Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-49145 App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project ...
App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project ...
CVE-2026-56374 ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due...
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due...
CVE-2026-56776 n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/...
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/...
CVE-2026-56360 n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 signatures on Zendesk webhooks...
n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 signatures on Zendesk webhooks...
CVE-2026-56362 ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex...
ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex...
CVE-2026-56359 n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow...
n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow...
CVE-2026-56297 FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcman_channel_close and...
FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcman_channel_close and...
CVE-2026-56284 Capgo (Cap-go/capgo) before 12.128.2 contains an information disclosure vulnerability in the...
Capgo (Cap-go/capgo) before 12.128.2 contains an information disclosure vulnerability in the...
CVE-2026-56273 Flowise before 3.1.0 contains a path traversal vulnerability in Faiss and SimpleStore vector...
Flowise before 3.1.0 contains a path traversal vulnerability in Faiss and SimpleStore vector...
CVE-2026-56293 Capgo before 12.128.2 contains an authorization flaw in transfer_app() that fails to update...
Capgo before 12.128.2 contains an authorization flaw in transfer_app() that fails to update...
CVE-2026-56283 Capgo before 12.128.2 contains an html injection vulnerability in the organization settings...
Capgo before 12.128.2 contains an html injection vulnerability in the organization settings...
CVE-2026-56250 Capgo before 12.128.2 allows upload-scoped API keys to modify the mutable app_versions.r2_path...
Capgo before 12.128.2 allows upload-scoped API keys to modify the mutable app_versions.r2_path...
CVE-2026-56298 Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information...
Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information...
CVE-2026-56086 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0...
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0...
CVE-2026-56220 Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest...
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest...
CVE-2026-56246 Capgo before 12.128.2 contains a broken access control vulnerability in the organization...
Capgo before 12.128.2 contains a broken access control vulnerability in the organization...
CVE-2026-56226 Capgo (Cap-go/capgo) before 12.128.2 exposes the Supabase PostgREST RPC function public...
Capgo (Cap-go/capgo) before 12.128.2 exposes the Supabase PostgREST RPC function public...
CVE-2026-15035 A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function async_run_command...
A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function async_run_command...
CVE-2026-41122 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
CVE-2026-56217 Capgo before 12.128.2 contains a policy bypass vulnerability in app_versions update enforcement...
Capgo before 12.128.2 contains a policy bypass vulnerability in app_versions update enforcement...
CVE-2026-15034 A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected...
A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected...
CVE-2026-15053 Tanium addressed a denial of service vulnerability in Tanium Server.
Tanium addressed a denial of service vulnerability in Tanium Server.
CVE-2026-53480 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
CVE-2026-15033 A flaw has been found in christopherthielen check-peer-dependencies up to 4.3.4. Affected by this...
A flaw has been found in christopherthielen check-peer-dependencies up to 4.3.4. Affected by this...
CVE-2026-53482 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0...
CVE-2026-22927 Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability.
CVE-2026-8315 Cross-Site Scripting (XSS) in CVE-2026-8315 (CVE-2026-8315)
cross-site scripting in CVE-2026-8315 (CVE-2026-8315). Risk of unauthorized operations or information disclosure.
CVE-2026-8310 Cross-Site Scripting (XSS) in CVE-2026-8310 (CVE-2026-8310)
cross-site scripting in CVE-2026-8310 (CVE-2026-8310). Risk of unauthorized operations or information disclosure.
CVE-2026-8307 SQL Injection in sqli (CVE-2026-8307)
SQL injection in sqli (CVE-2026-8307). Successful exploitation can lead to full system takeover.
CVE-2026-6820 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
CVE-2026-6740 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6740)
cross-site scripting in wordpress (CVE-2026-6740). Risk of unauthorized operations or information disclosure.
CVE-2026-6459 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6459)
cross-site scripting in wordpress (CVE-2026-6459). Risk of unauthorized operations or information disclosure.
CVE-2026-5459 Vulnerability in wordpress (CVE-2026-5459)
vulnerability in wordpress (CVE-2026-5459). Risk of unauthorized operations or information disclosure.
CVE-2026-5356 Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
CVE-2026-14454 Vulnerability in CVE-2026-14454 (CVE-2026-14454)
vulnerability in CVE-2026-14454 (CVE-2026-14454). Risk of unauthorized operations or information disclosure.
CVE-2026-12002 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
CVE-2026-6230 SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
CVE-2026-6818 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
CVE-2026-6742 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6742)
cross-site scripting in wordpress (CVE-2026-6742). Risk of unauthorized operations or information disclosure.
CVE-2026-6854 SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
CVE-2026-6371 Cross-Site Scripting (XSS) in CVE-2026-6371 (CVE-2026-6371)
cross-site scripting in CVE-2026-6371 (CVE-2026-6371). Risk of unauthorized operations or information disclosure.
CVE-2026-12936 SQL Injection in wordpress (CVE-2026-12936)
SQL injection in wordpress (CVE-2026-12936). Confidential information can be exposed externally.
CVE-2026-3688 Vulnerability in wordpress (CVE-2026-3688)
vulnerability in wordpress (CVE-2026-3688). Data can be tampered with by attackers.
CVE-2026-14250 Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
CVE-2025-14785 Cross-Site Scripting (XSS) in wordpress (CVE-2025-14785)
cross-site scripting in wordpress (CVE-2025-14785). Risk of unauthorized operations or information disclosure. Exploitable via ``seedprodnestedmenuwidget``.
CVE-2026-41042 Vulnerability in apache (CVE-2026-41042)
vulnerability in apache (CVE-2026-41042). Risk of unauthorized operations or information disclosure.
CVE-2026-15041 Vulnerability in CVE-2026-15041 (CVE-2026-15041)
vulnerability in CVE-2026-15041 (CVE-2026-15041). Risk of unauthorized operations or information disclosure.
CVE-2026-56003 Vulnerability in CVE-2026-56003 (CVE-2026-56003)
vulnerability in CVE-2026-56003 (CVE-2026-56003). Successful exploitation can lead to full system takeover.
CVE-2026-56002 Vulnerability in CVE-2026-56002 (CVE-2026-56002)
vulnerability in CVE-2026-56002 (CVE-2026-56002). Successful exploitation can lead to full system takeover.
CVE-2026-6280 Vulnerability in CVE-2026-6280 (CVE-2026-6280)
vulnerability in CVE-2026-6280 (CVE-2026-6280). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →