Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-49098 |
|
Vulnerability in c (CVE-2026-49098)
vulnerability in c (CVE-2026-49098). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13733 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-13733)
cross-site scripting in c (CVE-2026-13733). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11880 |
|
Vulnerability in c (CVE-2026-11880)
vulnerability in c (CVE-2026-11880). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12349 |
|
Vulnerability in c (CVE-2026-12349)
vulnerability in c (CVE-2026-12349). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54266 |
|
Vulnerability in @angular/common (CVE-2026-54266)
vulnerability in @angular/common (CVE-2026-54266). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpTransferCache``.
|
| CVE-2026-41000 |
|
Vulnerability in c (CVE-2026-41000)
vulnerability in c (CVE-2026-41000). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45569 |
|
Path Traversal in c (CVE-2026-45569)
path traversal in c (CVE-2026-45569). Confidential information can be exposed externally.
|
| CVE-2026-45564 |
|
OS Command Injection in c (CVE-2026-45564)
OS command injection in c (CVE-2026-45564). Successful exploitation can lead to full system takeover. Exploitable via `POST /config/versions/`.
|
| CVE-2026-45558 |
|
Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
|
| CVE-2026-45560 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-45560)
cross-site scripting in c (CVE-2026-45560). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25699 |
|
Vulnerability in c (CVE-2026-25699)
vulnerability in c (CVE-2026-25699). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47983 |
|
Cross-Site Scripting (XSS) in c (CVE-2021-47983)
cross-site scripting in c (CVE-2021-47983). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-54350 |
|
Vulnerability in c (CVE-2023-54350)
vulnerability in c (CVE-2023-54350). Confidential information can be exposed externally.
|
| CVE-2026-40961 |
|
Open Redirect in airflow (CVE-2026-40961)
vulnerability in airflow (CVE-2026-40961). Risk of unauthorized operations or information disclosure. Exploitable via ``is_safe_url``. Mitigation: upgrade to `3.2.2` or later.
|
| CVE-2026-8689 |
|
Vulnerability in c (CVE-2026-8689)
vulnerability in c (CVE-2026-8689). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8875 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-8875)
cross-site scripting in c (CVE-2026-8875). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47979 |
|
Path Traversal in c (CVE-2021-47979)
path traversal in c (CVE-2021-47979). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45212 |
|
Vulnerability in c (CVE-2026-45212)
vulnerability in c (CVE-2026-45212). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4663 |
|
Vulnerability in wordpress (CVE-2026-4663)
vulnerability in wordpress (CVE-2026-4663). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44338 |
|
Vulnerability in PraisonAI (CVE-2026-44338)
vulnerability in PraisonAI (CVE-2026-44338). Risk of unauthorized operations or information disclosure. Exploitable via `POST /chat`. Mitigation: upgrade to `4.6.34` or later.
|
| CVE-2026-34084 |
|
Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-34084)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-34084). Successful exploitation can lead to full system takeover. Exploitable via ``is_file``. Mitigation: upgrade to `1.30.3` or later.
|
| CVE-2026-40682 |
|
XXE (XML External Entity) in org.apache.opennlp:opennlp-tools (CVE-2026-40682)
vulnerability in org.apache.opennlp:opennlp-tools (CVE-2026-40682). Confidential information can be exposed externally. Mitigation: upgrade to `3.0.0-M3` or later.
|
| CVE-2026-30246 |
|
Vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-30246)
vulnerability in github.com/gofiber/fiber/v3 (CVE-2026-30246). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.2.0` or later.
|
| CVE-2017-15701 |
|
Vulnerability in c (CVE-2017-15701)
vulnerability in c (CVE-2017-15701). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3249 |
|
Buffer Overflow in c (CVE-2015-3249)
vulnerability in c (CVE-2015-3249). Successful exploitation can lead to full system takeover.
|
| CVE-2013-4246 |
|
Vulnerability in c (CVE-2013-4246)
vulnerability in c (CVE-2013-4246). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12629 |
|
XXE (XML External Entity) in c (CVE-2017-12629)
vulnerability in c (CVE-2017-12629). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10932 |
|
Unsafe Deserialization in c (CVE-2017-10932)
vulnerability in c (CVE-2017-10932). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9798 |
|
Use-After-Free in c (CVE-2017-9798)
vulnerability in c (CVE-2017-9798). Confidential information can be exposed externally.
|
| CVE-2012-0880 |
|
Vulnerability in c (CVE-2012-0880)
vulnerability in c (CVE-2012-0880). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6891 |
|
Out-of-Bounds Write in c (CVE-2017-6891)
out-of-bounds write in c (CVE-2017-6891). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4467 |
|
Vulnerability in c (CVE-2016-4467)
vulnerability in c (CVE-2016-4467). Data can be tampered with by attackers.
|
| CVE-2017-3503 |
|
Vulnerability in c (CVE-2017-3503)
vulnerability in c (CVE-2017-3503). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5647 |
|
Information Disclosure in c (CVE-2017-5647)
vulnerability in c (CVE-2017-5647). Confidential information can be exposed externally.
|
| CVE-2017-6059 |
|
Vulnerability in c (CVE-2017-6059)
vulnerability in c (CVE-2017-6059). Data can be tampered with by attackers.
|
| CVE-2016-10141 |
|
Vulnerability in c (CVE-2016-10141)
vulnerability in c (CVE-2016-10141). Successful exploitation can lead to full system takeover.
|