Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-4688 |
|
Use-After-Free in mozilla (CVE-2026-4688)
vulnerability in mozilla (CVE-2026-4688). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4698 |
|
Vulnerability in mozilla (CVE-2026-4698)
vulnerability in mozilla (CVE-2026-4698). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33211 |
|
Path Traversal in path-traversal (CVE-2026-33211)
path traversal in path-traversal (CVE-2026-33211). Confidential information can be exposed externally. Exploitable via ``pathInRepo``.
|
| CVE-2026-33195 |
|
Path Traversal in activestorage (CVE-2026-33195)
path traversal in activestorage (CVE-2026-33195). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `7.2.3.1` or later.
|
| CVE-2026-4599 |
|
Vulnerability in kjur (CVE-2026-4599)
vulnerability in kjur (CVE-2026-4599). Confidential information can be exposed externally.
|
| CVE-2026-33228 |
|
Vulnerability in webreflection (CVE-2026-33228)
vulnerability in webreflection (CVE-2026-33228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-29796 |
|
Vulnerability in privilege-escalation (CVE-2026-29796)
vulnerability in privilege-escalation (CVE-2026-29796). Confidential information can be exposed externally.
|
| CVE-2026-33210 |
|
Vulnerability in dos (CVE-2026-33210)
vulnerability in dos (CVE-2026-33210). Confidential information can be exposed externally.
|
| CVE-2026-33186 |
|
Vulnerability in grpc (CVE-2026-33186)
vulnerability in grpc (CVE-2026-33186). Confidential information can be exposed externally. Exploitable via ``info.FullMethod``.
|
| CVE-2006-10003 |
|
Vulnerability in toddr (CVE-2006-10003)
vulnerability in toddr (CVE-2006-10003). Successful exploitation can lead to full system takeover.
|
| CVE-2025-15031 |
|
Path Traversal in lfprojects (CVE-2025-15031)
path traversal in lfprojects (CVE-2025-15031). Confidential information can be exposed externally. Exploitable via ``tarfile.extractall``.
|
| CVE-2026-31938 |
|
Cross-Site Scripting (XSS) in parall (CVE-2026-31938)
cross-site scripting in parall (CVE-2026-31938). Confidential information can be exposed externally. Exploitable via ``options``.
|
| CVE-2026-27459 |
|
Vulnerability in pyopenssl (CVE-2026-27459)
vulnerability in pyopenssl (CVE-2026-27459). Successful exploitation can lead to full system takeover. Exploitable via ``set_cookie_generate_callback``. Mitigation: upgrade to `26.0.0` or later.
|
| CVE-2026-4312 |
|
Vulnerability in dragonsoft (CVE-2026-4312)
vulnerability in dragonsoft (CVE-2026-4312). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4177 |
|
Vulnerability in toddr (CVE-2026-4177)
vulnerability in toddr (CVE-2026-4177). Confidential information can be exposed externally.
|
| CVE-2026-27962 |
|
Vulnerability in deserialization (CVE-2026-27962)
vulnerability in deserialization (CVE-2026-27962). Confidential information can be exposed externally.
|
| CVE-2025-62319 |
|
SQL Injection in sqli (CVE-2025-62319)
SQL injection in sqli (CVE-2025-62319). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20030 |
|
Vulnerability in CVE-2016-20030 (CVE-2016-20030)
vulnerability in CVE-2016-20030 (CVE-2016-20030). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20026 |
|
Vulnerability in apache (CVE-2016-20026)
vulnerability in apache (CVE-2016-20026). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20024 |
|
Vulnerability in csharp (CVE-2016-20024)
vulnerability in csharp (CVE-2016-20024). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32640 |
|
Code Injection in simpleeval (CVE-2026-32640)
code injection in simpleeval (CVE-2026-32640). Successful exploitation can lead to full system takeover. Exploitable via ``names``. Mitigation: upgrade to `1.0.5` or later.
|
| CVE-2026-32304 |
|
Code Injection in locutus (CVE-2026-32304)
code injection in locutus (CVE-2026-32304). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0.14` or later.
|
| CVE-2026-31806 |
|
Vulnerability in freerdp (CVE-2026-31806)
vulnerability in freerdp (CVE-2026-31806). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.24.0` or later.
|
| CVE-2026-23941 |
|
Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
|
| CVE-2026-3611 |
|
Vulnerability in honeywell (CVE-2026-3611)
vulnerability in honeywell (CVE-2026-3611). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21708 |
|
SQL Injection in veeam (CVE-2026-21708)
SQL injection in veeam (CVE-2026-21708). Confidential information can be exposed externally.
|
| CVE-2026-21669 |
|
Code Injection in veeam (CVE-2026-21669)
code injection in veeam (CVE-2026-21669). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21671 |
|
Code Injection in veeam (CVE-2026-21671)
code injection in veeam (CVE-2026-21671). Successful exploitation can lead to full system takeover.
|
| CVE-2025-70041 |
|
Vulnerability in CVE-2025-70041 (CVE-2025-70041)
vulnerability in CVE-2025-70041 (CVE-2025-70041). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66956 |
|
Vulnerability in CVE-2025-66956 (CVE-2025-66956)
vulnerability in CVE-2025-66956 (CVE-2025-66956). Successful exploitation can lead to full system takeover.
|
| CVE-2025-70082 |
|
OS Command Injection in lantronix (CVE-2025-70082)
OS command injection in lantronix (CVE-2025-70082). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67041 |
|
OS Command Injection in lantronix (CVE-2025-67041)
OS command injection in lantronix (CVE-2025-67041). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67039 |
|
Vulnerability in lantronix (CVE-2025-67039)
vulnerability in lantronix (CVE-2025-67039). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2025-67035 |
|
Code Injection in lantronix (CVE-2025-67035)
code injection in lantronix (CVE-2025-67035). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30903 |
|
Vulnerability in zoom (CVE-2026-30903)
vulnerability in zoom (CVE-2026-30903). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28229 |
|
Authorization Flaw in github.com/argoproj/argo-workflows/v4 (CVE-2026-28229)
vulnerability in github.com/argoproj/argo-workflows/v4 (CVE-2026-28229). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.2` or later.
|
| CVE-2026-28292 |
|
OS Command Injection in simple-git-project (CVE-2026-28292)
OS command injection in simple-git-project (CVE-2026-28292). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23240 |
|
Vulnerability in Kernel (CVE-2026-23240)
vulnerability in Kernel (CVE-2026-23240). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.12.75, 6.18.16, 6.19.6` or later.
|
| CVE-2025-56422 |
|
Unsafe Deserialization in deserialization (CVE-2025-56422)
vulnerability in deserialization (CVE-2025-56422). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3823 |
|
Vulnerability in blackbeartechhive (CVE-2026-3823)
vulnerability in blackbeartechhive (CVE-2026-3823). Successful exploitation can lead to full system takeover.
|
| CVE-2026-29063 |
|
Vulnerability in immutable-js (CVE-2026-29063)
vulnerability in immutable-js (CVE-2026-29063). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28802 |
|
Vulnerability in authlib (CVE-2026-28802)
vulnerability in authlib (CVE-2026-28802). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30789 |
|
Vulnerability in rustdesk (CVE-2026-30789)
vulnerability in rustdesk (CVE-2026-30789). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30790 |
|
Vulnerability in rustdesk (CVE-2026-30790)
vulnerability in rustdesk (CVE-2026-30790). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30783 |
|
Vulnerability in rustdesk (CVE-2026-30783)
vulnerability in rustdesk (CVE-2026-30783). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2743 |
|
Path Traversal in path-traversal (CVE-2026-2743)
path traversal in path-traversal (CVE-2026-2743). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27446 |
|
Vulnerability in org.apache.activemq:artemis-server (CVE-2026-27446)
vulnerability in org.apache.activemq:artemis-server (CVE-2026-27446). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.52.0` or later.
|
| CVE-2026-2590 |
|
Vulnerability in devolutions (CVE-2026-2590)
vulnerability in devolutions (CVE-2026-2590). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28517 |
|
OS Command Injection in opendcim (CVE-2026-28517)
OS command injection in opendcim (CVE-2026-28517). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2880 |
|
Vulnerability in fastify (CVE-2026-2880)
vulnerability in fastify (CVE-2026-2880). Confidential information can be exposed externally.
|