Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-41516 Vulnerability in trustedfirmware (CVE-2026-41516)
vulnerability in trustedfirmware (CVE-2026-41516). Risk of unauthorized operations or information disclosure.
CVE-2026-41515 Vulnerability in trustedfirmware (CVE-2026-41515)
vulnerability in trustedfirmware (CVE-2026-41515). Risk of unauthorized operations or information disclosure.
CVE-2026-41514 Vulnerability in trustedfirmware (CVE-2026-41514)
vulnerability in trustedfirmware (CVE-2026-41514). Risk of unauthorized operations or information disclosure.
CVE-2026-14898 Information Disclosure in CVE-2026-14898 (CVE-2026-14898)
vulnerability in CVE-2026-14898 (CVE-2026-14898). Confidential information can be exposed externally.
CVE-2026-14536 Authorization Flaw in devolutions (CVE-2026-14536)
vulnerability in devolutions (CVE-2026-14536). Successful exploitation can lead to full system takeover.
CVE-2026-11405 Vulnerability in CVE-2026-11405 (CVE-2026-11405)
vulnerability in CVE-2026-11405 (CVE-2026-11405). Successful exploitation can lead to full system takeover.
CVE-2026-35353 Vulnerability in uu_mkdir (CVE-2026-35353)
vulnerability in uu_mkdir (CVE-2026-35353). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-35349 Vulnerability in uu_rm (CVE-2026-35349)
vulnerability in uu_rm (CVE-2026-35349). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.7.0` or later.
CVE-2026-35369 Vulnerability in uu_kill (CVE-2026-35369)
vulnerability in uu_kill (CVE-2026-35369). Risk of unauthorized operations or information disclosure. Exploitable via ``kill``. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-35356 Vulnerability in uu_install (CVE-2026-35356)
vulnerability in uu_install (CVE-2026-35356). Risk of unauthorized operations or information disclosure. Exploitable via ``openat``. Mitigation: upgrade to `0.7.0` or later.
CVE-2026-35343 Vulnerability in uu_cut (CVE-2026-35343)
vulnerability in uu_cut (CVE-2026-35343). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.7.0` or later.
CVE-2026-35355 Vulnerability in uu_install (CVE-2026-35355)
vulnerability in uu_install (CVE-2026-35355). Risk of unauthorized operations or information disclosure. Exploitable via ``copy_file``. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-35346 Vulnerability in uu_comm (CVE-2026-35346)
vulnerability in uu_comm (CVE-2026-35346). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-35342 Vulnerability in uu_mktemp (CVE-2026-35342)
vulnerability in uu_mktemp (CVE-2026-35342). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-35339 Vulnerability in uu_chmod (CVE-2026-35339)
vulnerability in uu_chmod (CVE-2026-35339). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-9182 Unrestricted File Upload in esri (CVE-2026-9182)
vulnerability in esri (CVE-2026-9182). Successful exploitation can lead to full system takeover.
CVE-2026-9181 Path Traversal in path-traversal (CVE-2026-9181)
path traversal in path-traversal (CVE-2026-9181). Successful exploitation can lead to full system takeover.
CVE-2026-55798 OS Command Injection in pillow (CVE-2026-55798)
OS command injection in pillow (CVE-2026-55798). Risk of unauthorized operations or information disclosure.
CVE-2026-55380 Vulnerability in c (CVE-2026-55380)
vulnerability in c (CVE-2026-55380). Risk of unauthorized operations or information disclosure.
CVE-2026-55379 Vulnerability in pillow (CVE-2026-55379)
vulnerability in pillow (CVE-2026-55379). Risk of unauthorized operations or information disclosure.
CVE-2026-54291 Vulnerability in CVE-2026-54291 (CVE-2026-54291)
vulnerability in CVE-2026-54291 (CVE-2026-54291). Risk of unauthorized operations or information disclosure.
CVE-2026-54060 Vulnerability in pillow (CVE-2026-54060)
vulnerability in pillow (CVE-2026-54060). Risk of unauthorized operations or information disclosure.
CVE-2026-54059 Vulnerability in pillow (CVE-2026-54059)
vulnerability in pillow (CVE-2026-54059). Risk of unauthorized operations or information disclosure.
CVE-2026-13753 Vulnerability in CVE-2026-13753 (CVE-2026-13753)
vulnerability in CVE-2026-13753 (CVE-2026-13753). Confidential information can be exposed externally.
CVE-2026-48614 Code Injection in privilege-escalation (CVE-2026-48614)
code injection in privilege-escalation (CVE-2026-48614). Successful exploitation can lead to full system takeover.
CVE-2026-12154 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12154)
cross-site scripting in wordpress (CVE-2026-12154). Risk of unauthorized operations or information disclosure.
CVE-2026-48316 Vulnerability in CVE-2026-48316 (CVE-2026-48316)
vulnerability in CVE-2026-48316 (CVE-2026-48316). Confidential information can be exposed externally.
CVE-2026-43825 Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
CVE-2026-40141 Vulnerability in beyondtrust (CVE-2026-40141)
vulnerability in beyondtrust (CVE-2026-40141). Successful exploitation can lead to full system takeover.
CVE-2026-40140 Vulnerability in beyondtrust (CVE-2026-40140)
vulnerability in beyondtrust (CVE-2026-40140). Risk of unauthorized operations or information disclosure.
CVE-2026-40138 Authentication Bypass in beyondtrust (CVE-2026-40138)
authentication bypass in beyondtrust (CVE-2026-40138). Successful exploitation can lead to full system takeover.
CVE-2026-40139 Authentication Bypass in beyondtrust (CVE-2026-40139)
authentication bypass in beyondtrust (CVE-2026-40139). Successful exploitation can lead to full system takeover.
CVE-2026-41434 Vulnerability in trustedfirmware (CVE-2026-41434)
vulnerability in trustedfirmware (CVE-2026-41434). Risk of unauthorized operations or information disclosure.
CVE-2026-35338 Path Traversal in uu_chmod (CVE-2026-35338)
path traversal in uu_chmod (CVE-2026-35338). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
CVE-2026-55786 OS Command Injection in flyto-core (CVE-2026-55786)
OS command injection in flyto-core (CVE-2026-55786). Risk of unauthorized operations or information disclosure. Exploitable via `POST /mcp`. Mitigation: upgrade to `2.26.4` or later.
CVE-2026-55787 SSRF (Server-Side Request Forgery) in flyto-core (CVE-2026-55787)
SSRF in flyto-core (CVE-2026-55787). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v1/execute`. Mitigation: upgrade to `2.26.3` or later.
GHSA-7jvp-hj45-2f2m Vulnerability in Scriban (GHSA-7jvp-hj45-2f2m)
vulnerability in Scriban (GHSA-7jvp-hj45-2f2m). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.2.2` or later.
CVE-2026-49452 Vulnerability in weasyprint (CVE-2026-49452)
vulnerability in weasyprint (CVE-2026-49452). Risk of unauthorized operations or information disclosure. Exploitable via ``background``.
CVE-2026-40257 Out-of-Bounds Write in trustedfirmware (CVE-2026-40257)
out-of-bounds write in trustedfirmware (CVE-2026-40257). Risk of unauthorized operations or information disclosure.
CVE-2025-53831 Cross-Site Scripting (XSS) in CVE-2025-53831 (CVE-2025-53831)
cross-site scripting in CVE-2025-53831 (CVE-2025-53831). Confidential information can be exposed externally.
CVE-2026-49445 Vulnerability in github.com/cilium/cilium (CVE-2026-49445)
vulnerability in github.com/cilium/cilium (CVE-2026-49445). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.17.14` or later.
CVE-2026-49439 Vulnerability in io.openremote:openremote-manager (CVE-2026-49439)
vulnerability in io.openremote:openremote-manager (CVE-2026-49439). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/{realm}/asset/predicted/{assetId}/{attributeName}`. Mitigation: upgrade to `1.24.1` or later.
CVE-2026-52889 Vulnerability in verbb/formie (CVE-2026-52889)
vulnerability in verbb/formie (CVE-2026-52889). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.1.27` or later.
CVE-2022-46292 Buffer Overflow in openbabel (CVE-2022-46292)
vulnerability in openbabel (CVE-2022-46292). Risk of unauthorized operations or information disclosure. Exploitable via ``obabel``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-5268 Vulnerability in CVE-2026-5268 (CVE-2026-5268)
vulnerability in CVE-2026-5268 (CVE-2026-5268). Confidential information can be exposed externally.
CVE-2026-59196 Path Traversal in pnpm (CVE-2026-59196)
path traversal in pnpm (CVE-2026-59196). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
CVE-2026-59195 Path Traversal in pnpm (CVE-2026-59195)
path traversal in pnpm (CVE-2026-59195). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
CVE-2026-59194 Path Traversal in pnpm (CVE-2026-59194)
path traversal in pnpm (CVE-2026-59194). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
CVE-2026-59152 Path Traversal in CVE-2026-59152 (CVE-2026-59152)
path traversal in CVE-2026-59152 (CVE-2026-59152). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.8.18` or later.
CVE-2026-58203 Path Traversal in CVE-2026-58203 (CVE-2026-58203)
path traversal in CVE-2026-58203 (CVE-2026-58203). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.14.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →