Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12560 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12560)
cross-site scripting in wordpress (CVE-2026-12560). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12349 |
|
Vulnerability in c (CVE-2026-12349)
vulnerability in c (CVE-2026-12349). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11367 |
|
Path Traversal in wordpress (CVE-2026-11367)
path traversal in wordpress (CVE-2026-11367). Confidential information can be exposed externally.
|
| CVE-2026-12073 |
|
Vulnerability in wordpress (CVE-2026-12073)
vulnerability in wordpress (CVE-2026-12073). Successful exploitation can lead to full system takeover. Exploitable via ``user_login``.
|
| CVE-2026-12114 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12114)
cross-site scripting in wordpress (CVE-2026-12114). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55957 |
|
Vulnerability in apache (CVE-2026-55957)
vulnerability in apache (CVE-2026-55957). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55276 |
|
Vulnerability in apache (CVE-2026-55276)
vulnerability in apache (CVE-2026-55276). Confidential information can be exposed externally.
|
| CVE-2026-55956 |
|
Vulnerability in apache (CVE-2026-55956)
vulnerability in apache (CVE-2026-55956). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55955 |
|
Authentication Bypass in apache (CVE-2026-55955)
authentication bypass in apache (CVE-2026-55955). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53434 |
|
Vulnerability in apache (CVE-2026-53434)
vulnerability in apache (CVE-2026-53434). Confidential information can be exposed externally.
|
| CVE-2026-50229 |
|
Vulnerability in apache (CVE-2026-50229)
vulnerability in apache (CVE-2026-50229). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53404 |
|
Vulnerability in apache (CVE-2026-53404)
vulnerability in apache (CVE-2026-53404). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57958 |
|
Cross-Site Scripting (XSS) in laravel (CVE-2026-57958)
cross-site scripting in laravel (CVE-2026-57958). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57950 |
|
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
|
| CVE-2026-57949 |
|
Vulnerability in vue (CVE-2026-57949)
vulnerability in vue (CVE-2026-57949). Confidential information can be exposed externally. Exploitable via `GET /admin-api/crm/follow-up-record/get`.
|
| CVE-2026-36848 |
|
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
|
| CVE-2026-9676 |
|
Vulnerability in wordpress (CVE-2026-9676)
vulnerability in wordpress (CVE-2026-9676). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10083 |
|
Vulnerability in wordpress (CVE-2026-10083)
vulnerability in wordpress (CVE-2026-10083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13528 |
|
Path Traversal in vue (CVE-2026-13528)
path traversal in vue (CVE-2026-13528). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8095 |
|
Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
|
| CVE-2026-11597 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11597)
cross-site scripting in wordpress (CVE-2026-11597). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3462 |
|
Vulnerability in wordpress (CVE-2026-3462)
vulnerability in wordpress (CVE-2026-3462). Data can be tampered with by attackers.
|
| CVE-2026-12432 |
|
Vulnerability in wordpress (CVE-2026-12432)
vulnerability in wordpress (CVE-2026-12432). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9233 |
|
Vulnerability in wordpress (CVE-2026-9233)
vulnerability in wordpress (CVE-2026-9233). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11987 |
|
Vulnerability in wordpress (CVE-2026-11987)
vulnerability in wordpress (CVE-2026-11987). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12471 |
|
Vulnerability in wordpress (CVE-2026-12471)
vulnerability in wordpress (CVE-2026-12471). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9242 |
|
Vulnerability in wordpress (CVE-2026-9242)
vulnerability in wordpress (CVE-2026-9242). Risk of unauthorized operations or information disclosure. Exploitable via ``callback``.
|
| CVE-2026-12399 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12399)
cross-site scripting in wordpress (CVE-2026-12399). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11783 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11783)
cross-site scripting in wordpress (CVE-2026-11783). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11773 |
|
Vulnerability in wordpress (CVE-2026-11773)
vulnerability in wordpress (CVE-2026-11773). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13295 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13295)
cross-site scripting in wordpress (CVE-2026-13295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11364 |
|
Vulnerability in wordpress (CVE-2026-11364)
vulnerability in wordpress (CVE-2026-11364). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9677 |
|
Vulnerability in wordpress (CVE-2026-9677)
vulnerability in wordpress (CVE-2026-9677). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12404 |
|
Vulnerability in wordpress (CVE-2026-12404)
vulnerability in wordpress (CVE-2026-12404). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13245 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13245)
cross-site scripting in wordpress (CVE-2026-13245). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10820 |
|
Vulnerability in wordpress (CVE-2026-10820)
vulnerability in wordpress (CVE-2026-10820). Data can be tampered with by attackers.
|
| CVE-2026-12415 |
|
Privilege Escalation in wordpress (CVE-2026-12415)
vulnerability in wordpress (CVE-2026-12415). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13422 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-13422)
vulnerability in wordpress (CVE-2026-13422). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13333 |
|
SQL Injection in wordpress (CVE-2026-13333)
SQL injection in wordpress (CVE-2026-13333). Confidential information can be exposed externally.
|
| CVE-2026-13331 |
|
SQL Injection in wordpress (CVE-2026-13331)
SQL injection in wordpress (CVE-2026-13331). Confidential information can be exposed externally.
|
| CVE-2026-13335 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13335)
cross-site scripting in wordpress (CVE-2026-13335). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11356 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11356)
cross-site scripting in wordpress (CVE-2026-11356). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52783 |
|
Vulnerability in rails (CVE-2026-52783)
vulnerability in rails (CVE-2026-52783). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
|
| CVE-2026-46386 |
|
Unsafe Deserialization in rails (CVE-2026-46386)
vulnerability in rails (CVE-2026-46386). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56011 |
|
Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
|
| CVE-2025-68063 |
|
Vulnerability in wordpress (CVE-2025-68063)
vulnerability in wordpress (CVE-2025-68063). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64152 |
|
Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
|
| CVE-2026-57915 |
|
Vulnerability in apache (CVE-2026-57915)
vulnerability in apache (CVE-2026-57915). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55017 |
|
Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
|
| CVE-2026-57914 |
|
Vulnerability in apache (CVE-2026-57914)
vulnerability in apache (CVE-2026-57914). Risk of unauthorized operations or information disclosure.
|