Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-45102 Vulnerability in CVE-2026-45102 (CVE-2026-45102)
vulnerability in CVE-2026-45102 (CVE-2026-45102). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `10.0.98` or later.
CVE-2026-44590 OS Command Injection in CVE-2026-44590 (CVE-2026-44590)
OS command injection in CVE-2026-44590 (CVE-2026-44590). Data can be tampered with by attackers. Mitigation: upgrade to `0.16.1` or later.
CVE-2026-44887 Code Injection in CVE-2026-44887 (CVE-2026-44887)
code injection in CVE-2026-44887 (CVE-2026-44887). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026-05-07` or later.
CVE-2026-25879 SQL Injection in langroid (CVE-2026-25879)
SQL injection in langroid (CVE-2026-25879). Successful exploitation can lead to full system takeover. Exploitable via ``query``. Mitigation: upgrade to `0.63.0` or later.
CVE-2026-48150 Vulnerability in @budibase/server (CVE-2026-48150)
vulnerability in @budibase/server (CVE-2026-48150). Confidential information can be exposed externally. Exploitable via `GET /api/global/self/api_key`. Mitigation: upgrade to `3.39.0` or later.
CVE-2026-46425 Vulnerability in CVE-2026-46425 (CVE-2026-46425)
vulnerability in CVE-2026-46425 (CVE-2026-46425). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.38.2` or later.
CVE-2026-45972 Use-After-Free in linux (CVE-2026-45972)
vulnerability in linux (CVE-2026-45972). Successful exploitation can lead to full system takeover.
CVE-2026-45898 Vulnerability in c (CVE-2026-45898)
vulnerability in c (CVE-2026-45898). Successful exploitation can lead to full system takeover.
CVE-2026-7524 Path Traversal in langflow (CVE-2026-7524)
path traversal in langflow (CVE-2026-7524). Successful exploitation can lead to full system takeover.
CVE-2026-7876 IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
CVE-2026-8175 Vulnerability in dos (CVE-2026-8175)
vulnerability in dos (CVE-2026-8175). Successful exploitation can lead to full system takeover.
CVE-2026-46039 Vulnerability in linux (CVE-2026-46039)
vulnerability in linux (CVE-2026-46039). Successful exploitation can lead to full system takeover.
CVE-2026-46043 Vulnerability in linux (CVE-2026-46043)
vulnerability in linux (CVE-2026-46043). Confidential information can be exposed externally.
CVE-2026-45988 Vulnerability in linux (CVE-2026-45988)
vulnerability in linux (CVE-2026-45988). Successful exploitation can lead to full system takeover.
CVE-2026-42756 Path Traversal in path-traversal (CVE-2026-42756)
path traversal in path-traversal (CVE-2026-42756). Successful exploitation can lead to full system takeover.
CVE-2026-42761 SQL Injection in sqli (CVE-2026-42761)
SQL injection in sqli (CVE-2026-42761). Confidential information can be exposed externally.
CVE-2026-42758 Vulnerability in privilege-escalation (CVE-2026-42758)
vulnerability in privilege-escalation (CVE-2026-42758). Successful exploitation can lead to full system takeover.
CVE-2026-42757 Path Traversal in path-traversal (CVE-2026-42757)
path traversal in path-traversal (CVE-2026-42757). Successful exploitation can lead to full system takeover.
CVE-2026-42747 SQL Injection in sqli (CVE-2026-42747)
SQL injection in sqli (CVE-2026-42747). Confidential information can be exposed externally.
CVE-2026-42748 Unrestricted File Upload in CVE-2026-42748 (CVE-2026-42748)
vulnerability in CVE-2026-42748 (CVE-2026-42748). Successful exploitation can lead to full system takeover.
CVE-2026-42755 SQL Injection in sqli (CVE-2026-42755)
SQL injection in sqli (CVE-2026-42755). Confidential information can be exposed externally.
CVE-2026-42740 SQL Injection in sqli (CVE-2026-42740)
SQL injection in sqli (CVE-2026-42740). Confidential information can be exposed externally.
CVE-2026-42727 SQL Injection in sqli (CVE-2026-42727)
SQL injection in sqli (CVE-2026-42727). Confidential information can be exposed externally.
CVE-2026-42731 Vulnerability in privilege-escalation (CVE-2026-42731)
vulnerability in privilege-escalation (CVE-2026-42731). Successful exploitation can lead to full system takeover.
CVE-2026-49002 Vulnerability in CVE-2026-49002 (CVE-2026-49002)
vulnerability in CVE-2026-49002 (CVE-2026-49002). Confidential information can be exposed externally.
CVE-2025-12686 Vulnerability in synology (CVE-2025-12686)
vulnerability in synology (CVE-2025-12686). Successful exploitation can lead to full system takeover.
CVE-2026-5760 Code Injection in jvn (CVE-2026-5760)
code injection in jvn (CVE-2026-5760). Successful exploitation can lead to full system takeover.
CVE-2026-8760 Vulnerability in wordpress (CVE-2026-8760)
vulnerability in wordpress (CVE-2026-8760). Successful exploitation can lead to full system takeover.
CVE-2026-8450 Vulnerability in CVE-2026-8450 (CVE-2026-8450)
vulnerability in CVE-2026-8450 (CVE-2026-8450). Confidential information can be exposed externally.
CVE-2026-48027 KEV [KEV] Vulnerability in nx (CVE-2026-48027)
vulnerability in nx (CVE-2026-48027). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-9642 Vulnerability in deltaww (CVE-2026-9642)
vulnerability in deltaww (CVE-2026-9642). Successful exploitation can lead to full system takeover.
CVE-2026-44449 Vulnerability in c (CVE-2026-44449)
vulnerability in c (CVE-2026-44449). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.9.7` or later.
CVE-2026-44451 Vulnerability in CVE-2026-44451 (CVE-2026-44451)
vulnerability in CVE-2026-44451 (CVE-2026-44451). Confidential information can be exposed externally. Mitigation: upgrade to `0.9.7` or later.
CVE-2026-44450 Vulnerability in c (CVE-2026-44450)
vulnerability in c (CVE-2026-44450). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.9.7` or later.
CVE-2026-44444 OS Command Injection in CVE-2026-44444 (CVE-2026-44444)
OS command injection in CVE-2026-44444 (CVE-2026-44444). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.9.7` or later.
CVE-2026-48689 Out-of-Bounds Write in pavel-odintsov (CVE-2026-48689)
out-of-bounds write in pavel-odintsov (CVE-2026-48689). Successful exploitation can lead to full system takeover.
CVE-2026-3660 Authorization Flaw in ibm (CVE-2026-3660)
vulnerability in ibm (CVE-2026-3660). Successful exploitation can lead to full system takeover.
CVE-2026-8633 Code Injection in ibm (CVE-2026-8633)
code injection in ibm (CVE-2026-8633). Successful exploitation can lead to full system takeover.
CVE-2026-9170 Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
CVE-2026-7251 Vulnerability in CVE-2026-7251 (CVE-2026-7251)
vulnerability in CVE-2026-7251 (CVE-2026-7251). Successful exploitation can lead to full system takeover.
CVE-2026-46624 OS Command Injection in sqli (CVE-2026-46624)
OS command injection in sqli (CVE-2026-46624). Successful exploitation can lead to full system takeover.
CVE-2026-44668 Vulnerability in CVE-2026-44668 (CVE-2026-44668)
vulnerability in CVE-2026-44668 (CVE-2026-44668). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.3` or later.
CVE-2026-48904 Vulnerability in joomla (CVE-2026-48904)
vulnerability in joomla (CVE-2026-48904). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
Joomla! Core - [20260513] - Privilege escalation through com_users batch task
CVE-2026-48899 Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
CVE-2026-48902 Vulnerability in joomla (CVE-2026-48902)
vulnerability in joomla (CVE-2026-48902). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48691 Vulnerability in pavel-odintsov (CVE-2026-48691)
vulnerability in pavel-odintsov (CVE-2026-48691). Successful exploitation can lead to full system takeover.
CVE-2026-40383 Joomla! Core - [20260509] - LFI in HTMLView layout parameter
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
CVE-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
CVE-2026-35221 SQL Injection in joomla (CVE-2026-35221)
SQL injection in joomla (CVE-2026-35221). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →