Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: rce Clear
ID Title
CVE-2026-58654 Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-58480 Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
CVE-2026-12378 Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
CVE-2026-14489 Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
CVE-2026-14487 Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
CVE-2026-14158 Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
CVE-2026-23698 Unrestricted File Upload in apache (CVE-2026-23698)
vulnerability in apache (CVE-2026-23698). Successful exploitation can lead to full system takeover.
CVE-2026-23697 Unrestricted File Upload in apache (CVE-2026-23697)
vulnerability in apache (CVE-2026-23697). Successful exploitation can lead to full system takeover.
CVE-2026-6101 Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
CVE-2026-33264 Unsafe Deserialization in apache (CVE-2026-33264)
vulnerability in apache (CVE-2026-33264). Successful exploitation can lead to full system takeover.
CVE-2026-14345 Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
CVE-2026-4375 Vulnerability in wordpress (CVE-2026-4375)
vulnerability in wordpress (CVE-2026-4375). Successful exploitation can lead to full system takeover.
CVE-2026-43825 Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
CVE-2026-53913 Authentication Bypass in apache (CVE-2026-53913)
authentication bypass in apache (CVE-2026-53913). Successful exploitation can lead to full system takeover.
CVE-2026-40859 Unsafe Deserialization in apache (CVE-2026-40859)
vulnerability in apache (CVE-2026-40859). Successful exploitation can lead to full system takeover.
CVE-2026-43865 Unsafe Deserialization in csharp (CVE-2026-43865)
vulnerability in csharp (CVE-2026-43865). Successful exploitation can lead to full system takeover.
CVE-2026-11962 Vulnerability in wordpress (CVE-2026-11962)
vulnerability in wordpress (CVE-2026-11962). Successful exploitation can lead to full system takeover.
CVE-2026-9725 Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
CVE-2026-7311 Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
CVE-2026-5524 Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
CVE-2026-9834 Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
CVE-2026-57277 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57275 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57271 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-57517 SQL Injection in sqli (CVE-2026-57517)
SQL injection in sqli (CVE-2026-57517). Successful exploitation can lead to full system takeover.
CVE-2026-13759 Unsafe Deserialization in ibm (CVE-2026-13759)
vulnerability in ibm (CVE-2026-13759). Successful exploitation can lead to full system takeover.
CVE-2026-13773 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
CVE-2026-10109 Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
CVE-2026-58138 Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
CVE-2026-53691 Unrestricted File Upload in CVE-2026-53691 (CVE-2026-53691)
vulnerability in CVE-2026-53691 (CVE-2026-53691). Risk of unauthorized operations or information disclosure.
CVE-2026-12240 Unsafe Deserialization in wordpress (CVE-2026-12240)
vulnerability in wordpress (CVE-2026-12240). Successful exploitation can lead to full system takeover.
CVE-2026-40521 Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2025-71336 OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
CVE-2025-71334 Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
CVE-2025-71338 Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
CVE-2025-71333 Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
CVE-2026-41120 Vulnerability in dell (CVE-2026-41120)
vulnerability in dell (CVE-2026-41120). Successful exploitation can lead to full system takeover.
CVE-2026-49506 Path Traversal in path-traversal (CVE-2026-49506)
path traversal in path-traversal (CVE-2026-49506). Successful exploitation can lead to full system takeover.
CVE-2026-9784 SQL Injection in sqli (CVE-2026-9784)
SQL injection in sqli (CVE-2026-9784). Successful exploitation can lead to full system takeover.
CVE-2026-9787 OS Command Injection in quest (CVE-2026-9787)
OS command injection in quest (CVE-2026-9787). Successful exploitation can lead to full system takeover.
CVE-2026-9785 SQL Injection in sqli (CVE-2026-9785)
SQL injection in sqli (CVE-2026-9785). Successful exploitation can lead to full system takeover.
CVE-2026-9786 SQL Injection in sqli (CVE-2026-9786)
SQL injection in sqli (CVE-2026-9786). Successful exploitation can lead to full system takeover.
CVE-2026-9783 SQL Injection in sqli (CVE-2026-9783)
SQL injection in sqli (CVE-2026-9783). Successful exploitation can lead to full system takeover.
CVE-2026-9773 OS Command Injection in unraid (CVE-2026-9773)
OS command injection in unraid (CVE-2026-9773). Successful exploitation can lead to full system takeover.
CVE-2026-9781 SQL Injection in sqli (CVE-2026-9781)
SQL injection in sqli (CVE-2026-9781). Successful exploitation can lead to full system takeover.
CVE-2026-9782 SQL Injection in sqli (CVE-2026-9782)
SQL injection in sqli (CVE-2026-9782). Successful exploitation can lead to full system takeover.
CVE-2026-7570 SQL Injection in sqli (CVE-2026-7570)
SQL injection in sqli (CVE-2026-7570). Successful exploitation can lead to full system takeover.
CVE-2026-9772 OS Command Injection in unraid (CVE-2026-9772)
OS command injection in unraid (CVE-2026-9772). Successful exploitation can lead to full system takeover.
CVE-2026-9072 Code Injection in dos (CVE-2026-9072)
code injection in dos (CVE-2026-9072). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →