Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-40858 |
|
Unsafe Deserialization in apache (CVE-2026-40858)
vulnerability in apache (CVE-2026-40858). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7101 |
|
Buffer Overflow in tenda (CVE-2026-7101)
vulnerability in tenda (CVE-2026-7101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40048 |
|
Unsafe Deserialization in apache (CVE-2026-40048)
vulnerability in apache (CVE-2026-40048). Successful exploitation can lead to full system takeover. Exploitable via ``java.security.KeyPair``.
|
| CVE-2026-40473 |
|
Unsafe Deserialization in apache (CVE-2026-40473)
vulnerability in apache (CVE-2026-40473). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3006 |
|
Vulnerability in privilege-escalation (CVE-2026-3006)
vulnerability in privilege-escalation (CVE-2026-3006). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6785 |
|
Out-of-Bounds Read in mozilla (CVE-2026-6785)
vulnerability in mozilla (CVE-2026-6785). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6786 |
|
Out-of-Bounds Read in mozilla (CVE-2026-6786)
vulnerability in mozilla (CVE-2026-6786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31676 |
|
Vulnerability in linux (CVE-2026-31676)
vulnerability in linux (CVE-2026-31676). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31673 |
|
Vulnerability in linux (CVE-2026-31673)
vulnerability in linux (CVE-2026-31673). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42171 |
|
Vulnerability in nullsoft (CVE-2026-42171)
vulnerability in nullsoft (CVE-2026-42171). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41433 |
|
Path Traversal in opentelemetry (CVE-2026-41433)
path traversal in opentelemetry (CVE-2026-41433). Data can be tampered with by attackers. Mitigation: upgrade to `0.8.0` or later.
|
| CVE-2026-41907 |
|
Vulnerability in uuid (CVE-2026-41907)
vulnerability in uuid (CVE-2026-41907). Data can be tampered with by attackers. Exploitable via ``uuid``. Mitigation: upgrade to `13.0.1` or later.
|
| CVE-2026-33662 |
|
Vulnerability in c (CVE-2026-33662)
vulnerability in c (CVE-2026-33662). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42043 |
|
Vulnerability in axios (CVE-2026-42043)
vulnerability in axios (CVE-2026-42043). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.15.1` or later.
|
| CVE-2026-42033 |
|
Vulnerability in axios (CVE-2026-42033)
vulnerability in axios (CVE-2026-42033). Confidential information can be exposed externally. Mitigation: upgrade to `1.15.1` or later.
|
| CVE-2026-41140 |
|
Path Traversal in path-traversal (CVE-2026-41140)
path traversal in path-traversal (CVE-2026-41140). Data can be tampered with by attackers. Mitigation: upgrade to `2.3.4` or later.
|
| CVE-2026-40897 |
|
Vulnerability in mathjs (CVE-2026-40897)
vulnerability in mathjs (CVE-2026-40897). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `15.2.0` or later.
|
| CVE-2026-40068 |
|
Vulnerability in @anthropic-ai/claude-code (CVE-2026-40068)
vulnerability in @anthropic-ai/claude-code (CVE-2026-40068). Successful exploitation can lead to full system takeover. Exploitable via ``commondir``. Mitigation: upgrade to `2.1.84` or later.
|
| CVE-2026-42239 |
|
Vulnerability in @budibase/backend-core (CVE-2026-42239)
vulnerability in @budibase/backend-core (CVE-2026-42239). Confidential information can be exposed externally. Exploitable via ``document.cookie``. Mitigation: upgrade to `3.35.10` or later.
|
| CVE-2026-41316 |
|
Vulnerability in erb (CVE-2026-41316)
vulnerability in erb (CVE-2026-41316). Successful exploitation can lead to full system takeover. Exploitable via ``Marshal.load``. Mitigation: upgrade to `6.0.4` or later.
|
| CVE-2026-31641 |
|
Out-of-Bounds Read in linux (CVE-2026-31641)
vulnerability in linux (CVE-2026-31641). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31635 |
|
Vulnerability in c (CVE-2026-31635)
vulnerability in c (CVE-2026-31635). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5367 |
|
Vulnerability in CVE-2026-5367 (CVE-2026-5367)
vulnerability in CVE-2026-5367 (CVE-2026-5367). Confidential information can be exposed externally.
|
| CVE-2026-41246 |
|
Code Injection in github.com/projectcontour/contour (CVE-2026-41246)
code injection in github.com/projectcontour/contour (CVE-2026-41246). Confidential information can be exposed externally. Exploitable via ``HTTPProxy``. Mitigation: upgrade to `1.33.4` or later.
|
| CVE-2026-31663 |
|
Vulnerability in linux (CVE-2026-31663)
vulnerability in linux (CVE-2026-31663). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31656 |
|
Vulnerability in linux (CVE-2026-31656)
vulnerability in linux (CVE-2026-31656). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31627 |
|
Vulnerability in linux (CVE-2026-31627)
vulnerability in linux (CVE-2026-31627). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31629 |
|
Vulnerability in linux (CVE-2026-31629)
vulnerability in linux (CVE-2026-31629). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31630 |
|
Vulnerability in c (CVE-2026-31630)
vulnerability in c (CVE-2026-31630). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31626 |
|
Vulnerability in c (CVE-2026-31626)
vulnerability in c (CVE-2026-31626). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31622 |
|
Vulnerability in linux (CVE-2026-31622)
vulnerability in linux (CVE-2026-31622). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31611 |
|
Vulnerability in linux (CVE-2026-31611)
vulnerability in linux (CVE-2026-31611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31612 |
|
Vulnerability in linux (CVE-2026-31612)
vulnerability in linux (CVE-2026-31612). Confidential information can be exposed externally.
|
| CVE-2026-31613 |
|
Out-of-Bounds Read in linux (CVE-2026-31613)
vulnerability in linux (CVE-2026-31613). Confidential information can be exposed externally.
|
| CVE-2026-31602 |
|
Vulnerability in linux (CVE-2026-31602)
vulnerability in linux (CVE-2026-31602). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31597 |
|
Use-After-Free in c (CVE-2026-31597)
vulnerability in c (CVE-2026-31597). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31598 |
|
Vulnerability in linux (CVE-2026-31598)
vulnerability in linux (CVE-2026-31598). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31583 |
|
Use-After-Free in linux (CVE-2026-31583)
vulnerability in linux (CVE-2026-31583). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31586 |
|
Use-After-Free in c (CVE-2026-31586)
vulnerability in c (CVE-2026-31586). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31587 |
|
Use-After-Free in c (CVE-2026-31587)
vulnerability in c (CVE-2026-31587). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31588 |
|
Use-After-Free in linux (CVE-2026-31588)
vulnerability in linux (CVE-2026-31588). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31576 |
|
Use-After-Free in linux (CVE-2026-31576)
vulnerability in linux (CVE-2026-31576). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31578 |
|
Use-After-Free in c (CVE-2026-31578)
vulnerability in c (CVE-2026-31578). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31581 |
|
Use-After-Free in c (CVE-2026-31581)
vulnerability in c (CVE-2026-31581). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31580 |
|
Use-After-Free in linux (CVE-2026-31580)
vulnerability in linux (CVE-2026-31580). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40466 |
|
Vulnerability in org.apache.activemq:apache-activemq (CVE-2026-40466)
vulnerability in org.apache.activemq:apache-activemq (CVE-2026-40466). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.2.5` or later.
|
| CVE-2026-41044 |
|
Vulnerability in org.apache.activemq:apache-activemq (CVE-2026-41044)
vulnerability in org.apache.activemq:apache-activemq (CVE-2026-41044). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.2.5` or later.
|
| CVE-2026-21728 |
|
Vulnerability in grafana (CVE-2026-21728)
vulnerability in grafana (CVE-2026-21728). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6947 |
|
Vulnerability in CVE-2026-6947 (CVE-2026-6947)
vulnerability in CVE-2026-6947 (CVE-2026-6947). Data can be tampered with by attackers.
|
| CVE-2026-33317 |
|
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, mis...
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, missing checks in `entry_get_attribute_value()` in `ta/pkcs11/src/object.c` can lead to out-of-bounds...
|