Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2016-20032 Cross-Site Scripting (XSS) in CVE-2016-20032 (CVE-2016-20032)
cross-site scripting in CVE-2016-20032 (CVE-2016-20032). Risk of unauthorized operations or information disclosure.
CVE-2016-20025 Vulnerability in privilege-escalation (CVE-2016-20025)
vulnerability in privilege-escalation (CVE-2016-20025). Successful exploitation can lead to full system takeover.
CVE-2025-47813 KEV [KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-3999 Vulnerability in privilege-escalation (CVE-2026-3999)
vulnerability in privilege-escalation (CVE-2026-3999). Successful exploitation can lead to full system takeover.
CVE-2026-4111 Vulnerability in CVE-2026-4111 (CVE-2026-4111)
vulnerability in CVE-2026-4111 (CVE-2026-4111). Risk of unauthorized operations or information disclosure.
CVE-2026-3873 Vulnerability in CVE-2026-3873 (CVE-2026-3873)
vulnerability in CVE-2026-3873 (CVE-2026-3873). Risk of unauthorized operations or information disclosure.
CVE-2025-71263 Vulnerability in opengroup (CVE-2025-71263)
vulnerability in opengroup (CVE-2025-71263). Successful exploitation can lead to full system takeover.
CVE-2025-13779 Vulnerability in CVE-2025-13779 (CVE-2025-13779)
vulnerability in CVE-2025-13779 (CVE-2025-13779). Confidential information can be exposed externally.
CVE-2026-3910 KEV [KEV] Buffer Overflow in Google chromium-v8 (CVE-2026-3910)
vulnerability in Google chromium-v8 (CVE-2026-3910). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-3909 KEV [KEV] Out-of-Bounds Write in Google skia (CVE-2026-3909)
out-of-bounds write in Google skia (CVE-2026-3909). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-32597 Vulnerability in pyjwt (CVE-2026-32597)
vulnerability in pyjwt (CVE-2026-32597). Data can be tampered with by attackers. Exploitable via ``crit``. Mitigation: upgrade to `2.12.0` or later.
CVE-2026-2229 Vulnerability in c (CVE-2026-2229)
vulnerability in c (CVE-2026-2229). Risk of unauthorized operations or information disclosure.
CVE-2026-1528 Vulnerability in nodejs (CVE-2026-1528)
vulnerability in nodejs (CVE-2026-1528). Risk of unauthorized operations or information disclosure.
CVE-2026-1526 Vulnerability in nodejs (CVE-2026-1526)
vulnerability in nodejs (CVE-2026-1526). Risk of unauthorized operations or information disclosure.
CVE-2026-32274 Path Traversal in black (CVE-2026-32274)
path traversal in black (CVE-2026-32274). Data can be tampered with by attackers.
CVE-2026-3497 Vulnerability in canonical (CVE-2026-3497)
vulnerability in canonical (CVE-2026-3497). Risk of unauthorized operations or information disclosure.
CVE-2026-32141 Vulnerability in webreflection (CVE-2026-32141)
vulnerability in webreflection (CVE-2026-32141). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.4.0` or later.
CVE-2026-28356 Vulnerability in dos (CVE-2026-28356)
vulnerability in dos (CVE-2026-28356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.2` or later.
CVE-2026-21672 Vulnerability in privilege-escalation (CVE-2026-21672)
vulnerability in privilege-escalation (CVE-2026-21672). Successful exploitation can lead to full system takeover.
CVE-2026-21668 Vulnerability in veeam (CVE-2026-21668)
vulnerability in veeam (CVE-2026-21668). Successful exploitation can lead to full system takeover.
CVE-2026-21670 A vulnerability allowing a low-privileged user to extract saved SSH credentials.
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
CVE-2023-43010 Out-of-Bounds Write in apple (CVE-2023-43010)
out-of-bounds write in apple (CVE-2023-43010). Successful exploitation can lead to full system takeover.
CVE-2026-20046 Vulnerability in cisco (CVE-2026-20046)
vulnerability in cisco (CVE-2026-20046). Successful exploitation can lead to full system takeover.
CVE-2025-67037 Code Injection in lantronix (CVE-2025-67037)
code injection in lantronix (CVE-2025-67037). Successful exploitation can lead to full system takeover.
CVE-2025-67036 Code Injection in lantronix (CVE-2025-67036)
code injection in lantronix (CVE-2025-67036). Successful exploitation can lead to full system takeover.
CVE-2025-67034 Code Injection in lantronix (CVE-2025-67034)
code injection in lantronix (CVE-2025-67034). Successful exploitation can lead to full system takeover.
CVE-2026-31892 Authorization Flaw in argoproj (CVE-2026-31892)
vulnerability in argoproj (CVE-2026-31892). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.2` or later.
CVE-2026-1497 Authorization Flaw in neo4j (CVE-2026-1497)
vulnerability in neo4j (CVE-2026-1497). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.26.22, 2026.2.0` or later.
CVE-2026-30902 Privilege Escalation in zoom (CVE-2026-30902)
vulnerability in zoom (CVE-2026-30902). Successful exploitation can lead to full system takeover.
CVE-2026-30900 Vulnerability in zoom (CVE-2026-30900)
vulnerability in zoom (CVE-2026-30900). Successful exploitation can lead to full system takeover.
CVE-2026-30901 Vulnerability in zoom (CVE-2026-30901)
vulnerability in zoom (CVE-2026-30901). Successful exploitation can lead to full system takeover.
CVE-2026-32062 Vulnerability in openclaw (CVE-2026-32062)
vulnerability in openclaw (CVE-2026-32062). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.2.22` or later.
CVE-2025-68613 KEV [KEV] Vulnerability in n8n (CVE-2025-68613)
vulnerability in n8n (CVE-2025-68613). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-31837 Information Disclosure in istio (CVE-2026-31837)
vulnerability in istio (CVE-2026-31837). Confidential information can be exposed externally. Mitigation: upgrade to `1.29.1` or later.
CVE-2026-28807 Path Traversal in wisp (CVE-2026-28807)
path traversal in wisp (CVE-2026-28807). Confidential information can be exposed externally. Exploitable via ``wisp.serve_static``. Mitigation: upgrade to `2.2.1` or later.
CVE-2026-28806 Vulnerability in nerves-hub (CVE-2026-28806)
vulnerability in nerves-hub (CVE-2026-28806). Successful exploitation can lead to full system takeover.
CVE-2026-30951 SQL Injection in sqli (CVE-2026-30951)
SQL injection in sqli (CVE-2026-30951). Confidential information can be exposed externally. Mitigation: upgrade to `6.37.8` or later.
CVE-2026-26128 Authentication Bypass in microsoft (CVE-2026-26128)
authentication bypass in microsoft (CVE-2026-26128). Successful exploitation can lead to full system takeover.
CVE-2026-25187 Vulnerability in microsoft (CVE-2026-25187)
vulnerability in microsoft (CVE-2026-25187). Successful exploitation can lead to full system takeover.
CVE-2026-24294 Authentication Bypass in microsoft (CVE-2026-24294)
authentication bypass in microsoft (CVE-2026-24294). Successful exploitation can lead to full system takeover.
CVE-2025-11739 Unsafe Deserialization in deserialization (CVE-2025-11739)
vulnerability in deserialization (CVE-2025-11739). Successful exploitation can lead to full system takeover.
CVE-2026-2273 Code Injection in schneider-electric (CVE-2026-2273)
code injection in schneider-electric (CVE-2026-2273). Successful exploitation can lead to full system takeover.
CVE-2026-2339 Vulnerability in CVE-2026-2339 (CVE-2026-2339)
vulnerability in CVE-2026-2339 (CVE-2026-2339). Successful exploitation can lead to full system takeover.
CVE-2026-26738 Vulnerability in uderzo (CVE-2026-26738)
vulnerability in uderzo (CVE-2026-26738). Successful exploitation can lead to full system takeover.
CVE-2026-26130 Vulnerability in csharp (CVE-2026-26130)
vulnerability in csharp (CVE-2026-26130). Risk of unauthorized operations or information disclosure.
CVE-2026-26134 Vulnerability in microsoft (CVE-2026-26134)
vulnerability in microsoft (CVE-2026-26134). Successful exploitation can lead to full system takeover.
CVE-2026-26110 Vulnerability in microsoft (CVE-2026-26110)
vulnerability in microsoft (CVE-2026-26110). Successful exploitation can lead to full system takeover.
CVE-2026-25836 OS Command Injection in fortinet (CVE-2026-25836)
OS command injection in fortinet (CVE-2026-25836). Successful exploitation can lead to full system takeover.
CVE-2026-24293 Vulnerability in microsoft (CVE-2026-24293)
vulnerability in microsoft (CVE-2026-24293). Successful exploitation can lead to full system takeover.
CVE-2026-24289 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →