Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-52932 |
|
Vulnerability in linux (CVE-2026-52932)
vulnerability in linux (CVE-2026-52932). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52933 |
|
Vulnerability in linux (CVE-2026-52933)
vulnerability in linux (CVE-2026-52933). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52918 |
|
Vulnerability in linux (CVE-2026-52918)
vulnerability in linux (CVE-2026-52918). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52923 |
|
Vulnerability in linux (CVE-2026-52923)
vulnerability in linux (CVE-2026-52923). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52922 |
|
Vulnerability in linux (CVE-2026-52922)
vulnerability in linux (CVE-2026-52922). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52920 |
|
Vulnerability in linux (CVE-2026-52920)
vulnerability in linux (CVE-2026-52920). Confidential information can be exposed externally.
|
| CVE-2026-52917 |
|
Out-of-Bounds Read in linux (CVE-2026-52917)
vulnerability in linux (CVE-2026-52917). Confidential information can be exposed externally.
|
| CVE-2026-52919 |
|
Vulnerability in linux (CVE-2026-52919)
vulnerability in linux (CVE-2026-52919). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52915 |
|
Vulnerability in c (CVE-2026-52915)
vulnerability in c (CVE-2026-52915). Confidential information can be exposed externally. Exploitable via ``IP6T_OPTS_OPTSNR``.
|
| CVE-2026-52912 |
|
Use-After-Free in linux (CVE-2026-52912)
vulnerability in linux (CVE-2026-52912). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9710 |
|
Vulnerability in wordpress (CVE-2026-9710)
vulnerability in wordpress (CVE-2026-9710). Confidential information can be exposed externally. Exploitable via ``cornerstone``.
|
| CVE-2026-9709 |
|
Vulnerability in wordpress (CVE-2026-9709)
vulnerability in wordpress (CVE-2026-9709). Confidential information can be exposed externally. Exploitable via ``cornerstone``.
|
| CVE-2026-9643 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9643)
cross-site scripting in wordpress (CVE-2026-9643). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_wpms_links.link_url``.
|
| CVE-2026-9179 |
|
SQL Injection in wordpress (CVE-2026-9179)
SQL injection in wordpress (CVE-2026-9179). Confidential information can be exposed externally.
|
| CVE-2026-9178 |
|
Vulnerability in wordpress (CVE-2026-9178)
vulnerability in wordpress (CVE-2026-9178). Confidential information can be exposed externally.
|
| CVE-2026-8705 |
|
SQL Injection in wordpress (CVE-2026-8705)
SQL injection in wordpress (CVE-2026-8705). Confidential information can be exposed externally. Exploitable via ``clearsale_total_push``.
|
| CVE-2026-4297 |
|
Vulnerability in wordpress (CVE-2026-4297)
vulnerability in wordpress (CVE-2026-4297). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12100 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12100)
SSRF in wordpress (CVE-2026-12100). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12095 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12095)
SSRF in wordpress (CVE-2026-12095). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10749 |
|
Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10735 |
|
Vulnerability in wordpress (CVE-2026-10735)
vulnerability in wordpress (CVE-2026-10735). Confidential information can be exposed externally.
|
| CVE-2026-10092 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10092)
cross-site scripting in wordpress (CVE-2026-10092). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10091 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10091)
cross-site scripting in wordpress (CVE-2026-10091). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3652 |
|
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
|
| CVE-2026-54639 |
|
Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `c...
Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `convertTokenData(tokens, { output: 'object' });`; indirect usage, via using Expand API; and/or indire...
|
| CVE-2026-7574 |
|
Vulnerability in CVE-2026-7574 (CVE-2026-7574)
vulnerability in CVE-2026-7574 (CVE-2026-7574). Confidential information can be exposed externally.
|
| CVE-2026-56785 |
|
Cross-Site Scripting (XSS) in CVE-2026-56785 (CVE-2026-56785)
cross-site scripting in CVE-2026-56785 (CVE-2026-56785). Confidential information can be exposed externally.
|
| CVE-2026-54512 |
|
Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512). Successful exploitation can lead to full system takeover. Exploitable via ``PolymorphicTypeValidator``. Mitigation: upgrade to `2.21.4` or later.
|
| CVE-2026-50193 |
|
Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-50193)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-50193). Risk of unauthorized operations or information disclosure. Exploitable via ``JsonNode``. Mitigation: upgrade to `2.14.0` or later.
|
| CVE-2026-56120 |
|
Vulnerability in CVE-2026-56120 (CVE-2026-56120)
vulnerability in CVE-2026-56120 (CVE-2026-56120). Confidential information can be exposed externally.
|
| CVE-2026-54513 |
|
Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54513)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54513). Successful exploitation can lead to full system takeover. Exploitable via ``EvilType``. Mitigation: upgrade to `3.1.4` or later.
|
| CVE-2026-41862 |
|
Unsafe Deserialization in CVE-2026-41862 (CVE-2026-41862)
vulnerability in CVE-2026-41862 (CVE-2026-41862). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12112 |
|
Authentication Bypass in privilege-escalation (CVE-2026-12112)
authentication bypass in privilege-escalation (CVE-2026-12112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54555 |
|
Authorization Flaw in CVE-2026-54555 (CVE-2026-54555)
vulnerability in CVE-2026-54555 (CVE-2026-54555). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.42.2` or later.
|
| CVE-2026-39253 |
|
Unsafe Deserialization in CVE-2026-39253 (CVE-2026-39253)
vulnerability in CVE-2026-39253 (CVE-2026-39253). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54320 |
|
Authentication Bypass in CVE-2026-54320 (CVE-2026-54320)
authentication bypass in CVE-2026-54320 (CVE-2026-54320). Confidential information can be exposed externally. Mitigation: upgrade to `0.184.0` or later.
|
| CVE-2025-61029 |
|
SQL Injection in dos (CVE-2025-61029)
SQL injection in dos (CVE-2025-61029). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61024 |
|
SQL Injection in dos (CVE-2025-61024)
SQL injection in dos (CVE-2025-61024). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-9695 |
|
Out-of-Bounds Write in adobe (CVE-2020-9695)
out-of-bounds write in adobe (CVE-2020-9695). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55441 |
|
OS Command Injection in mise (CVE-2026-55441)
OS command injection in mise (CVE-2026-55441). Successful exploitation can lead to full system takeover. Exploitable via ``mise.toml``. Mitigation: upgrade to `2026.6.4` or later.
|
| CVE-2026-54318 |
|
Vulnerability in home-assistant (CVE-2026-54318)
vulnerability in home-assistant (CVE-2026-54318). Data can be tampered with by attackers. Mitigation: upgrade to `2026.5.3` or later.
|
| CVE-2026-53925 |
|
Path Traversal in glances (CVE-2026-53925)
path traversal in glances (CVE-2026-53925). Successful exploitation can lead to full system takeover. Exploitable via ``command``. Mitigation: upgrade to `4.5.5` or later.
|
| CVE-2026-56115 |
|
Vulnerability in c (CVE-2026-56115)
vulnerability in c (CVE-2026-56115). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44959 |
|
Code Injection in CVE-2026-44959 (CVE-2026-44959)
code injection in CVE-2026-44959 (CVE-2026-44959). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34916 |
|
Code Injection in CVE-2026-34916 (CVE-2026-34916)
code injection in CVE-2026-34916 (CVE-2026-34916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34914 |
|
SQL Injection in sqli (CVE-2026-34914)
SQL injection in sqli (CVE-2026-34914). Data can be tampered with by attackers.
|
| CVE-2026-13007 |
|
Vulnerability in CVE-2026-13007 (CVE-2026-13007)
vulnerability in CVE-2026-13007 (CVE-2026-13007). Confidential information can be exposed externally.
|
| CVE-2026-12958 |
|
Vulnerability in CVE-2026-12958 (CVE-2026-12958)
vulnerability in CVE-2026-12958 (CVE-2026-12958). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61028 |
|
SQL Injection in dos (CVE-2025-61028)
SQL injection in dos (CVE-2025-61028). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61027 |
|
SQL Injection in dos (CVE-2025-61027)
SQL injection in dos (CVE-2025-61027). Risk of unauthorized operations or information disclosure.
|