Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-22339 Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
CVE-2026-22328 Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
CVE-2026-12465 Vulnerability in google (CVE-2026-12465)
vulnerability in google (CVE-2026-12465). Successful exploitation can lead to full system takeover.
CVE-2026-12451 Use-After-Free in google (CVE-2026-12451)
vulnerability in google (CVE-2026-12451). Successful exploitation can lead to full system takeover.
CVE-2026-12452 Use-After-Free in google (CVE-2026-12452)
vulnerability in google (CVE-2026-12452). Successful exploitation can lead to full system takeover.
CVE-2026-12464 Use-After-Free in google (CVE-2026-12464)
vulnerability in google (CVE-2026-12464). Successful exploitation can lead to full system takeover.
CVE-2026-12447 Vulnerability in google (CVE-2026-12447)
vulnerability in google (CVE-2026-12447). Successful exploitation can lead to full system takeover.
CVE-2026-12449 Use-After-Free in privilege-escalation (CVE-2026-12449)
vulnerability in privilege-escalation (CVE-2026-12449). Successful exploitation can lead to full system takeover.
CVE-2026-12462 Use-After-Free in google (CVE-2026-12462)
vulnerability in google (CVE-2026-12462). Successful exploitation can lead to full system takeover.
CVE-2026-12448 Privilege Escalation in privilege-escalation (CVE-2026-12448)
vulnerability in privilege-escalation (CVE-2026-12448). Successful exploitation can lead to full system takeover.
CVE-2026-12454 Vulnerability in google (CVE-2026-12454)
vulnerability in google (CVE-2026-12454). Successful exploitation can lead to full system takeover.
CVE-2026-12445 Use-After-Free in google (CVE-2026-12445)
vulnerability in google (CVE-2026-12445). Successful exploitation can lead to full system takeover.
CVE-2026-12443 Use-After-Free in google (CVE-2026-12443)
vulnerability in google (CVE-2026-12443). Successful exploitation can lead to full system takeover.
CVE-2026-12455 Use-After-Free in google (CVE-2026-12455)
vulnerability in google (CVE-2026-12455). Successful exploitation can lead to full system takeover.
CVE-2026-12439 Use-After-Free in google (CVE-2026-12439)
vulnerability in google (CVE-2026-12439). Successful exploitation can lead to full system takeover.
CVE-2026-12360 SQL Injection in wordpress (CVE-2026-12360)
SQL injection in wordpress (CVE-2026-12360). Confidential information can be exposed externally.
CVE-2026-12165 Privilege Escalation in wordpress (CVE-2026-12165)
vulnerability in wordpress (CVE-2026-12165). Successful exploitation can lead to full system takeover. Exploitable via ``RegistryUserRole``.
CVE-2026-12442 Use-After-Free in google (CVE-2026-12442)
vulnerability in google (CVE-2026-12442). Successful exploitation can lead to full system takeover.
CVE-2026-12441 Use-After-Free in google (CVE-2026-12441)
vulnerability in google (CVE-2026-12441). Successful exploitation can lead to full system takeover.
CVE-2026-12256 Contributor PHP Object Injection in Avada <= 3.15.3 versions.
Contributor PHP Object Injection in Avada <= 3.15.3 versions.
CVE-2026-0071 Vulnerability in google (CVE-2026-0071)
vulnerability in google (CVE-2026-0071). Successful exploitation can lead to full system takeover.
CVE-2026-0082 Vulnerability in google (CVE-2026-0082)
vulnerability in google (CVE-2026-0082). Successful exploitation can lead to full system takeover.
CVE-2026-11409 OS Command Injection in tp-link (CVE-2026-11409)
OS command injection in tp-link (CVE-2026-11409). Successful exploitation can lead to full system takeover.
CVE-2026-0068 Vulnerability in google (CVE-2026-0068)
vulnerability in google (CVE-2026-0068). Successful exploitation can lead to full system takeover.
CVE-2026-11410 OS Command Injection in tp-link (CVE-2026-11410)
OS command injection in tp-link (CVE-2026-11410). Successful exploitation can lead to full system takeover.
CVE-2026-0083 Vulnerability in google (CVE-2026-0083)
vulnerability in google (CVE-2026-0083). Successful exploitation can lead to full system takeover.
CVE-2026-0063 Privilege Escalation in google (CVE-2026-0063)
vulnerability in google (CVE-2026-0063). Successful exploitation can lead to full system takeover.
CVE-2026-0081 Vulnerability in google (CVE-2026-0081)
vulnerability in google (CVE-2026-0081). Successful exploitation can lead to full system takeover.
CVE-2026-12438 Vulnerability in google (CVE-2026-12438)
vulnerability in google (CVE-2026-12438). Successful exploitation can lead to full system takeover.
CVE-2026-12199 Vulnerability in dos (CVE-2026-12199)
vulnerability in dos (CVE-2026-12199). Risk of unauthorized operations or information disclosure. Exploitable via ``nltk.app.wordnet_app``.
CVE-2026-0019 Privilege Escalation in google (CVE-2026-0019)
vulnerability in google (CVE-2026-0019). Successful exploitation can lead to full system takeover.
CVE-2025-69160 Unauthenticated Local File Inclusion in Gita <= 1.11 versions.
Unauthenticated Local File Inclusion in Gita <= 1.11 versions.
CVE-2025-69167 Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
CVE-2025-69165 Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
CVE-2025-69163 Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
CVE-2025-69168 Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
CVE-2025-69151 Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
CVE-2025-69149 Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
CVE-2025-69171 Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
CVE-2025-69172 Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
CVE-2025-69177 Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
CVE-2025-69147 Unauthenticated Local File Inclusion in Putter <= 1.17 versions.
Unauthenticated Local File Inclusion in Putter <= 1.17 versions.
CVE-2025-69178 Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
CVE-2025-69173 Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
CVE-2025-69176 Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
CVE-2025-69150 Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.
Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.
CVE-2025-69139 Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.
Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.
CVE-2025-69148 Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
CVE-2025-69135 Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
CVE-2025-69142 Unauthenticated Local File Inclusion in Abelle <= 1.22 versions.
Unauthenticated Local File Inclusion in Abelle <= 1.22 versions.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →