Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-29635 KEV |
|
[KEV] Command Injection in D-link dir-823x (CVE-2025-29635)
command injection in D-link dir-823x (CVE-2025-29635). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-7399 KEV |
|
[KEV] Path Traversal in Samsung magicinfo-9-server (CVE-2024-7399)
path traversal in Samsung magicinfo-9-server (CVE-2024-7399). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-57728 KEV |
|
[KEV] Path Traversal in Simplehelp path-traversal (CVE-2024-57728)
path traversal in Simplehelp path-traversal (CVE-2024-57728). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-57726 KEV |
|
[KEV] Vulnerability in Simplehelp auth (CVE-2024-57726)
vulnerability in Simplehelp auth (CVE-2024-57726). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-41355 |
|
Vulnerability in openclaw (CVE-2026-41355)
vulnerability in openclaw (CVE-2026-41355). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40886 |
|
Vulnerability in argoproj (CVE-2026-40886)
vulnerability in argoproj (CVE-2026-40886). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.0.5` or later.
|
| CVE-2026-6921 |
|
Vulnerability in google (CVE-2026-6921)
vulnerability in google (CVE-2026-6921). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34003 |
|
Out-of-Bounds Read in dos (CVE-2026-34003)
vulnerability in dos (CVE-2026-34003). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34001 |
|
Vulnerability in dos (CVE-2026-34001)
vulnerability in dos (CVE-2026-34001). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33999 |
|
Vulnerability in dos (CVE-2026-33999)
vulnerability in dos (CVE-2026-33999). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31532 |
|
Use-After-Free in linux (CVE-2026-31532)
vulnerability in linux (CVE-2026-31532). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6903 |
|
Path Traversal in CVE-2026-6903 (CVE-2026-6903)
path traversal in CVE-2026-6903 (CVE-2026-6903). Confidential information can be exposed externally.
|
| CVE-2026-41564 |
|
Vulnerability in dcit (CVE-2026-41564)
vulnerability in dcit (CVE-2026-41564). Confidential information can be exposed externally.
|
| CVE-2026-41040 |
|
Vulnerability in dos (CVE-2026-41040)
vulnerability in dos (CVE-2026-41040). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5935 |
|
OS Command Injection in ibm (CVE-2026-5935)
OS command injection in ibm (CVE-2026-5935). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40062 |
|
Path Traversal in path-traversal (CVE-2026-40062)
path traversal in path-traversal (CVE-2026-40062). Confidential information can be exposed externally.
|
| CVE-2026-3621 |
|
Privilege Escalation in ibm (CVE-2026-3621)
vulnerability in ibm (CVE-2026-3621). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32679 |
|
Vulnerability in liveon (CVE-2026-32679)
vulnerability in liveon (CVE-2026-32679). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39987 KEV |
|
[KEV] Vulnerability in Marimo remote-attack (CVE-2026-39987)
vulnerability in Marimo remote-attack (CVE-2026-39987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-41455 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-41455 (CVE-2026-41455)
SSRF in CVE-2026-41455 (CVE-2026-41455). Confidential information can be exposed externally.
|
| CVE-2026-41134 |
|
Code Injection in deserialization (CVE-2026-41134)
code injection in deserialization (CVE-2026-41134). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41673 |
|
Vulnerability in @xmldom/xmldom (CVE-2026-41673)
vulnerability in @xmldom/xmldom (CVE-2026-41673). Risk of unauthorized operations or information disclosure. Exploitable via ``node.textContent``. Mitigation: upgrade to `0.9.10` or later.
|
| CVE-2026-41674 |
|
Vulnerability in @xmldom/xmldom (CVE-2026-41674)
vulnerability in @xmldom/xmldom (CVE-2026-41674). Data can be tampered with by attackers. Exploitable via ``DocumentType``. Mitigation: upgrade to `0.9.10` or later.
|
| CVE-2026-41675 |
|
Vulnerability in @xmldom/xmldom (CVE-2026-41675)
vulnerability in @xmldom/xmldom (CVE-2026-41675). Data can be tampered with by attackers. Exploitable via ``data``. Mitigation: upgrade to `0.9.10` or later.
|
| CVE-2026-41672 |
|
Vulnerability in @xmldom/xmldom (CVE-2026-41672)
vulnerability in @xmldom/xmldom (CVE-2026-41672). Data can be tampered with by attackers. Exploitable via ``node.data``. Mitigation: upgrade to `0.9.10` or later.
|
| CVE-2026-41640 |
|
SQL Injection in @nocobase/database (CVE-2026-41640)
SQL injection in @nocobase/database (CVE-2026-41640). Successful exploitation can lead to full system takeover. Exploitable via ``nodeIds``. Mitigation: upgrade to `2.0.39` or later.
|
| CVE-2026-41644 |
|
Vulnerability in github.com/monetr/monetr (CVE-2026-41644)
vulnerability in github.com/monetr/monetr (CVE-2026-41644). Confidential information can be exposed externally. Exploitable via `POST /api/lunch_flow/link`. Mitigation: upgrade to `1.12.5` or later.
|
| CVE-2026-31474 |
|
Use-After-Free in linux (CVE-2026-31474)
vulnerability in linux (CVE-2026-31474). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6857 |
|
Unsafe Deserialization in org.apache.camel:camel-infinispan (CVE-2026-6857)
vulnerability in org.apache.camel:camel-infinispan (CVE-2026-6857). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.20.0` or later.
|
| CVE-2026-35548 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-35548)
SSRF in ssrf (CVE-2026-35548). Confidential information can be exposed externally.
|
| CVE-2026-6859 |
|
Vulnerability in redhat (CVE-2026-6859)
vulnerability in redhat (CVE-2026-6859). Successful exploitation can lead to full system takeover. Exploitable via ``linux_train.py``.
|
| CVE-2026-41651 |
|
Vulnerability in c (CVE-2026-41651)
vulnerability in c (CVE-2026-41651). Successful exploitation can lead to full system takeover. Exploitable via ``RUNNING``.
|
| CVE-2026-31527 |
|
Use-After-Free in linux (CVE-2026-31527)
vulnerability in linux (CVE-2026-31527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31511 |
|
Use-After-Free in linux (CVE-2026-31511)
vulnerability in linux (CVE-2026-31511). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31500 |
|
Use-After-Free in c (CVE-2026-31500)
vulnerability in c (CVE-2026-31500). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31486 |
|
Vulnerability in linux (CVE-2026-31486)
vulnerability in linux (CVE-2026-31486). Data can be tampered with by attackers.
|
| CVE-2026-31489 |
|
Vulnerability in linux (CVE-2026-31489)
vulnerability in linux (CVE-2026-31489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31488 |
|
Use-After-Free in linux (CVE-2026-31488)
vulnerability in linux (CVE-2026-31488). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31476 |
|
Vulnerability in dos (CVE-2026-31476)
vulnerability in dos (CVE-2026-31476). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-31455 |
|
Use-After-Free in linux (CVE-2026-31455)
vulnerability in linux (CVE-2026-31455). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31449 |
|
Out-of-Bounds Read in linux (CVE-2026-31449)
vulnerability in linux (CVE-2026-31449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31435 |
|
Out-of-Bounds Read in linux (CVE-2026-31435)
vulnerability in linux (CVE-2026-31435). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6855 |
|
Path Traversal in path-traversal (CVE-2026-6855)
path traversal in path-traversal (CVE-2026-6855). Confidential information can be exposed externally. Exploitable via ``logs_dir``.
|
| CVE-2026-31432 |
|
Out-of-Bounds Write in linux (CVE-2026-31432)
out-of-bounds write in linux (CVE-2026-31432). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6846 |
|
Vulnerability in dos (CVE-2026-6846)
vulnerability in dos (CVE-2026-6846). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31433 |
|
Vulnerability in CVE-2026-31433 (CVE-2026-31433)
vulnerability in CVE-2026-31433 (CVE-2026-31433). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40542 |
|
Vulnerability in apache (CVE-2026-40542)
vulnerability in apache (CVE-2026-40542). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22754 |
|
Vulnerability in vmware (CVE-2026-22754)
vulnerability in vmware (CVE-2026-22754). Data can be tampered with by attackers.
|
| CVE-2026-33825 KEV |
|
[KEV] Vulnerability in Microsoft defender (CVE-2026-33825)
vulnerability in Microsoft defender (CVE-2026-33825). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-6832 |
|
Path Traversal in path-traversal (CVE-2026-6832)
path traversal in path-traversal (CVE-2026-6832). Data can be tampered with by attackers.
|