Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-53609 Vulnerability in CVE-2026-53609 (CVE-2026-53609)
vulnerability in CVE-2026-53609 (CVE-2026-53609). Confidential information can be exposed externally. Exploitable via ``__proto__``.
CVE-2026-53519 Path Traversal in github.com/nezhahq/nezha (CVE-2026-53519)
path traversal in github.com/nezhahq/nezha (CVE-2026-53519). Confidential information can be exposed externally. Exploitable via `GET /dashboard../data/config.yaml`. Mitigation: upgrade to `2.0.13` or later.
CVE-2026-41157 Out-of-Bounds Write in Google chrome (CVE-2026-41157)
out-of-bounds write in Google chrome (CVE-2026-41157). Successful exploitation can lead to full system takeover.
CVE-2026-28742 Vulnerability in CVE-2026-28742 (CVE-2026-28742)
vulnerability in CVE-2026-28742 (CVE-2026-28742). Successful exploitation can lead to full system takeover.
CVE-2026-48558 KEV [KEV] Vulnerability in Simplehelp simple-help (CVE-2026-48558)
vulnerability in Simplehelp simple-help (CVE-2026-48558). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-44172 SQL Injection in mariadb (CVE-2026-44172)
SQL injection in mariadb (CVE-2026-44172). Successful exploitation can lead to full system takeover.
CVE-2026-44170 OS Command Injection in mariadb (CVE-2026-44170)
OS command injection in mariadb (CVE-2026-44170). Successful exploitation can lead to full system takeover.
CVE-2026-50091 Vulnerability in c (CVE-2026-50091)
vulnerability in c (CVE-2026-50091). Confidential information can be exposed externally.
CVE-2026-50090 Vulnerability in c (CVE-2026-50090)
vulnerability in c (CVE-2026-50090). Confidential information can be exposed externally.
CVE-2026-50086 Vulnerability in c (CVE-2026-50086)
vulnerability in c (CVE-2026-50086). Successful exploitation can lead to full system takeover.
CVE-2026-50084 Vulnerability in c (CVE-2026-50084)
vulnerability in c (CVE-2026-50084). Confidential information can be exposed externally.
CVE-2026-50083 Vulnerability in c (CVE-2026-50083)
vulnerability in c (CVE-2026-50083). Confidential information can be exposed externally.
CVE-2026-6853 Vulnerability in CVE-2026-6853 (CVE-2026-6853)
vulnerability in CVE-2026-6853 (CVE-2026-6853). Successful exploitation can lead to full system takeover.
CVE-2026-53787 Unrestricted File Upload in path-traversal (CVE-2026-53787)
vulnerability in path-traversal (CVE-2026-53787). Successful exploitation can lead to full system takeover.
CVE-2026-54133 Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
CVE-2026-11849 Vulnerability in CVE-2026-11849 (CVE-2026-11849)
vulnerability in CVE-2026-11849 (CVE-2026-11849). Successful exploitation can lead to full system takeover.
CVE-2026-50628 Vulnerability in apache (CVE-2026-50628)
vulnerability in apache (CVE-2026-50628). Successful exploitation can lead to full system takeover.
CVE-2026-50627 Vulnerability in apache (CVE-2026-50627)
vulnerability in apache (CVE-2026-50627). Successful exploitation can lead to full system takeover.
CVE-2026-49875 XXE (XML External Entity) in apache (CVE-2026-49875)
vulnerability in apache (CVE-2026-49875). Successful exploitation can lead to full system takeover.
CVE-2026-48611 Authentication Bypass in CVE-2026-48611 (CVE-2026-48611)
authentication bypass in CVE-2026-48611 (CVE-2026-48611). Successful exploitation can lead to full system takeover.
CVE-2026-47370 Vulnerability in CVE-2026-47370 (CVE-2026-47370)
vulnerability in CVE-2026-47370 (CVE-2026-47370). Successful exploitation can lead to full system takeover.
CVE-2026-47369 Vulnerability in CVE-2026-47369 (CVE-2026-47369)
vulnerability in CVE-2026-47369 (CVE-2026-47369). Successful exploitation can lead to full system takeover.
CVE-2026-47367 Vulnerability in CVE-2026-47367 (CVE-2026-47367)
vulnerability in CVE-2026-47367 (CVE-2026-47367). Successful exploitation can lead to full system takeover.
CVE-2026-47365 Vulnerability in wordpress (CVE-2026-47365)
vulnerability in wordpress (CVE-2026-47365). Successful exploitation can lead to full system takeover.
CVE-2026-45060 SQL Injection in sqli (CVE-2026-45060)
SQL injection in sqli (CVE-2026-45060). Successful exploitation can lead to full system takeover.
CVE-2026-42846 OS Command Injection in CVE-2026-42846 (CVE-2026-42846)
OS command injection in CVE-2026-42846 (CVE-2026-42846). Successful exploitation can lead to full system takeover.
CVE-2026-49060 Vulnerability in privilege-escalation (CVE-2026-49060)
vulnerability in privilege-escalation (CVE-2026-49060). Successful exploitation can lead to full system takeover.
CVE-2026-42647 SQL Injection in sqli (CVE-2026-42647)
SQL injection in sqli (CVE-2026-42647). Confidential information can be exposed externally.
CVE-2026-39494 SQL Injection in sqli (CVE-2026-39494)
SQL injection in sqli (CVE-2026-39494). Confidential information can be exposed externally.
CVE-2026-12027 Vulnerability in google (CVE-2026-12027)
vulnerability in google (CVE-2026-12027). Successful exploitation can lead to full system takeover.
CVE-2026-41005 Vulnerability in CVE-2026-41005 (CVE-2026-41005)
vulnerability in CVE-2026-41005 (CVE-2026-41005). Successful exploitation can lead to full system takeover.
CVE-2026-49973 Vulnerability in CVE-2026-49973 (CVE-2026-49973)
vulnerability in CVE-2026-49973 (CVE-2026-49973). Confidential information can be exposed externally.
CVE-2026-45177 Vulnerability in paloaltonetworks (CVE-2026-45177)
vulnerability in paloaltonetworks (CVE-2026-45177). Confidential information can be exposed externally.
CVE-2026-49261 OS Command Injection in mariadb (CVE-2026-49261)
OS command injection in mariadb (CVE-2026-49261). Successful exploitation can lead to full system takeover. Exploitable via ``wsrep_notify_cmd``. Mitigation: upgrade to `10.6.27` or later.
CVE-2026-11839 Unrestricted File Upload in CVE-2026-11839 (CVE-2026-11839)
vulnerability in CVE-2026-11839 (CVE-2026-11839). Successful exploitation can lead to full system takeover.
CVE-2026-10557 Vulnerability in cisa (CVE-2026-10557)
vulnerability in cisa (CVE-2026-10557). Successful exploitation can lead to full system takeover.
CVE-2026-38581 SQL Injection in sqli (CVE-2026-38581)
SQL injection in sqli (CVE-2026-38581). Successful exploitation can lead to full system takeover.
CVE-2026-48020 Vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020)
vulnerability in github.com/traefik/traefik/v2 (CVE-2026-48020). Confidential information can be exposed externally. Exploitable via `GET /admin`. Mitigation: upgrade to `2.11.48` or later.
CVE-2026-7852 Unrestricted File Upload in CVE-2026-7852 (CVE-2026-7852)
vulnerability in CVE-2026-7852 (CVE-2026-7852). Successful exploitation can lead to full system takeover.
CVE-2026-11561 Vulnerability in CVE-2026-11561 (CVE-2026-11561)
vulnerability in CVE-2026-11561 (CVE-2026-11561). Successful exploitation can lead to full system takeover.
CVE-2026-35273 KEV [KEV] Vulnerability in Oracle c (CVE-2026-35273)
vulnerability in Oracle c (CVE-2026-35273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-50638 Vulnerability in pevans (CVE-2026-50638)
vulnerability in pevans (CVE-2026-50638). Confidential information can be exposed externally.
CVE-2026-20253 KEV [KEV] Vulnerability in splunk (CVE-2026-20253)
vulnerability in splunk (CVE-2026-20253). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-50566 Vulnerability in github.com/fission/fission (CVE-2026-50566)
vulnerability in github.com/fission/fission (CVE-2026-50566). Successful exploitation can lead to full system takeover. Exploitable via ``PodSpec``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-50564 Privilege Escalation in github.com/fission/fission (CVE-2026-50564)
vulnerability in github.com/fission/fission (CVE-2026-50564). Successful exploitation can lead to full system takeover. Exploitable via ``Environment``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-50563 Privilege Escalation in github.com/fission/fission (CVE-2026-50563)
vulnerability in github.com/fission/fission (CVE-2026-50563). Successful exploitation can lead to full system takeover. Exploitable via ``Function.spec.podspec``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-50545 Privilege Escalation in github.com/fission/fission (CVE-2026-50545)
vulnerability in github.com/fission/fission (CVE-2026-50545). Successful exploitation can lead to full system takeover. Exploitable via ``Environment.spec.runtime.podSpec``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-53476 Vulnerability in path-traversal (CVE-2026-53476)
vulnerability in path-traversal (CVE-2026-53476). Successful exploitation can lead to full system takeover.
CVE-2026-53475 Vulnerability in kubev2v (CVE-2026-53475)
vulnerability in kubev2v (CVE-2026-53475). Confidential information can be exposed externally.
CVE-2026-53474 SQL Injection in sqli (CVE-2026-53474)
SQL injection in sqli (CVE-2026-53474). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →