Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-52191 Vulnerability in dos (CVE-2026-52191)
vulnerability in dos (CVE-2026-52191). Risk of unauthorized operations or information disclosure.
CVE-2026-59102 Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
CVE-2026-38968 Vulnerability in cpp (CVE-2026-38968)
vulnerability in cpp (CVE-2026-38968). Successful exploitation can lead to full system takeover.
CVE-2026-59100 Vulnerability in CVE-2026-59100 (CVE-2026-59100)
vulnerability in CVE-2026-59100 (CVE-2026-59100). Risk of unauthorized operations or information disclosure.
CVE-2026-38969 Vulnerability in CVE-2026-38969 (CVE-2026-38969)
vulnerability in CVE-2026-38969 (CVE-2026-38969). Data can be tampered with by attackers.
CVE-2026-59101 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59101)
SSRF in ssrf (CVE-2026-59101). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/setup/test-downloader`.
CVE-2026-59095 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59095)
SSRF in ssrf (CVE-2026-59095). Confidential information can be exposed externally.
CVE-2026-59099 Vulnerability in CVE-2026-59099 (CVE-2026-59099)
vulnerability in CVE-2026-59099 (CVE-2026-59099). Confidential information can be exposed externally.
CVE-2026-59097 Vulnerability in CVE-2026-59097 (CVE-2026-59097)
vulnerability in CVE-2026-59097 (CVE-2026-59097). Risk of unauthorized operations or information disclosure.
CVE-2026-59098 Vulnerability in CVE-2026-59098 (CVE-2026-59098)
vulnerability in CVE-2026-59098 (CVE-2026-59098). Confidential information can be exposed externally.
CVE-2026-59096 Vulnerability in CVE-2026-59096 (CVE-2026-59096)
vulnerability in CVE-2026-59096 (CVE-2026-59096). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2026-58578 Vulnerability in dos (CVE-2026-58578)
vulnerability in dos (CVE-2026-58578). Risk of unauthorized operations or information disclosure.
CVE-2026-58579 Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
CVE-2026-59093 Vulnerability in weaviate (CVE-2026-59093)
vulnerability in weaviate (CVE-2026-59093). Successful exploitation can lead to full system takeover. Exploitable via `POST /authz/users/{id}/assign`.
CVE-2026-59094 Vulnerability in CVE-2026-59094 (CVE-2026-59094)
vulnerability in CVE-2026-59094 (CVE-2026-59094). Risk of unauthorized operations or information disclosure.
CVE-2026-58580 Vulnerability in CVE-2026-58580 (CVE-2026-58580)
vulnerability in CVE-2026-58580 (CVE-2026-58580). Data can be tampered with by attackers.
CVE-2026-59092 Vulnerability in dos (CVE-2026-59092)
vulnerability in dos (CVE-2026-59092). Confidential information can be exposed externally.
CVE-2026-58381 Vulnerability in dos (CVE-2026-58381)
vulnerability in dos (CVE-2026-58381). Risk of unauthorized operations or information disclosure.
CVE-2026-58467 Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
CVE-2026-58466 Vulnerability in CVE-2026-58466 (CVE-2026-58466)
vulnerability in CVE-2026-58466 (CVE-2026-58466). Successful exploitation can lead to full system takeover.
CVE-2025-71385 Cross-Site Scripting (XSS) in netdata (CVE-2025-71385)
cross-site scripting in netdata (CVE-2025-71385). Risk of unauthorized operations or information disclosure.
CVE-2026-52187 Vulnerability in dos (CVE-2026-52187)
vulnerability in dos (CVE-2026-52187). Risk of unauthorized operations or information disclosure.
CVE-2026-49360 Vulnerability in recce (CVE-2026-49360)
vulnerability in recce (CVE-2026-49360). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.50.0` or later.
CVE-2026-49353 Vulnerability in 9router (CVE-2026-49353)
vulnerability in 9router (CVE-2026-49353). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/mcp/`.
CVE-2026-49352 Vulnerability in 9router (CVE-2026-49352)
vulnerability in 9router (CVE-2026-49352). Risk of unauthorized operations or information disclosure. Exploitable via ``JWT_SECRET``. Mitigation: upgrade to `0.4.45` or later.
CVE-2026-49292 Vulnerability in kiwitcms (CVE-2026-49292)
vulnerability in kiwitcms (CVE-2026-49292). Risk of unauthorized operations or information disclosure.
CVE-2026-54617 Path Traversal in pro.gravit.launcher:launchserver-api (CVE-2026-54617)
path traversal in pro.gravit.launcher:launchserver-api (CVE-2026-54617). Risk of unauthorized operations or information disclosure. Exploitable via `GET /../../.keys/ecdsa_id`.
CVE-2026-49284 Vulnerability in simplesamlphp/simplesamlphp (CVE-2026-49284)
vulnerability in simplesamlphp/simplesamlphp (CVE-2026-49284). Risk of unauthorized operations or information disclosure. Exploitable via ``SubjectConfirmationData``. Mitigation: upgrade to `2.4.7` or later.
CVE-2026-52792 Vulnerability in github.com/xyproto/algernon (CVE-2026-52792)
vulnerability in github.com/xyproto/algernon (CVE-2026-52792). Risk of unauthorized operations or information disclosure. Exploitable via ``x.lua.``. Mitigation: upgrade to `1.17.9` or later.
GHSA-66m8-c62j-h6v5 Vulnerability in jxl-oxide (GHSA-66m8-c62j-h6v5)
vulnerability in jxl-oxide (GHSA-66m8-c62j-h6v5). Risk of unauthorized operations or information disclosure. Exploitable via ``FrameBuffer``. Mitigation: upgrade to `0.12.6` or later.
GHSA-2v8p-fqpx-2q3w Vulnerability in jxl-modular (GHSA-2v8p-fqpx-2q3w)
vulnerability in jxl-modular (GHSA-2v8p-fqpx-2q3w). Risk of unauthorized operations or information disclosure. Exploitable via ``decode_simple_table_slow``. Mitigation: upgrade to `0.11.3` or later.
GHSA-j5mc-p8qg-39j7 Vulnerability in kimai/kimai (GHSA-j5mc-p8qg-39j7)
vulnerability in kimai/kimai (GHSA-j5mc-p8qg-39j7). Risk of unauthorized operations or information disclosure. Exploitable via `GET /en/favorite/timesheet/add/{id}`. Mitigation: upgrade to `2.57.0` or later.
CVE-2026-52830 Path Traversal in fast-mcp-telegram (CVE-2026-52830)
path traversal in fast-mcp-telegram (CVE-2026-52830). Confidential information can be exposed externally. Exploitable via ``telegram``. Mitigation: upgrade to `0.19.1` or later.
CVE-2026-49289 Vulnerability in simplesamlphp/saml2 (CVE-2026-49289)
vulnerability in simplesamlphp/saml2 (CVE-2026-49289). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.20.3` or later.
CVE-2026-52829 Vulnerability in zebra-network (CVE-2026-52829)
vulnerability in zebra-network (CVE-2026-52829). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-49283 Vulnerability in simplesamlphp/saml2 (CVE-2026-49283)
vulnerability in simplesamlphp/saml2 (CVE-2026-49283). Risk of unauthorized operations or information disclosure. Exploitable via ``Response``. Mitigation: upgrade to `4.20.2` or later.
CVE-2026-52817 Vulnerability in linuxfabrik-lib (CVE-2026-52817)
vulnerability in linuxfabrik-lib (CVE-2026-52817). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.1.0` or later.
GHSA-x4hg-hfwf-p9mw Vulnerability in @asymmetric-effort/nogginlessdom (GHSA-x4hg-hfwf-p9mw)
vulnerability in @asymmetric-effort/nogginlessdom (GHSA-x4hg-hfwf-p9mw). Risk of unauthorized operations or information disclosure. Exploitable via ``RegExp``. Mitigation: upgrade to `0.0.22` or later.
GHSA-322x-v876-g883 Path Traversal in @asymmetric-effort/nogginlessdom (GHSA-322x-v876-g883)
path traversal in @asymmetric-effort/nogginlessdom (GHSA-322x-v876-g883). Risk of unauthorized operations or information disclosure. Exploitable via ``matchFileSnapshot``. Mitigation: upgrade to `0.0.22` or later.
CVE-2026-59800 OS Command Injection in 9router (CVE-2026-59800)
OS command injection in 9router (CVE-2026-59800). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/tunnel/tailscale-install`. Mitigation: upgrade to `0.4.44` or later.
GHSA-gj2h-2fpw-fhv9 Information Disclosure in @nuxt/ui (GHSA-gj2h-2fpw-fhv9)
vulnerability in @nuxt/ui (GHSA-gj2h-2fpw-fhv9). Risk of unauthorized operations or information disclosure. Exploitable via ``UForm``.
CVE-2026-52746 Vulnerability in jsonata (CVE-2026-52746)
vulnerability in jsonata (CVE-2026-52746). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.2.0` or later.
CVE-2026-52734 Vulnerability in zebrad (CVE-2026-52734)
vulnerability in zebrad (CVE-2026-52734). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `4.5.0` or later.
CVE-2026-52733 Vulnerability in zebra-state (CVE-2026-52733)
vulnerability in zebra-state (CVE-2026-52733). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-52739 Vulnerability in zebra-state (CVE-2026-52739)
vulnerability in zebra-state (CVE-2026-52739). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-52738 Vulnerability in zebra-state (CVE-2026-52738)
vulnerability in zebra-state (CVE-2026-52738). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-52737 Vulnerability in zebra-consensus (CVE-2026-52737)
vulnerability in zebra-consensus (CVE-2026-52737). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-52735 Vulnerability in zebra-script (CVE-2026-52735)
vulnerability in zebra-script (CVE-2026-52735). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
CVE-2026-52736 Vulnerability in zebra-state (CVE-2026-52736)
vulnerability in zebra-state (CVE-2026-52736). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.
GHSA-h72h-ppcx-998p Vulnerability in zebra-network (GHSA-h72h-ppcx-998p)
vulnerability in zebra-network (GHSA-h72h-ppcx-998p). Risk of unauthorized operations or information disclosure. Exploitable via ``zebrad``. Mitigation: upgrade to `7.0.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →