Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43414 |
|
Vulnerability in linux (CVE-2026-43414)
vulnerability in linux (CVE-2026-43414). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43406 |
|
Out-of-Bounds Read in linux (CVE-2026-43406)
vulnerability in linux (CVE-2026-43406). Confidential information can be exposed externally.
|
| CVE-2026-43407 |
|
Out-of-Bounds Read in linux (CVE-2026-43407)
vulnerability in linux (CVE-2026-43407). Confidential information can be exposed externally.
|
| CVE-2026-43402 |
|
Use-After-Free in linux (CVE-2026-43402)
vulnerability in linux (CVE-2026-43402). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43379 |
|
Use-After-Free in linux (CVE-2026-43379)
vulnerability in linux (CVE-2026-43379). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43383 |
|
Vulnerability in linux (CVE-2026-43383)
vulnerability in linux (CVE-2026-43383). Data can be tampered with by attackers.
|
| CVE-2026-43384 |
|
Vulnerability in linux (CVE-2026-43384)
vulnerability in linux (CVE-2026-43384). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43376 |
|
Use-After-Free in linux (CVE-2026-43376)
vulnerability in linux (CVE-2026-43376). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43378 |
|
Use-After-Free in linux (CVE-2026-43378)
vulnerability in linux (CVE-2026-43378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41588 |
|
Vulnerability in timing-attack (CVE-2026-41588)
vulnerability in timing-attack (CVE-2026-41588). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41583 |
|
Vulnerability in zfnd (CVE-2026-41583)
vulnerability in zfnd (CVE-2026-41583). Data can be tampered with by attackers. Exploitable via ``zcashd``.
|
| CVE-2026-41574 |
|
Authentication Bypass in github.com/nhost/nhost (CVE-2026-41574)
authentication bypass in github.com/nhost/nhost (CVE-2026-41574). Successful exploitation can lead to full system takeover. Exploitable via `GET /users/`. Mitigation: upgrade to `0.0.0-20260417112436-ec8dab3f2cf4` or later.
|
| CVE-2026-37431 |
|
SQL Injection in sqli (CVE-2026-37431)
SQL injection in sqli (CVE-2026-37431). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44335 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-44335)
SSRF in ssrf (CVE-2026-44335). Successful exploitation can lead to full system takeover. Exploitable via ``requests``. Mitigation: upgrade to `>= 1.6.32` or later.
|
| CVE-2026-44336 |
|
Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
|
| CVE-2026-43341 |
|
Vulnerability in linux (CVE-2026-43341)
vulnerability in linux (CVE-2026-43341). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43304 |
|
Vulnerability in linux (CVE-2026-43304)
vulnerability in linux (CVE-2026-43304). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41507 |
|
Code Injection in remote (CVE-2026-41507)
code injection in remote (CVE-2026-41507). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41509 |
|
Vulnerability in cross-crypto (CVE-2026-41509)
vulnerability in cross-crypto (CVE-2026-41509). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41512 |
|
Code Injection in gem (CVE-2026-41512)
code injection in gem (CVE-2026-41512). Successful exploitation can lead to full system takeover. Exploitable via `POST /targets/auto_detect_selectors`.
|
| CVE-2026-41497 |
|
Command Injection in praison (CVE-2026-41497)
command injection in praison (CVE-2026-41497). Successful exploitation can lead to full system takeover. Exploitable via ``bash``. Mitigation: upgrade to `>= 4.6.9` or later.
|
| CVE-2026-25199 |
|
Information Disclosure in apache (CVE-2026-25199)
vulnerability in apache (CVE-2026-25199). Confidential information can be exposed externally.
|
| CVE-2026-8153 |
|
OS Command Injection in iot-embedded (CVE-2026-8153)
OS command injection in iot-embedded (CVE-2026-8153). Successful exploitation can lead to full system takeover.
|
| CVE-2013-10075 |
|
Vulnerability in apache (CVE-2013-10075)
vulnerability in apache (CVE-2013-10075). Confidential information can be exposed externally.
|
| CVE-2025-67887 |
|
Code Injection in CVE-2025-67887 (CVE-2025-67887)
code injection in CVE-2025-67887 (CVE-2025-67887). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69599 |
|
Vulnerability in CVE-2025-69599 (CVE-2025-69599)
vulnerability in CVE-2025-69599 (CVE-2025-69599). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69690 |
|
Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69691 |
|
Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
|
| CVE-2023-46453 |
|
SQL Injection in network-device (CVE-2023-46453)
SQL injection in network-device (CVE-2023-46453). Successful exploitation can lead to full system takeover.
|
| CVE-2024-51092 |
|
OS Command Injection in command-injection (CVE-2024-51092)
OS command injection in command-injection (CVE-2024-51092). Confidential information can be exposed externally. Exploitable via ``version_netsnmp``.
|
| CVE-2026-43944 |
|
Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
|
| CVE-2026-43941 |
|
Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
|
| CVE-2026-41500 |
|
Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
|
| CVE-2026-41501 |
|
Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
|
| CVE-2026-42208 KEV |
|
[KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
|
| CVE-2026-42880 |
|
Information Disclosure in argo-cd (CVE-2026-42880)
vulnerability in argo-cd (CVE-2026-42880). Confidential information can be exposed externally.
|
| CVE-2026-8034 |
|
Vulnerability in ssrf (CVE-2026-8034)
vulnerability in ssrf (CVE-2026-8034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42826 |
|
Information Disclosure in microsoft (CVE-2026-42826)
vulnerability in microsoft (CVE-2026-42826). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33109 |
|
Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33823 |
|
Vulnerability in microsoft (CVE-2026-33823)
vulnerability in microsoft (CVE-2026-33823). Confidential information can be exposed externally.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35428 |
|
Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41902 |
|
Vulnerability in laravel (CVE-2026-41902)
vulnerability in laravel (CVE-2026-41902). Confidential information can be exposed externally. Exploitable via `Referer header`.
|
| CVE-2026-7415 |
|
Vulnerability in yarbo (CVE-2026-7415)
vulnerability in yarbo (CVE-2026-7415). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7414 |
|
Vulnerability in yarbo (CVE-2026-7414)
vulnerability in yarbo (CVE-2026-7414). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63703 |
|
Vulnerability in npm (CVE-2025-63703)
vulnerability in npm (CVE-2025-63703). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63704 |
|
Vulnerability in prototype-pollution (CVE-2025-63704)
vulnerability in prototype-pollution (CVE-2025-63704). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36458 |
|
Code Injection in sqli (CVE-2026-36458)
code injection in sqli (CVE-2026-36458). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63706 |
|
Code Injection in npm (CVE-2025-63706)
code injection in npm (CVE-2025-63706). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30496 |
|
Vulnerability in android (CVE-2026-30496)
vulnerability in android (CVE-2026-30496). Successful exploitation can lead to full system takeover.
|