Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-33112 |
|
Unsafe Deserialization in deserialization (CVE-2026-33112)
vulnerability in deserialization (CVE-2026-33112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34333 |
|
Vulnerability in microsoft (CVE-2026-34333)
vulnerability in microsoft (CVE-2026-34333). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33841 |
|
Vulnerability in microsoft (CVE-2026-33841)
vulnerability in microsoft (CVE-2026-33841). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34330 |
|
Vulnerability in microsoft (CVE-2026-34330)
vulnerability in microsoft (CVE-2026-34330). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34337 |
|
Vulnerability in microsoft (CVE-2026-34337)
vulnerability in microsoft (CVE-2026-34337). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34341 |
|
Vulnerability in microsoft (CVE-2026-34341)
vulnerability in microsoft (CVE-2026-34341). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34344 |
|
Vulnerability in microsoft (CVE-2026-34344)
vulnerability in microsoft (CVE-2026-34344). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34334 |
|
Vulnerability in microsoft (CVE-2026-34334)
vulnerability in microsoft (CVE-2026-34334). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34338 |
|
Use-After-Free in microsoft (CVE-2026-34338)
vulnerability in microsoft (CVE-2026-34338). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31240 |
|
Vulnerability in mem0ai (CVE-2026-31240)
vulnerability in mem0ai (CVE-2026-31240). Data can be tampered with by attackers. Exploitable via `PUT /memories/{memory_id}`.
|
| CVE-2026-32161 |
|
Vulnerability in microsoft (CVE-2026-32161)
vulnerability in microsoft (CVE-2026-32161). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31232 |
|
Unsafe Deserialization in deserialization (CVE-2026-31232)
vulnerability in deserialization (CVE-2026-31232). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53681 |
|
SQL Injection in sqli (CVE-2025-53681)
SQL injection in sqli (CVE-2025-53681). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43524 |
|
Vulnerability in apple (CVE-2025-43524)
vulnerability in apple (CVE-2025-43524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20714 |
|
Out-of-Bounds Write in intel (CVE-2026-20714)
out-of-bounds write in intel (CVE-2026-20714). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53844 |
|
Out-of-Bounds Write in fortinet (CVE-2025-53844)
out-of-bounds write in fortinet (CVE-2025-53844). Successful exploitation can lead to full system takeover.
|
| CVE-2025-46311 |
|
Vulnerability in apple (CVE-2025-46311)
vulnerability in apple (CVE-2025-46311). Confidential information can be exposed externally.
|
| CVE-2026-20767 |
|
Vulnerability in intel (CVE-2026-20767)
vulnerability in intel (CVE-2026-20767). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44166 |
|
Authentication Bypass in github.com/pocketbase/pocketbase (CVE-2026-44166)
authentication bypass in github.com/pocketbase/pocketbase (CVE-2026-44166). Data can be tampered with by attackers. Mitigation: upgrade to `0.37.4` or later.
|
| CVE-2026-44184 |
|
Vulnerability in CVE-2026-44184 (CVE-2026-44184)
vulnerability in CVE-2026-44184 (CVE-2026-44184). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.9.10` or later.
|
| CVE-2026-43891 |
|
Vulnerability in changedetection.io (CVE-2026-43891)
vulnerability in changedetection.io (CVE-2026-43891). Confidential information can be exposed externally. Exploitable via ``history.txt``. Mitigation: upgrade to `0.55.1` or later.
|
| CVE-2026-43892 |
|
Cross-Site Scripting (XSS) in CVE-2026-43892 (CVE-2026-43892)
cross-site scripting in CVE-2026-43892 (CVE-2026-43892). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.1.16` or later.
|
| CVE-2026-43929 |
|
Vulnerability in ssrfcheck (CVE-2026-43929)
vulnerability in ssrfcheck (CVE-2026-43929). Confidential information can be exposed externally. Exploitable via ``ssrfcheck``.
|
| CVE-2026-42899 |
|
Vulnerability in dotnet (CVE-2026-42899)
vulnerability in dotnet (CVE-2026-42899). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.27, 9.0.16, 10.0.8` or later.
|
| CVE-2026-41613 |
|
OS Command Injection in microsoft (CVE-2026-41613)
OS command injection in microsoft (CVE-2026-41613). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42141 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42141)
SSRF in ssrf (CVE-2026-42141). Confidential information can be exposed externally. Mitigation: upgrade to `4.4.1` or later.
|
| CVE-2026-41109 |
|
Vulnerability in microsoft (CVE-2026-41109)
vulnerability in microsoft (CVE-2026-41109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41611 |
|
Command Injection in microsoft (CVE-2026-41611)
command injection in microsoft (CVE-2026-41611). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35433 |
|
Vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433)
vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433). Confidential information can be exposed externally. Mitigation: upgrade to `10.0.8` or later.
|
| CVE-2026-32177 |
|
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
|
| CVE-2026-43991 |
|
OS Command Injection in CVE-2026-43991 (CVE-2026-43991)
OS command injection in CVE-2026-43991 (CVE-2026-43991). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
|
| CVE-2026-43993 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-43993)
SSRF in ssrf (CVE-2026-43993). Confidential information can be exposed externally. Mitigation: upgrade to `0.x.y-security-1` or later.
|
| CVE-2026-5089 |
|
Vulnerability in CVE-2026-5089 (CVE-2026-5089)
vulnerability in CVE-2026-5089 (CVE-2026-5089). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43989 |
|
Vulnerability in CVE-2026-43989 (CVE-2026-43989)
vulnerability in CVE-2026-43989 (CVE-2026-43989). Confidential information can be exposed externally. Mitigation: upgrade to `0.x.y-security-1` or later.
|
| CVE-2026-43990 |
|
Command Injection in c (CVE-2026-43990)
command injection in c (CVE-2026-43990). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
|
| CVE-2026-43513 |
|
Vulnerability in tomcat (CVE-2026-43513)
vulnerability in tomcat (CVE-2026-43513). Confidential information can be exposed externally. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-42498 |
|
Information Disclosure in tomcat (CVE-2026-42498)
vulnerability in tomcat (CVE-2026-42498). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-41284 |
|
Vulnerability in tomcat (CVE-2026-41284)
vulnerability in tomcat (CVE-2026-41284). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.1.55, 11.0.22, 9.0.118` or later.
|
| CVE-2026-31221 |
|
Unsafe Deserialization in pytorch-lightning (CVE-2026-31221)
vulnerability in pytorch-lightning (CVE-2026-31221). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31222 |
|
Unsafe Deserialization in snorkel (CVE-2026-31222)
vulnerability in snorkel (CVE-2026-31222). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31223 |
|
Unsafe Deserialization in snorkel (CVE-2026-31223)
vulnerability in snorkel (CVE-2026-31223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31224 |
|
Unsafe Deserialization in snorkel (CVE-2026-31224)
vulnerability in snorkel (CVE-2026-31224). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31225 |
|
Code Injection in superduper-framework (CVE-2026-31225)
code injection in superduper-framework (CVE-2026-31225). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30810 |
|
SSRF (Server-Side Request Forgery) in privilege-escalation (CVE-2026-30810)
SSRF in privilege-escalation (CVE-2026-30810). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31218 |
|
Unsafe Deserialization in deserialization (CVE-2026-31218)
vulnerability in deserialization (CVE-2026-31218). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31219 |
|
Unsafe Deserialization in deserialization (CVE-2026-31219)
vulnerability in deserialization (CVE-2026-31219). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30807 |
|
Cross-Site Request Forgery (CSRF) in artica (CVE-2026-30807)
vulnerability in artica (CVE-2026-30807). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30808 |
|
Vulnerability in artica (CVE-2026-30808)
vulnerability in artica (CVE-2026-30808). Confidential information can be exposed externally.
|
| CVE-2023-27753 |
|
Unrestricted File Upload in CVE-2023-27753 (CVE-2023-27753)
vulnerability in CVE-2023-27753 (CVE-2023-27753). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8108 |
|
Vulnerability in cisa (CVE-2026-8108)
vulnerability in cisa (CVE-2026-8108). Successful exploitation can lead to full system takeover.
|