Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43186 |
|
Vulnerability in c (CVE-2026-43186)
vulnerability in c (CVE-2026-43186). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43185 |
|
Vulnerability in linux (CVE-2026-43185)
vulnerability in linux (CVE-2026-43185). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43125 |
|
Out-of-Bounds Write in linux (CVE-2026-43125)
out-of-bounds write in linux (CVE-2026-43125). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43117 |
|
Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
|
| CVE-2026-43114 |
|
Vulnerability in c (CVE-2026-43114)
vulnerability in c (CVE-2026-43114). Confidential information can be exposed externally.
|
| CVE-2026-43083 |
|
Vulnerability in linux (CVE-2026-43083)
vulnerability in linux (CVE-2026-43083). Confidential information can be exposed externally.
|
| CVE-2026-35579 |
|
Authentication Bypass in github.com/coredns/coredns (CVE-2026-35579)
authentication bypass in github.com/coredns/coredns (CVE-2026-35579). Successful exploitation can lead to full system takeover. Exploitable via ``tsigStatus``. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-34084 |
|
Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-34084)
vulnerability in phpoffice/phpspreadsheet (CVE-2026-34084). Successful exploitation can lead to full system takeover. Exploitable via ``is_file``. Mitigation: upgrade to `1.30.3` or later.
|
| CVE-2026-38428 |
|
SQL Injection in sqli (CVE-2026-38428)
SQL injection in sqli (CVE-2026-38428). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v1/main/flows/search`.
|
| CVE-2026-38431 |
|
Code Injection in frappe (CVE-2026-38431)
code injection in frappe (CVE-2026-38431). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43071 |
|
Vulnerability in c (CVE-2026-43071)
vulnerability in c (CVE-2026-43071). Confidential information can be exposed externally.
|
| CVE-2026-43067 |
|
Vulnerability in linux (CVE-2026-43067)
vulnerability in linux (CVE-2026-43067). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42087 |
|
SQL Injection in sqli (CVE-2026-42087)
SQL injection in sqli (CVE-2026-42087). Confidential information can be exposed externally. Exploitable via ``tsdb_lookup``.
|
| CVE-2026-26956 |
|
Vulnerability in vm2-project (CVE-2026-26956)
vulnerability in vm2-project (CVE-2026-26956). Successful exploitation can lead to full system takeover. Exploitable via ``catch``.
|
| CVE-2026-24120 |
|
Code Injection in vm2-project (CVE-2026-24120)
code injection in vm2-project (CVE-2026-24120). Successful exploitation can lead to full system takeover. Exploitable via ``resetPromiseSpecies``.
|
| CVE-2026-24118 |
|
Code Injection in vm2-project (CVE-2026-24118)
code injection in vm2-project (CVE-2026-24118). Successful exploitation can lead to full system takeover. Exploitable via ``__lookupGetter__``.
|
| CVE-2026-24781 |
|
Code Injection in vm2-project (CVE-2026-24781)
code injection in vm2-project (CVE-2026-24781). Successful exploitation can lead to full system takeover. Exploitable via ``inspect``.
|
| CVE-2026-43039 |
|
Vulnerability in linux (CVE-2026-43039)
vulnerability in linux (CVE-2026-43039). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43038 |
|
Vulnerability in linux (CVE-2026-43038)
vulnerability in linux (CVE-2026-43038). Successful exploitation can lead to full system takeover.
|
| CVE-2025-54236 KEV |
|
[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|