Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-28368 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28368)
vulnerability in io.undertow:undertow-parent (CVE-2026-28368). Confidential information can be exposed externally.
|
| CVE-2025-15381 |
|
Information Disclosure in lfprojects (CVE-2025-15381)
vulnerability in lfprojects (CVE-2025-15381). Data can be tampered with by attackers. Exploitable via ``NO_PERMISSIONS``.
|
| CVE-2026-4984 |
|
Vulnerability in CVE-2026-4984 (CVE-2026-4984)
vulnerability in CVE-2026-4984 (CVE-2026-4984). Confidential information can be exposed externally.
|
| CVE-2026-33433 |
|
Vulnerability in traefik (CVE-2026-33433)
vulnerability in traefik (CVE-2026-33433). Successful exploitation can lead to full system takeover. Exploitable via ``headerField``.
|
| CVE-2026-27880 |
|
Out-of-Bounds Write in grafana (CVE-2026-27880)
out-of-bounds write in grafana (CVE-2026-27880). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32695 |
|
Vulnerability in traefik (CVE-2026-32695)
vulnerability in traefik (CVE-2026-32695). Confidential information can be exposed externally. Exploitable via ``tenant.example.com``.
|
| CVE-2026-27858 |
|
Vulnerability in dovecot (CVE-2026-27858)
vulnerability in dovecot (CVE-2026-27858). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27856 |
|
Authentication Bypass in dovecot (CVE-2026-27856)
authentication bypass in dovecot (CVE-2026-27856). Confidential information can be exposed externally.
|
| CVE-2026-24031 |
|
SQL Injection in dovecot (CVE-2026-24031)
SQL injection in dovecot (CVE-2026-24031). Confidential information can be exposed externally.
|
| CVE-2025-59032 |
|
Vulnerability in dovecot (CVE-2025-59032)
vulnerability in dovecot (CVE-2025-59032). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22744 |
|
Vulnerability in vmware (CVE-2026-22744)
vulnerability in vmware (CVE-2026-22744). Confidential information can be exposed externally.
|
| CVE-2026-22742 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-22742)
SSRF in ssrf (CVE-2026-22742). Confidential information can be exposed externally.
|
| CVE-2026-27893 |
|
Vulnerability in vllm (CVE-2026-27893)
vulnerability in vllm (CVE-2026-27893). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53521 KEV |
|
[KEV] Vulnerability in F5 big-ip (CVE-2025-53521)
vulnerability in F5 big-ip (CVE-2025-53521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-34352 |
|
Vulnerability in tigervnc (CVE-2026-34352)
vulnerability in tigervnc (CVE-2026-34352). Confidential information can be exposed externally.
|
| CVE-2026-0966 |
|
Vulnerability in dos (CVE-2026-0966)
vulnerability in dos (CVE-2026-0966). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32286 |
|
Vulnerability in github.com/jackc/pgproto3/v2 (CVE-2026-32286)
vulnerability in github.com/jackc/pgproto3/v2 (CVE-2026-32286). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32285 |
|
Vulnerability in dos (CVE-2026-32285)
vulnerability in dos (CVE-2026-32285). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4926 |
|
Vulnerability in c (CVE-2026-4926)
vulnerability in c (CVE-2026-4926). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-30463 |
|
SQL Injection in sqli (CVE-2026-30463)
SQL injection in sqli (CVE-2026-30463). Confidential information can be exposed externally.
|
| CVE-2026-33487 |
|
Vulnerability in goxmldsig-project (CVE-2026-33487)
vulnerability in goxmldsig-project (CVE-2026-33487). Data can be tampered with by attackers. Exploitable via ``validateSignature``.
|
| CVE-2026-32846 |
|
Path Traversal in openclaw (CVE-2026-32846)
path traversal in openclaw (CVE-2026-32846). Confidential information can be exposed externally. Mitigation: upgrade to `2026.03.28` or later.
|
| CVE-2026-1961 |
|
OS Command Injection in CVE-2026-1961 (CVE-2026-1961)
OS command injection in CVE-2026-1961 (CVE-2026-1961). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24068 |
|
Vulnerability in privilege-escalation (CVE-2026-24068)
vulnerability in privilege-escalation (CVE-2026-24068). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32680 |
|
Vulnerability in CVE-2026-32680 (CVE-2026-32680)
vulnerability in CVE-2026-32680 (CVE-2026-32680). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28760 |
|
Vulnerability in CVE-2026-28760 (CVE-2026-28760)
vulnerability in CVE-2026-28760 (CVE-2026-28760). Successful exploitation can lead to full system takeover.
|
| CVE-2025-15101 |
|
OS Command Injection in asus (CVE-2025-15101)
OS command injection in asus (CVE-2025-15101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33526 |
|
Use-After-Free in dos (CVE-2026-33526)
vulnerability in dos (CVE-2026-33526). Risk of unauthorized operations or information disclosure. Exploitable via ``icp_port``.
|
| CVE-2026-32748 |
|
Vulnerability in dos (CVE-2026-32748)
vulnerability in dos (CVE-2026-32748). Risk of unauthorized operations or information disclosure. Exploitable via ``icp_port``.
|
| CVE-2026-33634 KEV |
|
[KEV] Vulnerability in Aquasecurity trivy (CVE-2026-33634)
vulnerability in Aquasecurity trivy (CVE-2026-33634). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-33247 |
|
Vulnerability in linuxfoundation (CVE-2026-33247)
vulnerability in linuxfoundation (CVE-2026-33247). Confidential information can be exposed externally.
|
| CVE-2026-33218 |
|
Vulnerability in linuxfoundation (CVE-2026-33218)
vulnerability in linuxfoundation (CVE-2026-33218). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33217 |
|
Authorization Flaw in linuxfoundation (CVE-2026-33217)
vulnerability in linuxfoundation (CVE-2026-33217). Data can be tampered with by attackers.
|
| CVE-2026-33216 |
|
Vulnerability in linuxfoundation (CVE-2026-33216)
vulnerability in linuxfoundation (CVE-2026-33216). Confidential information can be exposed externally.
|
| CVE-2026-29785 |
|
Vulnerability in linuxfoundation (CVE-2026-29785)
vulnerability in linuxfoundation (CVE-2026-29785). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27889 |
|
Vulnerability in linuxfoundation (CVE-2026-27889)
vulnerability in linuxfoundation (CVE-2026-27889). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-30587 |
|
Cross-Site Scripting (XSS) in seafile (CVE-2026-30587)
cross-site scripting in seafile (CVE-2026-30587). Confidential information can be exposed externally. Mitigation: upgrade to `13.0.17` or later.
|
| CVE-2025-67030 |
|
Path Traversal in path-traversal (CVE-2025-67030)
path traversal in path-traversal (CVE-2025-67030). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3104 |
|
Vulnerability in isc (CVE-2026-3104)
vulnerability in isc (CVE-2026-3104). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1519 |
|
Vulnerability in isc (CVE-2026-1519)
vulnerability in isc (CVE-2026-1519). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-51348 |
|
Vulnerability in CVE-2024-51348 (CVE-2024-51348)
vulnerability in CVE-2024-51348 (CVE-2024-51348). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23288 |
|
Out-of-Bounds Read in linux (CVE-2026-23288)
vulnerability in linux (CVE-2026-23288). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23364 |
|
Vulnerability in linux (CVE-2026-23364)
vulnerability in linux (CVE-2026-23364). Confidential information can be exposed externally.
|
| CVE-2026-23327 |
|
Out-of-Bounds Read in c (CVE-2026-23327)
vulnerability in c (CVE-2026-23327). Confidential information can be exposed externally.
|
| CVE-2026-23306 |
|
Use-After-Free in Kernel (CVE-2026-23306)
vulnerability in Kernel (CVE-2026-23306). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
|
| CVE-2026-23305 |
|
Out-of-Bounds Read in linux (CVE-2026-23305)
vulnerability in linux (CVE-2026-23305). Confidential information can be exposed externally.
|
| CVE-2026-23294 |
|
Vulnerability in linux (CVE-2026-23294)
vulnerability in linux (CVE-2026-23294). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23281 |
|
Use-After-Free in linux (CVE-2026-23281)
vulnerability in linux (CVE-2026-23281). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23280 |
|
Vulnerability in linux (CVE-2026-23280)
vulnerability in linux (CVE-2026-23280). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3608 |
|
Vulnerability in CVE-2026-3608 (CVE-2026-3608)
vulnerability in CVE-2026-3608 (CVE-2026-3608). Risk of unauthorized operations or information disclosure.
|