Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-35221 SQL Injection in joomla (CVE-2026-35221)
SQL injection in joomla (CVE-2026-35221). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
CVE-2026-48687 OS Command Injection in c (CVE-2026-48687)
OS command injection in c (CVE-2026-48687). Successful exploitation can lead to full system takeover. Exploitable via ``date``.
CVE-2026-48686 Vulnerability in cpp (CVE-2026-48686)
vulnerability in cpp (CVE-2026-48686). Successful exploitation can lead to full system takeover.
CVE-2026-4480 OS Command Injection in redhat (CVE-2026-4480)
OS command injection in redhat (CVE-2026-4480). Successful exploitation can lead to full system takeover.
CVE-2026-45247 KEV [KEV] Unsafe Deserialization in Mirasvit full-page-cache-warmer (CVE-2026-45247)
vulnerability in Mirasvit full-page-cache-warmer (CVE-2026-45247). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-9543 Command Injection in CVE-2026-9543 (CVE-2026-9543)
command injection in CVE-2026-9543 (CVE-2026-9543). Successful exploitation can lead to full system takeover.
CVE-2026-7374 Vulnerability in kubevirt.io/kubevirt (CVE-2026-7374)
vulnerability in kubevirt.io/kubevirt (CVE-2026-7374). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.6` or later.
CVE-2026-42496 Vulnerability in archive (CVE-2026-42496)
vulnerability in archive (CVE-2026-42496). Confidential information can be exposed externally.
CVE-2026-42774 SQL Injection in sqli (CVE-2026-42774)
SQL injection in sqli (CVE-2026-42774). Confidential information can be exposed externally.
CVE-2026-8376 Vulnerability in c (CVE-2026-8376)
vulnerability in c (CVE-2026-8376). Successful exploitation can lead to full system takeover.
CVE-2026-42773 SQL Injection in sqli (CVE-2026-42773)
SQL injection in sqli (CVE-2026-42773). Confidential information can be exposed externally.
CVE-2026-9476 Command Injection in CVE-2026-9476 (CVE-2026-9476)
command injection in CVE-2026-9476 (CVE-2026-9476). Successful exploitation can lead to full system takeover.
CVE-2026-9477 Command Injection in CVE-2026-9477 (CVE-2026-9477)
command injection in CVE-2026-9477 (CVE-2026-9477). Successful exploitation can lead to full system takeover.
CVE-2026-9475 Command Injection in CVE-2026-9475 (CVE-2026-9475)
command injection in CVE-2026-9475 (CVE-2026-9475). Successful exploitation can lead to full system takeover.
CVE-2026-9478 Command Injection in CVE-2026-9478 (CVE-2026-9478)
command injection in CVE-2026-9478 (CVE-2026-9478). Successful exploitation can lead to full system takeover.
CVE-2026-9456 Command Injection in CVE-2026-9456 (CVE-2026-9456)
command injection in CVE-2026-9456 (CVE-2026-9456). Successful exploitation can lead to full system takeover.
CVE-2026-9457 Command Injection in CVE-2026-9457 (CVE-2026-9457)
command injection in CVE-2026-9457 (CVE-2026-9457). Successful exploitation can lead to full system takeover.
CVE-2026-9454 Command Injection in CVE-2026-9454 (CVE-2026-9454)
command injection in CVE-2026-9454 (CVE-2026-9454). Successful exploitation can lead to full system takeover.
CVE-2026-9458 Command Injection in CVE-2026-9458 (CVE-2026-9458)
command injection in CVE-2026-9458 (CVE-2026-9458). Successful exploitation can lead to full system takeover.
CVE-2026-9455 Command Injection in CVE-2026-9455 (CVE-2026-9455)
command injection in CVE-2026-9455 (CVE-2026-9455). Successful exploitation can lead to full system takeover.
CVE-2026-9435 Command Injection in CVE-2026-9435 (CVE-2026-9435)
command injection in CVE-2026-9435 (CVE-2026-9435). Successful exploitation can lead to full system takeover.
CVE-2026-9434 Command Injection in CVE-2026-9434 (CVE-2026-9434)
command injection in CVE-2026-9434 (CVE-2026-9434). Successful exploitation can lead to full system takeover.
CVE-2026-9433 Command Injection in CVE-2026-9433 (CVE-2026-9433)
command injection in CVE-2026-9433 (CVE-2026-9433). Successful exploitation can lead to full system takeover.
CVE-2026-9432 Command Injection in CVE-2026-9432 (CVE-2026-9432)
command injection in CVE-2026-9432 (CVE-2026-9432). Successful exploitation can lead to full system takeover.
CVE-2026-9436 Command Injection in CVE-2026-9436 (CVE-2026-9436)
command injection in CVE-2026-9436 (CVE-2026-9436). Successful exploitation can lead to full system takeover.
CVE-2026-2651 Vulnerability in mlflow (CVE-2026-2651)
vulnerability in mlflow (CVE-2026-2651). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.11.1` or later.
CVE-2026-9404 Command Injection in CVE-2026-9404 (CVE-2026-9404)
command injection in CVE-2026-9404 (CVE-2026-9404). Successful exploitation can lead to full system takeover.
CVE-2026-9406 Command Injection in CVE-2026-9406 (CVE-2026-9406)
command injection in CVE-2026-9406 (CVE-2026-9406). Successful exploitation can lead to full system takeover.
CVE-2026-9407 Command Injection in CVE-2026-9407 (CVE-2026-9407)
command injection in CVE-2026-9407 (CVE-2026-9407). Successful exploitation can lead to full system takeover.
CVE-2026-9408 Command Injection in CVE-2026-9408 (CVE-2026-9408)
command injection in CVE-2026-9408 (CVE-2026-9408). Successful exploitation can lead to full system takeover.
CVE-2026-9405 Command Injection in CVE-2026-9405 (CVE-2026-9405)
command injection in CVE-2026-9405 (CVE-2026-9405). Successful exploitation can lead to full system takeover.
CVE-2026-9384 Command Injection in CVE-2026-9384 (CVE-2026-9384)
command injection in CVE-2026-9384 (CVE-2026-9384). Successful exploitation can lead to full system takeover.
CVE-2026-9388 Command Injection in CVE-2026-9388 (CVE-2026-9388)
command injection in CVE-2026-9388 (CVE-2026-9388). Successful exploitation can lead to full system takeover.
CVE-2026-9387 Command Injection in CVE-2026-9387 (CVE-2026-9387)
command injection in CVE-2026-9387 (CVE-2026-9387). Successful exploitation can lead to full system takeover.
CVE-2026-9385 Command Injection in CVE-2026-9385 (CVE-2026-9385)
command injection in CVE-2026-9385 (CVE-2026-9385). Successful exploitation can lead to full system takeover.
CVE-2026-9386 Command Injection in CVE-2026-9386 (CVE-2026-9386)
command injection in CVE-2026-9386 (CVE-2026-9386). Successful exploitation can lead to full system takeover.
CVE-2018-25357 Code Injection in dolibarr/dolibarr (CVE-2018-25357)
code injection in dolibarr/dolibarr (CVE-2018-25357). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.0.8` or later.
CVE-2018-25350 Vulnerability in CVE-2018-25350 (CVE-2018-25350)
vulnerability in CVE-2018-25350 (CVE-2018-25350). Successful exploitation can lead to full system takeover.
CVE-2026-42901 Vulnerability in microsoft (CVE-2026-42901)
vulnerability in microsoft (CVE-2026-42901). Successful exploitation can lead to full system takeover.
CVE-2026-47280 Authentication Bypass in microsoft (CVE-2026-47280)
authentication bypass in microsoft (CVE-2026-47280). Successful exploitation can lead to full system takeover.
CVE-2026-40411 Vulnerability in microsoft (CVE-2026-40411)
vulnerability in microsoft (CVE-2026-40411). Successful exploitation can lead to full system takeover.
CVE-2026-41090 Command Injection in microsoft (CVE-2026-41090)
command injection in microsoft (CVE-2026-41090). Confidential information can be exposed externally.
CVE-2026-41104 Unsafe Deserialization in deserialization (CVE-2026-41104)
vulnerability in deserialization (CVE-2026-41104). Successful exploitation can lead to full system takeover.
CVE-2026-40412 Unrestricted File Upload in microsoft (CVE-2026-40412)
vulnerability in microsoft (CVE-2026-40412). Successful exploitation can lead to full system takeover.
CVE-2026-33843 Vulnerability in microsoft (CVE-2026-33843)
vulnerability in microsoft (CVE-2026-33843). Confidential information can be exposed externally.
CVE-2026-23652 Command Injection in microsoft (CVE-2026-23652)
command injection in microsoft (CVE-2026-23652). Successful exploitation can lead to full system takeover.
CVE-2026-8670 Vulnerability in avantra (CVE-2026-8670)
vulnerability in avantra (CVE-2026-8670). Successful exploitation can lead to full system takeover.
CVE-2026-44930 Vulnerability in org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (CVE-2026-44930)
vulnerability in org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (CVE-2026-44930). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.6.11` or later.
CVE-2026-46716 OS Command Injection in github.com/nezhahq/nezha (CVE-2026-46716)
OS command injection in github.com/nezhahq/nezha (CVE-2026-46716). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/cron`. Mitigation: upgrade to `1.14.15-0.20260517022419-d7526351cf97` or later.
CVE-2026-45390 Path Traversal in tar (CVE-2026-45390)
path traversal in tar (CVE-2026-45390). Confidential information can be exposed externally. Mitigation: upgrade to `3.5.0, 51ceb0a15982993503c169b9d84456fd50eabe99` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →