Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-50242 Vulnerability in jetbrains (CVE-2026-50242)
vulnerability in jetbrains (CVE-2026-50242). Successful exploitation can lead to full system takeover.
CVE-2026-44939 Vulnerability in github.com/rancher/rancher (CVE-2026-44939)
vulnerability in github.com/rancher/rancher (CVE-2026-44939). Risk of unauthorized operations or information disclosure. Exploitable via ``authImage``. Mitigation: upgrade to `0.0.0-20260617231817-2aa77eb283e7` or later.
CVE-2026-12706 Use-After-Free in dos (CVE-2026-12706)
vulnerability in dos (CVE-2026-12706). Risk of unauthorized operations or information disclosure.
CVE-2026-11941 Use-After-Free in quiche (CVE-2026-11941)
vulnerability in quiche (CVE-2026-11941). Risk of unauthorized operations or information disclosure. Exploitable via ``quiche_connection_id_iter_next``. Mitigation: upgrade to `0.29.2` or later.
CVE-2026-8296 Cross-Site Scripting (XSS) in CVE-2026-8296 (CVE-2026-8296)
cross-site scripting in CVE-2026-8296 (CVE-2026-8296). Risk of unauthorized operations or information disclosure.
CVE-2026-56138 Path Traversal in path-traversal (CVE-2026-56138)
path traversal in path-traversal (CVE-2026-56138). Risk of unauthorized operations or information disclosure.
CVE-2026-41156 Use-After-Free in CVE-2026-41156 (CVE-2026-41156)
vulnerability in CVE-2026-41156 (CVE-2026-41156). Data can be tampered with by attackers.
CVE-2026-34192 Use-After-Free in CVE-2026-34192 (CVE-2026-34192)
vulnerability in CVE-2026-34192 (CVE-2026-34192). Data can be tampered with by attackers.
CVE-2026-11576 Vulnerability in eclipse (CVE-2026-11576)
vulnerability in eclipse (CVE-2026-11576). Risk of unauthorized operations or information disclosure.
CVE-2026-6798 Vulnerability in wordpress (CVE-2026-6798)
vulnerability in wordpress (CVE-2026-6798). Risk of unauthorized operations or information disclosure.
CVE-2026-46461 Vulnerability in dell (CVE-2026-46461)
vulnerability in dell (CVE-2026-46461). Successful exploitation can lead to full system takeover.
CVE-2026-3640 Vulnerability in wordpress (CVE-2026-3640)
vulnerability in wordpress (CVE-2026-3640). Risk of unauthorized operations or information disclosure.
CVE-2026-9822 Vulnerability in wordpress (CVE-2026-9822)
vulnerability in wordpress (CVE-2026-9822). Confidential information can be exposed externally.
CVE-2026-9013 Vulnerability in wordpress (CVE-2026-9013)
vulnerability in wordpress (CVE-2026-9013). Risk of unauthorized operations or information disclosure.
CVE-2026-8713 Path Traversal in wordpress (CVE-2026-8713)
path traversal in wordpress (CVE-2026-8713). Data can be tampered with by attackers.
CVE-2026-7547 Path Traversal in wordpress (CVE-2026-7547)
path traversal in wordpress (CVE-2026-7547). Confidential information can be exposed externally.
CVE-2026-56131 Use-After-Free in libexpat-project (CVE-2026-56131)
vulnerability in libexpat-project (CVE-2026-56131). Risk of unauthorized operations or information disclosure.
CVE-2026-56132 Vulnerability in c (CVE-2026-56132)
vulnerability in c (CVE-2026-56132). Confidential information can be exposed externally.
CVE-2026-54414 Path Traversal in path-traversal (CVE-2026-54414)
path traversal in path-traversal (CVE-2026-54414). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.16.0` or later.
CVE-2026-4328 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-4328)
SSRF in wordpress (CVE-2026-4328). Risk of unauthorized operations or information disclosure.
CVE-2026-8118 Vulnerability in wordpress (CVE-2026-8118)
vulnerability in wordpress (CVE-2026-8118). Confidential information can be exposed externally.
CVE-2026-12430 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12430)
cross-site scripting in wordpress (CVE-2026-12430). Risk of unauthorized operations or information disclosure.
CVE-2026-7515 Vulnerability in wordpress (CVE-2026-7515)
vulnerability in wordpress (CVE-2026-7515). Successful exploitation can lead to full system takeover. Exploitable via ``doc_style``.
CVE-2026-12644 Vulnerability in ts-deepmerge (CVE-2026-12644)
vulnerability in ts-deepmerge (CVE-2026-12644). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.0` or later.
CVE-2026-1856 Cross-Site Scripting (XSS) in wordpress (CVE-2026-1856)
cross-site scripting in wordpress (CVE-2026-1856). Risk of unauthorized operations or information disclosure.
CVE-2026-12157 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12157)
cross-site scripting in wordpress (CVE-2026-12157). Risk of unauthorized operations or information disclosure.
CVE-2026-11989 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11989)
SSRF in wordpress (CVE-2026-11989). Risk of unauthorized operations or information disclosure.
CVE-2026-10034 Vulnerability in wordpress (CVE-2026-10034)
vulnerability in wordpress (CVE-2026-10034). Risk of unauthorized operations or information disclosure.
CVE-2026-10779 Vulnerability in wordpress (CVE-2026-10779)
vulnerability in wordpress (CVE-2026-10779). Risk of unauthorized operations or information disclosure.
CVE-2026-10720 Vulnerability in github.com/canonical/microceph/microceph (CVE-2026-10720)
vulnerability in github.com/canonical/microceph/microceph (CVE-2026-10720). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.0.0-20260609072127-5c2760d8fb76` or later.
CVE-2026-8805 Vulnerability in dos (CVE-2026-8805)
vulnerability in dos (CVE-2026-8805). Risk of unauthorized operations or information disclosure.
CVE-2026-11775 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11775)
vulnerability in wordpress (CVE-2026-11775). Risk of unauthorized operations or information disclosure.
CVE-2026-50195 Vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195)
vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195). Successful exploitation can lead to full system takeover. Exploitable via ``IfNotPresent``. Mitigation: upgrade to `2.3.2` or later.
CVE-2026-50034 Vulnerability in CVE-2026-50034 (CVE-2026-50034)
vulnerability in CVE-2026-50034 (CVE-2026-50034). Confidential information can be exposed externally.
CVE-2026-12048 Cross-Site Scripting (XSS) in react (CVE-2026-12048)
cross-site scripting in react (CVE-2026-12048). Confidential information can be exposed externally.
CVE-2026-52866 Vulnerability in CVE-2026-52866 (CVE-2026-52866)
vulnerability in CVE-2026-52866 (CVE-2026-52866). Risk of unauthorized operations or information disclosure.
CVE-2026-12047 Cross-Site Scripting (XSS) in react (CVE-2026-12047)
cross-site scripting in react (CVE-2026-12047). Risk of unauthorized operations or information disclosure.
CVE-2026-12049 Open Redirect in pgadmin (CVE-2026-12049)
vulnerability in pgadmin (CVE-2026-12049). Risk of unauthorized operations or information disclosure.
CVE-2026-12050 SQL Injection in sqli (CVE-2026-12050)
SQL injection in sqli (CVE-2026-12050). Risk of unauthorized operations or information disclosure. Exploitable via `POST /browser/server/restore_point/{gid}/{sid}`.
CVE-2026-12044 SQL Injection in sqli (CVE-2026-12044)
SQL injection in sqli (CVE-2026-12044). Successful exploitation can lead to full system takeover. Exploitable via ``qtLiteral``.
CVE-2026-12045 Command Injection in pgadmin (CVE-2026-12045)
command injection in pgadmin (CVE-2026-12045). Successful exploitation can lead to full system takeover.
CVE-2026-56077 Vulnerability in CVE-2026-56077 (CVE-2026-56077)
vulnerability in CVE-2026-56077 (CVE-2026-56077). Confidential information can be exposed externally.
CVE-2026-12046 Vulnerability in flask (CVE-2026-12046)
vulnerability in flask (CVE-2026-12046). Successful exploitation can lead to full system takeover. Exploitable via `DELETE /sqleditor/close/`.
CVE-2026-56076 Vulnerability in CVE-2026-56076 (CVE-2026-56076)
vulnerability in CVE-2026-56076 (CVE-2026-56076). Confidential information can be exposed externally. Exploitable via `POST /agui`.
CVE-2026-6716 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2026-10746 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2026-56075 Authorization Flaw in CVE-2026-56075 (CVE-2026-56075)
vulnerability in CVE-2026-56075 (CVE-2026-56075). Successful exploitation can lead to full system takeover.
CVE-2026-56074 Authorization Flaw in praisonai (CVE-2026-56074)
vulnerability in praisonai (CVE-2026-56074). Confidential information can be exposed externally. Exploitable via ``execute_command``. Mitigation: upgrade to `4.5.128` or later.
CVE-2026-56078 Path Traversal in praisonai (CVE-2026-56078)
path traversal in praisonai (CVE-2026-56078). Successful exploitation can lead to full system takeover. Exploitable via ``MultiAgentLedger``. Mitigation: upgrade to `1.5.115` or later.
CVE-2026-8668 Vulnerability in CVE-2026-8668 (CVE-2026-8668)
vulnerability in CVE-2026-8668 (CVE-2026-8668). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →