Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9086 |
|
Cross-Site Scripting (XSS) in redhat (CVE-2026-9086)
cross-site scripting in redhat (CVE-2026-9086). Confidential information can be exposed externally.
|
| CVE-2026-55961 |
|
Vulnerability in wolfssl (CVE-2026-55961)
vulnerability in wolfssl (CVE-2026-55961). Data can be tampered with by attackers.
|
| CVE-2026-55967 |
|
Vulnerability in wolfssl (CVE-2026-55967)
vulnerability in wolfssl (CVE-2026-55967). Confidential information can be exposed externally.
|
| CVE-2026-11999 |
|
Vulnerability in c (CVE-2026-11999)
vulnerability in c (CVE-2026-11999). Data can be tampered with by attackers.
|
| CVE-2026-56123 |
|
Vulnerability in dest-unreach (CVE-2026-56123)
vulnerability in dest-unreach (CVE-2026-56123). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45233 |
|
Path Traversal in path-traversal (CVE-2026-45233)
path traversal in path-traversal (CVE-2026-45233). Data can be tampered with by attackers.
|
| CVE-2026-9716 |
|
Vulnerability in schneider-electric (CVE-2026-9716)
vulnerability in schneider-electric (CVE-2026-9716). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9717 |
|
OS Command Injection in schneider-electric (CVE-2026-9717)
OS command injection in schneider-electric (CVE-2026-9717). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12844 |
|
Vulnerability in CVE-2026-12844 (CVE-2026-12844)
vulnerability in CVE-2026-12844 (CVE-2026-12844). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49839 |
|
Out-of-Bounds Write in jqlang (CVE-2026-49839)
out-of-bounds write in jqlang (CVE-2026-49839). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.2` or later.
|
| CVE-2026-55412 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55412)
SSRF in ssrf (CVE-2026-55412). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.20.178-lts` or later.
|
| CVE-2026-55092 |
|
Path Traversal in aquasec (CVE-2026-55092)
path traversal in aquasec (CVE-2026-55092). Data can be tampered with by attackers. Mitigation: upgrade to `0.71.1` or later.
|
| CVE-2026-54033 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-54033)
SSRF in ssrf (CVE-2026-54033). Confidential information can be exposed externally. Mitigation: upgrade to `0.8.4-rc1` or later.
|
| CVE-2026-54030 |
|
Vulnerability in librechat (CVE-2026-54030)
vulnerability in librechat (CVE-2026-54030). Confidential information can be exposed externally. Mitigation: upgrade to `0.8.5` or later.
|
| CVE-2026-13351 |
|
Vulnerability in dos (CVE-2026-13351)
vulnerability in dos (CVE-2026-13351). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57456 |
|
Code Injection in vim (CVE-2026-57456)
code injection in vim (CVE-2026-57456). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0699` or later.
|
| CVE-2026-57455 |
|
Out-of-Bounds Write in c (CVE-2026-57455)
out-of-bounds write in c (CVE-2026-57455). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0698` or later.
|
| CVE-2026-55895 |
|
OS Command Injection in vim (CVE-2026-55895)
OS command injection in vim (CVE-2026-55895). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0663` or later.
|
| CVE-2026-55693 |
|
Out-of-Bounds Write in c (CVE-2026-55693)
out-of-bounds write in c (CVE-2026-55693). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0653` or later.
|
| CVE-2026-55477 |
|
Vulnerability in CVE-2026-55477 (CVE-2026-55477)
vulnerability in CVE-2026-55477 (CVE-2026-55477). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.3.1` or later.
|
| CVE-2026-56071 |
|
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
|
| CVE-2026-56122 |
|
Path Traversal in path-traversal (CVE-2026-56122)
path traversal in path-traversal (CVE-2026-56122). Confidential information can be exposed externally.
|
| CVE-2026-46735 |
|
OS Command Injection in CVE-2026-46735 (CVE-2026-46735)
OS command injection in CVE-2026-46735 (CVE-2026-46735). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56053 |
|
Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
|
| CVE-2026-56049 |
|
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
|
| CVE-2026-56054 |
|
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
|
| CVE-2026-56051 |
|
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
|
| CVE-2026-56042 |
|
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
|
| CVE-2026-56005 |
|
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
|
| CVE-2026-56014 |
|
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
|
| CVE-2026-54848 |
|
Vulnerability in CVE-2026-54848 (CVE-2026-54848)
vulnerability in CVE-2026-54848 (CVE-2026-54848). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54842 |
|
Vulnerability in CVE-2026-54842 (CVE-2026-54842)
vulnerability in CVE-2026-54842 (CVE-2026-54842). Confidential information can be exposed externally.
|
| CVE-2026-54844 |
|
Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions.
Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions.
|
| CVE-2026-54841 |
|
Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions.
Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions.
|
| CVE-2026-54845 |
|
Unauthenticated Local File Inclusion in MDTF <= 1.3.8 versions.
Unauthenticated Local File Inclusion in MDTF <= 1.3.8 versions.
|
| CVE-2026-56006 |
|
Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.
Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.
|
| CVE-2026-54828 |
|
Unauthenticated Broken Access Control in Motors <= 1.4.109 versions.
Unauthenticated Broken Access Control in Motors <= 1.4.109 versions.
|
| CVE-2026-54838 |
|
Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions.
Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions.
|
| CVE-2026-54830 |
|
Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions.
Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions.
|
| CVE-2026-54829 |
|
SQL Injection in sqli (CVE-2026-54829)
SQL injection in sqli (CVE-2026-54829). Confidential information can be exposed externally.
|
| CVE-2026-47150 |
|
Out-of-Bounds Write in silabs (CVE-2026-47150)
out-of-bounds write in silabs (CVE-2026-47150). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47151 |
|
Out-of-Bounds Write in silabs (CVE-2026-47151)
out-of-bounds write in silabs (CVE-2026-47151). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47147 |
|
Out-of-Bounds Read in silabs (CVE-2026-47147)
vulnerability in silabs (CVE-2026-47147). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49506 |
|
Path Traversal in path-traversal (CVE-2026-49506)
path traversal in path-traversal (CVE-2026-49506). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54821 |
|
Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.3.1 versions.
Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.3.1 versions.
|
| CVE-2026-54822 |
|
Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions.
Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions.
|
| CVE-2026-46733 |
|
Vulnerability in dell (CVE-2026-46733)
vulnerability in dell (CVE-2026-46733). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46734 |
|
Vulnerability in dell (CVE-2026-46734)
vulnerability in dell (CVE-2026-46734). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27366 |
|
Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions.
Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions.
|
| CVE-2026-33612 |
|
Vulnerability in CVE-2026-33612 (CVE-2026-33612)
vulnerability in CVE-2026-33612 (CVE-2026-33612). Data can be tampered with by attackers.
|