Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-34192 Use-After-Free in CVE-2026-34192 (CVE-2026-34192)
vulnerability in CVE-2026-34192 (CVE-2026-34192). Data can be tampered with by attackers.
CVE-2026-11576 Vulnerability in eclipse (CVE-2026-11576)
vulnerability in eclipse (CVE-2026-11576). Risk of unauthorized operations or information disclosure.
CVE-2026-46461 Vulnerability in dell (CVE-2026-46461)
vulnerability in dell (CVE-2026-46461). Successful exploitation can lead to full system takeover.
CVE-2026-12044 SQL Injection in sqli (CVE-2026-12044)
SQL injection in sqli (CVE-2026-12044). Successful exploitation can lead to full system takeover. Exploitable via ``qtLiteral``.
CVE-2026-56076 Vulnerability in CVE-2026-56076 (CVE-2026-56076)
vulnerability in CVE-2026-56076 (CVE-2026-56076). Confidential information can be exposed externally. Exploitable via `POST /agui`.
CVE-2026-56075 Authorization Flaw in CVE-2026-56075 (CVE-2026-56075)
vulnerability in CVE-2026-56075 (CVE-2026-56075). Successful exploitation can lead to full system takeover.
CVE-2026-56078 Path Traversal in praisonai (CVE-2026-56078)
path traversal in praisonai (CVE-2026-56078). Successful exploitation can lead to full system takeover. Exploitable via ``MultiAgentLedger``. Mitigation: upgrade to `1.5.115` or later.
CVE-2026-47633 Information Disclosure in microsoft (CVE-2026-47633)
vulnerability in microsoft (CVE-2026-47633). Confidential information can be exposed externally.
CVE-2026-32174 Authentication Bypass in microsoft (CVE-2026-32174)
authentication bypass in microsoft (CVE-2026-32174). Data can be tampered with by attackers.
CVE-2026-25865 Vulnerability in CVE-2026-25865 (CVE-2026-25865)
vulnerability in CVE-2026-25865 (CVE-2026-25865). Successful exploitation can lead to full system takeover.
CVE-2026-46699 Vulnerability in CVE-2026-46699 (CVE-2026-46699)
vulnerability in CVE-2026-46699 (CVE-2026-46699). Data can be tampered with by attackers.
CVE-2026-43994 Vulnerability in coturn-project (CVE-2026-43994)
vulnerability in coturn-project (CVE-2026-43994). Successful exploitation can lead to full system takeover.
CVE-2026-48716 Path Traversal in CVE-2026-48716 (CVE-2026-48716)
path traversal in CVE-2026-48716 (CVE-2026-48716). Data can be tampered with by attackers.
CVE-2026-38718 Vulnerability in dos (CVE-2026-38718)
vulnerability in dos (CVE-2026-38718). Risk of unauthorized operations or information disclosure.
CVE-2026-55203 Vulnerability in haproxy (CVE-2026-55203)
vulnerability in haproxy (CVE-2026-55203). Data can be tampered with by attackers.
CVE-2026-54104 Vulnerability in CVE-2026-54104 (CVE-2026-54104)
vulnerability in CVE-2026-54104 (CVE-2026-54104). Successful exploitation can lead to full system takeover.
CVE-2026-55204 Vulnerability in c (CVE-2026-55204)
vulnerability in c (CVE-2026-55204). Risk of unauthorized operations or information disclosure.
CVE-2026-56020 Vulnerability in CVE-2026-56020 (CVE-2026-56020)
vulnerability in CVE-2026-56020 (CVE-2026-56020). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.641` or later.
CVE-2026-55237 Vulnerability in CVE-2026-55237 (CVE-2026-55237)
vulnerability in CVE-2026-55237 (CVE-2026-55237). Confidential information can be exposed externally. Exploitable via ``next``.
CVE-2026-46580 Vulnerability in @theia/ai-chat-ui (CVE-2026-46580)
vulnerability in @theia/ai-chat-ui (CVE-2026-46580). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.71.0` or later.
CVE-2026-44691 Vulnerability in @theia/debug (CVE-2026-44691)
vulnerability in @theia/debug (CVE-2026-44691). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.69.0` or later.
CVE-2026-44688 Vulnerability in @theia/ai-chat-ui (CVE-2026-44688)
vulnerability in @theia/ai-chat-ui (CVE-2026-44688). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.71.0` or later.
CVE-2026-56012 SQL Injection in sqli (CVE-2026-56012)
SQL injection in sqli (CVE-2026-56012). Confidential information can be exposed externally.
CVE-2026-8461 Out-of-Bounds Write in c (CVE-2026-8461)
out-of-bounds write in c (CVE-2026-8461). Successful exploitation can lead to full system takeover.
CVE-2026-42488 Buffer Overflow in CVE-2026-42488 (CVE-2026-42488)
vulnerability in CVE-2026-42488 (CVE-2026-42488). Successful exploitation can lead to full system takeover.
CVE-2026-42487 Vulnerability in c (CVE-2026-42487)
vulnerability in c (CVE-2026-42487). Risk of unauthorized operations or information disclosure.
CVE-2026-55603 Vulnerability in http-proxy-middleware (CVE-2026-55603)
vulnerability in http-proxy-middleware (CVE-2026-55603). Data can be tampered with by attackers. Exploitable via ``req.body``. Mitigation: upgrade to `4.1.1` or later.
CVE-2026-55602 Vulnerability in http-proxy-middleware (CVE-2026-55602)
vulnerability in http-proxy-middleware (CVE-2026-55602). Data can be tampered with by attackers. Exploitable via ``router``. Mitigation: upgrade to `2.0.10` or later.
CVE-2026-55388 Code Injection in piscina (CVE-2026-55388)
code injection in piscina (CVE-2026-55388). Successful exploitation can lead to full system takeover. Exploitable via `POST /upload`. Mitigation: upgrade to `6.0.0-rc.2` or later.
CVE-2026-55746 Cross-Site Scripting (XSS) in cotonti/cotonti (CVE-2026-55746)
cross-site scripting in cotonti/cotonti (CVE-2026-55746). Confidential information can be exposed externally.
CVE-2026-55744 Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55744)
vulnerability in cotonti/cotonti (CVE-2026-55744). Confidential information can be exposed externally.
CVE-2026-55741 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-55741)
vulnerability in csrf (CVE-2026-55741). Successful exploitation can lead to full system takeover.
CVE-2026-11395 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11395)
SSRF in wordpress (CVE-2026-11395). Risk of unauthorized operations or information disclosure.
CVE-2026-9860 Unrestricted File Upload in wordpress (CVE-2026-9860)
vulnerability in wordpress (CVE-2026-9860). Successful exploitation can lead to full system takeover.
CVE-2026-12407 Vulnerability in wordpress (CVE-2026-12407)
vulnerability in wordpress (CVE-2026-12407). Successful exploitation can lead to full system takeover.
CVE-2026-12505 Vulnerability in CVE-2026-12505 (CVE-2026-12505)
vulnerability in CVE-2026-12505 (CVE-2026-12505). Successful exploitation can lead to full system takeover.
CVE-2026-53676 Vulnerability in CVE-2026-53676 (CVE-2026-53676)
vulnerability in CVE-2026-53676 (CVE-2026-53676). Successful exploitation can lead to full system takeover.
CVE-2026-48764 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48764)
SSRF in ssrf (CVE-2026-48764). Confidential information can be exposed externally.
CVE-2026-48759 Vulnerability in CVE-2026-48759 (CVE-2026-48759)
vulnerability in CVE-2026-48759 (CVE-2026-48759). Data can be tampered with by attackers.
CVE-2026-8050 Vulnerability in CVE-2026-8050 (CVE-2026-8050)
vulnerability in CVE-2026-8050 (CVE-2026-8050). Risk of unauthorized operations or information disclosure.
CVE-2026-50200 Information Disclosure in Steeltoe.Management.Endpoint (CVE-2026-50200)
vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50200). Confidential information can be exposed externally. Exploitable via ``Sanitizer``. Mitigation: upgrade to `4.2.0` or later.
CVE-2026-50196 Vulnerability in Steeltoe.Discovery.Eureka (CVE-2026-50196)
vulnerability in Steeltoe.Discovery.Eureka (CVE-2026-50196). Risk of unauthorized operations or information disclosure. Exploitable via ``DataCenterInfo.FromJson``. Mitigation: upgrade to `3.4.0` or later.
CVE-2026-50194 Vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50194)
vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50194). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `4.2.0` or later.
CVE-2026-48997 OS Command Injection in c (CVE-2026-48997)
OS command injection in c (CVE-2026-48997). Data can be tampered with by attackers.
CVE-2026-55200 Vulnerability in libssh2 (CVE-2026-55200)
vulnerability in libssh2 (CVE-2026-55200). Successful exploitation can lead to full system takeover.
CVE-2026-55202 Vulnerability in CVE-2026-55202 (CVE-2026-55202)
vulnerability in CVE-2026-55202 (CVE-2026-55202). Confidential information can be exposed externally. Exploitable via `Host header`.
CVE-2026-50107 Vulnerability in nginx (CVE-2026-50107)
vulnerability in nginx (CVE-2026-50107). Confidential information can be exposed externally.
CVE-2026-12529 Vulnerability in CVE-2026-12529 (CVE-2026-12529)
vulnerability in CVE-2026-12529 (CVE-2026-12529). Risk of unauthorized operations or information disclosure.
CVE-2026-53871 Vulnerability in CVE-2026-53871 (CVE-2026-53871)
vulnerability in CVE-2026-53871 (CVE-2026-53871). Confidential information can be exposed externally.
CVE-2026-10696 Vulnerability in devolutions (CVE-2026-10696)
vulnerability in devolutions (CVE-2026-10696). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →