Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-58654 |
|
Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2026-58480 |
|
Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12378 |
|
Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14489 |
|
Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14487 |
|
Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
|
| CVE-2026-14158 |
|
Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23698 |
|
Unrestricted File Upload in apache (CVE-2026-23698)
vulnerability in apache (CVE-2026-23698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23697 |
|
Unrestricted File Upload in apache (CVE-2026-23697)
vulnerability in apache (CVE-2026-23697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6101 |
|
Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33264 |
|
Unsafe Deserialization in apache (CVE-2026-33264)
vulnerability in apache (CVE-2026-33264). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14345 |
|
Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4375 |
|
Vulnerability in wordpress (CVE-2026-4375)
vulnerability in wordpress (CVE-2026-4375). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43825 |
|
Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53913 |
|
Authentication Bypass in apache (CVE-2026-53913)
authentication bypass in apache (CVE-2026-53913). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40859 |
|
Unsafe Deserialization in apache (CVE-2026-40859)
vulnerability in apache (CVE-2026-40859). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43865 |
|
Unsafe Deserialization in csharp (CVE-2026-43865)
vulnerability in csharp (CVE-2026-43865). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11962 |
|
Vulnerability in wordpress (CVE-2026-11962)
vulnerability in wordpress (CVE-2026-11962). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9725 |
|
Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
|
| CVE-2026-7311 |
|
Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9834 |
|
Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
|
| CVE-2026-57277 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57275 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57271 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-57517 |
|
SQL Injection in sqli (CVE-2026-57517)
SQL injection in sqli (CVE-2026-57517). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13759 |
|
Unsafe Deserialization in ibm (CVE-2026-13759)
vulnerability in ibm (CVE-2026-13759). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13773 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10109 |
|
Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58138 |
|
Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53691 |
|
Unrestricted File Upload in CVE-2026-53691 (CVE-2026-53691)
vulnerability in CVE-2026-53691 (CVE-2026-53691). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12240 |
|
Unsafe Deserialization in wordpress (CVE-2026-12240)
vulnerability in wordpress (CVE-2026-12240). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40521 |
|
Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57518 |
|
Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71336 |
|
OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71334 |
|
Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71338 |
|
Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71333 |
|
Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41120 |
|
Vulnerability in dell (CVE-2026-41120)
vulnerability in dell (CVE-2026-41120). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49506 |
|
Path Traversal in path-traversal (CVE-2026-49506)
path traversal in path-traversal (CVE-2026-49506). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9784 |
|
SQL Injection in sqli (CVE-2026-9784)
SQL injection in sqli (CVE-2026-9784). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9787 |
|
OS Command Injection in quest (CVE-2026-9787)
OS command injection in quest (CVE-2026-9787). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9785 |
|
SQL Injection in sqli (CVE-2026-9785)
SQL injection in sqli (CVE-2026-9785). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9786 |
|
SQL Injection in sqli (CVE-2026-9786)
SQL injection in sqli (CVE-2026-9786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9783 |
|
SQL Injection in sqli (CVE-2026-9783)
SQL injection in sqli (CVE-2026-9783). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9773 |
|
OS Command Injection in unraid (CVE-2026-9773)
OS command injection in unraid (CVE-2026-9773). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9781 |
|
SQL Injection in sqli (CVE-2026-9781)
SQL injection in sqli (CVE-2026-9781). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9782 |
|
SQL Injection in sqli (CVE-2026-9782)
SQL injection in sqli (CVE-2026-9782). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7570 |
|
SQL Injection in sqli (CVE-2026-7570)
SQL injection in sqli (CVE-2026-7570). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9772 |
|
OS Command Injection in unraid (CVE-2026-9772)
OS command injection in unraid (CVE-2026-9772). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9072 |
|
Code Injection in dos (CVE-2026-9072)
code injection in dos (CVE-2026-9072). Successful exploitation can lead to full system takeover.
|