Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53480 |
|
Path Traversal in path-traversal (CVE-2026-53480)
path traversal in path-traversal (CVE-2026-53480). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58654 |
|
Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-53481 |
|
Path Traversal in path-traversal (CVE-2026-53481)
path traversal in path-traversal (CVE-2026-53481). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9181 |
|
Path Traversal in path-traversal (CVE-2026-9181)
path traversal in path-traversal (CVE-2026-9181). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40047 |
|
Vulnerability in apache (CVE-2026-40047)
vulnerability in apache (CVE-2026-40047). Confidential information can be exposed externally. Exploitable via ``docling``.
|
| CVE-2026-24014 |
|
Vulnerability in apache (CVE-2026-24014)
vulnerability in apache (CVE-2026-24014). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14636 |
|
Path Traversal in path-traversal (CVE-2026-14636)
path traversal in path-traversal (CVE-2026-14636). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14635 |
|
Path Traversal in path-traversal (CVE-2026-14635)
path traversal in path-traversal (CVE-2026-14635). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58522 |
|
Vulnerability in path-traversal (CVE-2026-58522)
vulnerability in path-traversal (CVE-2026-58522). Confidential information can be exposed externally.
|
| CVE-2026-58300 |
|
Vulnerability in path-traversal (CVE-2026-58300)
vulnerability in path-traversal (CVE-2026-58300). Confidential information can be exposed externally.
|
| CVE-2026-57988 |
|
Vulnerability in path-traversal (CVE-2026-57988)
vulnerability in path-traversal (CVE-2026-57988). Data can be tampered with by attackers.
|
| CVE-2026-41124 |
|
Path Traversal in path-traversal (CVE-2026-41124)
path traversal in path-traversal (CVE-2026-41124). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47896 |
|
Path Traversal in csharp (CVE-2026-47896)
path traversal in csharp (CVE-2026-47896). Confidential information can be exposed externally.
|
| CVE-2026-47897 |
|
Path Traversal in csharp (CVE-2026-47897)
path traversal in csharp (CVE-2026-47897). Data can be tampered with by attackers.
|
| CVE-2026-9725 |
|
Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
|
| CVE-2026-14352 |
|
Path Traversal in wordpress (CVE-2026-14352)
path traversal in wordpress (CVE-2026-14352). Confidential information can be exposed externally. Exploitable via `Referer header`.
|
| CVE-2026-14327 |
|
Path Traversal in wordpress (CVE-2026-14327)
path traversal in wordpress (CVE-2026-14327). Confidential information can be exposed externally.
|
| CVE-2026-58467 |
|
Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
|
| CVE-2026-13251 |
|
Path Traversal in wordpress (CVE-2026-13251)
path traversal in wordpress (CVE-2026-13251). Confidential information can be exposed externally.
|
| CVE-2026-58451 |
|
Path Traversal in csrf (CVE-2026-58451)
path traversal in csrf (CVE-2026-58451). Confidential information can be exposed externally.
|
| CVE-2026-6070 |
|
Vulnerability in wordpress (CVE-2026-6070)
vulnerability in wordpress (CVE-2026-6070). Data can be tampered with by attackers.
|
| CVE-2026-48314 |
|
Path Traversal in path-traversal (CVE-2026-48314)
path traversal in path-traversal (CVE-2026-48314). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48313 |
|
Path Traversal in path-traversal (CVE-2026-48313)
path traversal in path-traversal (CVE-2026-48313). Confidential information can be exposed externally.
|
| CVE-2026-48282 KEV |
|
[KEV] Path Traversal in Adobe path-traversal (CVE-2026-48282)
path traversal in Adobe path-traversal (CVE-2026-48282). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-11367 |
|
Path Traversal in wordpress (CVE-2026-11367)
path traversal in wordpress (CVE-2026-11367). Confidential information can be exposed externally.
|
| CVE-2026-11720 |
|
Path Traversal in path-traversal (CVE-2026-11720)
path traversal in path-traversal (CVE-2026-11720). Confidential information can be exposed externally.
|
| CVE-2026-40521 |
|
Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13528 |
|
Path Traversal in vue (CVE-2026-13528)
path traversal in vue (CVE-2026-13528). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13503 |
|
Path Traversal in path-traversal (CVE-2026-13503)
path traversal in path-traversal (CVE-2026-13503). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52884 |
|
Vulnerability in cpp (CVE-2026-52884)
vulnerability in cpp (CVE-2026-52884). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6.2` or later.
|
| CVE-2025-55017 |
|
Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
|
| CVE-2025-64152 |
|
Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
|
| CVE-2025-10268 |
|
Vulnerability in wordpress (CVE-2025-10268)
vulnerability in wordpress (CVE-2025-10268). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71338 |
|
Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71333 |
|
Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71324 |
|
Vulnerability in path-traversal (CVE-2025-71324)
vulnerability in path-traversal (CVE-2025-71324). Confidential information can be exposed externally.
|
| CVE-2026-40084 |
|
Path Traversal in path-traversal (CVE-2026-40084)
path traversal in path-traversal (CVE-2026-40084). Confidential information can be exposed externally.
|
| CVE-2026-45233 |
|
Path Traversal in path-traversal (CVE-2026-45233)
path traversal in path-traversal (CVE-2026-45233). Data can be tampered with by attackers.
|
| CVE-2026-49506 |
|
Path Traversal in path-traversal (CVE-2026-49506)
path traversal in path-traversal (CVE-2026-49506). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45188 |
|
Vulnerability in apache (CVE-2026-45188)
vulnerability in apache (CVE-2026-45188). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8662 |
|
Path Traversal in path-traversal (CVE-2026-8662)
path traversal in path-traversal (CVE-2026-8662). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39899 |
|
Path Traversal in path-traversal (CVE-2026-39899)
path traversal in path-traversal (CVE-2026-39899). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7547 |
|
Path Traversal in wordpress (CVE-2026-7547)
path traversal in wordpress (CVE-2026-7547). Confidential information can be exposed externally.
|
| CVE-2026-54414 |
|
Path Traversal in path-traversal (CVE-2026-54414)
path traversal in path-traversal (CVE-2026-54414). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.16.0` or later.
|
| CVE-2026-55760 |
|
Path Traversal in com.github.jknack:handlebars (CVE-2026-55760)
path traversal in com.github.jknack:handlebars (CVE-2026-55760). Confidential information can be exposed externally. Mitigation: upgrade to `4.5.2` or later.
|
| CVE-2026-50203 |
|
Path Traversal in apache-airflow-providers-sftp (CVE-2026-50203)
path traversal in apache-airflow-providers-sftp (CVE-2026-50203). Confidential information can be exposed externally. Exploitable via ``SFTPHook.retrieve_directory``. Mitigation: upgrade to `5.8.1` or later.
|
| CVE-2026-53865 |
|
Vulnerability in openclaw (CVE-2026-53865)
vulnerability in openclaw (CVE-2026-53865). Confidential information can be exposed externally. Exploitable via ``trash``. Mitigation: upgrade to `2026.5.2` or later.
|
| CVE-2026-53846 |
|
Vulnerability in openclaw (CVE-2026-53846)
vulnerability in openclaw (CVE-2026-53846). Confidential information can be exposed externally. Mitigation: upgrade to `2026.4.29` or later.
|
| CVE-2026-42867 |
|
Path Traversal in langflow (CVE-2026-42867)
path traversal in langflow (CVE-2026-42867). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/knowledge_bases`. Mitigation: upgrade to `1.9.0` or later.
|