Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-69872 Code Injection in CVE-2025-69872 (CVE-2025-69872)
code injection in CVE-2025-69872 (CVE-2025-69872). Successful exploitation can lead to full system takeover.
CVE-2025-12059 Vulnerability in c (CVE-2025-12059)
vulnerability in c (CVE-2025-12059). Successful exploitation can lead to full system takeover.
CVE-2025-8668 Cross-Site Scripting (XSS) in CVE-2025-8668 (CVE-2025-8668)
cross-site scripting in CVE-2025-8668 (CVE-2025-8668). Data can be tampered with by attackers.
CVE-2025-8025 Vulnerability in CVE-2025-8025 (CVE-2025-8025)
vulnerability in CVE-2025-8025 (CVE-2025-8025). Successful exploitation can lead to full system takeover.
CVE-2025-11242 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-11242)
SSRF in ssrf (CVE-2025-11242). Successful exploitation can lead to full system takeover.
CVE-2025-6830 SQL Injection in sqli (CVE-2025-6830)
SQL injection in sqli (CVE-2025-6830). Successful exploitation can lead to full system takeover.
CVE-2026-1615 Code Injection in CVE-2026-1615 (CVE-2026-1615)
code injection in CVE-2026-1615 (CVE-2026-1615). Successful exploitation can lead to full system takeover.
CVE-2026-1709 Vulnerability in keylime (CVE-2026-1709)
vulnerability in keylime (CVE-2026-1709). Data can be tampered with by attackers. Mitigation: upgrade to `7.12.0` or later.
CVE-2025-5329 SQL Injection in sqli (CVE-2025-5329)
SQL injection in sqli (CVE-2025-5329). Successful exploitation can lead to full system takeover.
CVE-2025-5319 SQL Injection in sqli (CVE-2025-5319)
SQL injection in sqli (CVE-2025-5319). Successful exploitation can lead to full system takeover.
CVE-2019-19006 KEV [KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006)
authentication bypass in Sangoma freepbx (CVE-2019-19006). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-22778 Vulnerability in vllm (CVE-2026-22778)
vulnerability in vllm (CVE-2026-22778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
CVE-2025-69929 Vulnerability in n3uron (CVE-2025-69929)
vulnerability in n3uron (CVE-2025-69929). Successful exploitation can lead to full system takeover.
CVE-2020-37002 OS Command Injection in CVE-2020-37002 (CVE-2020-37002)
OS command injection in CVE-2020-37002 (CVE-2020-37002). Successful exploitation can lead to full system takeover.
CVE-2025-61140 The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.
CVE-2026-24858 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858)
vulnerability in Fortinet multiple-products (CVE-2026-24858). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-22586 Vulnerability in salesforce (CVE-2026-22586)
vulnerability in salesforce (CVE-2026-22586). Successful exploitation can lead to full system takeover.
CVE-2025-52024 Vulnerability in aptsys (CVE-2025-52024)
vulnerability in aptsys (CVE-2025-52024). Confidential information can be exposed externally.
CVE-2025-52025 SQL Injection in sqli (CVE-2025-52025)
SQL injection in sqli (CVE-2025-52025). Confidential information can be exposed externally.
CVE-2025-4320 Vulnerability in CVE-2025-4320 (CVE-2025-4320)
vulnerability in CVE-2025-4320 (CVE-2025-4320). Successful exploitation can lead to full system takeover.
CVE-2025-4319 Vulnerability in CVE-2025-4319 (CVE-2025-4319)
vulnerability in CVE-2025-4319 (CVE-2025-4319). Confidential information can be exposed externally.
CVE-2026-20912 Vulnerability in gitea (CVE-2026-20912)
vulnerability in gitea (CVE-2026-20912). Confidential information can be exposed externally.
CVE-2026-20897 Vulnerability in gitea (CVE-2026-20897)
vulnerability in gitea (CVE-2026-20897). Confidential information can be exposed externally.
CVE-2026-20750 Vulnerability in gitea (CVE-2026-20750)
vulnerability in gitea (CVE-2026-20750). Confidential information can be exposed externally.
CVE-2025-56590 OS Command Injection in apryse (CVE-2025-56590)
OS command injection in apryse (CVE-2025-56590). Successful exploitation can lead to full system takeover.
CVE-2025-55130 Vulnerability in nodejs (CVE-2025-55130)
vulnerability in nodejs (CVE-2025-55130). Confidential information can be exposed externally.
CVE-2025-56005 Unsafe Deserialization in dabeaz (CVE-2025-56005)
vulnerability in dabeaz (CVE-2025-56005). Successful exploitation can lead to full system takeover. Exploitable via ``picklefile``.
CVE-2026-22797 Vulnerability in CVE-2026-22797 (CVE-2026-22797)
vulnerability in CVE-2026-22797 (CVE-2026-22797). Confidential information can be exposed externally.
CVE-2026-23883 Use-After-Free in dos (CVE-2026-23883)
vulnerability in dos (CVE-2026-23883). Successful exploitation can lead to full system takeover. Exploitable via ``xf_Pointer_New``.
CVE-2026-23884 Use-After-Free in dos (CVE-2026-23884)
vulnerability in dos (CVE-2026-23884). Successful exploitation can lead to full system takeover.
CVE-2026-23533 Vulnerability in dos (CVE-2026-23533)
vulnerability in dos (CVE-2026-23533). Successful exploitation can lead to full system takeover.
CVE-2026-23534 Vulnerability in dos (CVE-2026-23534)
vulnerability in dos (CVE-2026-23534). Successful exploitation can lead to full system takeover.
CVE-2026-23532 Vulnerability in dos (CVE-2026-23532)
vulnerability in dos (CVE-2026-23532). Successful exploitation can lead to full system takeover. Exploitable via ``gdi_SurfaceToSurface``.
CVE-2026-23530 Vulnerability in dos (CVE-2026-23530)
vulnerability in dos (CVE-2026-23530). Successful exploitation can lead to full system takeover. Exploitable via ``freerdp_bitmap_decompress_planar``.
CVE-2026-23531 Vulnerability in dos (CVE-2026-23531)
vulnerability in dos (CVE-2026-23531). Successful exploitation can lead to full system takeover. Exploitable via ``glyphData``.
CVE-2025-62581 Delta Electronics DIAView has multiple vulnerabilities.
Delta Electronics DIAView has multiple vulnerabilities.
CVE-2025-62582 Delta Electronics DIAView has multiple vulnerabilities.
Delta Electronics DIAView has multiple vulnerabilities.
CVE-2026-22859 Out-of-Bounds Read in freerdp (CVE-2026-22859)
vulnerability in freerdp (CVE-2026-22859). Confidential information can be exposed externally. Mitigation: upgrade to `3.20.1` or later.
CVE-2026-22855 Out-of-Bounds Read in freerdp (CVE-2026-22855)
vulnerability in freerdp (CVE-2026-22855). Confidential information can be exposed externally. Mitigation: upgrade to `3.20.1` or later.
CVE-2026-22858 Out-of-Bounds Read in c (CVE-2026-22858)
vulnerability in c (CVE-2026-22858). Confidential information can be exposed externally. Mitigation: upgrade to `3.20.1` or later.
CVE-2026-22853 Out-of-Bounds Write in freerdp (CVE-2026-22853)
out-of-bounds write in freerdp (CVE-2026-22853). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.20.1` or later.
CVE-2025-65783 Unrestricted File Upload in hubert (CVE-2025-65783)
vulnerability in hubert (CVE-2025-65783). Successful exploitation can lead to full system takeover.
CVE-2026-0881 Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147.
Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147.
CVE-2026-0879 Buffer Overflow in mozilla (CVE-2026-0879)
vulnerability in mozilla (CVE-2026-0879). Successful exploitation can lead to full system takeover.
CVE-2025-29329 Vulnerability in sagemcom (CVE-2025-29329)
vulnerability in sagemcom (CVE-2025-29329). Successful exploitation can lead to full system takeover.
CVE-2025-63314 Vulnerability in ddsn (CVE-2025-63314)
vulnerability in ddsn (CVE-2025-63314). Confidential information can be exposed externally.
CVE-2025-65552 Vulnerability in d3dsecurity (CVE-2025-65552)
vulnerability in d3dsecurity (CVE-2025-65552). Successful exploitation can lead to full system takeover.
CVE-2025-61686 Path Traversal in react (CVE-2025-61686)
path traversal in react (CVE-2025-61686). Data can be tampered with by attackers.
CVE-2025-70974 Vulnerability in CVE-2025-70974 (CVE-2025-70974)
vulnerability in CVE-2025-70974 (CVE-2025-70974). Successful exploitation can lead to full system takeover.
CVE-2026-22189 Vulnerability in cmu (CVE-2026-22189)
vulnerability in cmu (CVE-2026-22189). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →