Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2026-12119 Vulnerability in wordpress (CVE-2026-12119)
vulnerability in wordpress (CVE-2026-12119). Data can be tampered with by attackers.
CVE-2026-11912 Vulnerability in wordpress (CVE-2026-11912)
vulnerability in wordpress (CVE-2026-11912). Data can be tampered with by attackers.
CVE-2026-11911 Path Traversal in wordpress (CVE-2026-11911)
path traversal in wordpress (CVE-2026-11911). Confidential information can be exposed externally.
CVE-2026-9843 Path Traversal in wordpress (CVE-2026-9843)
path traversal in wordpress (CVE-2026-9843). Data can be tampered with by attackers.
CVE-2026-11551 Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
CVE-2026-12238 Vulnerability in wordpress (CVE-2026-12238)
vulnerability in wordpress (CVE-2026-12238). Risk of unauthorized operations or information disclosure.
CVE-2026-54762 Vulnerability in github.com/traefik/traefik/v3 (CVE-2026-54762)
vulnerability in github.com/traefik/traefik/v3 (CVE-2026-54762). Confidential information can be exposed externally. Exploitable via ``digest``. Mitigation: upgrade to `3.7.5` or later.
CVE-2026-48787 OS Command Injection in vue (CVE-2026-48787)
OS command injection in vue (CVE-2026-48787). Risk of unauthorized operations or information disclosure. Exploitable via `POST /autoCode/addFunc`.
CVE-2026-49288 Information Disclosure in statamic/cms (CVE-2026-49288)
vulnerability in statamic/cms (CVE-2026-49288). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.73.23` or later.
CVE-2026-49287 Vulnerability in statamic/cms (CVE-2026-49287)
vulnerability in statamic/cms (CVE-2026-49287). Data can be tampered with by attackers. Mitigation: upgrade to `5.73.23` or later.
CVE-2026-49260 OS Command Injection in pontedilana/php-weasyprint (CVE-2026-49260)
OS command injection in pontedilana/php-weasyprint (CVE-2026-49260). Successful exploitation can lead to full system takeover. Exploitable via ``master``. Mitigation: upgrade to `2.5.1` or later.
CVE-2026-49230 Vulnerability in apache (CVE-2026-49230)
vulnerability in apache (CVE-2026-49230). Confidential information can be exposed externally.
CVE-2026-49231 Vulnerability in apache (CVE-2026-49231)
vulnerability in apache (CVE-2026-49231). Risk of unauthorized operations or information disclosure.
CVE-2026-48895 Open Redirect in apache (CVE-2026-48895)
vulnerability in apache (CVE-2026-48895). Risk of unauthorized operations or information disclosure.
CVE-2026-49871 Cross-Site Request Forgery (CSRF) in apache (CVE-2026-49871)
vulnerability in apache (CVE-2026-49871). Confidential information can be exposed externally.
CVE-2026-49872 Authentication Bypass in apache (CVE-2026-49872)
authentication bypass in apache (CVE-2026-49872). Confidential information can be exposed externally.
CVE-2026-39998 Vulnerability in apache (CVE-2026-39998)
vulnerability in apache (CVE-2026-39998). Successful exploitation can lead to full system takeover.
CVE-2026-44046 Vulnerability in apache (CVE-2026-44046)
vulnerability in apache (CVE-2026-44046). Risk of unauthorized operations or information disclosure.
CVE-2026-44915 Open Redirect in apache (CVE-2026-44915)
vulnerability in apache (CVE-2026-44915). Risk of unauthorized operations or information disclosure.
CVE-2026-47339 Authorization Flaw in apache (CVE-2026-47339)
vulnerability in apache (CVE-2026-47339). Confidential information can be exposed externally.
CVE-2026-39999 Vulnerability in apache (CVE-2026-39999)
vulnerability in apache (CVE-2026-39999). Confidential information can be exposed externally.
CVE-2026-47341 Vulnerability in apache (CVE-2026-47341)
vulnerability in apache (CVE-2026-47341). Risk of unauthorized operations or information disclosure.
CVE-2026-44087 Vulnerability in apache (CVE-2026-44087)
vulnerability in apache (CVE-2026-44087). Confidential information can be exposed externally.
CVE-2026-6798 Vulnerability in wordpress (CVE-2026-6798)
vulnerability in wordpress (CVE-2026-6798). Risk of unauthorized operations or information disclosure.
CVE-2026-3640 Vulnerability in wordpress (CVE-2026-3640)
vulnerability in wordpress (CVE-2026-3640). Risk of unauthorized operations or information disclosure.
CVE-2026-9822 Vulnerability in wordpress (CVE-2026-9822)
vulnerability in wordpress (CVE-2026-9822). Confidential information can be exposed externally.
CVE-2026-9013 Vulnerability in wordpress (CVE-2026-9013)
vulnerability in wordpress (CVE-2026-9013). Risk of unauthorized operations or information disclosure.
CVE-2026-8713 Path Traversal in wordpress (CVE-2026-8713)
path traversal in wordpress (CVE-2026-8713). Data can be tampered with by attackers.
CVE-2026-7547 Path Traversal in wordpress (CVE-2026-7547)
path traversal in wordpress (CVE-2026-7547). Confidential information can be exposed externally.
CVE-2026-4328 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-4328)
SSRF in wordpress (CVE-2026-4328). Risk of unauthorized operations or information disclosure.
CVE-2026-8118 Vulnerability in wordpress (CVE-2026-8118)
vulnerability in wordpress (CVE-2026-8118). Confidential information can be exposed externally.
CVE-2026-12430 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12430)
cross-site scripting in wordpress (CVE-2026-12430). Risk of unauthorized operations or information disclosure.
CVE-2026-7515 Vulnerability in wordpress (CVE-2026-7515)
vulnerability in wordpress (CVE-2026-7515). Successful exploitation can lead to full system takeover. Exploitable via ``doc_style``.
CVE-2026-1856 Cross-Site Scripting (XSS) in wordpress (CVE-2026-1856)
cross-site scripting in wordpress (CVE-2026-1856). Risk of unauthorized operations or information disclosure.
CVE-2026-12157 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12157)
cross-site scripting in wordpress (CVE-2026-12157). Risk of unauthorized operations or information disclosure.
CVE-2026-11989 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11989)
SSRF in wordpress (CVE-2026-11989). Risk of unauthorized operations or information disclosure.
CVE-2026-10034 Vulnerability in wordpress (CVE-2026-10034)
vulnerability in wordpress (CVE-2026-10034). Risk of unauthorized operations or information disclosure.
CVE-2026-10779 Vulnerability in wordpress (CVE-2026-10779)
vulnerability in wordpress (CVE-2026-10779). Risk of unauthorized operations or information disclosure.
CVE-2026-11775 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11775)
vulnerability in wordpress (CVE-2026-11775). Risk of unauthorized operations or information disclosure.
CVE-2026-12048 Cross-Site Scripting (XSS) in react (CVE-2026-12048)
cross-site scripting in react (CVE-2026-12048). Confidential information can be exposed externally.
CVE-2026-12047 Cross-Site Scripting (XSS) in react (CVE-2026-12047)
cross-site scripting in react (CVE-2026-12047). Risk of unauthorized operations or information disclosure.
CVE-2026-12046 Vulnerability in flask (CVE-2026-12046)
vulnerability in flask (CVE-2026-12046). Successful exploitation can lead to full system takeover. Exploitable via `DELETE /sqleditor/close/`.
CVE-2026-49257 Vulnerability in mcp-pinot-server (CVE-2026-49257)
vulnerability in mcp-pinot-server (CVE-2026-49257). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`. Mitigation: upgrade to `3.1.0` or later.
CVE-2026-42490 Vulnerability in flask (CVE-2026-42490)
vulnerability in flask (CVE-2026-42490). Risk of unauthorized operations or information disclosure.
CVE-2026-42489 Vulnerability in flask (CVE-2026-42489)
vulnerability in flask (CVE-2026-42489). Risk of unauthorized operations or information disclosure.
CVE-2026-2021 Cross-Site Scripting (XSS) in wordpress (CVE-2026-2021)
cross-site scripting in wordpress (CVE-2026-2021). Risk of unauthorized operations or information disclosure.
CVE-2026-8039 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8039)
cross-site scripting in wordpress (CVE-2026-8039). Risk of unauthorized operations or information disclosure.
CVE-2026-9815 Vulnerability in wordpress (CVE-2026-9815)
vulnerability in wordpress (CVE-2026-9815). Risk of unauthorized operations or information disclosure.
CVE-2026-12111 Information Disclosure in wordpress (CVE-2026-12111)
vulnerability in wordpress (CVE-2026-12111). Risk of unauthorized operations or information disclosure.
CVE-2026-12137 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12137)
cross-site scripting in wordpress (CVE-2026-12137). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →