Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-43414 Vulnerability in linux (CVE-2026-43414)
vulnerability in linux (CVE-2026-43414). Successful exploitation can lead to full system takeover.
CVE-2026-43406 Out-of-Bounds Read in linux (CVE-2026-43406)
vulnerability in linux (CVE-2026-43406). Confidential information can be exposed externally.
CVE-2026-43407 Out-of-Bounds Read in linux (CVE-2026-43407)
vulnerability in linux (CVE-2026-43407). Confidential information can be exposed externally.
CVE-2026-43402 Use-After-Free in linux (CVE-2026-43402)
vulnerability in linux (CVE-2026-43402). Successful exploitation can lead to full system takeover.
CVE-2026-43379 Use-After-Free in linux (CVE-2026-43379)
vulnerability in linux (CVE-2026-43379). Successful exploitation can lead to full system takeover.
CVE-2026-43383 Vulnerability in linux (CVE-2026-43383)
vulnerability in linux (CVE-2026-43383). Data can be tampered with by attackers.
CVE-2026-43384 Vulnerability in linux (CVE-2026-43384)
vulnerability in linux (CVE-2026-43384). Successful exploitation can lead to full system takeover.
CVE-2026-43376 Use-After-Free in linux (CVE-2026-43376)
vulnerability in linux (CVE-2026-43376). Successful exploitation can lead to full system takeover.
CVE-2026-43378 Use-After-Free in linux (CVE-2026-43378)
vulnerability in linux (CVE-2026-43378). Successful exploitation can lead to full system takeover.
CVE-2026-41588 Vulnerability in timing-attack (CVE-2026-41588)
vulnerability in timing-attack (CVE-2026-41588). Successful exploitation can lead to full system takeover.
CVE-2026-41583 Vulnerability in zfnd (CVE-2026-41583)
vulnerability in zfnd (CVE-2026-41583). Data can be tampered with by attackers. Exploitable via ``zcashd``.
CVE-2026-41574 Authentication Bypass in github.com/nhost/nhost (CVE-2026-41574)
authentication bypass in github.com/nhost/nhost (CVE-2026-41574). Successful exploitation can lead to full system takeover. Exploitable via `GET /users/`. Mitigation: upgrade to `0.0.0-20260417112436-ec8dab3f2cf4` or later.
CVE-2026-37431 SQL Injection in sqli (CVE-2026-37431)
SQL injection in sqli (CVE-2026-37431). Successful exploitation can lead to full system takeover.
CVE-2026-44335 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-44335)
SSRF in ssrf (CVE-2026-44335). Successful exploitation can lead to full system takeover. Exploitable via ``requests``. Mitigation: upgrade to `>= 1.6.32` or later.
CVE-2026-44336 Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
CVE-2026-43341 Vulnerability in linux (CVE-2026-43341)
vulnerability in linux (CVE-2026-43341). Successful exploitation can lead to full system takeover.
CVE-2026-43304 Vulnerability in linux (CVE-2026-43304)
vulnerability in linux (CVE-2026-43304). Successful exploitation can lead to full system takeover.
CVE-2026-41507 Code Injection in remote (CVE-2026-41507)
code injection in remote (CVE-2026-41507). Successful exploitation can lead to full system takeover.
CVE-2026-41509 Vulnerability in cross-crypto (CVE-2026-41509)
vulnerability in cross-crypto (CVE-2026-41509). Successful exploitation can lead to full system takeover.
CVE-2026-41512 Code Injection in gem (CVE-2026-41512)
code injection in gem (CVE-2026-41512). Successful exploitation can lead to full system takeover. Exploitable via `POST /targets/auto_detect_selectors`.
CVE-2026-41497 Command Injection in praison (CVE-2026-41497)
command injection in praison (CVE-2026-41497). Successful exploitation can lead to full system takeover. Exploitable via ``bash``. Mitigation: upgrade to `>= 4.6.9` or later.
CVE-2026-25199 Information Disclosure in apache (CVE-2026-25199)
vulnerability in apache (CVE-2026-25199). Confidential information can be exposed externally.
CVE-2026-8153 OS Command Injection in iot-embedded (CVE-2026-8153)
OS command injection in iot-embedded (CVE-2026-8153). Successful exploitation can lead to full system takeover.
CVE-2013-10075 Vulnerability in apache (CVE-2013-10075)
vulnerability in apache (CVE-2013-10075). Confidential information can be exposed externally.
CVE-2025-67887 Code Injection in CVE-2025-67887 (CVE-2025-67887)
code injection in CVE-2025-67887 (CVE-2025-67887). Successful exploitation can lead to full system takeover.
CVE-2025-69599 Vulnerability in CVE-2025-69599 (CVE-2025-69599)
vulnerability in CVE-2025-69599 (CVE-2025-69599). Successful exploitation can lead to full system takeover.
CVE-2025-69690 Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
CVE-2025-69691 Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
CVE-2023-46453 SQL Injection in network-device (CVE-2023-46453)
SQL injection in network-device (CVE-2023-46453). Successful exploitation can lead to full system takeover.
CVE-2024-51092 OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
CVE-2026-43944 Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
CVE-2026-43941 Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
CVE-2026-41500 Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-41501 Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-42208 KEV [KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
CVE-2026-42880 Information Disclosure in argo-cd (CVE-2026-42880)
vulnerability in argo-cd (CVE-2026-42880). Confidential information can be exposed externally.
CVE-2026-8034 Vulnerability in ssrf (CVE-2026-8034)
vulnerability in ssrf (CVE-2026-8034). Successful exploitation can lead to full system takeover.
CVE-2026-42826 Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
CVE-2026-33109 Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
CVE-2026-33823 Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
CVE-2026-33844 Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
CVE-2026-35428 Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
CVE-2026-41902 Vulnerability in laravel (CVE-2026-41902)
vulnerability in laravel (CVE-2026-41902). Confidential information can be exposed externally. Exploitable via `Referer header`.
CVE-2026-7415 Vulnerability in yarbo (CVE-2026-7415)
vulnerability in yarbo (CVE-2026-7415). Successful exploitation can lead to full system takeover.
CVE-2026-7414 Vulnerability in yarbo (CVE-2026-7414)
vulnerability in yarbo (CVE-2026-7414). Successful exploitation can lead to full system takeover.
CVE-2025-63703 Vulnerability in npm (CVE-2025-63703)
vulnerability in npm (CVE-2025-63703). Successful exploitation can lead to full system takeover.
CVE-2025-63704 Vulnerability in prototype-pollution (CVE-2025-63704)
vulnerability in prototype-pollution (CVE-2025-63704). Successful exploitation can lead to full system takeover.
CVE-2026-36458 Code Injection in sqli (CVE-2026-36458)
code injection in sqli (CVE-2026-36458). Successful exploitation can lead to full system takeover.
CVE-2025-63706 Code Injection in npm (CVE-2025-63706)
code injection in npm (CVE-2025-63706). Successful exploitation can lead to full system takeover.
CVE-2026-30496 Vulnerability in android (CVE-2026-30496)
vulnerability in android (CVE-2026-30496). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →