Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12784 |
|
Vulnerability in CVE-2026-12784 (CVE-2026-12784)
vulnerability in CVE-2026-12784 (CVE-2026-12784). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12782 |
|
Vulnerability in CVE-2026-12782 (CVE-2026-12782)
vulnerability in CVE-2026-12782 (CVE-2026-12782). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12781 |
|
Vulnerability in CVE-2026-12781 (CVE-2026-12781)
vulnerability in CVE-2026-12781 (CVE-2026-12781). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12779 |
|
Vulnerability in CVE-2026-12779 (CVE-2026-12779)
vulnerability in CVE-2026-12779 (CVE-2026-12779). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12776 |
|
Vulnerability in sqli (CVE-2026-12776)
vulnerability in sqli (CVE-2026-12776). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12780 |
|
Vulnerability in CVE-2026-12780 (CVE-2026-12780)
vulnerability in CVE-2026-12780 (CVE-2026-12780). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12775 |
|
Vulnerability in sqli (CVE-2026-12775)
vulnerability in sqli (CVE-2026-12775). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12778 |
|
Vulnerability in CVE-2026-12778 (CVE-2026-12778)
vulnerability in CVE-2026-12778 (CVE-2026-12778). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12774 |
|
SSRF (Server-Side Request Forgery) in litellm (CVE-2026-12774)
SSRF in litellm (CVE-2026-12774). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12773 |
|
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
|
| CVE-2026-12771 |
|
Vulnerability in litellm (CVE-2026-12771)
vulnerability in litellm (CVE-2026-12771). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12772 |
|
Vulnerability in litellm (CVE-2026-12772)
vulnerability in litellm (CVE-2026-12772). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12770 |
|
Vulnerability in litellm (CVE-2026-12770)
vulnerability in litellm (CVE-2026-12770). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56355 |
|
GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.
GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.
|
| CVE-2026-56347 |
|
Cross-Site Scripting (XSS) in CVE-2026-56347 (CVE-2026-56347)
cross-site scripting in CVE-2026-56347 (CVE-2026-56347). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56346 |
|
Vulnerability in CVE-2026-56346 (CVE-2026-56346)
vulnerability in CVE-2026-56346 (CVE-2026-56346). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56345 |
|
Authentication Bypass in CVE-2026-56345 (CVE-2026-56345)
authentication bypass in CVE-2026-56345 (CVE-2026-56345). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56342 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-56342 (CVE-2026-56342)
SSRF in CVE-2026-56342 (CVE-2026-56342). Confidential information can be exposed externally.
|
| CVE-2026-56341 |
|
Vulnerability in csharp (CVE-2026-56341)
vulnerability in csharp (CVE-2026-56341). Confidential information can be exposed externally.
|
| CVE-2026-56340 |
|
Vulnerability in dos (CVE-2026-56340)
vulnerability in dos (CVE-2026-56340). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71379 |
|
Vulnerability in dos (CVE-2025-71379)
vulnerability in dos (CVE-2025-71379). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5366 |
|
Code Injection in prefect (CVE-2026-5366)
code injection in prefect (CVE-2026-5366). Successful exploitation can lead to full system takeover. Exploitable via ``GitRepository``.
|
| CVE-2026-56332 |
|
Open Redirect in CVE-2026-56332 (CVE-2026-56332)
vulnerability in CVE-2026-56332 (CVE-2026-56332). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56330 |
|
Open Redirect in CVE-2026-56330 (CVE-2026-56330)
vulnerability in CVE-2026-56330 (CVE-2026-56330). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56325 |
|
Vulnerability in CVE-2026-56325 (CVE-2026-56325)
vulnerability in CVE-2026-56325 (CVE-2026-56325). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56319 |
|
Vulnerability in CVE-2026-56319 (CVE-2026-56319)
vulnerability in CVE-2026-56319 (CVE-2026-56319). Risk of unauthorized operations or information disclosure. Exploitable via `GET /statistics/app/`.
|
| CVE-2026-56317 |
|
Cross-Site Scripting (XSS) in nuxt (CVE-2026-56317)
cross-site scripting in nuxt (CVE-2026-56317). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56307 |
|
Vulnerability in CVE-2026-56307 (CVE-2026-56307)
vulnerability in CVE-2026-56307 (CVE-2026-56307). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56304 |
|
Unsafe Deserialization in dos (CVE-2026-56304)
vulnerability in dos (CVE-2026-56304). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56295 |
|
Vulnerability in CVE-2026-56295 (CVE-2026-56295)
vulnerability in CVE-2026-56295 (CVE-2026-56295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56294 |
|
Authentication Bypass in CVE-2026-56294 (CVE-2026-56294)
authentication bypass in CVE-2026-56294 (CVE-2026-56294). Confidential information can be exposed externally.
|
| CVE-2026-56282 |
|
Information Disclosure in CVE-2026-56282 (CVE-2026-56282)
vulnerability in CVE-2026-56282 (CVE-2026-56282). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56276 |
|
Vulnerability in CVE-2026-56276 (CVE-2026-56276)
vulnerability in CVE-2026-56276 (CVE-2026-56276). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v1/user`.
|
| CVE-2026-56267 |
|
Information Disclosure in CVE-2026-56267 (CVE-2026-56267)
vulnerability in CVE-2026-56267 (CVE-2026-56267). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/account/forgot-password`.
|
| CVE-2026-56235 |
|
Information Disclosure in CVE-2026-56235 (CVE-2026-56235)
vulnerability in CVE-2026-56235 (CVE-2026-56235). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56228 |
|
Vulnerability in dos (CVE-2026-56228)
vulnerability in dos (CVE-2026-56228). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56227 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-56227 (CVE-2026-56227)
SSRF in CVE-2026-56227 (CVE-2026-56227). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56218 |
|
Information Disclosure in CVE-2026-56218 (CVE-2026-56218)
vulnerability in CVE-2026-56218 (CVE-2026-56218). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71331 |
|
Vulnerability in flowiseai (CVE-2025-71331)
vulnerability in flowiseai (CVE-2025-71331). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-58351 |
|
Code Injection in dos (CVE-2024-58351)
code injection in dos (CVE-2024-58351). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12673 |
|
Vulnerability in privilege-escalation (CVE-2026-12673)
vulnerability in privilege-escalation (CVE-2026-12673). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50972 |
|
Code Injection in CVE-2022-50972 (CVE-2022-50972)
code injection in CVE-2022-50972 (CVE-2022-50972). Successful exploitation can lead to full system takeover.
|
| CVE-2020-37255 |
|
Vulnerability in wordpress (CVE-2020-37255)
vulnerability in wordpress (CVE-2020-37255). Confidential information can be exposed externally.
|
| CVE-2019-25763 |
|
Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48939 |
|
Unrestricted File Upload in joomlic (CVE-2026-48939)
vulnerability in joomlic (CVE-2026-48939). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48909 |
|
Unsafe Deserialization in CVE-2026-48909 (CVE-2026-48909)
vulnerability in CVE-2026-48909 (CVE-2026-48909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48908 KEV |
|
[KEV] Unrestricted File Upload in Joomshaper ollyo (CVE-2026-48908)
vulnerability in Joomshaper ollyo (CVE-2026-48908). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-12119 |
|
Vulnerability in wordpress (CVE-2026-12119)
vulnerability in wordpress (CVE-2026-12119). Data can be tampered with by attackers.
|
| CVE-2026-11912 |
|
Vulnerability in wordpress (CVE-2026-11912)
vulnerability in wordpress (CVE-2026-11912). Data can be tampered with by attackers.
|
| CVE-2026-11911 |
|
Path Traversal in wordpress (CVE-2026-11911)
path traversal in wordpress (CVE-2026-11911). Confidential information can be exposed externally.
|