Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-94 Clear
ID Title
CVE-2026-43921 Code Injection in CVE-2026-43921 (CVE-2026-43921)
code injection in CVE-2026-43921 (CVE-2026-43921). Risk of unauthorized operations or information disclosure. Exploitable via ``config.php``.
CVE-2026-14791 Cross-Site Scripting (XSS) in CVE-2026-14791 (CVE-2026-14791)
cross-site scripting in CVE-2026-14791 (CVE-2026-14791). Risk of unauthorized operations or information disclosure.
CVE-2026-14752 Cross-Site Scripting (XSS) in CVE-2026-14752 (CVE-2026-14752)
cross-site scripting in CVE-2026-14752 (CVE-2026-14752). Risk of unauthorized operations or information disclosure.
CVE-2026-14749 Vulnerability in CVE-2026-14749 (CVE-2026-14749)
vulnerability in CVE-2026-14749 (CVE-2026-14749). Risk of unauthorized operations or information disclosure.
CVE-2026-14691 Vulnerability in CVE-2026-14691 (CVE-2026-14691)
vulnerability in CVE-2026-14691 (CVE-2026-14691). Risk of unauthorized operations or information disclosure.
CVE-2026-14656 Cross-Site Scripting (XSS) in CVE-2026-14656 (CVE-2026-14656)
cross-site scripting in CVE-2026-14656 (CVE-2026-14656). Risk of unauthorized operations or information disclosure.
CVE-2026-14655 Cross-Site Scripting (XSS) in CVE-2026-14655 (CVE-2026-14655)
cross-site scripting in CVE-2026-14655 (CVE-2026-14655). Risk of unauthorized operations or information disclosure.
CVE-2026-14634 Cross-Site Scripting (XSS) in CVE-2026-14634 (CVE-2026-14634)
cross-site scripting in CVE-2026-14634 (CVE-2026-14634). Risk of unauthorized operations or information disclosure.
CVE-2026-14633 Cross-Site Scripting (XSS) in CVE-2026-14633 (CVE-2026-14633)
cross-site scripting in CVE-2026-14633 (CVE-2026-14633). Risk of unauthorized operations or information disclosure.
CVE-2026-12252 Code Injection in nltk (CVE-2026-12252)
code injection in nltk (CVE-2026-12252). Successful exploitation can lead to full system takeover.
CVE-2026-11778 Code Injection in wordpress (CVE-2026-11778)
code injection in wordpress (CVE-2026-11778). Risk of unauthorized operations or information disclosure.
CVE-2026-14407 Code Injection in google (CVE-2026-14407)
code injection in google (CVE-2026-14407). Successful exploitation can lead to full system takeover.
CVE-2026-14383 Code Injection in google (CVE-2026-14383)
code injection in google (CVE-2026-14383). Successful exploitation can lead to full system takeover.
CVE-2026-8857 Code Injection in CVE-2026-8857 (CVE-2026-8857)
code injection in CVE-2026-8857 (CVE-2026-8857). Risk of unauthorized operations or information disclosure.
CVE-2026-58025 Code Injection in deserialization (CVE-2026-58025)
code injection in deserialization (CVE-2026-58025). Risk of unauthorized operations or information disclosure.
CVE-2026-24249 Code Injection in deserialization (CVE-2026-24249)
code injection in deserialization (CVE-2026-24249). Successful exploitation can lead to full system takeover.
CVE-2026-24248 Code Injection in nvidia (CVE-2026-24248)
code injection in nvidia (CVE-2026-24248). Successful exploitation can lead to full system takeover.
CVE-2026-7873 Code Injection in langflow (CVE-2026-7873)
code injection in langflow (CVE-2026-7873). Successful exploitation can lead to full system takeover.
CVE-2026-58138 Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
CVE-2026-10134 Code Injection in langflow (CVE-2026-10134)
code injection in langflow (CVE-2026-10134). Successful exploitation can lead to full system takeover. Exploitable via ``tool_code``.
CVE-2026-10109 Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
CVE-2026-37637 Code Injection in CVE-2026-37637 (CVE-2026-37637)
code injection in CVE-2026-37637 (CVE-2026-37637). Confidential information can be exposed externally.
CVE-2026-13570 Cross-Site Scripting (XSS) in CVE-2026-13570 (CVE-2026-13570)
cross-site scripting in CVE-2026-13570 (CVE-2026-13570). Risk of unauthorized operations or information disclosure.
CVE-2026-13567 Cross-Site Scripting (XSS) in CVE-2026-13567 (CVE-2026-13567)
cross-site scripting in CVE-2026-13567 (CVE-2026-13567). Risk of unauthorized operations or information disclosure.
CVE-2026-13557 Cross-Site Scripting (XSS) in CVE-2026-13557 (CVE-2026-13557)
cross-site scripting in CVE-2026-13557 (CVE-2026-13557). Risk of unauthorized operations or information disclosure.
CVE-2026-13556 Cross-Site Scripting (XSS) in CVE-2026-13556 (CVE-2026-13556)
cross-site scripting in CVE-2026-13556 (CVE-2026-13556). Risk of unauthorized operations or information disclosure.
CVE-2026-13554 Cross-Site Scripting (XSS) in CVE-2026-13554 (CVE-2026-13554)
cross-site scripting in CVE-2026-13554 (CVE-2026-13554). Risk of unauthorized operations or information disclosure.
CVE-2026-13504 Cross-Site Scripting (XSS) in CVE-2026-13504 (CVE-2026-13504)
cross-site scripting in CVE-2026-13504 (CVE-2026-13504). Risk of unauthorized operations or information disclosure.
CVE-2026-13500 Vulnerability in CVE-2026-13500 (CVE-2026-13500)
vulnerability in CVE-2026-13500 (CVE-2026-13500). Risk of unauthorized operations or information disclosure.
CVE-2026-13499 Cross-Site Scripting (XSS) in CVE-2026-13499 (CVE-2026-13499)
cross-site scripting in CVE-2026-13499 (CVE-2026-13499). Risk of unauthorized operations or information disclosure.
CVE-2026-1606 Code Injection in gitlab (CVE-2026-1606)
code injection in gitlab (CVE-2026-1606). Risk of unauthorized operations or information disclosure.
CVE-2026-12242 Code Injection in wordpress (CVE-2026-12242)
code injection in wordpress (CVE-2026-12242). Successful exploitation can lead to full system takeover.
CVE-2026-44959 Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.
CVE-2026-34916 Code Injection in CVE-2026-34916 (CVE-2026-34916)
code injection in CVE-2026-34916 (CVE-2026-34916). Successful exploitation can lead to full system takeover.
CVE-2026-9072 Code Injection in dos (CVE-2026-9072)
code injection in dos (CVE-2026-9072). Successful exploitation can lead to full system takeover.
CVE-2026-8858 Code Injection in dos (CVE-2026-8858)
code injection in dos (CVE-2026-8858). Successful exploitation can lead to full system takeover.
CVE-2026-56446 Code Injection in misp-project (CVE-2026-56446)
code injection in misp-project (CVE-2026-56446). Successful exploitation can lead to full system takeover.
CVE-2026-10561 Code Injection in langflow (CVE-2026-10561)
code injection in langflow (CVE-2026-10561). Successful exploitation can lead to full system takeover.
CVE-2026-12822 Vulnerability in langflow (CVE-2026-12822)
vulnerability in langflow (CVE-2026-12822). Risk of unauthorized operations or information disclosure.
CVE-2026-56382 Code Injection in CVE-2026-56382 (CVE-2026-56382)
code injection in CVE-2026-56382 (CVE-2026-56382). Successful exploitation can lead to full system takeover.
CVE-2022-50972 Code Injection in CVE-2022-50972 (CVE-2022-50972)
code injection in CVE-2022-50972 (CVE-2022-50972). Successful exploitation can lead to full system takeover.
CVE-2026-25470 Code Injection in wordpress (CVE-2026-25470)
code injection in wordpress (CVE-2026-25470). Successful exploitation can lead to full system takeover.
CVE-2026-46851 Code Injection in c (CVE-2026-46851)
code injection in c (CVE-2026-46851). Successful exploitation can lead to full system takeover.
CVE-2026-46850 Code Injection in c (CVE-2026-46850)
code injection in c (CVE-2026-46850). Successful exploitation can lead to full system takeover.
CVE-2026-48519 Code Injection in langflow (CVE-2026-48519)
code injection in langflow (CVE-2026-48519). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.9.2` or later.
CVE-2026-12176 Cross-Site Scripting (XSS) in CVE-2026-12176 (CVE-2026-12176)
cross-site scripting in CVE-2026-12176 (CVE-2026-12176). Risk of unauthorized operations or information disclosure.
CVE-2026-54133 Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
CVE-2026-50223 Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
CVE-2026-45558 Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
CVE-2026-47906 Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →