Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-11954 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11954)
vulnerability in csrf (CVE-2025-11954). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22315 |
|
Vulnerability in CVE-2026-22315 (CVE-2026-22315)
vulnerability in CVE-2026-22315 (CVE-2026-22315). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0856 |
|
Vulnerability in CVE-2026-0856 (CVE-2026-0856)
vulnerability in CVE-2026-0856 (CVE-2026-0856). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4224 |
|
Vulnerability in libpython (CVE-2026-4224)
vulnerability in libpython (CVE-2026-4224). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.13, 3.14.4` or later.
|
| CVE-2026-44933 |
|
Vulnerability in CVE-2026-44933 (CVE-2026-44933)
vulnerability in CVE-2026-44933 (CVE-2026-44933). Successful exploitation can lead to full system takeover. Exploitable via ``PluginScript``.
|
| CVE-2026-9064 |
|
Vulnerability in dos (CVE-2026-9064)
vulnerability in dos (CVE-2026-9064). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42959 |
|
Vulnerability in c (CVE-2026-42959)
vulnerability in c (CVE-2026-42959). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41292 |
|
Vulnerability in dos (CVE-2026-41292)
vulnerability in dos (CVE-2026-41292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42944 |
|
Vulnerability in nlnetlabs (CVE-2026-42944)
vulnerability in nlnetlabs (CVE-2026-42944). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41054 |
|
Vulnerability in c (CVE-2026-41054)
vulnerability in c (CVE-2026-41054). Successful exploitation can lead to full system takeover. Exploitable via ``socket_handler``.
|
| CVE-2026-40622 |
|
Vulnerability in nlnetlabs (CVE-2026-40622)
vulnerability in nlnetlabs (CVE-2026-40622). Data can be tampered with by attackers.
|
| CVE-2026-5200 |
|
Vulnerability in wordpress (CVE-2026-5200)
vulnerability in wordpress (CVE-2026-5200). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47784 |
|
Vulnerability in memcached (CVE-2026-47784)
vulnerability in memcached (CVE-2026-47784). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.42` or later.
|
| CVE-2026-47783 |
|
Vulnerability in memcached (CVE-2026-47783)
vulnerability in memcached (CVE-2026-47783). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.42` or later.
|
| CVE-2026-9057 |
|
Vulnerability in CVE-2026-9057 (CVE-2026-9057)
vulnerability in CVE-2026-9057 (CVE-2026-9057). Confidential information can be exposed externally.
|
| CVE-2026-7522 |
|
Vulnerability in wordpress (CVE-2026-7522)
vulnerability in wordpress (CVE-2026-7522). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9010 |
|
SQL Injection in wordpress (CVE-2026-9010)
SQL injection in wordpress (CVE-2026-9010). Confidential information can be exposed externally.
|
| CVE-2026-9003 |
|
SQL Injection in sqli (CVE-2026-9003)
SQL injection in sqli (CVE-2026-9003). Confidential information can be exposed externally.
|
| CVE-2026-24214 |
|
Vulnerability in dos (CVE-2026-24214)
vulnerability in dos (CVE-2026-24214). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24213 |
|
Out-of-Bounds Read in dos (CVE-2026-24213)
vulnerability in dos (CVE-2026-24213). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24210 |
|
Vulnerability in dos (CVE-2026-24210)
vulnerability in dos (CVE-2026-24210). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24209 |
|
Path Traversal in path-traversal (CVE-2026-24209)
path traversal in path-traversal (CVE-2026-24209). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24206 |
|
Vulnerability in dos (CVE-2026-24206)
vulnerability in dos (CVE-2026-24206). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24163 |
|
Unsafe Deserialization in dos (CVE-2026-24163)
vulnerability in dos (CVE-2026-24163). Successful exploitation can lead to full system takeover.
|
| CVE-2025-33255 |
|
Unsafe Deserialization in dos (CVE-2025-33255)
vulnerability in dos (CVE-2025-33255). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7467 |
|
Privilege Escalation in wordpress (CVE-2026-7467)
vulnerability in wordpress (CVE-2026-7467). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6456 |
|
Authentication Bypass in wordpress (CVE-2026-6456)
authentication bypass in wordpress (CVE-2026-6456). Successful exploitation can lead to full system takeover. Exploitable via ``rememberLogin``.
|
| CVE-2026-43618 |
|
Out-of-Bounds Read in samba (CVE-2026-43618)
vulnerability in samba (CVE-2026-43618). Confidential information can be exposed externally.
|
| CVE-2026-3985 |
|
SQL Injection in wordpress (CVE-2026-3985)
SQL injection in wordpress (CVE-2026-3985). Confidential information can be exposed externally.
|
| CVE-2009-1537 KEV |
|
[KEV] Vulnerability in Microsoft directx (CVE-2009-1537)
vulnerability in Microsoft directx (CVE-2009-1537). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2010-0806 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2010-0806)
vulnerability in Microsoft internet-explorer (CVE-2010-0806). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2009-3459 KEV |
|
[KEV] Buffer Overflow in Adobe acrobat (CVE-2009-3459)
vulnerability in Adobe acrobat (CVE-2009-3459). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34358 |
|
Vulnerability in privilege-escalation (CVE-2026-34358)
vulnerability in privilege-escalation (CVE-2026-34358). Confidential information can be exposed externally.
|
| CVE-2026-34241 |
|
Cross-Site Scripting (XSS) in CVE-2026-34241 (CVE-2026-34241)
cross-site scripting in CVE-2026-34241 (CVE-2026-34241). Confidential information can be exposed externally.
|
| CVE-2026-39250 |
|
Vulnerability in CVE-2026-39250 (CVE-2026-39250)
vulnerability in CVE-2026-39250 (CVE-2026-39250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32741 |
|
Vulnerability in CVE-2026-32741 (CVE-2026-32741)
vulnerability in CVE-2026-32741 (CVE-2026-32741). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32882 |
|
Out-of-Bounds Read in dos (CVE-2026-32882)
vulnerability in dos (CVE-2026-32882). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32740 |
|
Out-of-Bounds Write in struktur (CVE-2026-32740)
out-of-bounds write in struktur (CVE-2026-32740). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27173 |
|
Vulnerability in apache-airflow-providers-cncf-kubernetes (CVE-2026-27173)
vulnerability in apache-airflow-providers-cncf-kubernetes (CVE-2026-27173). Confidential information can be exposed externally. Mitigation: upgrade to `10.17.0` or later.
|
| CVE-2026-46374 |
|
Vulnerability in sqlfluff (CVE-2026-46374)
vulnerability in sqlfluff (CVE-2026-46374). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.2.0` or later.
|
| CVE-2026-46373 |
|
Vulnerability in sqlfluff (CVE-2026-46373)
vulnerability in sqlfluff (CVE-2026-46373). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.0` or later.
|
| CVE-2026-46372 |
|
SSRF (Server-Side Request Forgery) in sillytavern (CVE-2026-46372)
SSRF in sillytavern (CVE-2026-46372). Confidential information can be exposed externally. Exploitable via `POST /api/search/searxng`. Mitigation: upgrade to `1.18.0` or later.
|
| CVE-2026-45783 |
|
Vulnerability in @libp2p/kad-dht (CVE-2026-45783)
vulnerability in @libp2p/kad-dht (CVE-2026-45783). Risk of unauthorized operations or information disclosure. Exploitable via ``PUT_VALUE``. Mitigation: upgrade to `16.2.6` or later.
|
| CVE-2026-8073 |
|
Vulnerability in wordpress (CVE-2026-8073)
vulnerability in wordpress (CVE-2026-8073). Confidential information can be exposed externally.
|
| CVE-2026-8604 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-8604)
vulnerability in csrf (CVE-2026-8604). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47107 |
|
Vulnerability in CVE-2026-47107 (CVE-2026-47107)
vulnerability in CVE-2026-47107 (CVE-2026-47107). Confidential information can be exposed externally.
|
| CVE-2026-33633 |
|
Vulnerability in dos (CVE-2026-33633)
vulnerability in dos (CVE-2026-33633). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61081 |
|
Vulnerability in CVE-2025-61081 (CVE-2025-61081)
vulnerability in CVE-2025-61081 (CVE-2025-61081). Data can be tampered with by attackers.
|
| CVE-2026-47358 |
|
Vulnerability in ssrf (CVE-2026-47358)
vulnerability in ssrf (CVE-2026-47358). Confidential information can be exposed externally.
|
| CVE-2026-36828 |
|
OS Command Injection in CVE-2026-36828 (CVE-2026-36828)
OS command injection in CVE-2026-36828 (CVE-2026-36828). Successful exploitation can lead to full system takeover.
|