Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-11954 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11954)
vulnerability in csrf (CVE-2025-11954). Successful exploitation can lead to full system takeover.
CVE-2026-22315 Vulnerability in CVE-2026-22315 (CVE-2026-22315)
vulnerability in CVE-2026-22315 (CVE-2026-22315). Successful exploitation can lead to full system takeover.
CVE-2026-0856 Vulnerability in CVE-2026-0856 (CVE-2026-0856)
vulnerability in CVE-2026-0856 (CVE-2026-0856). Successful exploitation can lead to full system takeover.
CVE-2026-4224 Vulnerability in libpython (CVE-2026-4224)
vulnerability in libpython (CVE-2026-4224). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.13, 3.14.4` or later.
CVE-2026-44933 Vulnerability in CVE-2026-44933 (CVE-2026-44933)
vulnerability in CVE-2026-44933 (CVE-2026-44933). Successful exploitation can lead to full system takeover. Exploitable via ``PluginScript``.
CVE-2026-9064 Vulnerability in dos (CVE-2026-9064)
vulnerability in dos (CVE-2026-9064). Risk of unauthorized operations or information disclosure.
CVE-2026-42959 Vulnerability in c (CVE-2026-42959)
vulnerability in c (CVE-2026-42959). Risk of unauthorized operations or information disclosure.
CVE-2026-41292 Vulnerability in dos (CVE-2026-41292)
vulnerability in dos (CVE-2026-41292). Risk of unauthorized operations or information disclosure.
CVE-2026-42944 Vulnerability in nlnetlabs (CVE-2026-42944)
vulnerability in nlnetlabs (CVE-2026-42944). Risk of unauthorized operations or information disclosure.
CVE-2026-41054 Vulnerability in c (CVE-2026-41054)
vulnerability in c (CVE-2026-41054). Successful exploitation can lead to full system takeover. Exploitable via ``socket_handler``.
CVE-2026-40622 Vulnerability in nlnetlabs (CVE-2026-40622)
vulnerability in nlnetlabs (CVE-2026-40622). Data can be tampered with by attackers.
CVE-2026-5200 Vulnerability in wordpress (CVE-2026-5200)
vulnerability in wordpress (CVE-2026-5200). Successful exploitation can lead to full system takeover.
CVE-2026-47784 Vulnerability in memcached (CVE-2026-47784)
vulnerability in memcached (CVE-2026-47784). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.42` or later.
CVE-2026-47783 Vulnerability in memcached (CVE-2026-47783)
vulnerability in memcached (CVE-2026-47783). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.42` or later.
CVE-2026-9057 Vulnerability in CVE-2026-9057 (CVE-2026-9057)
vulnerability in CVE-2026-9057 (CVE-2026-9057). Confidential information can be exposed externally.
CVE-2026-7522 Vulnerability in wordpress (CVE-2026-7522)
vulnerability in wordpress (CVE-2026-7522). Successful exploitation can lead to full system takeover.
CVE-2026-9010 SQL Injection in wordpress (CVE-2026-9010)
SQL injection in wordpress (CVE-2026-9010). Confidential information can be exposed externally.
CVE-2026-9003 SQL Injection in sqli (CVE-2026-9003)
SQL injection in sqli (CVE-2026-9003). Confidential information can be exposed externally.
CVE-2026-24214 Vulnerability in dos (CVE-2026-24214)
vulnerability in dos (CVE-2026-24214). Successful exploitation can lead to full system takeover.
CVE-2026-24213 Out-of-Bounds Read in dos (CVE-2026-24213)
vulnerability in dos (CVE-2026-24213). Successful exploitation can lead to full system takeover.
CVE-2026-24210 Vulnerability in dos (CVE-2026-24210)
vulnerability in dos (CVE-2026-24210). Risk of unauthorized operations or information disclosure.
CVE-2026-24209 Path Traversal in path-traversal (CVE-2026-24209)
path traversal in path-traversal (CVE-2026-24209). Risk of unauthorized operations or information disclosure.
CVE-2026-24206 Vulnerability in dos (CVE-2026-24206)
vulnerability in dos (CVE-2026-24206). Risk of unauthorized operations or information disclosure.
CVE-2026-24163 Unsafe Deserialization in dos (CVE-2026-24163)
vulnerability in dos (CVE-2026-24163). Successful exploitation can lead to full system takeover.
CVE-2025-33255 Unsafe Deserialization in dos (CVE-2025-33255)
vulnerability in dos (CVE-2025-33255). Successful exploitation can lead to full system takeover.
CVE-2026-7467 Privilege Escalation in wordpress (CVE-2026-7467)
vulnerability in wordpress (CVE-2026-7467). Successful exploitation can lead to full system takeover.
CVE-2026-6456 Authentication Bypass in wordpress (CVE-2026-6456)
authentication bypass in wordpress (CVE-2026-6456). Successful exploitation can lead to full system takeover. Exploitable via ``rememberLogin``.
CVE-2026-43618 Out-of-Bounds Read in samba (CVE-2026-43618)
vulnerability in samba (CVE-2026-43618). Confidential information can be exposed externally.
CVE-2026-3985 SQL Injection in wordpress (CVE-2026-3985)
SQL injection in wordpress (CVE-2026-3985). Confidential information can be exposed externally.
CVE-2009-1537 KEV [KEV] Vulnerability in Microsoft directx (CVE-2009-1537)
vulnerability in Microsoft directx (CVE-2009-1537). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2010-0806 KEV [KEV] Vulnerability in Microsoft internet-explorer (CVE-2010-0806)
vulnerability in Microsoft internet-explorer (CVE-2010-0806). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2009-3459 KEV [KEV] Buffer Overflow in Adobe acrobat (CVE-2009-3459)
vulnerability in Adobe acrobat (CVE-2009-3459). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-34358 Vulnerability in privilege-escalation (CVE-2026-34358)
vulnerability in privilege-escalation (CVE-2026-34358). Confidential information can be exposed externally.
CVE-2026-34241 Cross-Site Scripting (XSS) in CVE-2026-34241 (CVE-2026-34241)
cross-site scripting in CVE-2026-34241 (CVE-2026-34241). Confidential information can be exposed externally.
CVE-2026-39250 Vulnerability in CVE-2026-39250 (CVE-2026-39250)
vulnerability in CVE-2026-39250 (CVE-2026-39250). Risk of unauthorized operations or information disclosure.
CVE-2026-32741 Vulnerability in CVE-2026-32741 (CVE-2026-32741)
vulnerability in CVE-2026-32741 (CVE-2026-32741). Risk of unauthorized operations or information disclosure.
CVE-2026-32882 Out-of-Bounds Read in dos (CVE-2026-32882)
vulnerability in dos (CVE-2026-32882). Risk of unauthorized operations or information disclosure.
CVE-2026-32740 Out-of-Bounds Write in struktur (CVE-2026-32740)
out-of-bounds write in struktur (CVE-2026-32740). Successful exploitation can lead to full system takeover.
CVE-2026-27173 Vulnerability in apache-airflow-providers-cncf-kubernetes (CVE-2026-27173)
vulnerability in apache-airflow-providers-cncf-kubernetes (CVE-2026-27173). Confidential information can be exposed externally. Mitigation: upgrade to `10.17.0` or later.
CVE-2026-46374 Vulnerability in sqlfluff (CVE-2026-46374)
vulnerability in sqlfluff (CVE-2026-46374). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.2.0` or later.
CVE-2026-46373 Vulnerability in sqlfluff (CVE-2026-46373)
vulnerability in sqlfluff (CVE-2026-46373). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.0` or later.
CVE-2026-46372 SSRF (Server-Side Request Forgery) in sillytavern (CVE-2026-46372)
SSRF in sillytavern (CVE-2026-46372). Confidential information can be exposed externally. Exploitable via `POST /api/search/searxng`. Mitigation: upgrade to `1.18.0` or later.
CVE-2026-45783 Vulnerability in @libp2p/kad-dht (CVE-2026-45783)
vulnerability in @libp2p/kad-dht (CVE-2026-45783). Risk of unauthorized operations or information disclosure. Exploitable via ``PUT_VALUE``. Mitigation: upgrade to `16.2.6` or later.
CVE-2026-8073 Vulnerability in wordpress (CVE-2026-8073)
vulnerability in wordpress (CVE-2026-8073). Confidential information can be exposed externally.
CVE-2026-8604 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-8604)
vulnerability in csrf (CVE-2026-8604). Successful exploitation can lead to full system takeover.
CVE-2026-47107 Vulnerability in CVE-2026-47107 (CVE-2026-47107)
vulnerability in CVE-2026-47107 (CVE-2026-47107). Confidential information can be exposed externally.
CVE-2026-33633 Vulnerability in dos (CVE-2026-33633)
vulnerability in dos (CVE-2026-33633). Successful exploitation can lead to full system takeover.
CVE-2025-61081 Vulnerability in CVE-2025-61081 (CVE-2025-61081)
vulnerability in CVE-2025-61081 (CVE-2025-61081). Data can be tampered with by attackers.
CVE-2026-47358 Vulnerability in ssrf (CVE-2026-47358)
vulnerability in ssrf (CVE-2026-47358). Confidential information can be exposed externally.
CVE-2026-36828 OS Command Injection in CVE-2026-36828 (CVE-2026-36828)
OS command injection in CVE-2026-36828 (CVE-2026-36828). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →