Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

ID	Title	Severity	Tags	Detected
CVE-2026-43284	Vulnerability in linux (CVE-2026-43284) vulnerability in linux (CVE-2026-43284). Successful exploitation can lead to full system takeover.	High	Cwe 123 Linux Linux Kernel	1 day ago
CVE-2026-4935	SQL Injection in wordpress (CVE-2026-4935) SQL injection in wordpress (CVE-2026-4935). Confidential information can be exposed externally.	High	WordPress SQL Injection Cwe 89	1 day ago
CVE-2025-67888	OS Command Injection in CVE-2025-67888 (CVE-2025-67888) OS command injection in CVE-2025-67888 (CVE-2025-67888). Risk of unauthorized operations or information disclosure.	High	PHP Cwe 78	1 day ago
CVE-2025-55449	Vulnerability in CVE-2025-55449 (CVE-2025-55449) vulnerability in CVE-2025-55449 (CVE-2025-55449). Risk of unauthorized operations or information disclosure.	High	Cwe 321	1 day ago
CVE-2024-53326	Unsafe Deserialization in deserialization (CVE-2024-53326) vulnerability in deserialization (CVE-2024-53326). Successful exploitation can lead to full system takeover.	High	Insecure Deserialization Cwe 502	1 day ago
CVE-2024-46508	Vulnerability in yeti-platform (CVE-2024-46508) vulnerability in yeti-platform (CVE-2024-46508). Confidential information can be exposed externally.	High	Cwe 798 Yeti Platform Yeti	1 day ago
CVE-2024-46507	Code Injection in yeti-platform (CVE-2024-46507) code injection in yeti-platform (CVE-2024-46507). Risk of unauthorized operations or information disclosure.	High	Cwe 94 Yeti Platform Yeti	1 day ago
CVE-2024-45257	Command Injection in CVE-2024-45257 (CVE-2024-45257) command injection in CVE-2024-45257 (CVE-2024-45257). Risk of unauthorized operations or information disclosure.	High	Cwe 77	1 day ago
CVE-2024-33288	SQL Injection in sqli (CVE-2024-33288) SQL injection in sqli (CVE-2024-33288). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 89	1 day ago
CVE-2024-27686	Vulnerability in dos (CVE-2024-27686) vulnerability in dos (CVE-2024-27686). Risk of unauthorized operations or information disclosure.	High	Denial of Service Cwe 400	1 day ago
CVE-2026-8148	Vulnerability in CVE-2026-8148 (CVE-2026-8148) vulnerability in CVE-2026-8148 (CVE-2026-8148). Successful exploitation can lead to full system takeover.	High	Cwe 266	1 day ago
CVE-2026-8138	Buffer Overflow in CVE-2026-8138 (CVE-2026-8138) vulnerability in CVE-2026-8138 (CVE-2026-8138). Successful exploitation can lead to full system takeover.	High	Cwe 119 Cwe 121	1 day ago
CVE-2026-8137	Buffer Overflow in CVE-2026-8137 (CVE-2026-8137) vulnerability in CVE-2026-8137 (CVE-2026-8137). Successful exploitation can lead to full system takeover.	High	Cwe 119 Cwe 120	1 day ago
CVE-2023-42344	XXE (XML External Entity) in CVE-2023-42344 (CVE-2023-42344) vulnerability in CVE-2023-42344 (CVE-2023-42344). Risk of unauthorized operations or information disclosure.	High	Cwe 611	1 day ago
CVE-2022-26522	Vulnerability in dos (CVE-2022-26522) vulnerability in dos (CVE-2022-26522). Successful exploitation can lead to full system takeover.	High	Denial of Service Cwe 367	1 day ago
CVE-2026-8133	Vulnerability in sqli (CVE-2026-8133) vulnerability in sqli (CVE-2026-8133). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-8132	Vulnerability in sqli (CVE-2026-8132) vulnerability in sqli (CVE-2026-8132). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-8131	Vulnerability in sqli (CVE-2026-8131) vulnerability in sqli (CVE-2026-8131). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-8130	Vulnerability in sqli (CVE-2026-8130) vulnerability in sqli (CVE-2026-8130). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-8129	Vulnerability in sqli (CVE-2026-8129) vulnerability in sqli (CVE-2026-8129). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-43943	OS Command Injection in electerm (CVE-2026-43943) OS command injection in electerm (CVE-2026-43943). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.9` or later.	High	Remote Code Execution Cwe 78 Cwe 88 Electerm Project +1	1 day ago
CVE-2026-43940	Path Traversal in electerm (CVE-2026-43940) path traversal in electerm (CVE-2026-43940). Successful exploitation can lead to full system takeover. Exploitable via ``runWidget``. Mitigation: upgrade to `3.7.16` or later.	High	JavaScript Path Traversal Cwe 22 Cwe 829 +2	1 day ago
CVE-2026-42275	Path Traversal in path-traversal (CVE-2026-42275) path traversal in path-traversal (CVE-2026-42275). Confidential information can be exposed externally.	High	Path Traversal Cwe 22 Cwe 61 Netfoundry +1	1 day ago
CVE-2026-42271	Command Injection in litellm (CVE-2026-42271) command injection in litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`.	High	Cwe 77 Cwe 78 LiteLLM	1 day ago
CVE-2026-42264	Vulnerability in CVE-2026-42264 (CVE-2026-42264) vulnerability in CVE-2026-42264 (CVE-2026-42264). Confidential information can be exposed externally.	High	JavaScript Cwe 1321	1 day ago
CVE-2026-42261	Vulnerability in ssrf (CVE-2026-42261) vulnerability in ssrf (CVE-2026-42261). Confidential information can be exposed externally. Exploitable via `POST /api/skills/fetch-remote`.	High	Server-Side Request Forgery Cwe 20 Cwe 693 Cwe 918	1 day ago
CVE-2026-41900	OS Command Injection in CVE-2026-41900 (CVE-2026-41900) OS command injection in CVE-2026-41900 (CVE-2026-41900). Successful exploitation can lead to full system takeover.	High	Remote Code Execution Cwe 78 Cwe 94 Cwe 250 +2	1 day ago
CVE-2026-8128	Vulnerability in sqli (CVE-2026-8128) vulnerability in sqli (CVE-2026-8128). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-8126	Vulnerability in sqli (CVE-2026-8126) vulnerability in sqli (CVE-2026-8126). Risk of unauthorized operations or information disclosure.	High	PHP SQL Injection Cwe 74 Cwe 89	1 day ago
CVE-2026-6411	Vulnerability in cisa (CVE-2026-6411) vulnerability in cisa (CVE-2026-6411). Risk of unauthorized operations or information disclosure.	High	Cwe 327 Cisa Ics Industrial +2	1 day ago
CVE-2026-41105	SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-41105) SSRF in ssrf (CVE-2026-41105). Confidential information can be exposed externally.	High	Server-Side Request Forgery Cwe 918	1 day ago
CVE-2026-40213	Authorization Flaw in CVE-2026-40213 (CVE-2026-40213) vulnerability in CVE-2026-40213 (CVE-2026-40213). Risk of unauthorized operations or information disclosure.	High	Cwe 863	1 day ago
CVE-2026-35435	Vulnerability in microsoft (CVE-2026-35435) vulnerability in microsoft (CVE-2026-35435). Confidential information can be exposed externally.	High	Cwe 284 Microsoft Azure Ai Foundry	1 day ago
CVE-2026-34327	Vulnerability in microsoft (CVE-2026-34327) vulnerability in microsoft (CVE-2026-34327). Confidential information can be exposed externally.	High	Cwe 610 Microsoft Partner Center	1 day ago
CVE-2026-33111	Command Injection in CVE-2026-33111 (CVE-2026-33111) command injection in CVE-2026-33111 (CVE-2026-33111). Confidential information can be exposed externally.	High	Cwe 77	1 day ago
CVE-2026-32207	Cross-Site Scripting (XSS) in microsoft (CVE-2026-32207) cross-site scripting in microsoft (CVE-2026-32207). Successful exploitation can lead to full system takeover.	High	Cross-Site Scripting Cwe 79 Microsoft Azure Machine Learning	1 day ago
CVE-2026-26164	Vulnerability in microsoft (CVE-2026-26164) vulnerability in microsoft (CVE-2026-26164). Confidential information can be exposed externally.	High	Cwe 74 Microsoft 365 Copilot Chat	1 day ago
CVE-2026-26129	Vulnerability in microsoft (CVE-2026-26129) vulnerability in microsoft (CVE-2026-26129). Confidential information can be exposed externally.	High	Cwe 138 Microsoft 365 Copilot Chat	1 day ago
CVE-2026-42449	SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-42449) SSRF in ssrf (CVE-2026-42449). Confidential information can be exposed externally.	High	Server-Side Request Forgery Cwe 918	1 day ago
CVE-2026-42047	Information Disclosure in express (CVE-2026-42047) vulnerability in express (CVE-2026-42047). Confidential information can be exposed externally.	High	JavaScript Express Cwe 200 Cwe 497	1 day ago
CVE-2026-42501	Vulnerability in CVE-2026-42501 (CVE-2026-42501) vulnerability in CVE-2026-42501 (CVE-2026-42501). Successful exploitation can lead to full system takeover.	High	Cwe 347	2 days ago
CVE-2026-42499	Vulnerability in dos (CVE-2026-42499) vulnerability in dos (CVE-2026-42499). Risk of unauthorized operations or information disclosure.	High	Denial of Service	2 days ago
CVE-2026-39836	Vulnerability in CVE-2026-39836 (CVE-2026-39836) vulnerability in CVE-2026-39836 (CVE-2026-39836). Risk of unauthorized operations or information disclosure.	High		2 days ago
CVE-2026-39820	Vulnerability in CVE-2026-39820 (CVE-2026-39820) vulnerability in CVE-2026-39820 (CVE-2026-39820). Risk of unauthorized operations or information disclosure.	High		2 days ago
CVE-2026-33814	Vulnerability in CVE-2026-33814 (CVE-2026-33814) vulnerability in CVE-2026-33814 (CVE-2026-33814). Risk of unauthorized operations or information disclosure.	High		2 days ago
CVE-2026-33811	Vulnerability in c (CVE-2026-33811) vulnerability in c (CVE-2026-33811). Risk of unauthorized operations or information disclosure.	High	C	2 days ago
CVE-2026-42284	Vulnerability in GitPython (CVE-2026-42284) vulnerability in GitPython (CVE-2026-42284). Successful exploitation can lead to full system takeover. Exploitable via ``multi_options``. Mitigation: upgrade to `3.1.47` or later.	High	Python Cwe 88 Gitpython Project Gitpython	2 days ago
CVE-2026-42215	OS Command Injection in GitPython (CVE-2026-42215) OS command injection in GitPython (CVE-2026-42215). Successful exploitation can lead to full system takeover. Exploitable via ``upload_pack``. Mitigation: upgrade to `3.1.47` or later.	High	Python Cwe 78	2 days ago
CVE-2026-41906	Vulnerability in laravel (CVE-2026-41906) vulnerability in laravel (CVE-2026-41906). Data can be tampered with by attackers.	High	PHP Laravel Cwe 639	2 days ago
CVE-2026-7413	Vulnerability in CVE-2026-7413 (CVE-2026-7413) vulnerability in CVE-2026-7413 (CVE-2026-7413). Successful exploitation can lead to full system takeover.	High	Cwe 912	2 days ago

Vulnerabilities

🍪 About cookies