Sign in Sign up
JA · EN · FR
SecPulse

Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Categories
All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other
Tag groups
All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15
Popular tags (Top 40)
Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337
ID Title
CVE-2026-42313 Vulnerability in pyload-ng (CVE-2026-42313)
vulnerability in pyload-ng (CVE-2026-42313). Confidential information can be exposed externally. Exploitable via ``ADMIN_ONLY_CORE_OPTIONS``. Mitigation: upgrade to `0.5.0b3.dev100` or later.
CVE-2026-42312 Vulnerability in pyload-ng (CVE-2026-42312)
vulnerability in pyload-ng (CVE-2026-42312). Confidential information can be exposed externally. Exploitable via ``ADMIN_ONLY_CORE_OPTIONS``. Mitigation: upgrade to `0.5.0b3.dev100` or later.
CVE-2026-41431 Vulnerability in CVE-2026-41431 (CVE-2026-41431)
vulnerability in CVE-2026-41431 (CVE-2026-41431). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.19.9b` or later.
CVE-2026-41257 Vulnerability in jqlang (CVE-2026-41257)
vulnerability in jqlang (CVE-2026-41257). Risk of unauthorized operations or information disclosure.
DEBIAN-CVE-2026-41256 Vulnerability in jq (DEBIAN-CVE-2026-41256)
vulnerability in jq (DEBIAN-CVE-2026-41256). Data can be tampered with by attackers.
DEBIAN-CVE-2026-40612 Vulnerability in jq (DEBIAN-CVE-2026-40612)
vulnerability in jq (DEBIAN-CVE-2026-40612). Risk of unauthorized operations or information disclosure.
CVE-2026-41256 Vulnerability in jqlang (CVE-2026-41256)
vulnerability in jqlang (CVE-2026-41256). Data can be tampered with by attackers.
CVE-2026-41250 Cross-Site Scripting (XSS) in CVE-2026-41250 (CVE-2026-41250)
cross-site scripting in CVE-2026-41250 (CVE-2026-41250). Confidential information can be exposed externally. Mitigation: upgrade to `6.9.1` or later.
CVE-2026-40612 Vulnerability in c (CVE-2026-40612)
vulnerability in c (CVE-2026-40612). Risk of unauthorized operations or information disclosure.
DEBIAN-CVE-2026-34095 Vulnerability in mediawiki (DEBIAN-CVE-2026-34095)
vulnerability in mediawiki (DEBIAN-CVE-2026-34095). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1:1.39.17-1+deb12u2` or later.
DEBIAN-CVE-2026-34094 Vulnerability in mediawiki (DEBIAN-CVE-2026-34094)
vulnerability in mediawiki (DEBIAN-CVE-2026-34094). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1:1.43.8+dfsg-1~deb13u1` or later.
DEBIAN-CVE-2026-34093 Vulnerability in mediawiki (DEBIAN-CVE-2026-34093)
vulnerability in mediawiki (DEBIAN-CVE-2026-34093). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1:1.39.17-1+deb12u2` or later.
DEBIAN-CVE-2026-2291 Vulnerability in dnsmasq (DEBIAN-CVE-2026-2291)
vulnerability in dnsmasq (DEBIAN-CVE-2026-2291). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.90-4~deb12u2` or later.
CVE-2026-33052 Vulnerability in mantisbt/mantisbt (CVE-2026-33052)
vulnerability in mantisbt/mantisbt (CVE-2026-33052). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.28.2` or later.
CVE-2026-27478 Vulnerability in io.unitycatalog:unitycatalog-server (CVE-2026-27478)
vulnerability in io.unitycatalog:unitycatalog-server (CVE-2026-27478). Confidential information can be exposed externally. Exploitable via ``jwks``. Mitigation: upgrade to `0.4.1` or later.
MAL-2026-3430 Vulnerability in cplace-bmw-emt-mvp (MAL-2026-3430)
vulnerability in cplace-bmw-emt-mvp (MAL-2026-3430). Risk of unauthorized operations or information disclosure.
CVE-2026-25244 OS Command Injection in @wdio/browserstack-service (CVE-2026-25244)
OS command injection in @wdio/browserstack-service (CVE-2026-25244). Successful exploitation can lead to full system takeover. Exploitable via ``source``. Mitigation: upgrade to `9.24.0` or later.
GHSA-h29g-c9cx-c73q Unsafe Deserialization in torrentpier/torrentpier (GHSA-h29g-c9cx-c73q)
vulnerability in torrentpier/torrentpier (GHSA-h29g-c9cx-c73q). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.4` or later.
MAL-2026-3429 Vulnerability in openai-spellchecker (MAL-2026-3429)
vulnerability in openai-spellchecker (MAL-2026-3429). Risk of unauthorized operations or information disclosure.
CVE-2026-44738 Information Disclosure in getgrav/grav (CVE-2026-44738)
vulnerability in getgrav/grav (CVE-2026-44738). Confidential information can be exposed externally. Exploitable via ``admin.pages``. Mitigation: upgrade to `2.0.0-rc.2` or later.
CVE-2026-42845 Vulnerability in getgrav/grav-plugin-form (CVE-2026-42845)
vulnerability in getgrav/grav-plugin-form (CVE-2026-42845). Risk of unauthorized operations or information disclosure. Exploitable via `GET /upload`. Mitigation: upgrade to `9.1.0` or later.
CVE-2026-42843 Authorization Flaw in getgrav/grav-plugin-api (CVE-2026-42843)
vulnerability in getgrav/grav-plugin-api (CVE-2026-42843). Successful exploitation can lead to full system takeover. Exploitable via ``api.access``. Mitigation: upgrade to `1.0.0-beta.15` or later.
CVE-2026-42842 Cross-Site Scripting (XSS) in getgrav/grav (CVE-2026-42842)
cross-site scripting in getgrav/grav (CVE-2026-42842). Risk of unauthorized operations or information disclosure. Exploitable via ``on_events``. Mitigation: upgrade to `2.0.0-beta.2` or later.
CVE-2026-42603 Code Injection in CVE-2026-42603 (CVE-2026-42603)
code injection in CVE-2026-42603 (CVE-2026-42603). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.1.2` or later.
CVE-2026-42349 Vulnerability in @clerk/shared (CVE-2026-42349)
vulnerability in @clerk/shared (CVE-2026-42349). Risk of unauthorized operations or information disclosure. Exploitable via ``clerkMiddleware``. Mitigation: upgrade to `4.8.3` or later.
MAL-2026-3508 Vulnerability in crypto-javascri (MAL-2026-3508)
vulnerability in crypto-javascri (MAL-2026-3508). Risk of unauthorized operations or information disclosure.
USN-8267-1 Vulnerability in linux-azure (USN-8267-1)
vulnerability in linux-azure (USN-8267-1). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.15.0-1200.215~16.04.1` or later.
MAL-2026-3506 Vulnerability in @mimecast-ui/charts (MAL-2026-3506)
vulnerability in @mimecast-ui/charts (MAL-2026-3506). Risk of unauthorized operations or information disclosure.
MAL-2026-3507 Vulnerability in @mimecast-ui/components (MAL-2026-3507)
vulnerability in @mimecast-ui/components (MAL-2026-3507). Risk of unauthorized operations or information disclosure.
CVE-2026-45109 Vulnerability in next (CVE-2026-45109)
vulnerability in next (CVE-2026-45109). Confidential information can be exposed externally. Exploitable via ``middleware.ts``. Mitigation: upgrade to `16.2.6` or later.
CVE-2026-44643 Vulnerability in angular-expressions (CVE-2026-44643)
vulnerability in angular-expressions (CVE-2026-44643). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.2` or later.
CVE-2026-45061 SSRF (Server-Side Request Forgery) in budibase (CVE-2026-45061)
SSRF in budibase (CVE-2026-45061). Confidential information can be exposed externally. Exploitable via `POST /api/plugin`. Mitigation: upgrade to `3.35.10` or later.
CVE-2026-45047 Vulnerability in github.com/xddxdd/bird-lg-go (CVE-2026-45047)
vulnerability in github.com/xddxdd/bird-lg-go (CVE-2026-45047). Risk of unauthorized operations or information disclosure. Exploitable via ``apiHandler``. Mitigation: upgrade to `0.0.0-20260507060110-0ff87024cb9e` or later.
CVE-2026-8292 Vulnerability in c (CVE-2026-8292)
vulnerability in c (CVE-2026-8292). Risk of unauthorized operations or information disclosure.
CVE-2026-8291 Vulnerability in c (CVE-2026-8291)
vulnerability in c (CVE-2026-8291). Risk of unauthorized operations or information disclosure.
CVE-2026-7820 Vulnerability in flask (CVE-2026-7820)
vulnerability in flask (CVE-2026-7820). Risk of unauthorized operations or information disclosure.
CVE-2026-7819 Vulnerability in path-traversal (CVE-2026-7819)
vulnerability in path-traversal (CVE-2026-7819). Data can be tampered with by attackers.
CVE-2026-7818 Unsafe Deserialization in deserialization (CVE-2026-7818)
vulnerability in deserialization (CVE-2026-7818). Successful exploitation can lead to full system takeover.
CVE-2026-7817 Vulnerability in ssrf (CVE-2026-7817)
vulnerability in ssrf (CVE-2026-7817). Confidential information can be exposed externally.
CVE-2026-7816 SQL Injection in CVE-2026-7816 (CVE-2026-7816)
SQL injection in CVE-2026-7816 (CVE-2026-7816). Successful exploitation can lead to full system takeover.
CVE-2026-7815 SQL Injection in sqli (CVE-2026-7815)
SQL injection in sqli (CVE-2026-7815). Successful exploitation can lead to full system takeover.
CVE-2026-7814 Cross-Site Scripting (XSS) in CVE-2026-7814 (CVE-2026-7814)
cross-site scripting in CVE-2026-7814 (CVE-2026-7814). Risk of unauthorized operations or information disclosure.
CVE-2026-7813 Vulnerability in privilege-escalation (CVE-2026-7813)
vulnerability in privilege-escalation (CVE-2026-7813). Successful exploitation can lead to full system takeover.
CVE-2026-6815 Vulnerability in path-traversal (CVE-2026-6815)
vulnerability in path-traversal (CVE-2026-6815). Risk of unauthorized operations or information disclosure.
CVE-2026-6093 SQL Injection in sqli (CVE-2026-6093)
SQL injection in sqli (CVE-2026-6093). Risk of unauthorized operations or information disclosure.
CVE-2026-42841 Cross-Site Scripting (XSS) in getgrav/grav (CVE-2026-42841)
cross-site scripting in getgrav/grav (CVE-2026-42841). Risk of unauthorized operations or information disclosure. Exploitable via ``onload``. Mitigation: upgrade to `2.0.0-beta.2` or later.
CVE-2026-42613 Vulnerability in getgrav/grav (CVE-2026-42613)
vulnerability in getgrav/grav (CVE-2026-42613). Confidential information can be exposed externally. Exploitable via ``groups``. Mitigation: upgrade to `2.0.0-beta.2` or later.
CVE-2026-42612 Cross-Site Scripting (XSS) in getgrav/grav (CVE-2026-42612)
cross-site scripting in getgrav/grav (CVE-2026-42612). Confidential information can be exposed externally. Exploitable via ``onerror``. Mitigation: upgrade to `2.0.0-beta.2` or later.
CVE-2026-42611 Cross-Site Scripting (XSS) in getgrav/grav (CVE-2026-42611)
cross-site scripting in getgrav/grav (CVE-2026-42611). Confidential information can be exposed externally. Exploitable via `POST /grav-log`. Mitigation: upgrade to `2.0.0-beta.2` or later.
CVE-2026-42610 Authorization Flaw in getgrav/grav (CVE-2026-42610)
vulnerability in getgrav/grav (CVE-2026-42610). Confidential information can be exposed externally. Exploitable via ``editor_chen``. Mitigation: upgrade to `2.0.0-beta.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →