Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-56280 Vulnerability in CVE-2026-56280 (CVE-2026-56280)
vulnerability in CVE-2026-56280 (CVE-2026-56280). Risk of unauthorized operations or information disclosure. Exploitable via `GET /build/logs/`.
CVE-2026-48517 Vulnerability in MessagePack (CVE-2026-48517)
vulnerability in MessagePack (CVE-2026-48517). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializer.Typeless``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48516 Vulnerability in MessagePack (CVE-2026-48516)
vulnerability in MessagePack (CVE-2026-48516). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48515 Vulnerability in MessagePack (CVE-2026-48515)
vulnerability in MessagePack (CVE-2026-48515). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48514 Vulnerability in MessagePack (CVE-2026-48514)
vulnerability in MessagePack (CVE-2026-48514). Risk of unauthorized operations or information disclosure. Exploitable via ``byteLength``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48513 Vulnerability in MessagePack (CVE-2026-48513)
vulnerability in MessagePack (CVE-2026-48513). Risk of unauthorized operations or information disclosure. Exploitable via ``DynamicUnionResolver``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48512 Vulnerability in MessagePack (CVE-2026-48512)
vulnerability in MessagePack (CVE-2026-48512). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSerializer.ConvertFromJson``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48511 Vulnerability in MessagePack (CVE-2026-48511)
vulnerability in MessagePack (CVE-2026-48511). Risk of unauthorized operations or information disclosure. Exploitable via ``ExpandoObjectFormatter.Deserialize``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48510 Vulnerability in MessagePack (CVE-2026-48510)
vulnerability in MessagePack (CVE-2026-48510). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48506 Vulnerability in MessagePack (CVE-2026-48506)
vulnerability in MessagePack (CVE-2026-48506). Risk of unauthorized operations or information disclosure. Exploitable via ``StackOverflowException``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48505 Vulnerability in filament/filament (CVE-2026-48505)
vulnerability in filament/filament (CVE-2026-48505). Confidential information can be exposed externally. Mitigation: upgrade to `5.6.5` or later.
CVE-2026-48502 Out-of-Bounds Read in MessagePack (CVE-2026-48502)
vulnerability in MessagePack (CVE-2026-48502). Risk of unauthorized operations or information disclosure. Exploitable via ``tokenSize``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-44271 SQL Injection in sqli (CVE-2026-44271)
SQL injection in sqli (CVE-2026-44271). Confidential information can be exposed externally.
CVE-2026-44272 SQL Injection in sqli (CVE-2026-44272)
SQL injection in sqli (CVE-2026-44272). Successful exploitation can lead to full system takeover.
CVE-2026-44274 Vulnerability in dell (CVE-2026-44274)
vulnerability in dell (CVE-2026-44274). Successful exploitation can lead to full system takeover.
CVE-2026-53779 Path Traversal in path-traversal (CVE-2026-53779)
path traversal in path-traversal (CVE-2026-53779). Confidential information can be exposed externally.
CVE-2026-46608 Vulnerability in glances (CVE-2026-46608)
vulnerability in glances (CVE-2026-46608). Confidential information can be exposed externally. Exploitable via ``cors_origins``. Mitigation: upgrade to `4.5.5` or later.
CVE-2026-46607 Unsafe Deserialization in glances (CVE-2026-46607)
vulnerability in glances (CVE-2026-46607). Successful exploitation can lead to full system takeover. Exploitable via ``self.cache_file``. Mitigation: upgrade to `4.5.5` or later.
CVE-2026-46606 OS Command Injection in glances (CVE-2026-46606)
OS command injection in glances (CVE-2026-46606). Successful exploitation can lead to full system takeover. Exploitable via ``domain``. Mitigation: upgrade to `4.5.5` or later.
CVE-2026-42127 Vulnerability in dos (CVE-2026-42127)
vulnerability in dos (CVE-2026-42127). Risk of unauthorized operations or information disclosure.
CVE-2026-9072 Code Injection in dos (CVE-2026-9072)
code injection in dos (CVE-2026-9072). Successful exploitation can lead to full system takeover.
CVE-2026-9071 Vulnerability in dos (CVE-2026-9071)
vulnerability in dos (CVE-2026-9071). Risk of unauthorized operations or information disclosure.
CVE-2026-9006 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9006)
SSRF in ssrf (CVE-2026-9006). Confidential information can be exposed externally.
CVE-2026-8858 Code Injection in dos (CVE-2026-8858)
code injection in dos (CVE-2026-8858). Successful exploitation can lead to full system takeover.
CVE-2026-8646 Vulnerability in ibm (CVE-2026-8646)
vulnerability in ibm (CVE-2026-8646). Confidential information can be exposed externally.
CVE-2026-56104 Vulnerability in CVE-2026-56104 (CVE-2026-56104)
vulnerability in CVE-2026-56104 (CVE-2026-56104). Confidential information can be exposed externally.
CVE-2026-50178 Cross-Site Scripting (XSS) in angular (CVE-2026-50178)
cross-site scripting in angular (CVE-2026-50178). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
CVE-2026-49241 Cross-Site Scripting (XSS) in angular (CVE-2026-49241)
cross-site scripting in angular (CVE-2026-49241). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
CVE-2026-41049 Authorization Flaw in presire (CVE-2026-41049)
vulnerability in presire (CVE-2026-41049). Data can be tampered with by attackers.
CVE-2026-41048 Authorization Flaw in presire (CVE-2026-41048)
vulnerability in presire (CVE-2026-41048). Data can be tampered with by attackers.
CVE-2026-41046 Vulnerability in path-traversal (CVE-2026-41046)
vulnerability in path-traversal (CVE-2026-41046). Risk of unauthorized operations or information disclosure.
CVE-2026-41045 Vulnerability in presire (CVE-2026-41045)
vulnerability in presire (CVE-2026-41045). Successful exploitation can lead to full system takeover.
CVE-2026-10845 Authentication Bypass in ibm (CVE-2026-10845)
authentication bypass in ibm (CVE-2026-10845). Risk of unauthorized operations or information disclosure.
CVE-2026-9029 The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug....
The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug....
CVE-2026-56447 Vulnerability in misp-project (CVE-2026-56447)
vulnerability in misp-project (CVE-2026-56447). Successful exploitation can lead to full system takeover.
CVE-2026-56446 Code Injection in misp-project (CVE-2026-56446)
code injection in misp-project (CVE-2026-56446). Successful exploitation can lead to full system takeover.
CVE-2026-56425 Vulnerability in csrf (CVE-2026-56425)
vulnerability in csrf (CVE-2026-56425). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
CVE-2026-56424 Vulnerability in misp-project (CVE-2026-56424)
vulnerability in misp-project (CVE-2026-56424). Successful exploitation can lead to full system takeover.
CVE-2026-56423 Vulnerability in misp-project (CVE-2026-56423)
vulnerability in misp-project (CVE-2026-56423). Successful exploitation can lead to full system takeover.
CVE-2026-54100 A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
CVE-2026-54099 A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
CVE-2026-42129 The Loki datasource plugin's callResource handler contains a path traversal vulnerability. An...
The Loki datasource plugin's callResource handler contains a path traversal vulnerability. An...
CVE-2025-66389 Vulnerability in microsoft (CVE-2025-66389)
vulnerability in microsoft (CVE-2025-66389). Confidential information can be exposed externally.
CVE-2026-12581 Vulnerability in csharp (CVE-2026-12581)
vulnerability in csharp (CVE-2026-12581). Successful exploitation can lead to full system takeover.
CVE-2023-45796 Cross-Site Scripting (XSS) in CVE-2023-45796 (CVE-2023-45796)
cross-site scripting in CVE-2023-45796 (CVE-2023-45796). Data can be tampered with by attackers.
CVE-2023-45795 Cross-Site Scripting (XSS) in CVE-2023-45795 (CVE-2023-45795)
cross-site scripting in CVE-2023-45795 (CVE-2023-45795). Successful exploitation can lead to full system takeover.
CVE-2025-66336 SQL Injection in apache (CVE-2025-66336)
SQL injection in apache (CVE-2025-66336). Confidential information can be exposed externally.
CVE-2026-44913 Vulnerability in apache (CVE-2026-44913)
vulnerability in apache (CVE-2026-44913). Successful exploitation can lead to full system takeover.
CVE-2026-44914 Vulnerability in apache (CVE-2026-44914)
vulnerability in apache (CVE-2026-44914). Successful exploitation can lead to full system takeover.
CVE-2026-8157 Privilege Escalation in wordpress (CVE-2026-8157)
vulnerability in wordpress (CVE-2026-8157). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →