Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-2993 |
|
SQL Injection in wordpress (CVE-2026-2993)
SQL injection in wordpress (CVE-2026-2993). Confidential information can be exposed externally.
|
| CVE-2026-7256 |
|
OS Command Injection in zyxel (CVE-2026-7256)
OS command injection in zyxel (CVE-2026-7256). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7287 |
|
Vulnerability in dos (CVE-2026-7287)
vulnerability in dos (CVE-2026-7287). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45430 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-45430)
vulnerability in csrf (CVE-2026-45430). Confidential information can be exposed externally.
|
| CVE-2026-34259 |
|
Command Injection in CVE-2026-34259 (CVE-2026-34259)
command injection in CVE-2026-34259 (CVE-2026-34259). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45391 |
|
Reserved. Details will be published at disclosure.
Reserved. Details will be published at disclosure.
|
| CVE-2026-45392 |
|
Reserved. Details will be published at disclosure.
Reserved. Details will be published at disclosure.
|
| CVE-2026-45393 |
|
Reserved. Details will be published at disclosure.
Reserved. Details will be published at disclosure.
|
| CVE-2026-34963 |
|
Vulnerability in c (CVE-2026-34963)
vulnerability in c (CVE-2026-34963). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43913 |
|
Authorization Flaw in dani-garcia (CVE-2026-43913)
vulnerability in dani-garcia (CVE-2026-43913). Data can be tampered with by attackers. Exploitable via `POST /api/ciphers/purge`. Mitigation: upgrade to `1.35.5` or later.
|
| CVE-2026-43914 |
|
Vulnerability in dani-garcia (CVE-2026-43914)
vulnerability in dani-garcia (CVE-2026-43914). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.4` or later.
|
| CVE-2026-43912 |
|
Vulnerability in dani-garcia (CVE-2026-43912)
vulnerability in dani-garcia (CVE-2026-43912). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.5` or later.
|
| CVE-2026-43893 |
|
Vulnerability in exiftool-vendored (CVE-2026-43893)
vulnerability in exiftool-vendored (CVE-2026-43893). Data can be tampered with by attackers. Exploitable via ``WriteTask``. Mitigation: upgrade to `35.19.0` or later.
|
| CVE-2026-43884 |
|
SSRF (Server-Side Request Forgery) in wwbn/avideo (CVE-2026-43884)
SSRF in wwbn/avideo (CVE-2026-43884). Confidential information can be exposed externally. Exploitable via `POST /plugin/AI/receiveAsync.json.php`.
|
| CVE-2026-43886 |
|
Privilege Escalation in CVE-2026-43886 (CVE-2026-43886)
vulnerability in CVE-2026-43886 (CVE-2026-43886). Data can be tampered with by attackers. Mitigation: upgrade to `1.7.0` or later.
|
| CVE-2026-43887 |
|
Cross-Site Scripting (XSS) in CVE-2026-43887 (CVE-2026-43887)
cross-site scripting in CVE-2026-43887 (CVE-2026-43887). Confidential information can be exposed externally. Mitigation: upgrade to `1.7.0` or later.
|
| CVE-2026-43888 |
|
Path Traversal in CVE-2026-43888 (CVE-2026-43888)
path traversal in CVE-2026-43888 (CVE-2026-43888). Data can be tampered with by attackers. Mitigation: upgrade to `1.7.0` or later.
|
| CVE-2026-43890 |
|
Vulnerability in CVE-2026-43890 (CVE-2026-43890)
vulnerability in CVE-2026-43890 (CVE-2026-43890). Confidential information can be exposed externally. Mitigation: upgrade to `1.7.1` or later.
|
| CVE-2026-42046 |
|
Vulnerability in CVE-2026-42046 (CVE-2026-42046)
vulnerability in CVE-2026-42046 (CVE-2026-42046). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42564 |
|
Path Traversal in path-traversal (CVE-2026-42564)
path traversal in path-traversal (CVE-2026-42564). Confidential information can be exposed externally. Mitigation: upgrade to `1.22.0` or later.
|
| CVE-2026-43873 |
|
Vulnerability in wwbn/avideo (CVE-2026-43873)
vulnerability in wwbn/avideo (CVE-2026-43873). Confidential information can be exposed externally. Exploitable via ``cloneSiteURL``.
|
| CVE-2026-39871 |
|
Vulnerability in apple (CVE-2026-39871)
vulnerability in apple (CVE-2026-39871). Confidential information can be exposed externally.
|
| CVE-2026-43661 |
|
Vulnerability in apple (CVE-2026-43661)
vulnerability in apple (CVE-2026-43661). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43654 |
|
Vulnerability in apple (CVE-2026-43654)
vulnerability in apple (CVE-2026-43654). Confidential information can be exposed externally.
|
| CVE-2026-43668 |
|
Use-After-Free in apple (CVE-2026-43668)
vulnerability in apple (CVE-2026-43668). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43660 |
|
Vulnerability in apple (CVE-2026-43660)
vulnerability in apple (CVE-2026-43660). Confidential information can be exposed externally.
|
| CVE-2026-43656 |
|
Out-of-Bounds Write in apple (CVE-2026-43656)
out-of-bounds write in apple (CVE-2026-43656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39870 |
|
Buffer Overflow in apple (CVE-2026-39870)
vulnerability in apple (CVE-2026-39870). Confidential information can be exposed externally.
|
| CVE-2026-43658 |
|
Buffer Overflow in apple (CVE-2026-43658)
vulnerability in apple (CVE-2026-43658). Confidential information can be exposed externally.
|
| CVE-2026-43652 |
|
Vulnerability in apple (CVE-2026-43652)
vulnerability in apple (CVE-2026-43652). Confidential information can be exposed externally.
|
| CVE-2026-43655 |
|
Out-of-Bounds Read in apple (CVE-2026-43655)
vulnerability in apple (CVE-2026-43655). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28954 |
|
Vulnerability in apple (CVE-2026-28954)
vulnerability in apple (CVE-2026-28954). Confidential information can be exposed externally.
|
| CVE-2026-28951 |
|
Authorization Flaw in apple (CVE-2026-28951)
vulnerability in apple (CVE-2026-28951). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28955 |
|
Buffer Overflow in apple (CVE-2026-28955)
vulnerability in apple (CVE-2026-28955). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28964 |
|
Vulnerability in apple (CVE-2026-28964)
vulnerability in apple (CVE-2026-28964). Confidential information can be exposed externally.
|
| CVE-2026-28965 |
|
Vulnerability in apple (CVE-2026-28965)
vulnerability in apple (CVE-2026-28965). Confidential information can be exposed externally.
|
| CVE-2026-28976 |
|
Information Disclosure in apple (CVE-2026-28976)
vulnerability in apple (CVE-2026-28976). Confidential information can be exposed externally.
|
| CVE-2026-28959 |
|
Vulnerability in apple (CVE-2026-28959)
vulnerability in apple (CVE-2026-28959). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28952 |
|
Vulnerability in apple (CVE-2026-28952)
vulnerability in apple (CVE-2026-28952). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28974 |
|
Vulnerability in apple (CVE-2026-28974)
vulnerability in apple (CVE-2026-28974). Confidential information can be exposed externally.
|
| CVE-2026-28987 |
|
Vulnerability in apple (CVE-2026-28987)
vulnerability in apple (CVE-2026-28987). Confidential information can be exposed externally.
|
| CVE-2026-28978 |
|
Vulnerability in apple (CVE-2026-28978)
vulnerability in apple (CVE-2026-28978). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28983 |
|
Vulnerability in dos (CVE-2026-28983)
vulnerability in dos (CVE-2026-28983). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28962 |
|
Information Disclosure in apple (CVE-2026-28962)
vulnerability in apple (CVE-2026-28962). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28969 |
|
Use-After-Free in apple (CVE-2026-28969)
vulnerability in apple (CVE-2026-28969). Confidential information can be exposed externally.
|
| CVE-2026-28990 |
|
Buffer Overflow in apple (CVE-2026-28990)
vulnerability in apple (CVE-2026-28990). Confidential information can be exposed externally.
|
| CVE-2026-28991 |
|
Out-of-Bounds Read in apple (CVE-2026-28991)
vulnerability in apple (CVE-2026-28991). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-37630 |
|
Code Injection in CVE-2026-37630 (CVE-2026-37630)
code injection in CVE-2026-37630 (CVE-2026-37630). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28986 |
|
Vulnerability in apple (CVE-2026-28986)
vulnerability in apple (CVE-2026-28986). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28995 |
|
Privilege Escalation in apple (CVE-2026-28995)
vulnerability in apple (CVE-2026-28995). Successful exploitation can lead to full system takeover.
|