Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57243 |
|
Out-of-Bounds Read in CVE-2026-57243 (CVE-2026-57243)
vulnerability in CVE-2026-57243 (CVE-2026-57243). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57242 |
|
Use-After-Free in CVE-2026-57242 (CVE-2026-57242)
vulnerability in CVE-2026-57242 (CVE-2026-57242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57241 |
|
Out-of-Bounds Read in CVE-2026-57241 (CVE-2026-57241)
vulnerability in CVE-2026-57241 (CVE-2026-57241). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57240 |
|
Use-After-Free in CVE-2026-57240 (CVE-2026-57240)
vulnerability in CVE-2026-57240 (CVE-2026-57240). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57239 |
|
Vulnerability in CVE-2026-57239 (CVE-2026-57239)
vulnerability in CVE-2026-57239 (CVE-2026-57239). Confidential information can be exposed externally.
|
| CVE-2026-57238 |
|
Use-After-Free in CVE-2026-57238 (CVE-2026-57238)
vulnerability in CVE-2026-57238 (CVE-2026-57238). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57237 |
|
Use-After-Free in CVE-2026-57237 (CVE-2026-57237)
vulnerability in CVE-2026-57237 (CVE-2026-57237). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56001 |
|
Vulnerability in CVE-2026-56001 (CVE-2026-56001)
vulnerability in CVE-2026-56001 (CVE-2026-56001). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56000 |
|
Use-After-Free in CVE-2026-56000 (CVE-2026-56000)
vulnerability in CVE-2026-56000 (CVE-2026-56000). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55999 |
|
Vulnerability in CVE-2026-55999 (CVE-2026-55999)
vulnerability in CVE-2026-55999 (CVE-2026-55999). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13129 |
|
Use-After-Free in CVE-2026-13129 (CVE-2026-13129)
vulnerability in CVE-2026-13129 (CVE-2026-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13128 |
|
Use-After-Free in CVE-2026-13128 (CVE-2026-13128)
vulnerability in CVE-2026-13128 (CVE-2026-13128). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13127 |
|
Use-After-Free in CVE-2026-13127 (CVE-2026-13127)
vulnerability in CVE-2026-13127 (CVE-2026-13127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13126 |
|
Use-After-Free in CVE-2026-13126 (CVE-2026-13126)
vulnerability in CVE-2026-13126 (CVE-2026-13126). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9695 |
|
Authentication Bypass in CVE-2026-9695 (CVE-2026-9695)
authentication bypass in CVE-2026-9695 (CVE-2026-9695). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12378 |
|
Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14489 |
|
Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57895 |
|
Vulnerability in CVE-2026-57895 (CVE-2026-57895)
vulnerability in CVE-2026-57895 (CVE-2026-57895). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14495 |
|
Vulnerability in wordpress (CVE-2026-14495)
vulnerability in wordpress (CVE-2026-14495). Successful exploitation can lead to full system takeover. Exploitable via ``init``.
|
| CVE-2026-9731 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14500 |
|
Path Traversal in wordpress (CVE-2026-14500)
path traversal in wordpress (CVE-2026-14500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56437 |
|
Vulnerability in jvn (CVE-2026-56437)
vulnerability in jvn (CVE-2026-56437). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9700 |
|
SQL Injection in wordpress (CVE-2026-9700)
SQL injection in wordpress (CVE-2026-9700). Confidential information can be exposed externally.
|
| CVE-2026-12153 |
|
Vulnerability in wordpress (CVE-2026-12153)
vulnerability in wordpress (CVE-2026-12153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10570 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10570)
cross-site scripting in wordpress (CVE-2026-10570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12097 |
|
Vulnerability in wordpress (CVE-2026-12097)
vulnerability in wordpress (CVE-2026-12097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11798 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11798)
cross-site scripting in wordpress (CVE-2026-11798). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12041 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12041)
cross-site scripting in wordpress (CVE-2026-12041). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-9701 |
|
Vulnerability in wordpress (CVE-2026-9701)
vulnerability in wordpress (CVE-2026-9701). Successful exploitation can lead to full system takeover. Exploitable via ``eventer_verification_code``.
|
| CVE-2026-14487 |
|
Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-14158 |
|
Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49656 |
|
Vulnerability in jvn (CVE-2025-49656)
vulnerability in jvn (CVE-2025-49656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60002 |
|
Use-After-Free in CVE-2026-60002 (CVE-2026-60002)
vulnerability in CVE-2026-60002 (CVE-2026-60002). Confidential information can be exposed externally.
|
| CVE-2026-60001 |
|
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
|
| CVE-2026-60000 |
|
Vulnerability in dos (CVE-2026-60000)
vulnerability in dos (CVE-2026-60000). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59999 |
|
Vulnerability in CVE-2026-59999 (CVE-2026-59999)
vulnerability in CVE-2026-59999 (CVE-2026-59999). Data can be tampered with by attackers.
|
| CVE-2026-59998 |
|
Vulnerability in CVE-2026-59998 (CVE-2026-59998)
vulnerability in CVE-2026-59998 (CVE-2026-59998). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59997 |
|
Vulnerability in CVE-2026-59997 (CVE-2026-59997)
vulnerability in CVE-2026-59997 (CVE-2026-59997). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59996 |
|
Vulnerability in CVE-2026-59996 (CVE-2026-59996)
vulnerability in CVE-2026-59996 (CVE-2026-59996). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59995 |
|
Vulnerability in CVE-2026-59995 (CVE-2026-59995)
vulnerability in CVE-2026-59995 (CVE-2026-59995). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56843 |
|
Vulnerability in c (CVE-2026-56843)
vulnerability in c (CVE-2026-56843). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53508 |
|
Vulnerability in github.com/oasdiff/oasdiff (CVE-2026-53508)
vulnerability in github.com/oasdiff/oasdiff (CVE-2026-53508). Risk of unauthorized operations or information disclosure. Exploitable via ``breaking``. Mitigation: upgrade to `1.18.1` or later.
|
| CVE-2026-53572 |
|
Vulnerability in github.com/kedacore/keda/v2 (CVE-2026-53572)
vulnerability in github.com/kedacore/keda/v2 (CVE-2026-53572). Risk of unauthorized operations or information disclosure. Exploitable via ``host``. Mitigation: upgrade to `2.20.0` or later.
|
| GHSA-f66q-9rf6-8795 |
|
Authentication Bypass in Flask-Security-Too (GHSA-f66q-9rf6-8795)
authentication bypass in Flask-Security-Too (GHSA-f66q-9rf6-8795). Risk of unauthorized operations or information disclosure. Exploitable via `POST /wan-verify`. Mitigation: upgrade to `5.8.1` or later.
|
| CVE-2026-53553 |
|
Path Traversal in github.com/zhenorzz/goploy (CVE-2026-53553)
path traversal in github.com/zhenorzz/goploy (CVE-2026-53553). Risk of unauthorized operations or information disclosure. Exploitable via ``filePath``.
|
| CVE-2026-53552 |
|
Vulnerability in github.com/zhenorzz/goploy (CVE-2026-53552)
vulnerability in github.com/zhenorzz/goploy (CVE-2026-53552). Risk of unauthorized operations or information disclosure. Exploitable via ``Project.AddFile``.
|
| GHSA-q855-8rh5-jfgq |
|
Vulnerability in ha-mcp (GHSA-q855-8rh5-jfgq)
vulnerability in ha-mcp (GHSA-q855-8rh5-jfgq). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/settings/tools`. Mitigation: upgrade to `7.10.0` or later.
|