Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54763 |
|
Vulnerability in traefik (CVE-2026-54763)
vulnerability in traefik (CVE-2026-54763). Confidential information can be exposed externally.
|
| CVE-2026-5524 |
|
Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55276 |
|
Vulnerability in apache (CVE-2026-55276)
vulnerability in apache (CVE-2026-55276). Confidential information can be exposed externally.
|
| CVE-2026-53434 |
|
Vulnerability in apache (CVE-2026-53434)
vulnerability in apache (CVE-2026-53434). Confidential information can be exposed externally.
|
| CVE-2026-53622 |
|
Vulnerability in Traefik (CVE-2026-53622)
vulnerability in Traefik (CVE-2026-53622). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `3.7.3` or later.
|
| CVE-2026-48491 |
|
Vulnerability in Traefik (CVE-2026-48491)
vulnerability in Traefik (CVE-2026-48491). Confidential information can be exposed externally. Exploitable via ``SNICheck``. Mitigation: upgrade to `3.7.3` or later.
|
| CVE-2026-48020 |
|
Vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020)
vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020). Confidential information can be exposed externally. Exploitable via `GET /admin`. Mitigation: upgrade to `2.11.48` or later.
|
| CVE-2026-45558 |
|
Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
|
| CVE-2026-45556 |
|
Vulnerability in nginx (CVE-2026-45556)
vulnerability in nginx (CVE-2026-45556). Successful exploitation can lead to full system takeover. Exploitable via `POST /waf/`.
|
| CVE-2026-45550 |
|
Vulnerability in nginx (CVE-2026-45550)
vulnerability in nginx (CVE-2026-45550). Data can be tampered with by attackers. Exploitable via `PUT /smon/check`.
|
| CVE-2026-45552 |
|
Vulnerability in nginx (CVE-2026-45552)
vulnerability in nginx (CVE-2026-45552). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44774 |
|
Vulnerability in github.com/traefik/traefik/v3 (CVE-2026-44774)
vulnerability in github.com/traefik/traefik/v3 (CVE-2026-44774). Successful exploitation can lead to full system takeover. Exploitable via `PUT /api/providers/rest`. Mitigation: upgrade to `3.6.17` or later.
|
| CVE-2026-43515 |
|
Vulnerability in tomcat (CVE-2026-43515)
vulnerability in tomcat (CVE-2026-43515). Confidential information can be exposed externally. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-41293 |
|
Vulnerability in tomcat (CVE-2026-41293)
vulnerability in tomcat (CVE-2026-41293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-43512 |
|
Authentication Bypass in tomcat (CVE-2026-43512)
authentication bypass in tomcat (CVE-2026-43512). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-39858 |
|
Vulnerability in traefik (CVE-2026-39858)
vulnerability in traefik (CVE-2026-39858). Confidential information can be exposed externally.
|
| CVE-2026-35051 |
|
Vulnerability in traefik (CVE-2026-35051)
vulnerability in traefik (CVE-2026-35051). Confidential information can be exposed externally.
|
| CVE-2026-40575 |
|
Vulnerability in nginx (CVE-2026-40575)
vulnerability in nginx (CVE-2026-40575). Confidential information can be exposed externally. Mitigation: upgrade to `7.15.2` or later.
|
| CVE-2016-20026 |
|
Vulnerability in apache (CVE-2016-20026)
vulnerability in apache (CVE-2016-20026). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23941 |
|
Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
|
| CVE-2025-55754 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
|
| CVE-2016-5018 |
|
Vulnerability in apache (CVE-2016-5018)
vulnerability in apache (CVE-2016-5018). Confidential information can be exposed externally.
|
| CVE-2015-1778 |
|
Authentication Bypass in org.opendaylight.odlparent:opendaylight-karaf-resources (CVE-2015-1778)
authentication bypass in org.opendaylight.odlparent:opendaylight-karaf-resources (CVE-2015-1778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.2.3-Helium-SR3` or later.
|
| CVE-2017-5648 |
|
Vulnerability in apache (CVE-2017-5648)
vulnerability in apache (CVE-2017-5648). Confidential information can be exposed externally.
|
| CVE-2017-5651 |
|
Vulnerability in apache (CVE-2017-5651)
vulnerability in apache (CVE-2017-5651). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6808 |
|
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
|
| CVE-2009-3555 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555)
vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.5.33` or later.
|