Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-22339 |
|
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
|
| CVE-2026-22328 |
|
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
|
| CVE-2026-12465 |
|
Vulnerability in google (CVE-2026-12465)
vulnerability in google (CVE-2026-12465). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12451 |
|
Use-After-Free in google (CVE-2026-12451)
vulnerability in google (CVE-2026-12451). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12452 |
|
Use-After-Free in google (CVE-2026-12452)
vulnerability in google (CVE-2026-12452). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12464 |
|
Use-After-Free in google (CVE-2026-12464)
vulnerability in google (CVE-2026-12464). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12447 |
|
Vulnerability in google (CVE-2026-12447)
vulnerability in google (CVE-2026-12447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12449 |
|
Use-After-Free in privilege-escalation (CVE-2026-12449)
vulnerability in privilege-escalation (CVE-2026-12449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12462 |
|
Use-After-Free in google (CVE-2026-12462)
vulnerability in google (CVE-2026-12462). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12448 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12448)
vulnerability in privilege-escalation (CVE-2026-12448). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12454 |
|
Vulnerability in google (CVE-2026-12454)
vulnerability in google (CVE-2026-12454). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12445 |
|
Use-After-Free in google (CVE-2026-12445)
vulnerability in google (CVE-2026-12445). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12443 |
|
Use-After-Free in google (CVE-2026-12443)
vulnerability in google (CVE-2026-12443). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12455 |
|
Use-After-Free in google (CVE-2026-12455)
vulnerability in google (CVE-2026-12455). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12439 |
|
Use-After-Free in google (CVE-2026-12439)
vulnerability in google (CVE-2026-12439). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12360 |
|
SQL Injection in wordpress (CVE-2026-12360)
SQL injection in wordpress (CVE-2026-12360). Confidential information can be exposed externally.
|
| CVE-2026-12165 |
|
Privilege Escalation in wordpress (CVE-2026-12165)
vulnerability in wordpress (CVE-2026-12165). Successful exploitation can lead to full system takeover. Exploitable via ``RegistryUserRole``.
|
| CVE-2026-12442 |
|
Use-After-Free in google (CVE-2026-12442)
vulnerability in google (CVE-2026-12442). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12441 |
|
Use-After-Free in google (CVE-2026-12441)
vulnerability in google (CVE-2026-12441). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12256 |
|
Contributor PHP Object Injection in Avada <= 3.15.3 versions.
Contributor PHP Object Injection in Avada <= 3.15.3 versions.
|
| CVE-2026-0071 |
|
Vulnerability in google (CVE-2026-0071)
vulnerability in google (CVE-2026-0071). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0082 |
|
Vulnerability in google (CVE-2026-0082)
vulnerability in google (CVE-2026-0082). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11409 |
|
OS Command Injection in tp-link (CVE-2026-11409)
OS command injection in tp-link (CVE-2026-11409). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0068 |
|
Vulnerability in google (CVE-2026-0068)
vulnerability in google (CVE-2026-0068). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11410 |
|
OS Command Injection in tp-link (CVE-2026-11410)
OS command injection in tp-link (CVE-2026-11410). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0083 |
|
Vulnerability in google (CVE-2026-0083)
vulnerability in google (CVE-2026-0083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0063 |
|
Privilege Escalation in google (CVE-2026-0063)
vulnerability in google (CVE-2026-0063). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0081 |
|
Vulnerability in google (CVE-2026-0081)
vulnerability in google (CVE-2026-0081). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12438 |
|
Vulnerability in google (CVE-2026-12438)
vulnerability in google (CVE-2026-12438). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12199 |
|
Vulnerability in dos (CVE-2026-12199)
vulnerability in dos (CVE-2026-12199). Risk of unauthorized operations or information disclosure. Exploitable via ``nltk.app.wordnet_app``.
|
| CVE-2026-0019 |
|
Privilege Escalation in google (CVE-2026-0019)
vulnerability in google (CVE-2026-0019). Successful exploitation can lead to full system takeover.
|
| CVE-2025-69160 |
|
Unauthenticated Local File Inclusion in Gita <= 1.11 versions.
Unauthenticated Local File Inclusion in Gita <= 1.11 versions.
|
| CVE-2025-69167 |
|
Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
|
| CVE-2025-69165 |
|
Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
|
| CVE-2025-69163 |
|
Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
|
| CVE-2025-69168 |
|
Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
|
| CVE-2025-69151 |
|
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
|
| CVE-2025-69149 |
|
Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
|
| CVE-2025-69171 |
|
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
|
| CVE-2025-69172 |
|
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
|
| CVE-2025-69177 |
|
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
|
| CVE-2025-69147 |
|
Unauthenticated Local File Inclusion in Putter <= 1.17 versions.
Unauthenticated Local File Inclusion in Putter <= 1.17 versions.
|
| CVE-2025-69178 |
|
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
|
| CVE-2025-69173 |
|
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
|
| CVE-2025-69176 |
|
Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
|
| CVE-2025-69150 |
|
Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.
Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.
|
| CVE-2025-69139 |
|
Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.
Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.
|
| CVE-2025-69148 |
|
Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
|
| CVE-2025-69135 |
|
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
|
| CVE-2025-69142 |
|
Unauthenticated Local File Inclusion in Abelle <= 1.22 versions.
Unauthenticated Local File Inclusion in Abelle <= 1.22 versions.
|