Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-14403 |
|
Use-After-Free in google (CVE-2026-14403)
vulnerability in google (CVE-2026-14403). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14407 |
|
Code Injection in google (CVE-2026-14407)
code injection in google (CVE-2026-14407). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14389 |
|
Vulnerability in google (CVE-2026-14389)
vulnerability in google (CVE-2026-14389). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14402 |
|
Vulnerability in google (CVE-2026-14402)
vulnerability in google (CVE-2026-14402). Confidential information can be exposed externally.
|
| CVE-2026-14401 |
|
Vulnerability in google (CVE-2026-14401)
vulnerability in google (CVE-2026-14401). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14397 |
|
Out-of-Bounds Write in google (CVE-2026-14397)
out-of-bounds write in google (CVE-2026-14397). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14393 |
|
Use-After-Free in google (CVE-2026-14393)
vulnerability in google (CVE-2026-14393). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14390 |
|
Use-After-Free in google (CVE-2026-14390)
vulnerability in google (CVE-2026-14390). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14398 |
|
Use-After-Free in google (CVE-2026-14398)
vulnerability in google (CVE-2026-14398). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14400 |
|
Out-of-Bounds Write in google (CVE-2026-14400)
out-of-bounds write in google (CVE-2026-14400). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14391 |
|
Vulnerability in google (CVE-2026-14391)
vulnerability in google (CVE-2026-14391). Confidential information can be exposed externally.
|
| CVE-2026-14395 |
|
Out-of-Bounds Write in google (CVE-2026-14395)
out-of-bounds write in google (CVE-2026-14395). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14388 |
|
Out-of-Bounds Read in google (CVE-2026-14388)
vulnerability in google (CVE-2026-14388). Confidential information can be exposed externally.
|
| CVE-2026-14387 |
|
Vulnerability in google (CVE-2026-14387)
vulnerability in google (CVE-2026-14387). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14386 |
|
Out-of-Bounds Read in google (CVE-2026-14386)
vulnerability in google (CVE-2026-14386). Confidential information can be exposed externally.
|
| CVE-2026-14396 |
|
Out-of-Bounds Read in google (CVE-2026-14396)
vulnerability in google (CVE-2026-14396). Confidential information can be exposed externally.
|
| CVE-2026-14382 |
|
Vulnerability in google (CVE-2026-14382)
vulnerability in google (CVE-2026-14382). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14383 |
|
Code Injection in google (CVE-2026-14383)
code injection in google (CVE-2026-14383). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14381 |
|
Vulnerability in google (CVE-2026-14381)
vulnerability in google (CVE-2026-14381). Data can be tampered with by attackers.
|
| CVE-2026-11950 |
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
| CVE-2026-14385 |
|
Vulnerability in google (CVE-2026-14385)
vulnerability in google (CVE-2026-14385). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14384 |
|
Out-of-Bounds Read in google (CVE-2026-14384)
vulnerability in google (CVE-2026-14384). Confidential information can be exposed externally.
|
| CVE-2026-38891 |
|
Vulnerability in cpp (CVE-2026-38891)
vulnerability in cpp (CVE-2026-38891). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52186 |
|
SQL Injection in sqli (CVE-2026-52186)
SQL injection in sqli (CVE-2026-52186). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36911 |
|
Vulnerability in dos (CVE-2026-36911)
vulnerability in dos (CVE-2026-36911). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36910 |
|
Buffer Overflow in dos (CVE-2026-36910)
vulnerability in dos (CVE-2026-36910). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36912 |
|
Vulnerability in dos (CVE-2026-36912)
vulnerability in dos (CVE-2026-36912). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52190 |
|
Vulnerability in dos (CVE-2026-52190)
vulnerability in dos (CVE-2026-52190). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36909 |
|
Vulnerability in dos (CVE-2026-36909)
vulnerability in dos (CVE-2026-36909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55794 |
|
Code Injection in craftcms/cms (CVE-2026-55794)
code injection in craftcms/cms (CVE-2026-55794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
|
| CVE-2026-55792 |
|
Information Disclosure in craftcms/cms (CVE-2026-55792)
vulnerability in craftcms/cms (CVE-2026-55792). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
|
| CVE-2026-50280 |
|
Vulnerability in craftcms/cms (CVE-2026-50280)
vulnerability in craftcms/cms (CVE-2026-50280). Risk of unauthorized operations or information disclosure. Exploitable via ``viewEntries``. Mitigation: upgrade to `5.9.21` or later.
|
| CVE-2026-50279 |
|
Vulnerability in craftcms/cms (CVE-2026-50279)
vulnerability in craftcms/cms (CVE-2026-50279). Risk of unauthorized operations or information disclosure. Exploitable via ``authors``. Mitigation: upgrade to `5.9.21` or later.
|
| CVE-2026-55790 |
|
Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55790)
cross-site scripting in craftcms/cms (CVE-2026-55790). Risk of unauthorized operations or information disclosure. Exploitable via ``CraftSupportWidget.js``. Mitigation: upgrade to `4.17.16` or later.
|
| CVE-2026-50284 |
|
Vulnerability in craftcms/cms (CVE-2026-50284)
vulnerability in craftcms/cms (CVE-2026-50284). Risk of unauthorized operations or information disclosure. Exploitable via ``actionDeleteAsset``. Mitigation: upgrade to `4.17.15` or later.
|
| CVE-2026-50283 |
|
Vulnerability in craftcms/cms (CVE-2026-50283)
vulnerability in craftcms/cms (CVE-2026-50283). Risk of unauthorized operations or information disclosure. Exploitable via ``assetId``. Mitigation: upgrade to `4.17.14` or later.
|
| CVE-2026-55793 |
|
Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55793)
cross-site scripting in craftcms/cms (CVE-2026-55793). Risk of unauthorized operations or information disclosure. Exploitable via ``saveEntries``. Mitigation: upgrade to `5.9.53` or later.
|
| CVE-2026-54712 |
|
Vulnerability in dos (CVE-2026-54712)
vulnerability in dos (CVE-2026-54712). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54704 |
|
Vulnerability in linuxfoundation (CVE-2026-54704)
vulnerability in linuxfoundation (CVE-2026-54704). Confidential information can be exposed externally.
|
| CVE-2026-54263 |
|
Cross-Site Scripting (XSS) in django (CVE-2026-54263)
cross-site scripting in django (CVE-2026-54263). Confidential information can be exposed externally.
|
| CVE-2026-54262 |
|
Vulnerability in django (CVE-2026-54262)
vulnerability in django (CVE-2026-54262). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54261 |
|
Vulnerability in django (CVE-2026-54261)
vulnerability in django (CVE-2026-54261). Confidential information can be exposed externally.
|
| CVE-2026-54260 |
|
Vulnerability in django (CVE-2026-54260)
vulnerability in django (CVE-2026-54260). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54259 |
|
Vulnerability in django (CVE-2026-54259)
vulnerability in django (CVE-2026-54259). Risk of unauthorized operations or information disclosure.
|
| GHSA-9c3v-684m-579c |
|
Information Disclosure in openclaw (GHSA-9c3v-684m-579c)
vulnerability in openclaw (GHSA-9c3v-684m-579c). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `2026.6.5` or later.
|
| CVE-2026-50143 |
|
SSRF (Server-Side Request Forgery) in @apify/actors-mcp-server (CVE-2026-50143)
SSRF in @apify/actors-mcp-server (CVE-2026-50143). Risk of unauthorized operations or information disclosure. Exploitable via ``webServerMcpPath``. Mitigation: upgrade to `0.10.11` or later.
|
| CVE-2026-50139 |
|
Vulnerability in goshs.de/goshs/v2 (CVE-2026-50139)
vulnerability in goshs.de/goshs/v2 (CVE-2026-50139). Risk of unauthorized operations or information disclosure. Exploitable via ``ShareHandler``. Mitigation: upgrade to `2.1.0` or later.
|
| CVE-2026-50138 |
|
Vulnerability in goshs.de/goshs/v2 (CVE-2026-50138)
vulnerability in goshs.de/goshs/v2 (CVE-2026-50138). Risk of unauthorized operations or information disclosure. Exploitable via ``goshs``. Mitigation: upgrade to `2.1.0` or later.
|
| GHSA-vh4v-2xq2-g5cg |
|
Information Disclosure in oras.land/oras-go/v2 (GHSA-vh4v-2xq2-g5cg)
vulnerability in oras.land/oras-go/v2 (GHSA-vh4v-2xq2-g5cg). Risk of unauthorized operations or information disclosure. Exploitable via ``Authorization``. Mitigation: upgrade to `2.6.1` or later.
|
| CVE-2026-53712 |
|
Vulnerability in com.ongres.scram:scram-client (CVE-2026-53712)
vulnerability in com.ongres.scram:scram-client (CVE-2026-53712). Risk of unauthorized operations or information disclosure. Exploitable via ``TlsServerEndpoint``. Mitigation: upgrade to `3.3` or later.
|