Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41516 |
|
Vulnerability in trustedfirmware (CVE-2026-41516)
vulnerability in trustedfirmware (CVE-2026-41516). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41515 |
|
Vulnerability in trustedfirmware (CVE-2026-41515)
vulnerability in trustedfirmware (CVE-2026-41515). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41514 |
|
Vulnerability in trustedfirmware (CVE-2026-41514)
vulnerability in trustedfirmware (CVE-2026-41514). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14898 |
|
Information Disclosure in CVE-2026-14898 (CVE-2026-14898)
vulnerability in CVE-2026-14898 (CVE-2026-14898). Confidential information can be exposed externally.
|
| CVE-2026-14536 |
|
Authorization Flaw in devolutions (CVE-2026-14536)
vulnerability in devolutions (CVE-2026-14536). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11405 |
|
Vulnerability in CVE-2026-11405 (CVE-2026-11405)
vulnerability in CVE-2026-11405 (CVE-2026-11405). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35353 |
|
Vulnerability in uu_mkdir (CVE-2026-35353)
vulnerability in uu_mkdir (CVE-2026-35353). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-35349 |
|
Vulnerability in uu_rm (CVE-2026-35349)
vulnerability in uu_rm (CVE-2026-35349). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.7.0` or later.
|
| CVE-2026-35369 |
|
Vulnerability in uu_kill (CVE-2026-35369)
vulnerability in uu_kill (CVE-2026-35369). Risk of unauthorized operations or information disclosure. Exploitable via ``kill``. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-35356 |
|
Vulnerability in uu_install (CVE-2026-35356)
vulnerability in uu_install (CVE-2026-35356). Risk of unauthorized operations or information disclosure. Exploitable via ``openat``. Mitigation: upgrade to `0.7.0` or later.
|
| CVE-2026-35343 |
|
Vulnerability in uu_cut (CVE-2026-35343)
vulnerability in uu_cut (CVE-2026-35343). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.7.0` or later.
|
| CVE-2026-35355 |
|
Vulnerability in uu_install (CVE-2026-35355)
vulnerability in uu_install (CVE-2026-35355). Risk of unauthorized operations or information disclosure. Exploitable via ``copy_file``. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-35346 |
|
Vulnerability in uu_comm (CVE-2026-35346)
vulnerability in uu_comm (CVE-2026-35346). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-35342 |
|
Vulnerability in uu_mktemp (CVE-2026-35342)
vulnerability in uu_mktemp (CVE-2026-35342). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-35339 |
|
Vulnerability in uu_chmod (CVE-2026-35339)
vulnerability in uu_chmod (CVE-2026-35339). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-9182 |
|
Unrestricted File Upload in esri (CVE-2026-9182)
vulnerability in esri (CVE-2026-9182). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9181 |
|
Path Traversal in path-traversal (CVE-2026-9181)
path traversal in path-traversal (CVE-2026-9181). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55798 |
|
OS Command Injection in pillow (CVE-2026-55798)
OS command injection in pillow (CVE-2026-55798). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55380 |
|
Vulnerability in c (CVE-2026-55380)
vulnerability in c (CVE-2026-55380). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55379 |
|
Vulnerability in pillow (CVE-2026-55379)
vulnerability in pillow (CVE-2026-55379). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54291 |
|
Vulnerability in CVE-2026-54291 (CVE-2026-54291)
vulnerability in CVE-2026-54291 (CVE-2026-54291). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54060 |
|
Vulnerability in pillow (CVE-2026-54060)
vulnerability in pillow (CVE-2026-54060). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54059 |
|
Vulnerability in pillow (CVE-2026-54059)
vulnerability in pillow (CVE-2026-54059). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13753 |
|
Vulnerability in CVE-2026-13753 (CVE-2026-13753)
vulnerability in CVE-2026-13753 (CVE-2026-13753). Confidential information can be exposed externally.
|
| CVE-2026-48614 |
|
Code Injection in privilege-escalation (CVE-2026-48614)
code injection in privilege-escalation (CVE-2026-48614). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12154 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12154)
cross-site scripting in wordpress (CVE-2026-12154). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48316 |
|
Vulnerability in CVE-2026-48316 (CVE-2026-48316)
vulnerability in CVE-2026-48316 (CVE-2026-48316). Confidential information can be exposed externally.
|
| CVE-2026-43825 |
|
Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40141 |
|
Vulnerability in beyondtrust (CVE-2026-40141)
vulnerability in beyondtrust (CVE-2026-40141). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40140 |
|
Vulnerability in beyondtrust (CVE-2026-40140)
vulnerability in beyondtrust (CVE-2026-40140). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40138 |
|
Authentication Bypass in beyondtrust (CVE-2026-40138)
authentication bypass in beyondtrust (CVE-2026-40138). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40139 |
|
Authentication Bypass in beyondtrust (CVE-2026-40139)
authentication bypass in beyondtrust (CVE-2026-40139). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41434 |
|
Vulnerability in trustedfirmware (CVE-2026-41434)
vulnerability in trustedfirmware (CVE-2026-41434). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35338 |
|
Path Traversal in uu_chmod (CVE-2026-35338)
path traversal in uu_chmod (CVE-2026-35338). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-55786 |
|
OS Command Injection in flyto-core (CVE-2026-55786)
OS command injection in flyto-core (CVE-2026-55786). Risk of unauthorized operations or information disclosure. Exploitable via `POST /mcp`. Mitigation: upgrade to `2.26.4` or later.
|
| CVE-2026-55787 |
|
SSRF (Server-Side Request Forgery) in flyto-core (CVE-2026-55787)
SSRF in flyto-core (CVE-2026-55787). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v1/execute`. Mitigation: upgrade to `2.26.3` or later.
|
| GHSA-7jvp-hj45-2f2m |
|
Vulnerability in Scriban (GHSA-7jvp-hj45-2f2m)
vulnerability in Scriban (GHSA-7jvp-hj45-2f2m). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.2.2` or later.
|
| CVE-2026-49452 |
|
Vulnerability in weasyprint (CVE-2026-49452)
vulnerability in weasyprint (CVE-2026-49452). Risk of unauthorized operations or information disclosure. Exploitable via ``background``.
|
| CVE-2026-40257 |
|
Out-of-Bounds Write in trustedfirmware (CVE-2026-40257)
out-of-bounds write in trustedfirmware (CVE-2026-40257). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53831 |
|
Cross-Site Scripting (XSS) in CVE-2025-53831 (CVE-2025-53831)
cross-site scripting in CVE-2025-53831 (CVE-2025-53831). Confidential information can be exposed externally.
|
| CVE-2026-49445 |
|
Vulnerability in github.com/cilium/cilium (CVE-2026-49445)
vulnerability in github.com/cilium/cilium (CVE-2026-49445). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.17.14` or later.
|
| CVE-2026-49439 |
|
Vulnerability in io.openremote:openremote-manager (CVE-2026-49439)
vulnerability in io.openremote:openremote-manager (CVE-2026-49439). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/{realm}/asset/predicted/{assetId}/{attributeName}`. Mitigation: upgrade to `1.24.1` or later.
|
| CVE-2026-52889 |
|
Vulnerability in verbb/formie (CVE-2026-52889)
vulnerability in verbb/formie (CVE-2026-52889). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.1.27` or later.
|
| CVE-2022-46292 |
|
Buffer Overflow in openbabel (CVE-2022-46292)
vulnerability in openbabel (CVE-2022-46292). Risk of unauthorized operations or information disclosure. Exploitable via ``obabel``. Mitigation: upgrade to `3.2.0` or later.
|
| CVE-2026-5268 |
|
Vulnerability in CVE-2026-5268 (CVE-2026-5268)
vulnerability in CVE-2026-5268 (CVE-2026-5268). Confidential information can be exposed externally.
|
| CVE-2026-59196 |
|
Path Traversal in pnpm (CVE-2026-59196)
path traversal in pnpm (CVE-2026-59196). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
|
| CVE-2026-59195 |
|
Path Traversal in pnpm (CVE-2026-59195)
path traversal in pnpm (CVE-2026-59195). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
|
| CVE-2026-59194 |
|
Path Traversal in pnpm (CVE-2026-59194)
path traversal in pnpm (CVE-2026-59194). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
|
| CVE-2026-59152 |
|
Path Traversal in CVE-2026-59152 (CVE-2026-59152)
path traversal in CVE-2026-59152 (CVE-2026-59152). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.8.18` or later.
|
| CVE-2026-58203 |
|
Path Traversal in CVE-2026-58203 (CVE-2026-58203)
path traversal in CVE-2026-58203 (CVE-2026-58203). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.14.2` or later.
|