Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-35385 |
|
Vulnerability in openbsd (CVE-2026-35385)
vulnerability in openbsd (CVE-2026-35385). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34601 |
|
Vulnerability in CVE-2026-34601 (CVE-2026-34601)
vulnerability in CVE-2026-34601 (CVE-2026-34601). Data can be tampered with by attackers. Exploitable via ``DOMParser``.
|
| CVE-2026-34876 |
|
Out-of-Bounds Read in c (CVE-2026-34876)
vulnerability in c (CVE-2026-34876). Confidential information can be exposed externally.
|
| CVE-2026-3692 |
|
OS Command Injection in progress (CVE-2026-3692)
OS command injection in progress (CVE-2026-3692). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4636 |
|
Vulnerability in redhat (CVE-2026-4636)
vulnerability in redhat (CVE-2026-4636). Confidential information can be exposed externally.
|
| CVE-2026-4634 |
|
Vulnerability in dos (CVE-2026-4634)
vulnerability in dos (CVE-2026-4634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4282 |
|
Vulnerability in privilege-escalation (CVE-2026-4282)
vulnerability in privilege-escalation (CVE-2026-4282). Confidential information can be exposed externally.
|
| CVE-2026-3872 |
|
Open Redirect in redhat (CVE-2026-3872)
vulnerability in redhat (CVE-2026-3872). Confidential information can be exposed externally.
|
| CVE-2026-3502 KEV |
|
[KEV] Vulnerability in Trueconf client (CVE-2026-3502)
vulnerability in Trueconf client (CVE-2026-3502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34545 |
|
Vulnerability in openexr (CVE-2026-34545)
vulnerability in openexr (CVE-2026-34545). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34874 |
|
Vulnerability in trustedfirmware (CVE-2026-34874)
vulnerability in trustedfirmware (CVE-2026-34874). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25833 |
|
Vulnerability in trustedfirmware (CVE-2026-25833)
vulnerability in trustedfirmware (CVE-2026-25833). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.6.6` or later.
|
| CVE-2026-25835 |
|
Vulnerability in arm (CVE-2026-25835)
vulnerability in arm (CVE-2026-25835). Confidential information can be exposed externally.
|
| CVE-2026-34072 |
|
Authentication Bypass in fccview (CVE-2026-34072)
authentication bypass in fccview (CVE-2026-34072). Confidential information can be exposed externally.
|
| CVE-2026-27489 |
|
Vulnerability in path-traversal (CVE-2026-27489)
vulnerability in path-traversal (CVE-2026-27489). Confidential information can be exposed externally.
|
| CVE-2026-35093 |
|
Code Injection in freedesktop (CVE-2026-35093)
code injection in freedesktop (CVE-2026-35093). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35091 |
|
Vulnerability in dos (CVE-2026-35091)
vulnerability in dos (CVE-2026-35091). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35092 |
|
Vulnerability in dos (CVE-2026-35092)
vulnerability in dos (CVE-2026-35092). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34430 |
|
Vulnerability in deerflow (CVE-2026-34430)
vulnerability in deerflow (CVE-2026-34430). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5272 |
|
Vulnerability in google (CVE-2026-5272)
vulnerability in google (CVE-2026-5272). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5281 KEV |
|
[KEV] Use-After-Free in Google dawn (CVE-2026-5281)
vulnerability in Google dawn (CVE-2026-5281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-4800 |
|
Code Injection in lodash (CVE-2026-4800)
code injection in lodash (CVE-2026-4800). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30279 |
|
Path Traversal in c (CVE-2026-30279)
path traversal in c (CVE-2026-30279). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30277 |
|
Path Traversal in triumph-adler (CVE-2026-30277)
path traversal in triumph-adler (CVE-2026-30277). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30284 |
|
Vulnerability in uxgroupllc (CVE-2026-30284)
vulnerability in uxgroupllc (CVE-2026-30284). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22561 |
|
Vulnerability in privilege-escalation (CVE-2026-22561)
vulnerability in privilege-escalation (CVE-2026-22561). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5201 |
|
Vulnerability in dos (CVE-2026-5201)
vulnerability in dos (CVE-2026-5201). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34070 |
|
Path Traversal in path-traversal (CVE-2026-34070)
path traversal in path-traversal (CVE-2026-34070). Confidential information can be exposed externally.
|
| CVE-2026-33986 |
|
Vulnerability in c (CVE-2026-33986)
vulnerability in c (CVE-2026-33986). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33984 |
|
Vulnerability in c (CVE-2026-33984)
vulnerability in c (CVE-2026-33984). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21710 |
|
Vulnerability in CVE-2026-21710 (CVE-2026-21710)
vulnerability in CVE-2026-21710 (CVE-2026-21710). Risk of unauthorized operations or information disclosure. Exploitable via ``TypeError``.
|
| CVE-2026-5121 |
|
Vulnerability in libarchive (CVE-2026-5121)
vulnerability in libarchive (CVE-2026-5121). Confidential information can be exposed externally.
|
| CVE-2026-2370 |
|
Vulnerability in gitlab (CVE-2026-2370)
vulnerability in gitlab (CVE-2026-2370). Confidential information can be exposed externally.
|
| CVE-2026-3055 KEV |
|
[KEV] Out-of-Bounds Read in Citrix netscaler (CVE-2026-3055)
vulnerability in Citrix netscaler (CVE-2026-3055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34226 |
|
Vulnerability in capricorn86 (CVE-2026-34226)
vulnerability in capricorn86 (CVE-2026-34226). Confidential information can be exposed externally. Exploitable via ``window.location``.
|
| CVE-2026-33943 |
|
Code Injection in capricorn86 (CVE-2026-33943)
code injection in capricorn86 (CVE-2026-33943). Successful exploitation can lead to full system takeover. Exploitable via ``ECMAScriptModuleCompiler``.
|
| CVE-2026-33941 |
|
Cross-Site Scripting (XSS) in handlebarsjs (CVE-2026-33941)
cross-site scripting in handlebarsjs (CVE-2026-33941). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33940 |
|
Code Injection in handlebarsjs (CVE-2026-33940)
code injection in handlebarsjs (CVE-2026-33940). Successful exploitation can lead to full system takeover. Exploitable via ``undefined``.
|
| CVE-2026-33939 |
|
Vulnerability in dos (CVE-2026-33939)
vulnerability in dos (CVE-2026-33939). Risk of unauthorized operations or information disclosure. Exploitable via ``undefined``.
|
| CVE-2026-34046 |
|
Vulnerability in langflow (CVE-2026-34046)
vulnerability in langflow (CVE-2026-34046). Successful exploitation can lead to full system takeover. Exploitable via ``_read_flow``.
|
| CVE-2026-33938 |
|
Code Injection in handlebarsjs (CVE-2026-33938)
code injection in handlebarsjs (CVE-2026-33938). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33896 |
|
Vulnerability in digitalbazaar (CVE-2026-33896)
vulnerability in digitalbazaar (CVE-2026-33896). Confidential information can be exposed externally. Exploitable via ``basicConstraints``.
|
| CVE-2026-33895 |
|
Vulnerability in digitalbazaar (CVE-2026-33895)
vulnerability in digitalbazaar (CVE-2026-33895). Data can be tampered with by attackers. Exploitable via ``crypto.verify``.
|
| CVE-2026-33891 |
|
Vulnerability in dos (CVE-2026-33891)
vulnerability in dos (CVE-2026-33891). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33894 |
|
Vulnerability in digitalbazaar (CVE-2026-33894)
vulnerability in digitalbazaar (CVE-2026-33894). Data can be tampered with by attackers.
|
| CVE-2026-33871 |
|
Vulnerability in dos (CVE-2026-33871)
vulnerability in dos (CVE-2026-33871). Risk of unauthorized operations or information disclosure. Exploitable via ``CONTINUATION``.
|
| CVE-2026-33870 |
|
Vulnerability in netty (CVE-2026-33870)
vulnerability in netty (CVE-2026-33870). Data can be tampered with by attackers.
|
| CVE-2026-34040 |
|
Vulnerability in github.com/moby/moby (CVE-2026-34040)
vulnerability in github.com/moby/moby (CVE-2026-34040). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `29.3.1` or later.
|
| CVE-2026-28369 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28369)
vulnerability in io.undertow:undertow-parent (CVE-2026-28369). Confidential information can be exposed externally.
|
| CVE-2026-28368 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28368)
vulnerability in io.undertow:undertow-parent (CVE-2026-28368). Confidential information can be exposed externally.
|