Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-servers Clear
ID Title
CVE-2026-53646 Vulnerability in nginx (CVE-2026-53646)
vulnerability in nginx (CVE-2026-53646). Risk of unauthorized operations or information disclosure. Exploitable via ``ClientPasswordReset``.
CVE-2026-54765 Vulnerability in traefik (CVE-2026-54765)
vulnerability in traefik (CVE-2026-54765). Data can be tampered with by attackers.
CVE-2026-54764 Vulnerability in traefik (CVE-2026-54764)
vulnerability in traefik (CVE-2026-54764). Risk of unauthorized operations or information disclosure.
CVE-2026-54763 Vulnerability in traefik (CVE-2026-54763)
vulnerability in traefik (CVE-2026-54763). Confidential information can be exposed externally.
CVE-2026-58467 Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
CVE-2026-5524 Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
CVE-2026-58446 Vulnerability in nginx (CVE-2026-58446)
vulnerability in nginx (CVE-2026-58446). Risk of unauthorized operations or information disclosure.
CVE-2026-55957 Vulnerability in apache (CVE-2026-55957)
vulnerability in apache (CVE-2026-55957). Risk of unauthorized operations or information disclosure.
CVE-2026-55276 Vulnerability in apache (CVE-2026-55276)
vulnerability in apache (CVE-2026-55276). Confidential information can be exposed externally.
CVE-2026-55956 Vulnerability in apache (CVE-2026-55956)
vulnerability in apache (CVE-2026-55956). Risk of unauthorized operations or information disclosure.
CVE-2026-53404 Vulnerability in apache (CVE-2026-53404)
vulnerability in apache (CVE-2026-53404). Risk of unauthorized operations or information disclosure.
CVE-2026-50229 Vulnerability in apache (CVE-2026-50229)
vulnerability in apache (CVE-2026-50229). Risk of unauthorized operations or information disclosure.
CVE-2026-53434 Vulnerability in apache (CVE-2026-53434)
vulnerability in apache (CVE-2026-53434). Confidential information can be exposed externally.
CVE-2026-55955 Authentication Bypass in apache (CVE-2026-55955)
authentication bypass in apache (CVE-2026-55955). Risk of unauthorized operations or information disclosure.
CVE-2026-47220 Vulnerability in envoyproxy (CVE-2026-47220)
vulnerability in envoyproxy (CVE-2026-47220). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-48090 Use-After-Free in dos (CVE-2026-48090)
vulnerability in dos (CVE-2026-48090). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-47205 Use-After-Free in envoyproxy (CVE-2026-47205)
vulnerability in envoyproxy (CVE-2026-47205). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.36.9` or later.
CVE-2026-48743 Vulnerability in envoyproxy (CVE-2026-48743)
vulnerability in envoyproxy (CVE-2026-48743). Data can be tampered with by attackers. Exploitable via `GET /pwn`. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48706 Vulnerability in envoyproxy (CVE-2026-48706)
vulnerability in envoyproxy (CVE-2026-48706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-48497 Vulnerability in c (CVE-2026-48497)
vulnerability in c (CVE-2026-48497). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48044 Vulnerability in dos (CVE-2026-48044)
vulnerability in dos (CVE-2026-48044). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48042 Vulnerability in envoyproxy (CVE-2026-48042)
vulnerability in envoyproxy (CVE-2026-48042). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47778 Vulnerability in c (CVE-2026-47778)
vulnerability in c (CVE-2026-47778). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47775 Vulnerability in envoyproxy (CVE-2026-47775)
vulnerability in envoyproxy (CVE-2026-47775). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47692 Vulnerability in envoyproxy (CVE-2026-47692)
vulnerability in envoyproxy (CVE-2026-47692). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47221 Vulnerability in dos (CVE-2026-47221)
vulnerability in dos (CVE-2026-47221). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47207 Use-After-Free in envoyproxy (CVE-2026-47207)
vulnerability in envoyproxy (CVE-2026-47207). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47204 Vulnerability in envoyproxy (CVE-2026-47204)
vulnerability in envoyproxy (CVE-2026-47204). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-54762 Vulnerability in github.com/traefik/traefik/v3 (CVE-2026-54762)
vulnerability in github.com/traefik/traefik/v3 (CVE-2026-54762). Confidential information can be exposed externally. Exploitable via ``digest``. Mitigation: upgrade to `3.7.5` or later.
CVE-2026-55204 Vulnerability in c (CVE-2026-55204)
vulnerability in c (CVE-2026-55204). Risk of unauthorized operations or information disclosure.
CVE-2026-55203 Vulnerability in haproxy (CVE-2026-55203)
vulnerability in haproxy (CVE-2026-55203). Data can be tampered with by attackers.
CVE-2026-50107 Vulnerability in nginx (CVE-2026-50107)
vulnerability in nginx (CVE-2026-50107). Confidential information can be exposed externally.
CVE-2026-32682 Vulnerability in nginx (CVE-2026-32682)
vulnerability in nginx (CVE-2026-32682). Risk of unauthorized operations or information disclosure.
CVE-2026-42055 Vulnerability in nginx (CVE-2026-42055)
vulnerability in nginx (CVE-2026-42055). Successful exploitation can lead to full system takeover.
CVE-2026-42530 Use-After-Free in nginx (CVE-2026-42530)
vulnerability in nginx (CVE-2026-42530). Successful exploitation can lead to full system takeover.
CVE-2026-48142 Out-of-Bounds Read in nginx (CVE-2026-48142)
vulnerability in nginx (CVE-2026-48142). Risk of unauthorized operations or information disclosure.
CVE-2026-11311 Vulnerability in nginx (CVE-2026-11311)
vulnerability in nginx (CVE-2026-11311). Confidential information can be exposed externally.
CVE-2026-47774 Vulnerability in dos (CVE-2026-47774)
vulnerability in dos (CVE-2026-47774). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
CVE-2026-54761 Vulnerability in github.com/traefik/traefik/v3 (CVE-2026-54761)
vulnerability in github.com/traefik/traefik/v3 (CVE-2026-54761). Confidential information can be exposed externally. Exploitable via ``crossProviderNamespaces``. Mitigation: upgrade to `3.7.5` or later.
CVE-2026-52846 Vulnerability in github.com/caddyserver/caddy/v2 (CVE-2026-52846)
vulnerability in github.com/caddyserver/caddy/v2 (CVE-2026-52846). Risk of unauthorized operations or information disclosure. Exploitable via ``stripHTML``. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-52845 Authentication Bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845)
authentication bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845). Confidential information can be exposed externally. Exploitable via `GET /index.php`. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-52844 Path Traversal in github.com/caddyserver/caddy/v2 (CVE-2026-52844)
path traversal in github.com/caddyserver/caddy/v2 (CVE-2026-52844). Confidential information can be exposed externally. Exploitable via `GET /private/secret.txt`. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-53622 Vulnerability in Traefik (CVE-2026-53622)
vulnerability in Traefik (CVE-2026-53622). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `3.7.3` or later.
CVE-2026-48491 Vulnerability in Traefik (CVE-2026-48491)
vulnerability in Traefik (CVE-2026-48491). Confidential information can be exposed externally. Exploitable via ``SNICheck``. Mitigation: upgrade to `3.7.3` or later.
CVE-2026-50892 Vulnerability in nginx (CVE-2026-50892)
vulnerability in nginx (CVE-2026-50892). Confidential information can be exposed externally.
CVE-2026-48020 Vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020)
vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020). Confidential information can be exposed externally. Exploitable via `GET /admin`. Mitigation: upgrade to `2.11.48` or later.
CVE-2026-45569 Path Traversal in c (CVE-2026-45569)
path traversal in c (CVE-2026-45569). Confidential information can be exposed externally.
CVE-2026-45566 Open Redirect in nginx (CVE-2026-45566)
vulnerability in nginx (CVE-2026-45566). Risk of unauthorized operations or information disclosure.
CVE-2026-45567 Authentication Bypass in nginx (CVE-2026-45567)
authentication bypass in nginx (CVE-2026-45567). Risk of unauthorized operations or information disclosure.
CVE-2026-45565 Vulnerability in nginx (CVE-2026-45565)
vulnerability in nginx (CVE-2026-45565). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →