2026-11778)
code injection in wordpress (CVE-2026-11778). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14407 |
|
Code Injection in google (CVE-2026-14407)
code injection in google (CVE-2026-14407). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14383 |
|
Code Injection in google (CVE-2026-14383)
code injection in google (CVE-2026-14383). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8857 |
|
Code Injection in CVE-2026-8857 (CVE-2026-8857)
code injection in CVE-2026-8857 (CVE-2026-8857). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58025 |
|
Code Injection in deserialization (CVE-2026-58025)
code injection in deserialization (CVE-2026-58025). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24249 |
|
Code Injection in deserialization (CVE-2026-24249)
code injection in deserialization (CVE-2026-24249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24248 |
|
Code Injection in nvidia (CVE-2026-24248)
code injection in nvidia (CVE-2026-24248). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7873 |
|
Code Injection in langflow (CVE-2026-7873)
code injection in langflow (CVE-2026-7873). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58138 |
|
Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10134 |
|
Code Injection in langflow (CVE-2026-10134)
code injection in langflow (CVE-2026-10134). Successful exploitation can lead to full system takeover. Exploitable via ``tool_code``.
|
| CVE-2026-10109 |
|
Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37637 |
|
Code Injection in CVE-2026-37637 (CVE-2026-37637)
code injection in CVE-2026-37637 (CVE-2026-37637). Confidential information can be exposed externally.
|
| CVE-2026-13570 |
|
Cross-Site Scripting (XSS) in CVE-2026-13570 (CVE-2026-13570)
cross-site scripting in CVE-2026-13570 (CVE-2026-13570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13567 |
|
Cross-Site Scripting (XSS) in CVE-2026-13567 (CVE-2026-13567)
cross-site scripting in CVE-2026-13567 (CVE-2026-13567). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13557 |
|
Cross-Site Scripting (XSS) in CVE-2026-13557 (CVE-2026-13557)
cross-site scripting in CVE-2026-13557 (CVE-2026-13557). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13556 |
|
Cross-Site Scripting (XSS) in CVE-2026-13556 (CVE-2026-13556)
cross-site scripting in CVE-2026-13556 (CVE-2026-13556). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13554 |
|
Cross-Site Scripting (XSS) in CVE-2026-13554 (CVE-2026-13554)
cross-site scripting in CVE-2026-13554 (CVE-2026-13554). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13504 |
|
Cross-Site Scripting (XSS) in CVE-2026-13504 (CVE-2026-13504)
cross-site scripting in CVE-2026-13504 (CVE-2026-13504). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13500 |
|
Vulnerability in CVE-2026-13500 (CVE-2026-13500)
vulnerability in CVE-2026-13500 (CVE-2026-13500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13499 |
|
Cross-Site Scripting (XSS) in CVE-2026-13499 (CVE-2026-13499)
cross-site scripting in CVE-2026-13499 (CVE-2026-13499). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1606 |
|
Code Injection in gitlab (CVE-2026-1606)
code injection in gitlab (CVE-2026-1606). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12242 |
|
Code Injection in wordpress (CVE-2026-12242)
code injection in wordpress (CVE-2026-12242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44959 |
|
Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34916 |
|
Code Injection in CVE-2026-34916 (CVE-2026-34916)
code injection in CVE-2026-34916 (CVE-2026-34916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9072 |
|
Code Injection in dos (CVE-2026-9072)
code injection in dos (CVE-2026-9072). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8858 |
|
Code Injection in dos (CVE-2026-8858)
code injection in dos (CVE-2026-8858). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56446 |
|
Code Injection in misp-project (CVE-2026-56446)
code injection in misp-project (CVE-2026-56446). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10561 |
|
Code Injection in langflow (CVE-2026-10561)
code injection in langflow (CVE-2026-10561). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12822 |
|
Vulnerability in langflow (CVE-2026-12822)
vulnerability in langflow (CVE-2026-12822). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56382 |
|
Code Injection in CVE-2026-56382 (CVE-2026-56382)
code injection in CVE-2026-56382 (CVE-2026-56382). Successful exploitation can lead to full system takeover.
|
| CVE-2022-50972 |
|
Code Injection in CVE-2022-50972 (CVE-2022-50972)
code injection in CVE-2022-50972 (CVE-2022-50972). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25470 |
|
Code Injection in wordpress (CVE-2026-25470)
code injection in wordpress (CVE-2026-25470). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46851 |
|
Code Injection in c (CVE-2026-46851)
code injection in c (CVE-2026-46851). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46850 |
|
Code Injection in c (CVE-2026-46850)
code injection in c (CVE-2026-46850). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48519 |
|
Code Injection in langflow (CVE-2026-48519)
code injection in langflow (CVE-2026-48519). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.9.2` or later.
|
| CVE-2026-12176 |
|
Cross-Site Scripting (XSS) in CVE-2026-12176 (CVE-2026-12176)
cross-site scripting in CVE-2026-12176 (CVE-2026-12176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54133 |
|
Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
|
| CVE-2026-50223 |
|
Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45558 |
|
Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
|
| CVE-2026-47906 |
|
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
|