Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-47357 Vulnerability in ssrf (CVE-2026-47357)
vulnerability in ssrf (CVE-2026-47357). Confidential information can be exposed externally. Exploitable via `POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/scan`.
CVE-2026-47356 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-47356)
SSRF in ssrf (CVE-2026-47356). Confidential information can be exposed externally. Exploitable via `POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan`.
CVE-2026-46426 Unrestricted File Upload in budibase (CVE-2026-46426)
vulnerability in budibase (CVE-2026-46426). Confidential information can be exposed externally. Exploitable via `POST /api/attachments/process`. Mitigation: upgrade to `3.38.2` or later.
CVE-2026-5804 Vulnerability in CVE-2026-5804 (CVE-2026-5804)
vulnerability in CVE-2026-5804 (CVE-2026-5804). Confidential information can be exposed externally.
CVE-2026-31069 SQL Injection in billabear/billabear (CVE-2026-31069)
SQL injection in billabear/billabear (CVE-2026-31069). Successful exploitation can lead to full system takeover.
CVE-2026-8711 Vulnerability in nginx (CVE-2026-8711)
vulnerability in nginx (CVE-2026-8711). Successful exploitation can lead to full system takeover.
CVE-2026-47100 Vulnerability in CVE-2026-47100 (CVE-2026-47100)
vulnerability in CVE-2026-47100 (CVE-2026-47100). Data can be tampered with by attackers.
CVE-2025-51427 Code Injection in modelscope (CVE-2025-51427)
code injection in modelscope (CVE-2025-51427). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.27.0` or later.
CVE-2025-70950 Path Traversal in github.com/itang/gohttp (CVE-2025-70950)
path traversal in github.com/itang/gohttp (CVE-2025-70950). Risk of unauthorized operations or information disclosure.
CVE-2026-43634 Vulnerability in CVE-2026-43634 (CVE-2026-43634)
vulnerability in CVE-2026-43634 (CVE-2026-43634). Data can be tampered with by attackers.
CVE-2026-45728 Vulnerability in github.com/xyproto/algernon (CVE-2026-45728)
vulnerability in github.com/xyproto/algernon (CVE-2026-45728). Confidential information can be exposed externally. Exploitable via ``singleFileMode``. Mitigation: upgrade to `1.17.7` or later.
CVE-2026-8975 Buffer Overflow in mozilla (CVE-2026-8975)
vulnerability in mozilla (CVE-2026-8975). Successful exploitation can lead to full system takeover.
CVE-2026-8969 Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
CVE-2026-8967 Information Disclosure in mozilla (CVE-2026-8967)
vulnerability in mozilla (CVE-2026-8967). Confidential information can be exposed externally.
CVE-2026-8968 Vulnerability in mozilla (CVE-2026-8968)
vulnerability in mozilla (CVE-2026-8968). Risk of unauthorized operations or information disclosure.
CVE-2026-8966 Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
CVE-2026-8972 Privilege Escalation in privilege-escalation (CVE-2026-8972)
vulnerability in privilege-escalation (CVE-2026-8972). Successful exploitation can lead to full system takeover.
CVE-2026-8970 Privilege Escalation in privilege-escalation (CVE-2026-8970)
vulnerability in privilege-escalation (CVE-2026-8970). Successful exploitation can lead to full system takeover.
CVE-2026-8973 Buffer Overflow in c (CVE-2026-8973)
vulnerability in c (CVE-2026-8973). Successful exploitation can lead to full system takeover.
CVE-2026-8974 Buffer Overflow in mozilla (CVE-2026-8974)
vulnerability in mozilla (CVE-2026-8974). Successful exploitation can lead to full system takeover.
CVE-2026-8957 Privilege Escalation in privilege-escalation (CVE-2026-8957)
vulnerability in privilege-escalation (CVE-2026-8957). Successful exploitation can lead to full system takeover.
CVE-2026-8958 Vulnerability in mozilla (CVE-2026-8958)
vulnerability in mozilla (CVE-2026-8958). Confidential information can be exposed externally.
CVE-2026-8960 Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
CVE-2026-8962 Vulnerability in mozilla (CVE-2026-8962)
vulnerability in mozilla (CVE-2026-8962). Confidential information can be exposed externally.
CVE-2026-8963 Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
CVE-2026-8964 Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
CVE-2026-8965 Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
CVE-2026-8949 Vulnerability in mozilla (CVE-2026-8949)
vulnerability in mozilla (CVE-2026-8949). Risk of unauthorized operations or information disclosure.
CVE-2026-8952 Privilege Escalation in privilege-escalation (CVE-2026-8952)
vulnerability in privilege-escalation (CVE-2026-8952). Successful exploitation can lead to full system takeover.
CVE-2026-8955 Privilege Escalation in privilege-escalation (CVE-2026-8955)
vulnerability in privilege-escalation (CVE-2026-8955). Successful exploitation can lead to full system takeover.
CVE-2026-8954 Buffer Overflow in mozilla (CVE-2026-8954)
vulnerability in mozilla (CVE-2026-8954). Confidential information can be exposed externally.
CVE-2026-8947 Use-After-Free in mozilla (CVE-2026-8947)
vulnerability in mozilla (CVE-2026-8947). Risk of unauthorized operations or information disclosure.
CVE-2026-8946 Buffer Overflow in mozilla (CVE-2026-8946)
vulnerability in mozilla (CVE-2026-8946). Confidential information can be exposed externally.
CVE-2026-8945 Vulnerability in mozilla (CVE-2026-8945)
vulnerability in mozilla (CVE-2026-8945). Successful exploitation can lead to full system takeover.
CVE-2026-42100 Vulnerability in dos (CVE-2026-42100)
vulnerability in dos (CVE-2026-42100). Risk of unauthorized operations or information disclosure.
CVE-2026-42096 Authorization Flaw in sparxsystems (CVE-2026-42096)
vulnerability in sparxsystems (CVE-2026-42096). Successful exploitation can lead to full system takeover.
CVE-2026-42097 Vulnerability in sparxsystems (CVE-2026-42097)
vulnerability in sparxsystems (CVE-2026-42097). Successful exploitation can lead to full system takeover.
CVE-2026-42099 Vulnerability in sparxsystems (CVE-2026-42099)
vulnerability in sparxsystems (CVE-2026-42099). Successful exploitation can lead to full system takeover.
CVE-2026-23558 Vulnerability in xen (CVE-2026-23558)
vulnerability in xen (CVE-2026-23558). Successful exploitation can lead to full system takeover.
CVE-2026-8912 SQL Injection in wordpress (CVE-2026-8912)
SQL injection in wordpress (CVE-2026-8912). Confidential information can be exposed externally.
CVE-2026-7307 Vulnerability in org.keycloak:keycloak-saml-core (CVE-2026-7307)
vulnerability in org.keycloak:keycloak-saml-core (CVE-2026-7307). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.6.2` or later.
CVE-2026-7504 Open Redirect in org.keycloak:keycloak-services (CVE-2026-7504)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7504). Confidential information can be exposed externally. Mitigation: upgrade to `26.6.2` or later.
CVE-2026-7507 Vulnerability in org.keycloak:keycloak-services (CVE-2026-7507)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7507). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `26.6.2` or later.
CVE-2026-7571 Vulnerability in org.keycloak:keycloak-services (CVE-2026-7571)
vulnerability in org.keycloak:keycloak-services (CVE-2026-7571). Confidential information can be exposed externally. Mitigation: upgrade to `26.6.2` or later.
CVE-2026-46586 Code Injection in apache (CVE-2026-46586)
code injection in apache (CVE-2026-46586). Successful exploitation can lead to full system takeover.
CVE-2026-31910 SSRF (Server-Side Request Forgery) in apache (CVE-2026-31910)
SSRF in apache (CVE-2026-31910). Confidential information can be exposed externally.
CVE-2026-31909 Information Disclosure in apache (CVE-2026-31909)
vulnerability in apache (CVE-2026-31909). Confidential information can be exposed externally.
CVE-2026-29226 SSRF (Server-Side Request Forgery) in apache (CVE-2026-29226)
SSRF in apache (CVE-2026-29226). Risk of unauthorized operations or information disclosure.
CVE-2026-47314 Out-of-Bounds Write in samsung (CVE-2026-47314)
out-of-bounds write in samsung (CVE-2026-47314). Successful exploitation can lead to full system takeover.
CVE-2026-47311 Vulnerability in samsung (CVE-2026-47311)
vulnerability in samsung (CVE-2026-47311). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →