Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2026-45212 Vulnerability in c (CVE-2026-45212)
vulnerability in c (CVE-2026-45212). Risk of unauthorized operations or information disclosure.
CVE-2026-45215 Vulnerability in wordpress (CVE-2026-45215)
vulnerability in wordpress (CVE-2026-45215). Risk of unauthorized operations or information disclosure.
CVE-2026-6800 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6800)
cross-site scripting in wordpress (CVE-2026-6800). Risk of unauthorized operations or information disclosure.
CVE-2026-6813 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6813)
cross-site scripting in wordpress (CVE-2026-6813). Risk of unauthorized operations or information disclosure.
CVE-2026-1934 Vulnerability in wordpress (CVE-2026-1934)
vulnerability in wordpress (CVE-2026-1934). Risk of unauthorized operations or information disclosure.
CVE-2026-7661 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7661)
cross-site scripting in wordpress (CVE-2026-7661). Risk of unauthorized operations or information disclosure. Exploitable via ``box``.
CVE-2026-6256 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6256)
cross-site scripting in wordpress (CVE-2026-6256). Risk of unauthorized operations or information disclosure.
CVE-2026-6690 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6690)
cross-site scripting in wordpress (CVE-2026-6690). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_nopriv_lp_update_mds``.
CVE-2026-6932 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6932)
vulnerability in wordpress (CVE-2026-6932). Risk of unauthorized operations or information disclosure.
CVE-2026-6708 Vulnerability in wordpress (CVE-2026-6708)
vulnerability in wordpress (CVE-2026-6708). Risk of unauthorized operations or information disclosure.
CVE-2026-6663 Vulnerability in wordpress (CVE-2026-6663)
vulnerability in wordpress (CVE-2026-6663). Risk of unauthorized operations or information disclosure.
CVE-2026-7437 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7437)
cross-site scripting in wordpress (CVE-2026-7437). Risk of unauthorized operations or information disclosure. Exploitable via ``editpos_hidden``.
CVE-2026-6710 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6710)
vulnerability in wordpress (CVE-2026-6710). Risk of unauthorized operations or information disclosure.
CVE-2026-7050 Vulnerability in wordpress (CVE-2026-7050)
vulnerability in wordpress (CVE-2026-7050). Risk of unauthorized operations or information disclosure.
CVE-2026-7562 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7562)
vulnerability in wordpress (CVE-2026-7562). Risk of unauthorized operations or information disclosure.
CVE-2026-6808 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6808)
cross-site scripting in wordpress (CVE-2026-6808). Risk of unauthorized operations or information disclosure.
CVE-2026-7616 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7616)
vulnerability in wordpress (CVE-2026-7616). Risk of unauthorized operations or information disclosure.
CVE-2026-7464 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7464)
cross-site scripting in wordpress (CVE-2026-7464). Risk of unauthorized operations or information disclosure. Exploitable via ``page``.
CVE-2026-6709 Vulnerability in wordpress (CVE-2026-6709)
vulnerability in wordpress (CVE-2026-6709). Risk of unauthorized operations or information disclosure.
CVE-2026-7626 Information Disclosure in wordpress (CVE-2026-7626)
vulnerability in wordpress (CVE-2026-7626). Risk of unauthorized operations or information disclosure.
CVE-2026-7561 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7561)
vulnerability in wordpress (CVE-2026-7561). Risk of unauthorized operations or information disclosure.
CVE-2026-7659 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7659)
cross-site scripting in wordpress (CVE-2026-7659). Risk of unauthorized operations or information disclosure. Exploitable via ``social``.
CVE-2026-6913 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6913)
cross-site scripting in wordpress (CVE-2026-6913). Risk of unauthorized operations or information disclosure.
CVE-2026-4859 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4859)
cross-site scripting in wordpress (CVE-2026-4859). Risk of unauthorized operations or information disclosure. Exploitable via ``wpsbd_post_carousel``.
CVE-2026-4920 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4920)
cross-site scripting in wordpress (CVE-2026-4920). Risk of unauthorized operations or information disclosure.
CVE-2026-4663 Vulnerability in wordpress (CVE-2026-4663)
vulnerability in wordpress (CVE-2026-4663). Risk of unauthorized operations or information disclosure.
CVE-2026-4301 Vulnerability in wordpress (CVE-2026-4301)
vulnerability in wordpress (CVE-2026-4301). Risk of unauthorized operations or information disclosure.
CVE-2026-5693 Vulnerability in wordpress (CVE-2026-5693)
vulnerability in wordpress (CVE-2026-5693). Risk of unauthorized operations or information disclosure.
CVE-2026-6237 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6237)
cross-site scripting in wordpress (CVE-2026-6237). Risk of unauthorized operations or information disclosure.
CVE-2026-5340 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5340)
cross-site scripting in wordpress (CVE-2026-5340). Risk of unauthorized operations or information disclosure.
CVE-2026-5715 Cross-Site Scripting (XSS) in wordpress (CVE-2026-5715)
cross-site scripting in wordpress (CVE-2026-5715). Risk of unauthorized operations or information disclosure.
CVE-2026-6247 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6247)
cross-site scripting in wordpress (CVE-2026-6247). Risk of unauthorized operations or information disclosure.
CVE-2026-5028 SQL Injection in wordpress (CVE-2026-5028)
SQL injection in wordpress (CVE-2026-5028). Confidential information can be exposed externally.
CVE-2026-2300 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2300)
cross-site scripting in wordpress (CVE-2026-2300). Risk of unauthorized operations or information disclosure. Exploitable via ``preg_replace``.
CVE-2026-3604 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3604)
cross-site scripting in wordpress (CVE-2026-3604). Risk of unauthorized operations or information disclosure. Exploitable via ``_kcseo_ative_tab``.
CVE-2026-2993 SQL Injection in wordpress (CVE-2026-2993)
SQL injection in wordpress (CVE-2026-2993). Confidential information can be exposed externally.
CVE-2026-43900 Cross-Site Scripting (XSS) in vue (CVE-2026-43900)
cross-site scripting in vue (CVE-2026-43900). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.4-beta.1` or later.
CVE-2026-42554 Cross-Site Scripting (XSS) in github.com/gofiber/fiber/v3 (CVE-2026-42554)
cross-site scripting in github.com/gofiber/fiber/v3 (CVE-2026-42554). Risk of unauthorized operations or information disclosure. Exploitable via ``DefaultRes.AutoFormat``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-42857 Cross-Site Scripting (XSS) in django (CVE-2026-42857)
cross-site scripting in django (CVE-2026-42857). Risk of unauthorized operations or information disclosure.
CVE-2026-45109 Vulnerability in next (CVE-2026-45109)
vulnerability in next (CVE-2026-45109). Confidential information can be exposed externally. Exploitable via ``middleware.ts``. Mitigation: upgrade to `16.2.6` or later.
CVE-2026-44643 Vulnerability in angular-expressions (CVE-2026-44643)
vulnerability in angular-expressions (CVE-2026-44643). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.2` or later.
CVE-2026-7820 Vulnerability in pgadmin4 (CVE-2026-7820)
vulnerability in pgadmin4 (CVE-2026-7820). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.15` or later.
CVE-2026-44572 Vulnerability in next (CVE-2026-44572)
vulnerability in next (CVE-2026-44572). Risk of unauthorized operations or information disclosure. Exploitable via ``Location``. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44483 Vulnerability in @rvf/set-get (CVE-2026-44483)
vulnerability in @rvf/set-get (CVE-2026-44483). Data can be tampered with by attackers. Exploitable via ``setPath``. Mitigation: upgrade to `6.0.4` or later.
CVE-2026-44581 Cross-Site Scripting (XSS) in next (CVE-2026-44581)
cross-site scripting in next (CVE-2026-44581). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44582 Vulnerability in next (CVE-2026-44582)
vulnerability in next (CVE-2026-44582). Risk of unauthorized operations or information disclosure. Exploitable via ``_rsc``. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44580 Cross-Site Scripting (XSS) in next (CVE-2026-44580)
cross-site scripting in next (CVE-2026-44580). Risk of unauthorized operations or information disclosure. Exploitable via ``beforeInteractive``. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44579 Vulnerability in next (CVE-2026-44579)
vulnerability in next (CVE-2026-44579). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44577 Vulnerability in next (CVE-2026-44577)
vulnerability in next (CVE-2026-44577). Risk of unauthorized operations or information disclosure. Exploitable via ``images.localPatterns``. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44578 SSRF (Server-Side Request Forgery) in next (CVE-2026-44578)
SSRF in next (CVE-2026-44578). Confidential information can be exposed externally. Mitigation: upgrade to `16.2.5` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →