Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-31125 KEV [KEV] Information Disclosure in vite (CVE-2025-31125)
vulnerability in vite (CVE-2025-31125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-54313 KEV [KEV] Vulnerability in prettier (CVE-2025-54313)
vulnerability in prettier (CVE-2025-54313). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-24046 Path Traversal in path-traversal (CVE-2026-24046)
path traversal in path-traversal (CVE-2026-24046). Confidential information can be exposed externally.
CVE-2026-22822 Authorization Flaw in external-secrets (CVE-2026-22822)
vulnerability in external-secrets (CVE-2026-22822). Successful exploitation can lead to full system takeover. Exploitable via ``getSecretKey``.
CVE-2026-22807 Code Injection in vllm (CVE-2026-22807)
code injection in vllm (CVE-2026-22807). Successful exploitation can lead to full system takeover. Exploitable via ``auto_map``.
CVE-2026-23956 Vulnerability in seroval (CVE-2026-23956)
vulnerability in seroval (CVE-2026-23956). Risk of unauthorized operations or information disclosure. Exploitable via ``Seroval``. Mitigation: upgrade to `1.4.1` or later.
CVE-2025-13878 Vulnerability in CVE-2025-13878 (CVE-2025-13878)
vulnerability in CVE-2025-13878 (CVE-2025-13878). Risk of unauthorized operations or information disclosure. Exploitable via ``named``.
CVE-2026-20045 KEV [KEV] Code Injection in Cisco unified-communications-manager (CVE-2026-20045)
code injection in Cisco unified-communications-manager (CVE-2026-20045). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-55131 Vulnerability in CVE-2025-55131 (CVE-2025-55131)
vulnerability in CVE-2025-55131 (CVE-2025-55131). Confidential information can be exposed externally. Exploitable via ``Buffer.alloc``.
CVE-2025-59465 Vulnerability in dos (CVE-2025-59465)
vulnerability in dos (CVE-2025-59465). Risk of unauthorized operations or information disclosure. Exploitable via ``HPACK``.
CVE-2026-23876 Vulnerability in imagemagick (CVE-2026-23876)
vulnerability in imagemagick (CVE-2026-23876). Successful exploitation can lead to full system takeover.
CVE-2026-23950 Vulnerability in isaacs (CVE-2026-23950)
vulnerability in isaacs (CVE-2026-23950). Data can be tampered with by attackers. Exploitable via ``PathReservations``.
CVE-2026-22031 Vulnerability in fastify (CVE-2026-22031)
vulnerability in fastify (CVE-2026-22031). Confidential information can be exposed externally.
CVE-2025-68616 Open Redirect in weasyprint (CVE-2025-68616)
vulnerability in weasyprint (CVE-2025-68616). Confidential information can be exposed externally. Exploitable via ``default_url_fetcher``. Mitigation: upgrade to `68.0` or later.
CVE-2021-47839 Cross-Site Scripting (XSS) in CVE-2021-47839 (CVE-2021-47839)
cross-site scripting in CVE-2021-47839 (CVE-2021-47839). Risk of unauthorized operations or information disclosure.
CVE-2026-23490 Vulnerability in pyasn1 (CVE-2026-23490)
vulnerability in pyasn1 (CVE-2026-23490). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.2` or later.
CVE-2021-47814 Vulnerability in dos (CVE-2021-47814)
vulnerability in dos (CVE-2021-47814). Risk of unauthorized operations or information disclosure.
CVE-2026-22774 Vulnerability in dos (CVE-2026-22774)
vulnerability in dos (CVE-2026-22774). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.6.2` or later.
CVE-2026-22775 Vulnerability in dos (CVE-2026-22775)
vulnerability in dos (CVE-2026-22775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.6.2` or later.
CVE-2025-67246 Privilege Escalation in privilege-escalation (CVE-2025-67246)
vulnerability in privilege-escalation (CVE-2025-67246). Confidential information can be exposed externally.
CVE-2026-0897 Vulnerability in keras (CVE-2026-0897)
vulnerability in keras (CVE-2026-0897). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.13.1` or later.
CVE-2026-0532 SSRF (Server-Side Request Forgery) in CVE-2026-0532 (CVE-2026-0532)
SSRF in CVE-2026-0532 (CVE-2026-0532). Confidential information can be exposed externally.
CVE-2026-20931 Vulnerability in microsoft (CVE-2026-20931)
vulnerability in microsoft (CVE-2026-20931). Successful exploitation can lead to full system takeover.
CVE-2026-20864 Vulnerability in microsoft (CVE-2026-20864)
vulnerability in microsoft (CVE-2026-20864). Successful exploitation can lead to full system takeover.
CVE-2026-20921 Vulnerability in microsoft (CVE-2026-20921)
vulnerability in microsoft (CVE-2026-20921). Successful exploitation can lead to full system takeover.
CVE-2026-20817 Vulnerability in microsoft (CVE-2026-20817)
vulnerability in microsoft (CVE-2026-20817). Successful exploitation can lead to full system takeover.
CVE-2025-25249 Vulnerability in fortinet (CVE-2025-25249)
vulnerability in fortinet (CVE-2025-25249). Successful exploitation can lead to full system takeover.
CVE-2025-66698 Authentication Bypass in semantic-machines (CVE-2025-66698)
authentication bypass in semantic-machines (CVE-2025-66698). Confidential information can be exposed externally.
CVE-2026-0877 Vulnerability in mozilla (CVE-2026-0877)
vulnerability in mozilla (CVE-2026-0877). Confidential information can be exposed externally.
CVE-2026-0891 Buffer Overflow in mozilla (CVE-2026-0891)
vulnerability in mozilla (CVE-2026-0891). Successful exploitation can lead to full system takeover.
CVE-2026-0882 Use-After-Free in mozilla (CVE-2026-0882)
vulnerability in mozilla (CVE-2026-0882). Successful exploitation can lead to full system takeover.
CVE-2026-0880 Vulnerability in mozilla (CVE-2026-0880)
vulnerability in mozilla (CVE-2026-0880). Successful exploitation can lead to full system takeover.
CVE-2026-0878 Vulnerability in mozilla (CVE-2026-0878)
vulnerability in mozilla (CVE-2026-0878). Confidential information can be exposed externally.
CVE-2025-40944 Vulnerability in CVE-2025-40944 (CVE-2025-40944)
vulnerability in CVE-2025-40944 (CVE-2025-40944). Risk of unauthorized operations or information disclosure.
CVE-2025-66176 Vulnerability in hikvision (CVE-2025-66176)
vulnerability in hikvision (CVE-2025-66176). Successful exploitation can lead to full system takeover.
CVE-2025-66177 Vulnerability in CVE-2025-66177 (CVE-2025-66177)
vulnerability in CVE-2025-66177 (CVE-2025-66177). Successful exploitation can lead to full system takeover.
CVE-2025-15514 Vulnerability in dos (CVE-2025-15514)
vulnerability in dos (CVE-2025-15514). Risk of unauthorized operations or information disclosure.
CVE-2026-20805 KEV [KEV] Information Disclosure in Microsoft windows (CVE-2026-20805)
vulnerability in Microsoft windows (CVE-2026-20805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-22771 Code Injection in envoyproxy (CVE-2026-22771)
code injection in envoyproxy (CVE-2026-22771). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.7` or later.
CVE-2025-8110 KEV [KEV] Path Traversal in gogs (CVE-2025-8110)
path traversal in gogs (CVE-2025-8110). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-68493 XXE (XML External Entity) in apache (CVE-2025-68493)
vulnerability in apache (CVE-2025-68493). Confidential information can be exposed externally.
CVE-2026-21884 Cross-Site Scripting (XSS) in react (CVE-2026-21884)
cross-site scripting in react (CVE-2026-21884). Confidential information can be exposed externally.
CVE-2025-59057 Cross-Site Scripting (XSS) in react (CVE-2025-59057)
cross-site scripting in react (CVE-2025-59057). Confidential information can be exposed externally.
CVE-2026-22029 Cross-Site Scripting (XSS) in react (CVE-2026-22029)
cross-site scripting in react (CVE-2026-22029). Confidential information can be exposed externally.
CVE-2025-9222 Cross-Site Scripting (XSS) in gitlab (CVE-2025-9222)
cross-site scripting in gitlab (CVE-2025-9222). Confidential information can be exposed externally.
CVE-2025-13772 Vulnerability in gitlab (CVE-2025-13772)
vulnerability in gitlab (CVE-2025-13772). Confidential information can be exposed externally.
CVE-2025-13761 Cross-Site Scripting (XSS) in c (CVE-2025-13761)
cross-site scripting in c (CVE-2025-13761). Confidential information can be exposed externally.
CVE-2025-65518 Vulnerability in dos (CVE-2025-65518)
vulnerability in dos (CVE-2025-65518). Risk of unauthorized operations or information disclosure.
CVE-2025-50334 Vulnerability in dos (CVE-2025-50334)
vulnerability in dos (CVE-2025-50334). Risk of unauthorized operations or information disclosure.
CVE-2026-0719 Vulnerability in CVE-2026-0719 (CVE-2026-0719)
vulnerability in CVE-2026-0719 (CVE-2026-0719). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →