Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-14250 |
|
Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-54998 |
|
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
|
| CVE-2026-13228 |
|
Privilege Escalation in wordpress (CVE-2026-13228)
vulnerability in wordpress (CVE-2026-13228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11387 |
|
Authentication Bypass in wordpress (CVE-2026-11387)
authentication bypass in wordpress (CVE-2026-11387). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12224 |
|
Privilege Escalation in wordpress (CVE-2026-12224)
vulnerability in wordpress (CVE-2026-12224). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14124 |
|
Privilege Escalation in privilege-escalation (CVE-2026-14124)
vulnerability in privilege-escalation (CVE-2026-14124). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14115 |
|
Vulnerability in privilege-escalation (CVE-2026-14115)
vulnerability in privilege-escalation (CVE-2026-14115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14094 |
|
Use-After-Free in privilege-escalation (CVE-2026-14094)
vulnerability in privilege-escalation (CVE-2026-14094). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14078 |
|
Vulnerability in privilege-escalation (CVE-2026-14078)
vulnerability in privilege-escalation (CVE-2026-14078). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14036 |
|
Vulnerability in privilege-escalation (CVE-2026-14036)
vulnerability in privilege-escalation (CVE-2026-14036). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14041 |
|
Vulnerability in privilege-escalation (CVE-2026-14041)
vulnerability in privilege-escalation (CVE-2026-14041). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14060 |
|
Vulnerability in privilege-escalation (CVE-2026-14060)
vulnerability in privilege-escalation (CVE-2026-14060). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14018 |
|
Use-After-Free in privilege-escalation (CVE-2026-14018)
vulnerability in privilege-escalation (CVE-2026-14018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13927 |
|
Vulnerability in privilege-escalation (CVE-2026-13927)
vulnerability in privilege-escalation (CVE-2026-13927). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13928 |
|
Vulnerability in privilege-escalation (CVE-2026-13928)
vulnerability in privilege-escalation (CVE-2026-13928). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13891 |
|
Vulnerability in privilege-escalation (CVE-2026-13891)
vulnerability in privilege-escalation (CVE-2026-13891). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13903 |
|
Vulnerability in privilege-escalation (CVE-2026-13903)
vulnerability in privilege-escalation (CVE-2026-13903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13897 |
|
Vulnerability in privilege-escalation (CVE-2026-13897)
vulnerability in privilege-escalation (CVE-2026-13897). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13856 |
|
Vulnerability in privilege-escalation (CVE-2026-13856)
vulnerability in privilege-escalation (CVE-2026-13856). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13863 |
|
Vulnerability in privilege-escalation (CVE-2026-13863)
vulnerability in privilege-escalation (CVE-2026-13863). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13844 |
|
Use-After-Free in privilege-escalation (CVE-2026-13844)
vulnerability in privilege-escalation (CVE-2026-13844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13864 |
|
Vulnerability in privilege-escalation (CVE-2026-13864)
vulnerability in privilege-escalation (CVE-2026-13864). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13827 |
|
Use-After-Free in privilege-escalation (CVE-2026-13827)
vulnerability in privilege-escalation (CVE-2026-13827). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13824 |
|
Vulnerability in privilege-escalation (CVE-2026-13824)
vulnerability in privilege-escalation (CVE-2026-13824). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13800 |
|
Vulnerability in privilege-escalation (CVE-2026-13800)
vulnerability in privilege-escalation (CVE-2026-13800). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12073 |
|
Vulnerability in wordpress (CVE-2026-12073)
vulnerability in wordpress (CVE-2026-12073). Successful exploitation can lead to full system takeover. Exploitable via ``user_login``.
|
| CVE-2026-58054 |
|
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
|
| CVE-2026-12415 |
|
Privilege Escalation in wordpress (CVE-2026-12415)
vulnerability in wordpress (CVE-2026-12415). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46710 |
|
Vulnerability in privilege-escalation (CVE-2026-46710)
vulnerability in privilege-escalation (CVE-2026-46710). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6` or later.
|
| CVE-2026-57518 |
|
Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52943 |
|
Use-After-Free in privilege-escalation (CVE-2026-52943)
vulnerability in privilege-escalation (CVE-2026-52943). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4297 |
|
Vulnerability in wordpress (CVE-2026-4297)
vulnerability in wordpress (CVE-2026-4297). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12417 |
|
Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
|
| CVE-2026-11551 |
|
Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56142 |
|
Vulnerability in privilege-escalation (CVE-2026-56142)
vulnerability in privilege-escalation (CVE-2026-56142). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12449 |
|
Use-After-Free in privilege-escalation (CVE-2026-12449)
vulnerability in privilege-escalation (CVE-2026-12449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12448 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12448)
vulnerability in privilege-escalation (CVE-2026-12448). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12165 |
|
Privilege Escalation in wordpress (CVE-2026-12165)
vulnerability in wordpress (CVE-2026-12165). Successful exploitation can lead to full system takeover. Exploitable via ``RegistryUserRole``.
|
| CVE-2026-53849 |
|
OpenClaw: Discord allowFrom could bind to mutable display names
OpenClaw: Discord allowFrom could bind to mutable display names
|
| CVE-2026-53854 |
|
Authorization Flaw in openclaw (CVE-2026-53854)
vulnerability in openclaw (CVE-2026-53854). Data can be tampered with by attackers. Mitigation: upgrade to `2026.4.25` or later.
|
| CVE-2026-53847 |
|
Vulnerability in openclaw (CVE-2026-53847)
vulnerability in openclaw (CVE-2026-53847). Risk of unauthorized operations or information disclosure. Exploitable via ``operator.write``. Mitigation: upgrade to `2026.5.6` or later.
|
| CVE-2026-50656 |
|
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
|
| CVE-2026-12289 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12289)
vulnerability in privilege-escalation (CVE-2026-12289). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8176 |
|
Privilege Escalation in wordpress (CVE-2026-8176)
vulnerability in wordpress (CVE-2026-8176). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20084 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20084)
cross-site scripting in wordpress (CVE-2016-20084). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20070 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20070)
cross-site scripting in wordpress (CVE-2016-20070). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53823 |
|
Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
|
| CVE-2026-12018 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12018)
vulnerability in privilege-escalation (CVE-2026-12018). Successful exploitation can lead to full system takeover.
|