Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-4371 |
|
Vulnerability in mozilla (CVE-2026-4371)
vulnerability in mozilla (CVE-2026-4371). Confidential information can be exposed externally.
|
| CVE-2026-33331 |
|
Cross-Site Scripting (XSS) in orpc (CVE-2026-33331)
cross-site scripting in orpc (CVE-2026-33331). Confidential information can be exposed externally.
|
| CVE-2026-27651 |
|
Vulnerability in nginx (CVE-2026-27651)
vulnerability in nginx (CVE-2026-27651). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32647 |
|
Out-of-Bounds Read in nginx (CVE-2026-32647)
vulnerability in nginx (CVE-2026-32647). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27784 |
|
Vulnerability in nginx (CVE-2026-27784)
vulnerability in nginx (CVE-2026-27784). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27654 |
|
Vulnerability in nginx (CVE-2026-27654)
vulnerability in nginx (CVE-2026-27654). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4694 |
|
Vulnerability in mozilla (CVE-2026-4694)
vulnerability in mozilla (CVE-2026-4694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4695 |
|
Vulnerability in mozilla (CVE-2026-4695)
vulnerability in mozilla (CVE-2026-4695). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4699 |
|
Vulnerability in mozilla (CVE-2026-4699)
vulnerability in mozilla (CVE-2026-4699). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4697 |
|
Vulnerability in mozilla (CVE-2026-4697)
vulnerability in mozilla (CVE-2026-4697). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4687 |
|
Vulnerability in mozilla (CVE-2026-4687)
vulnerability in mozilla (CVE-2026-4687). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4690 |
|
Vulnerability in mozilla (CVE-2026-4690)
vulnerability in mozilla (CVE-2026-4690). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4684 |
|
Vulnerability in mozilla (CVE-2026-4684)
vulnerability in mozilla (CVE-2026-4684). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4693 |
|
Vulnerability in mozilla (CVE-2026-4693)
vulnerability in mozilla (CVE-2026-4693). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4686 |
|
Vulnerability in mozilla (CVE-2026-4686)
vulnerability in mozilla (CVE-2026-4686). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4685 |
|
Vulnerability in mozilla (CVE-2026-4685)
vulnerability in mozilla (CVE-2026-4685). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4775 |
|
Vulnerability in dos (CVE-2026-4775)
vulnerability in dos (CVE-2026-4775). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33554 |
|
Vulnerability in CVE-2026-33554 (CVE-2026-33554)
vulnerability in CVE-2026-33554 (CVE-2026-33554). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64998 |
|
Vulnerability in checkmk (CVE-2025-64998)
vulnerability in checkmk (CVE-2025-64998). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25634 |
|
Out-of-Bounds Write in 4mhz (CVE-2019-25634)
out-of-bounds write in 4mhz (CVE-2019-25634). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32284 |
|
Out-of-Bounds Read in github.com/shamaton/msgpack (CVE-2026-32284)
vulnerability in github.com/shamaton/msgpack (CVE-2026-32284). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32845 |
|
Vulnerability in dos (CVE-2026-32845)
vulnerability in dos (CVE-2026-32845). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4602 |
|
Vulnerability in kjur (CVE-2026-4602)
vulnerability in kjur (CVE-2026-4602). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4601 |
|
Vulnerability in kjur (CVE-2026-4601)
vulnerability in kjur (CVE-2026-4601). Confidential information can be exposed externally.
|
| CVE-2026-4600 |
|
Vulnerability in kjur (CVE-2026-4600)
vulnerability in kjur (CVE-2026-4600). Confidential information can be exposed externally.
|
| CVE-2026-4598 |
|
Vulnerability in kjur (CVE-2026-4598)
vulnerability in kjur (CVE-2026-4598). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23536 |
|
Path Traversal in CVE-2026-23536 (CVE-2026-23536)
path traversal in CVE-2026-23536 (CVE-2026-23536). Confidential information can be exposed externally.
|
| CVE-2026-33236 |
|
Path Traversal in path-traversal (CVE-2026-33236)
path traversal in path-traversal (CVE-2026-33236). Data can be tampered with by attackers. Exploitable via ``subdir``.
|
| CVE-2026-33231 |
|
Vulnerability in dos (CVE-2026-33231)
vulnerability in dos (CVE-2026-33231). Risk of unauthorized operations or information disclosure. Exploitable via `GET /SHUTDOWN`.
|
| CVE-2026-33180 |
|
Information Disclosure in CVE-2026-33180 (CVE-2026-33180)
vulnerability in CVE-2026-33180 (CVE-2026-33180). Confidential information can be exposed externally.
|
| CVE-2026-33150 |
|
Use-After-Free in libfuse-project (CVE-2026-33150)
vulnerability in libfuse-project (CVE-2026-33150). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67260 |
|
Unrestricted File Upload in aster-te (CVE-2025-67260)
vulnerability in aster-te (CVE-2025-67260). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23275 |
|
Vulnerability in CVE-2026-23275 (CVE-2026-23275)
vulnerability in CVE-2026-23275 (CVE-2026-23275). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23274 |
|
Vulnerability in Kernel (CVE-2026-23274)
vulnerability in Kernel (CVE-2026-23274). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.78, 6.18.19, 6.19.9` or later.
|
| CVE-2026-23278 |
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: always...
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: always...
|
| CVE-2026-23273 |
|
Vulnerability in Kernel (CVE-2026-23273)
vulnerability in Kernel (CVE-2026-23273). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4` or later.
|
| CVE-2026-23272 |
|
Vulnerability in linux (CVE-2026-23272)
vulnerability in linux (CVE-2026-23272). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23271 |
|
Vulnerability in Kernel (CVE-2026-23271)
vulnerability in Kernel (CVE-2026-23271). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
|
| CVE-2026-4447 |
|
Vulnerability in google (CVE-2026-4447)
vulnerability in google (CVE-2026-4447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32875 |
|
Vulnerability in c (CVE-2026-32875)
vulnerability in c (CVE-2026-32875). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32874 |
|
Vulnerability in c (CVE-2026-32874)
vulnerability in c (CVE-2026-32874). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-32829 |
|
Vulnerability in pseitz (CVE-2026-32829)
vulnerability in pseitz (CVE-2026-32829). Confidential information can be exposed externally. Exploitable via ``decompress_into``.
|
| CVE-2025-32432 KEV |
|
[KEV] Code Injection in Craft cms craft-cms (CVE-2025-32432)
code injection in Craft cms craft-cms (CVE-2025-32432). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-54068 KEV |
|
[KEV] Code Injection in Laravel livewire (CVE-2025-54068)
code injection in Laravel livewire (CVE-2025-54068). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-43510 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2025-43510)
vulnerability in Apple multiple-products (CVE-2025-43510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-43520 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2025-43520)
vulnerability in Apple multiple-products (CVE-2025-43520). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-31277 KEV |
|
[KEV] Buffer Overflow in Apple multiple-products (CVE-2025-31277)
vulnerability in Apple multiple-products (CVE-2025-31277). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-4342 |
|
Vulnerability in nginx (CVE-2026-4342)
vulnerability in nginx (CVE-2026-4342). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3029 |
|
Path Traversal in path-traversal (CVE-2026-3029)
path traversal in path-traversal (CVE-2026-3029). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4424 |
|
Out-of-Bounds Read in libarchive (CVE-2026-4424)
vulnerability in libarchive (CVE-2026-4424). Confidential information can be exposed externally.
|