Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-27289 |
|
Out-of-Bounds Read in adobe (CVE-2026-27289)
vulnerability in adobe (CVE-2026-27289). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32077 |
|
Vulnerability in microsoft (CVE-2026-32077)
vulnerability in microsoft (CVE-2026-32077). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23666 |
|
Vulnerability in csharp (CVE-2026-23666)
vulnerability in csharp (CVE-2026-23666). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33116 |
|
Vulnerability in csharp (CVE-2026-33116)
vulnerability in csharp (CVE-2026-33116). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32203 |
|
Vulnerability in csharp (CVE-2026-32203)
vulnerability in csharp (CVE-2026-32203). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32154 |
|
Use-After-Free in microsoft (CVE-2026-32154)
vulnerability in microsoft (CVE-2026-32154). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32152 |
|
Use-After-Free in microsoft (CVE-2026-32152)
vulnerability in microsoft (CVE-2026-32152). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26151 |
|
Vulnerability in microsoft (CVE-2026-26151)
vulnerability in microsoft (CVE-2026-26151). Confidential information can be exposed externally.
|
| CVE-2026-40164 |
|
Vulnerability in CVE-2026-40164 (CVE-2026-40164)
vulnerability in CVE-2026-40164 (CVE-2026-40164). Risk of unauthorized operations or information disclosure.
|
| CVE-2009-0238 KEV |
|
[KEV] Code Injection in Microsoft office (CVE-2009-0238)
code injection in Microsoft office (CVE-2009-0238). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-33908 |
|
Vulnerability in dos (CVE-2026-33908)
vulnerability in dos (CVE-2026-33908). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33901 |
|
Vulnerability in imagemagick (CVE-2026-33901)
vulnerability in imagemagick (CVE-2026-33901). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28291 |
|
OS Command Injection in simple-git-project (CVE-2026-28291)
OS command injection in simple-git-project (CVE-2026-28291). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69627 |
|
Use-After-Free in gonitro (CVE-2025-69627)
vulnerability in gonitro (CVE-2025-69627). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69624 |
|
Vulnerability in gonitro (CVE-2025-69624)
vulnerability in gonitro (CVE-2025-69624). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1462 |
|
Unsafe Deserialization in keras (CVE-2026-1462)
vulnerability in keras (CVE-2026-1462). Successful exploitation can lead to full system takeover. Exploitable via ``TFSMLayer``. Mitigation: upgrade to `3.13.2` or later.
|
| CVE-2026-31426 |
|
Use-After-Free in c (CVE-2026-31426)
vulnerability in c (CVE-2026-31426). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31417 |
|
Vulnerability in linux (CVE-2026-31417)
vulnerability in linux (CVE-2026-31417). Risk of unauthorized operations or information disclosure. Exploitable via ``x25_sock.fraglen``.
|
| CVE-2026-31419 |
|
Use-After-Free in c (CVE-2026-31419)
vulnerability in c (CVE-2026-31419). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0233 |
|
Vulnerability in paloaltonetworks (CVE-2026-0233)
vulnerability in paloaltonetworks (CVE-2026-0233). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40436 |
|
Vulnerability in zte (CVE-2026-40436)
vulnerability in zte (CVE-2026-40436). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5936 |
|
SSRF (Server-Side Request Forgery) in foxit (CVE-2026-5936)
SSRF in foxit (CVE-2026-5936). Confidential information can be exposed externally.
|
| CVE-2012-1854 KEV |
|
[KEV] Vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854)
vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-60710 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2025-60710)
vulnerability in Microsoft windows (CVE-2025-60710). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21529 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2023-21529)
vulnerability in Microsoft exchange-server (CVE-2023-21529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36424 KEV |
|
[KEV] Out-of-Bounds Read in Microsoft windows (CVE-2023-36424)
vulnerability in Microsoft windows (CVE-2023-36424). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-9715 KEV |
|
[KEV] Use-After-Free in Adobe acrobat (CVE-2020-9715)
vulnerability in Adobe acrobat (CVE-2020-9715). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21643 KEV |
|
[KEV] SQL Injection in Fortinet forticlient-ems (CVE-2026-21643)
SQL injection in Fortinet forticlient-ems (CVE-2026-21643). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34621 KEV |
|
[KEV] Vulnerability in Adobe acrobat-and-reader (CVE-2026-34621)
vulnerability in Adobe acrobat-and-reader (CVE-2026-34621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-25695 |
|
Out-of-Bounds Write in CVE-2019-25695 (CVE-2019-25695)
out-of-bounds write in CVE-2019-25695 (CVE-2019-25695). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31413 |
|
Out-of-Bounds Read in linux (CVE-2026-31413)
vulnerability in linux (CVE-2026-31413). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32146 |
|
Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
|
| CVE-2026-4154 |
|
Vulnerability in gimp (CVE-2026-4154)
vulnerability in gimp (CVE-2026-4154). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4153 |
|
Vulnerability in gimp (CVE-2026-4153)
vulnerability in gimp (CVE-2026-4153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4151 |
|
Vulnerability in gimp (CVE-2026-4151)
vulnerability in gimp (CVE-2026-4151). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4150 |
|
Vulnerability in gimp (CVE-2026-4150)
vulnerability in gimp (CVE-2026-4150). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4152 |
|
Vulnerability in gimp (CVE-2026-4152)
vulnerability in gimp (CVE-2026-4152). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5483 |
|
Vulnerability in redhat (CVE-2026-5483)
vulnerability in redhat (CVE-2026-5483). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34481 |
|
Vulnerability in apache (CVE-2026-34481)
vulnerability in apache (CVE-2026-34481). Data can be tampered with by attackers.
|
| CVE-2026-33092 |
|
Vulnerability in privilege-escalation (CVE-2026-33092)
vulnerability in privilege-escalation (CVE-2026-33092). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39304 |
|
Vulnerability in apache (CVE-2026-39304)
vulnerability in apache (CVE-2026-39304). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47961 |
|
Vulnerability in synology (CVE-2021-47961)
vulnerability in synology (CVE-2021-47961). Confidential information can be exposed externally.
|
| CVE-2026-22750 |
|
Vulnerability in vmware (CVE-2026-22750)
vulnerability in vmware (CVE-2026-22750). Data can be tampered with by attackers.
|
| CVE-2026-28704 |
|
Vulnerability in jpcert (CVE-2026-28704)
vulnerability in jpcert (CVE-2026-28704). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33788 |
|
Vulnerability in juniper (CVE-2026-33788)
vulnerability in juniper (CVE-2026-33788). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33771 |
|
Vulnerability in juniper (CVE-2026-33771)
vulnerability in juniper (CVE-2026-33771). Confidential information can be exposed externally.
|
| CVE-2025-13914 |
|
Vulnerability in juniper (CVE-2025-13914)
vulnerability in juniper (CVE-2025-13914). Confidential information can be exposed externally.
|
| CVE-2026-34734 |
|
Use-After-Free in hdfgroup (CVE-2026-34734)
vulnerability in hdfgroup (CVE-2026-34734). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34486 |
|
Vulnerability in tomcat (CVE-2026-34486)
vulnerability in tomcat (CVE-2026-34486). Confidential information can be exposed externally. Mitigation: upgrade to `9.0.117, 10.1.54, 11.0.21` or later.
|
| CVE-2026-29146 |
|
Vulnerability in apache (CVE-2026-29146)
vulnerability in apache (CVE-2026-29146). Confidential information can be exposed externally.
|