Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54652 |
|
Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
|
| CVE-2026-6820 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5356 |
|
Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
|
| CVE-2026-6854 |
|
SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
|
| CVE-2026-6818 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6230 |
|
SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
|
| CVE-2026-3688 |
|
Vulnerability in wordpress (CVE-2026-3688)
vulnerability in wordpress (CVE-2026-3688). Data can be tampered with by attackers.
|
| CVE-2026-12378 |
|
Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14489 |
|
Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14495 |
|
Vulnerability in wordpress (CVE-2026-14495)
vulnerability in wordpress (CVE-2026-14495). Successful exploitation can lead to full system takeover. Exploitable via ``init``.
|
| CVE-2026-9700 |
|
SQL Injection in wordpress (CVE-2026-9700)
SQL injection in wordpress (CVE-2026-9700). Confidential information can be exposed externally.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-14158 |
|
Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49471 |
|
Vulnerability in serena-agent (CVE-2026-49471)
vulnerability in serena-agent (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`. Mitigation: upgrade to `1.5.2` or later.
|
| CVE-2026-23698 |
|
Unrestricted File Upload in apache (CVE-2026-23698)
vulnerability in apache (CVE-2026-23698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23697 |
|
Unrestricted File Upload in apache (CVE-2026-23697)
vulnerability in apache (CVE-2026-23697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6101 |
|
Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12277 |
|
Vulnerability in wordpress (CVE-2026-12277)
vulnerability in wordpress (CVE-2026-12277). Data can be tampered with by attackers.
|
| CVE-2026-43825 |
|
Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46587 |
|
Vulnerability in apache (CVE-2026-46587)
vulnerability in apache (CVE-2026-46587). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46588 |
|
Vulnerability in apache (CVE-2026-46588)
vulnerability in apache (CVE-2026-46588). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49042 |
|
Vulnerability in apache (CVE-2026-49042)
vulnerability in apache (CVE-2026-49042). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49297 |
|
Path Traversal in apache (CVE-2026-49297)
path traversal in apache (CVE-2026-49297). Data can be tampered with by attackers. Exploitable via ``GCSToSFTPOperator``.
|
| CVE-2026-55994 |
|
Vulnerability in apache (CVE-2026-55994)
vulnerability in apache (CVE-2026-55994). Confidential information can be exposed externally.
|
| CVE-2026-55993 |
|
Vulnerability in apache (CVE-2026-55993)
vulnerability in apache (CVE-2026-55993). Confidential information can be exposed externally.
|
| CVE-2026-46591 |
|
Vulnerability in apache (CVE-2026-46591)
vulnerability in apache (CVE-2026-46591). Data can be tampered with by attackers.
|
| CVE-2026-46585 |
|
Vulnerability in apache (CVE-2026-46585)
vulnerability in apache (CVE-2026-46585). Confidential information can be exposed externally.
|
| CVE-2026-46726 |
|
Vulnerability in apache (CVE-2026-46726)
vulnerability in apache (CVE-2026-46726). Confidential information can be exposed externally.
|
| CVE-2026-46592 |
|
Vulnerability in apache (CVE-2026-46592)
vulnerability in apache (CVE-2026-46592). Confidential information can be exposed externally.
|
| CVE-2026-46590 |
|
Unsafe Deserialization in apache (CVE-2026-46590)
vulnerability in apache (CVE-2026-46590). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42527 |
|
Unsafe Deserialization in csharp (CVE-2026-42527)
vulnerability in csharp (CVE-2026-42527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43866 |
|
Unsafe Deserialization in apache (CVE-2026-43866)
vulnerability in apache (CVE-2026-43866). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24012 |
|
Vulnerability in apache (CVE-2026-24012)
vulnerability in apache (CVE-2026-24012). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46457 |
|
Vulnerability in apache (CVE-2026-46457)
vulnerability in apache (CVE-2026-46457). Data can be tampered with by attackers.
|
| CVE-2026-40859 |
|
Unsafe Deserialization in apache (CVE-2026-40859)
vulnerability in apache (CVE-2026-40859). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43865 |
|
Unsafe Deserialization in csharp (CVE-2026-43865)
vulnerability in csharp (CVE-2026-43865). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12083 |
|
Vulnerability in wordpress (CVE-2026-12083)
vulnerability in wordpress (CVE-2026-12083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11962 |
|
Vulnerability in wordpress (CVE-2026-11962)
vulnerability in wordpress (CVE-2026-11962). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14802 |
|
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
|
| CVE-2026-11766 |
|
Vulnerability in wordpress (CVE-2026-11766)
vulnerability in wordpress (CVE-2026-11766). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11855 |
|
Vulnerability in wordpress (CVE-2026-11855)
vulnerability in wordpress (CVE-2026-11855). Successful exploitation can lead to full system takeover.
|
| CVE-2024-6228 |
|
Vulnerability in wordpress (CVE-2024-6228)
vulnerability in wordpress (CVE-2024-6228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10830 |
|
Vulnerability in wordpress (CVE-2026-10830)
vulnerability in wordpress (CVE-2026-10830). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47896 |
|
Path Traversal in csharp (CVE-2026-47896)
path traversal in csharp (CVE-2026-47896). Confidential information can be exposed externally.
|
| CVE-2026-9148 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9148)
cross-site scripting in wordpress (CVE-2026-9148). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47897 |
|
Path Traversal in csharp (CVE-2026-47897)
path traversal in csharp (CVE-2026-47897). Data can be tampered with by attackers.
|
| CVE-2026-13040 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-13040)
cross-site scripting in wordpress (CVE-2026-13040). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14352 |
|
Path Traversal in wordpress (CVE-2026-14352)
path traversal in wordpress (CVE-2026-14352). Confidential information can be exposed externally. Exploitable via `Referer header`.
|