Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-8632 Command Injection in hp (CVE-2026-8632)
command injection in hp (CVE-2026-8632). Successful exploitation can lead to full system takeover.
CVE-2026-47373 Vulnerability in CVE-2026-47373 (CVE-2026-47373)
vulnerability in CVE-2026-47373 (CVE-2026-47373). Confidential information can be exposed externally.
CVE-2026-9144 Cross-Site Scripting (XSS) in CVE-2026-9144 (CVE-2026-9144)
cross-site scripting in CVE-2026-9144 (CVE-2026-9144). Confidential information can be exposed externally.
CVE-2026-9137 Vulnerability in c (CVE-2026-9137)
vulnerability in c (CVE-2026-9137). Risk of unauthorized operations or information disclosure.
CVE-2026-9126 Use-After-Free in google (CVE-2026-9126)
vulnerability in google (CVE-2026-9126). Successful exploitation can lead to full system takeover.
CVE-2026-9123 Vulnerability in google (CVE-2026-9123)
vulnerability in google (CVE-2026-9123). Successful exploitation can lead to full system takeover.
CVE-2026-9121 Out-of-Bounds Read in google (CVE-2026-9121)
vulnerability in google (CVE-2026-9121). Successful exploitation can lead to full system takeover.
CVE-2026-9120 Use-After-Free in google (CVE-2026-9120)
vulnerability in google (CVE-2026-9120). Successful exploitation can lead to full system takeover.
CVE-2026-9117 Vulnerability in google (CVE-2026-9117)
vulnerability in google (CVE-2026-9117). Successful exploitation can lead to full system takeover.
CVE-2026-9118 Use-After-Free in google (CVE-2026-9118)
vulnerability in google (CVE-2026-9118). Successful exploitation can lead to full system takeover.
CVE-2026-9119 Vulnerability in google (CVE-2026-9119)
vulnerability in google (CVE-2026-9119). Successful exploitation can lead to full system takeover.
CVE-2026-9112 Use-After-Free in google (CVE-2026-9112)
vulnerability in google (CVE-2026-9112). Successful exploitation can lead to full system takeover.
CVE-2026-9114 Use-After-Free in google (CVE-2026-9114)
vulnerability in google (CVE-2026-9114). Successful exploitation can lead to full system takeover.
CVE-2026-9111 Use-After-Free in Google chrome (CVE-2026-9111)
vulnerability in Google chrome (CVE-2026-9111). Successful exploitation can lead to full system takeover.
CVE-2026-39310 Vulnerability in csrf (CVE-2026-39310)
vulnerability in csrf (CVE-2026-39310). Data can be tampered with by attackers.
CVE-2026-24216 Unsafe Deserialization in dos (CVE-2026-24216)
vulnerability in dos (CVE-2026-24216). Successful exploitation can lead to full system takeover.
CVE-2026-24188 Out-of-Bounds Write in CVE-2026-24188 (CVE-2026-24188)
out-of-bounds write in CVE-2026-24188 (CVE-2026-24188). Data can be tampered with by attackers.
CVE-2026-24218 Vulnerability in dos (CVE-2026-24218)
vulnerability in dos (CVE-2026-24218). Successful exploitation can lead to full system takeover.
CVE-2026-24217 Vulnerability in path-traversal (CVE-2026-24217)
vulnerability in path-traversal (CVE-2026-24217). Successful exploitation can lead to full system takeover.
CVE-2026-9133 Vulnerability in Amazon aws (CVE-2026-9133)
vulnerability in Amazon aws (CVE-2026-9133). Confidential information can be exposed externally. Exploitable via `PUT /api/aws/arn/validate`.
CVE-2026-20239 Vulnerability in splunk (CVE-2026-20239)
vulnerability in splunk (CVE-2026-20239). Successful exploitation can lead to full system takeover. Exploitable via ``_internal``.
CVE-2026-7613 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7613)
cross-site scripting in wordpress (CVE-2026-7613). Risk of unauthorized operations or information disclosure.
CVE-2026-44926 InfoScale CmdServer before 7.4.2 mishandles access control.
InfoScale CmdServer before 7.4.2 mishandles access control.
CVE-2026-44925 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-44925)
vulnerability in csrf (CVE-2026-44925). Successful exploitation can lead to full system takeover.
CVE-2026-5783 Cross-Site Scripting (XSS) in CVE-2026-5783 (CVE-2026-5783)
cross-site scripting in CVE-2026-5783 (CVE-2026-5783). Risk of unauthorized operations or information disclosure.
CVE-2026-39047 Vulnerability in CVE-2026-39047 (CVE-2026-39047)
vulnerability in CVE-2026-39047 (CVE-2026-39047). Risk of unauthorized operations or information disclosure.
CVE-2025-32750 Vulnerability in dell (CVE-2025-32750)
vulnerability in dell (CVE-2025-32750). Confidential information can be exposed externally.
CVE-2026-35675 Vulnerability in thorsten/phpmyfaq (CVE-2026-35675)
vulnerability in thorsten/phpmyfaq (CVE-2026-35675). Data can be tampered with by attackers. Mitigation: upgrade to `4.1.3` or later.
CVE-2026-35672 Vulnerability in thorsten/phpmyfaq (CVE-2026-35672)
vulnerability in thorsten/phpmyfaq (CVE-2026-35672). Data can be tampered with by attackers. Exploitable via `POST /api/v4.0/faq/create`. Mitigation: upgrade to `4.1.3` or later.
CVE-2026-35671 Vulnerability in thorsten/phpmyfaq (CVE-2026-35671)
vulnerability in thorsten/phpmyfaq (CVE-2026-35671). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.3` or later.
CVE-2026-35676 Vulnerability in thorsten/phpmyfaq (CVE-2026-35676)
vulnerability in thorsten/phpmyfaq (CVE-2026-35676). Data can be tampered with by attackers. Exploitable via `PUT /api/index.php/user/password/update`. Mitigation: upgrade to `4.1.3` or later.
CVE-2026-56268 Authorization Flaw in flowise (CVE-2026-56268)
vulnerability in flowise (CVE-2026-56268). Confidential information can be exposed externally. Exploitable via ``keyonly``. Mitigation: upgrade to `3.1.2` or later.
CVE-2026-24425 Vulnerability in twig/twig (CVE-2026-24425)
vulnerability in twig/twig (CVE-2026-24425). Successful exploitation can lead to full system takeover. Exploitable via ``SourcePolicyInterface``. Mitigation: upgrade to `3.26.0` or later.
CVE-2026-22554 MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability
MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability
CVE-2026-45389 Vulnerability in tls (CVE-2026-45389)
vulnerability in tls (CVE-2026-45389). Confidential information can be exposed externally. Mitigation: upgrade to `2.1.0, b1a598ef9be83a4f8b0f73a4e2d9730d50906049` or later.
CVE-2026-5946 Vulnerability in isc (CVE-2026-5946)
vulnerability in isc (CVE-2026-5946). Risk of unauthorized operations or information disclosure. Exploitable via ``named``.
CVE-2026-5947 Vulnerability in isc (CVE-2026-5947)
vulnerability in isc (CVE-2026-5947). Risk of unauthorized operations or information disclosure.
CVE-2026-45584 Vulnerability in microsoft (CVE-2026-45584)
vulnerability in microsoft (CVE-2026-45584). Successful exploitation can lead to full system takeover.
CVE-2026-42834 Vulnerability in microsoft (CVE-2026-42834)
vulnerability in microsoft (CVE-2026-42834). Successful exploitation can lead to full system takeover.
CVE-2026-42383 SQL Injection in sqli (CVE-2026-42383)
SQL injection in sqli (CVE-2026-42383). Confidential information can be exposed externally.
CVE-2026-41091 KEV [KEV] Vulnerability in Microsoft malware-protection-engine (CVE-2026-41091)
vulnerability in Microsoft malware-protection-engine (CVE-2026-41091). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-3593 Use-After-Free in isc (CVE-2026-3593)
vulnerability in isc (CVE-2026-3593). Confidential information can be exposed externally.
CVE-2026-3039 Vulnerability in isc (CVE-2026-3039)
vulnerability in isc (CVE-2026-3039). Risk of unauthorized operations or information disclosure.
CVE-2026-29518 Vulnerability in privilege-escalation (CVE-2026-29518)
vulnerability in privilege-escalation (CVE-2026-29518). Successful exploitation can lead to full system takeover.
CVE-2025-11954 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11954)
vulnerability in csrf (CVE-2025-11954). Successful exploitation can lead to full system takeover.
CVE-2026-22315 Vulnerability in CVE-2026-22315 (CVE-2026-22315)
vulnerability in CVE-2026-22315 (CVE-2026-22315). Successful exploitation can lead to full system takeover.
CVE-2026-0856 Vulnerability in CVE-2026-0856 (CVE-2026-0856)
vulnerability in CVE-2026-0856 (CVE-2026-0856). Successful exploitation can lead to full system takeover.
CVE-2026-4224 Vulnerability in libpython (CVE-2026-4224)
vulnerability in libpython (CVE-2026-4224). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.13, 3.14.4` or later.
CVE-2026-9064 Vulnerability in dos (CVE-2026-9064)
vulnerability in dos (CVE-2026-9064). Risk of unauthorized operations or information disclosure.
CVE-2026-44933 Vulnerability in CVE-2026-44933 (CVE-2026-44933)
vulnerability in CVE-2026-44933 (CVE-2026-44933). Successful exploitation can lead to full system takeover. Exploitable via ``PluginScript``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →