Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-34971 Out-of-Bounds Read in bytecodealliance (CVE-2026-34971)
vulnerability in bytecodealliance (CVE-2026-34971). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `36.0.7` or later.
CVE-2026-1584 Vulnerability in dos (CVE-2026-1584)
vulnerability in dos (CVE-2026-1584). Risk of unauthorized operations or information disclosure.
CVE-2026-40072 SSRF (Server-Side Request Forgery) in web3 (CVE-2026-40072)
SSRF in web3 (CVE-2026-40072). Risk of unauthorized operations or information disclosure. Exploitable via ``OffchainLookup``. Mitigation: upgrade to `8.0.0b2` or later.
CVE-2026-39983 Vulnerability in patrickjuchli (CVE-2026-39983)
vulnerability in patrickjuchli (CVE-2026-39983). Data can be tampered with by attackers. Mitigation: upgrade to `5.2.1` or later.
CVE-2026-39981 Path Traversal in path-traversal (CVE-2026-39981)
path traversal in path-traversal (CVE-2026-39981). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.9.2` or later.
CVE-2026-39976 Authentication Bypass in laravel (CVE-2026-39976)
authentication bypass in laravel (CVE-2026-39976). Confidential information can be exposed externally. Mitigation: upgrade to `13.7.1` or later.
CVE-2026-35205 Vulnerability in helm (CVE-2026-35205)
vulnerability in helm (CVE-2026-35205). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.4` or later.
CVE-2026-35204 Path Traversal in helm (CVE-2026-35204)
path traversal in helm (CVE-2026-35204). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.4` or later.
CVE-2025-70364 Code Injection in CVE-2025-70364 (CVE-2025-70364)
code injection in CVE-2025-70364 (CVE-2025-70364). Successful exploitation can lead to full system takeover.
CVE-2026-4116 Vulnerability in sonicwall (CVE-2026-4116)
vulnerability in sonicwall (CVE-2026-4116). Successful exploitation can lead to full system takeover.
CVE-2026-4112 SQL Injection in sqli (CVE-2026-4112)
SQL injection in sqli (CVE-2026-4112). Successful exploitation can lead to full system takeover.
CVE-2026-4113 Vulnerability in sonicwall (CVE-2026-4113)
vulnerability in sonicwall (CVE-2026-4113). Successful exploitation can lead to full system takeover.
CVE-2026-4660 Information Disclosure in CVE-2026-4660 (CVE-2026-4660)
vulnerability in CVE-2026-4660 (CVE-2026-4660). Confidential information can be exposed externally.
CVE-2026-5863 Vulnerability in google (CVE-2026-5863)
vulnerability in google (CVE-2026-5863). Successful exploitation can lead to full system takeover.
CVE-2026-5883 Use-After-Free in google (CVE-2026-5883)
vulnerability in google (CVE-2026-5883). Successful exploitation can lead to full system takeover.
CVE-2026-5879 Vulnerability in google (CVE-2026-5879)
vulnerability in google (CVE-2026-5879). Successful exploitation can lead to full system takeover.
CVE-2026-5865 Vulnerability in google (CVE-2026-5865)
vulnerability in google (CVE-2026-5865). Successful exploitation can lead to full system takeover.
CVE-2026-5860 Use-After-Free in google (CVE-2026-5860)
vulnerability in google (CVE-2026-5860). Successful exploitation can lead to full system takeover.
CVE-2026-39883 Vulnerability in opentelemetry (CVE-2026-39883)
vulnerability in opentelemetry (CVE-2026-39883). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.43.0` or later.
CVE-2026-23869 Vulnerability in react (CVE-2026-23869)
vulnerability in react (CVE-2026-23869). Risk of unauthorized operations or information disclosure.
CVE-2026-32589 Vulnerability in redhat (CVE-2026-32589)
vulnerability in redhat (CVE-2026-32589). Risk of unauthorized operations or information disclosure.
CVE-2026-32590 Unsafe Deserialization in redhat (CVE-2026-32590)
vulnerability in redhat (CVE-2026-32590). Successful exploitation can lead to full system takeover.
CVE-2026-5795 Vulnerability in privilege-escalation (CVE-2026-5795)
vulnerability in privilege-escalation (CVE-2026-5795). Confidential information can be exposed externally.
CVE-2026-35585 OS Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-35585)
OS command injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-35585). Successful exploitation can lead to full system takeover. Exploitable via ``os.Expand``. Mitigation: upgrade to `2.33.8` or later.
CVE-2026-1340 KEV [KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1340)
code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1340). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-27140 Authorization Flaw in toolchain (CVE-2026-27140)
vulnerability in toolchain (CVE-2026-27140). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.25.9, 1.26.2` or later.
CVE-2026-32280 Vulnerability in stdlib (CVE-2026-32280)
vulnerability in stdlib (CVE-2026-32280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.9, 1.26.2` or later.
CVE-2026-32283 Vulnerability in stdlib (CVE-2026-32283)
vulnerability in stdlib (CVE-2026-32283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.25.9, 1.26.2` or later.
CVE-2026-33810 Vulnerability in stdlib (CVE-2026-33810)
vulnerability in stdlib (CVE-2026-33810). Confidential information can be exposed externally. Mitigation: upgrade to `1.26.2` or later.
CVE-2026-34580 Vulnerability in c (CVE-2026-34580)
vulnerability in c (CVE-2026-34580). Data can be tampered with by attackers. Mitigation: upgrade to `3.11.1` or later.
CVE-2026-28389 Vulnerability in dos (CVE-2026-28389)
vulnerability in dos (CVE-2026-28389). Risk of unauthorized operations or information disclosure.
CVE-2026-28390 Vulnerability in dos (CVE-2026-28390)
vulnerability in dos (CVE-2026-28390). Risk of unauthorized operations or information disclosure.
CVE-2026-31790 Vulnerability in openssl (CVE-2026-31790)
vulnerability in openssl (CVE-2026-31790). Confidential information can be exposed externally.
CVE-2026-28387 Use-After-Free in openssl (CVE-2026-28387)
vulnerability in openssl (CVE-2026-28387). Successful exploitation can lead to full system takeover.
CVE-2026-28388 Vulnerability in dos (CVE-2026-28388)
vulnerability in dos (CVE-2026-28388). Risk of unauthorized operations or information disclosure.
CVE-2026-34045 Vulnerability in linuxfoundation (CVE-2026-34045)
vulnerability in linuxfoundation (CVE-2026-34045). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.26.2` or later.
CVE-2026-29181 Vulnerability in opentelemetry (CVE-2026-29181)
vulnerability in opentelemetry (CVE-2026-29181). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.41.0` or later.
CVE-2026-39364 Vulnerability in vitejs (CVE-2026-39364)
vulnerability in vitejs (CVE-2026-39364). Confidential information can be exposed externally. Mitigation: upgrade to `7.3.2` or later.
CVE-2026-39363 Information Disclosure in vitejs (CVE-2026-39363)
vulnerability in vitejs (CVE-2026-39363). Confidential information can be exposed externally. Mitigation: upgrade to `6.4.2` or later.
CVE-2026-24156 Unsafe Deserialization in deserialization (CVE-2026-24156)
vulnerability in deserialization (CVE-2026-24156). Successful exploitation can lead to full system takeover.
CVE-2025-14821 Vulnerability in c (CVE-2025-14821)
vulnerability in c (CVE-2025-14821). Successful exploitation can lead to full system takeover.
CVE-2026-30460 Code Injection in thedaylightstudio (CVE-2026-30460)
code injection in thedaylightstudio (CVE-2026-30460). Successful exploitation can lead to full system takeover.
CVE-2026-24660 Vulnerability in libraw (CVE-2026-24660)
vulnerability in libraw (CVE-2026-24660). Successful exploitation can lead to full system takeover.
CVE-2026-5732 Vulnerability in mozilla (CVE-2026-5732)
vulnerability in mozilla (CVE-2026-5732). Successful exploitation can lead to full system takeover.
CVE-2026-5733 Buffer Overflow in mozilla (CVE-2026-5733)
vulnerability in mozilla (CVE-2026-5733). Successful exploitation can lead to full system takeover.
CVE-2026-4740 Vulnerability in privilege-escalation (CVE-2026-4740)
vulnerability in privilege-escalation (CVE-2026-4740). Successful exploitation can lead to full system takeover.
CVE-2026-32144 Vulnerability in erlang (CVE-2026-32144)
vulnerability in erlang (CVE-2026-32144). Confidential information can be exposed externally.
CVE-2026-35172 Vulnerability in distribution (CVE-2026-35172)
vulnerability in distribution (CVE-2026-35172). Confidential information can be exposed externally. Mitigation: upgrade to `3.1.0` or later.
CVE-2026-35029 Authorization Flaw in litellm (CVE-2026-35029)
vulnerability in litellm (CVE-2026-35029). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.0` or later.
CVE-2026-34982 OS Command Injection in vim (CVE-2026-34982)
OS command injection in vim (CVE-2026-34982). Confidential information can be exposed externally. Exploitable via ``complete``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →