Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-42364 OS Command Injection in geovision (CVE-2026-42364)
OS command injection in geovision (CVE-2026-42364). Successful exploitation can lead to full system takeover.
CVE-2026-42369 Out-of-Bounds Write in CVE-2026-42369 (CVE-2026-42369)
out-of-bounds write in CVE-2026-42369 (CVE-2026-42369). Successful exploitation can lead to full system takeover. Exploitable via ``gvapi``.
CVE-2026-37541 Vulnerability in cpp (CVE-2026-37541)
vulnerability in cpp (CVE-2026-37541). Successful exploitation can lead to full system takeover.
CVE-2026-37531 Path Traversal in c (CVE-2026-37531)
path traversal in c (CVE-2026-37531). Successful exploitation can lead to full system takeover.
CVE-2026-43037 Out-of-Bounds Write in linux (CVE-2026-43037)
out-of-bounds write in linux (CVE-2026-43037). Successful exploitation can lead to full system takeover.
CVE-2026-43039 Vulnerability in linux (CVE-2026-43039)
vulnerability in linux (CVE-2026-43039). Successful exploitation can lead to full system takeover.
CVE-2026-43038 Vulnerability in linux (CVE-2026-43038)
vulnerability in linux (CVE-2026-43038). Successful exploitation can lead to full system takeover.
CVE-2026-31718 Use-After-Free in linux (CVE-2026-31718)
vulnerability in linux (CVE-2026-31718). Successful exploitation can lead to full system takeover.
CVE-2026-31705 Out-of-Bounds Write in linux (CVE-2026-31705)
out-of-bounds write in linux (CVE-2026-31705). Successful exploitation can lead to full system takeover.
CVE-2026-39858 Vulnerability in traefik (CVE-2026-39858)
vulnerability in traefik (CVE-2026-39858). Confidential information can be exposed externally.
CVE-2026-35051 Vulnerability in traefik (CVE-2026-35051)
vulnerability in traefik (CVE-2026-35051). Confidential information can be exposed externally.
CVE-2026-40281 Vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281)
vulnerability in github.com/gotenberg/gotenberg/v8 (CVE-2026-40281). Data can be tampered with by attackers. Exploitable via ``WriteMetadata``. Mitigation: upgrade to `8.31.0` or later.
CVE-2025-14543 XXE (XML External Entity) in rti (CVE-2025-14543)
vulnerability in rti (CVE-2025-14543). Confidential information can be exposed externally.
CVE-2026-5166 Path Traversal in path-traversal (CVE-2026-5166)
path traversal in path-traversal (CVE-2026-5166). Successful exploitation can lead to full system takeover.
CVE-2026-42249 Path Traversal in path-traversal (CVE-2026-42249)
path traversal in path-traversal (CVE-2026-42249). Successful exploitation can lead to full system takeover.
CVE-2026-42248 Vulnerability in ollama (CVE-2026-42248)
vulnerability in ollama (CVE-2026-42248). Successful exploitation can lead to full system takeover.
CVE-2026-3893 Vulnerability in CVE-2026-3893 (CVE-2026-3893)
vulnerability in CVE-2026-3893 (CVE-2026-3893). Data can be tampered with by attackers.
CVE-2025-60889 Unsafe Deserialization in deserialization (CVE-2025-60889)
vulnerability in deserialization (CVE-2025-60889). Successful exploitation can lead to full system takeover.
CVE-2026-40976 Vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976)
vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.6` or later.
CVE-2026-30352 Command Injection in CVE-2026-30352 (CVE-2026-30352)
command injection in CVE-2026-30352 (CVE-2026-30352). Successful exploitation can lead to full system takeover.
CVE-2026-33453 Vulnerability in apache (CVE-2026-33453)
vulnerability in apache (CVE-2026-33453). Successful exploitation can lead to full system takeover.
CVE-2026-33454 Unsafe Deserialization in apache (CVE-2026-33454)
vulnerability in apache (CVE-2026-33454). Confidential information can be exposed externally.
CVE-2026-40453 Vulnerability in org.apache.camel:camel-coap (CVE-2026-40453)
vulnerability in org.apache.camel:camel-coap (CVE-2026-40453). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.20.0` or later.
CVE-2026-40860 Unsafe Deserialization in apache (CVE-2026-40860)
vulnerability in apache (CVE-2026-40860). Successful exploitation can lead to full system takeover.
CVE-2026-42363 Vulnerability in CVE-2026-42363 (CVE-2026-42363)
vulnerability in CVE-2026-42363 (CVE-2026-42363). Confidential information can be exposed externally.
CVE-2026-31685 Vulnerability in linux (CVE-2026-31685)
vulnerability in linux (CVE-2026-31685). Confidential information can be exposed externally.
CVE-2026-6951 Code Injection in simple-git (CVE-2026-6951)
code injection in simple-git (CVE-2026-6951). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.36.0` or later.
CVE-2026-31657 Vulnerability in linux (CVE-2026-31657)
vulnerability in linux (CVE-2026-31657). Successful exploitation can lead to full system takeover.
CVE-2026-31637 Vulnerability in linux (CVE-2026-31637)
vulnerability in linux (CVE-2026-31637). Successful exploitation can lead to full system takeover.
CVE-2026-31607 Out-of-Bounds Write in c (CVE-2026-31607)
out-of-bounds write in c (CVE-2026-31607). Successful exploitation can lead to full system takeover.
CVE-2026-41176 Vulnerability in rclone (CVE-2026-41176)
vulnerability in rclone (CVE-2026-41176). Successful exploitation can lead to full system takeover. Exploitable via ``AuthRequired``. Mitigation: upgrade to `1.73.5` or later.
CVE-2026-1951 Vulnerability in deltaww (CVE-2026-1951)
vulnerability in deltaww (CVE-2026-1951). Successful exploitation can lead to full system takeover.
CVE-2026-1952 Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability.
Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability.
CVE-2026-1950 Vulnerability in deltaww (CVE-2026-1950)
vulnerability in deltaww (CVE-2026-1950). Successful exploitation can lead to full system takeover.
CVE-2026-1949 Vulnerability in deltaww (CVE-2026-1949)
vulnerability in deltaww (CVE-2026-1949). Successful exploitation can lead to full system takeover.
CVE-2026-25775 Vulnerability in CVE-2026-25775 (CVE-2026-25775)
vulnerability in CVE-2026-25775 (CVE-2026-25775). Successful exploitation can lead to full system takeover.
CVE-2026-6942 OS Command Injection in radare (CVE-2026-6942)
OS command injection in radare (CVE-2026-6942). Successful exploitation can lead to full system takeover.
CVE-2026-6920 Out-of-Bounds Read in google (CVE-2026-6920)
vulnerability in google (CVE-2026-6920). Successful exploitation can lead to full system takeover.
CVE-2026-6919 Use-After-Free in google (CVE-2026-6919)
vulnerability in google (CVE-2026-6919). Successful exploitation can lead to full system takeover.
CVE-2026-6885 Unrestricted File Upload in CVE-2026-6885 (CVE-2026-6885)
vulnerability in CVE-2026-6885 (CVE-2026-6885). Successful exploitation can lead to full system takeover.
CVE-2026-6887 SQL Injection in sqli (CVE-2026-6887)
SQL injection in sqli (CVE-2026-6887). Successful exploitation can lead to full system takeover.
CVE-2026-6886 Vulnerability in CVE-2026-6886 (CVE-2026-6886)
vulnerability in CVE-2026-6886 (CVE-2026-6886). Successful exploitation can lead to full system takeover.
CVE-2026-3960 Code Injection in h2o (CVE-2026-3960)
code injection in h2o (CVE-2026-3960). Successful exploitation can lead to full system takeover.
CVE-2026-41196 Code Injection in minetest (CVE-2026-41196)
code injection in minetest (CVE-2026-41196). Successful exploitation can lead to full system takeover.
CVE-2026-29198 SQL Injection in rocketchat (CVE-2026-29198)
SQL injection in rocketchat (CVE-2026-29198). Successful exploitation can lead to full system takeover.
CVE-2026-41179 OS Command Injection in github.com/rclone/rclone (CVE-2026-41179)
OS command injection in github.com/rclone/rclone (CVE-2026-41179). Successful exploitation can lead to full system takeover. Exploitable via ``bearer_token_command``. Mitigation: upgrade to `1.73.5` or later.
CVE-2026-6356 Vulnerability in augmentt (CVE-2026-6356)
vulnerability in augmentt (CVE-2026-6356). Confidential information can be exposed externally.
CVE-2026-31436 Vulnerability in linux (CVE-2026-31436)
vulnerability in linux (CVE-2026-31436). Successful exploitation can lead to full system takeover.
CVE-2026-40575 Vulnerability in nginx (CVE-2026-40575)
vulnerability in nginx (CVE-2026-40575). Confidential information can be exposed externally. Mitigation: upgrade to `7.15.2` or later.
CVE-2026-40906 SQL Injection in sqli (CVE-2026-40906)
SQL injection in sqli (CVE-2026-40906). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.5.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →