Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| GHSA-cwv4-h3j5-w3cf |
|
Vulnerability in rama (GHSA-cwv4-h3j5-w3cf)
vulnerability in rama (GHSA-cwv4-h3j5-w3cf). Risk of unauthorized operations or information disclosure. Exploitable via ``ServeDir``. Mitigation: upgrade to `0.3.0-rc.1` or later.
|
| CVE-2026-53533 |
|
Command Injection in aiosmtplib (CVE-2026-53533)
command injection in aiosmtplib (CVE-2026-53533). Risk of unauthorized operations or information disclosure. Exploitable via ``aiosmtplib``. Mitigation: upgrade to `5.1.1` or later.
|
| CVE-2026-53487 |
|
Vulnerability in github.com/zxh326/kite (CVE-2026-53487)
vulnerability in github.com/zxh326/kite (CVE-2026-53487). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/overview`. Mitigation: upgrade to `0.12.3` or later.
|
| GHSA-gq4g-fpc9-vjfq |
|
Vulnerability in web-auth/webauthn-lib (GHSA-gq4g-fpc9-vjfq)
vulnerability in web-auth/webauthn-lib (GHSA-gq4g-fpc9-vjfq). Risk of unauthorized operations or information disclosure. Exploitable via ``FakeCredentialGenerator``. Mitigation: upgrade to `5.3.5` or later.
|
| CVE-2026-53531 |
|
Vulnerability in ratex-parser (CVE-2026-53531)
vulnerability in ratex-parser (CVE-2026-53531). Risk of unauthorized operations or information disclosure. Exploitable via ``SIGABRT``. Mitigation: upgrade to `0.1.11` or later.
|
| CVE-2026-53530 |
|
Vulnerability in ratex-parser (CVE-2026-53530)
vulnerability in ratex-parser (CVE-2026-53530). Risk of unauthorized operations or information disclosure. Exploitable via ``parse_symbol_inner``. Mitigation: upgrade to `0.1.11` or later.
|
| CVE-2026-59705 |
|
Vulnerability in CVE-2026-59705 (CVE-2026-59705)
vulnerability in CVE-2026-59705 (CVE-2026-59705). Successful exploitation can lead to full system takeover.
|
| CVE-2026-59704 |
|
Vulnerability in CVE-2026-59704 (CVE-2026-59704)
vulnerability in CVE-2026-59704 (CVE-2026-59704). Confidential information can be exposed externally. Exploitable via `GET /api/video/ai`.
|
| CVE-2026-51937 |
|
Vulnerability in CVE-2026-51937 (CVE-2026-51937)
vulnerability in CVE-2026-51937 (CVE-2026-51937). Confidential information can be exposed externally.
|
| CVE-2026-50811 |
|
Vulnerability in c (CVE-2026-50811)
vulnerability in c (CVE-2026-50811). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50810 |
|
Vulnerability in c (CVE-2026-50810)
vulnerability in c (CVE-2026-50810). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-37271 |
|
Vulnerability in CVE-2026-37271 (CVE-2026-37271)
vulnerability in CVE-2026-37271 (CVE-2026-37271). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-37270 |
|
Vulnerability in CVE-2026-37270 (CVE-2026-37270)
vulnerability in CVE-2026-37270 (CVE-2026-37270). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36163 |
|
Vulnerability in CVE-2026-36163 (CVE-2026-36163)
vulnerability in CVE-2026-36163 (CVE-2026-36163). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36162 |
|
Cross-Site Scripting (XSS) in CVE-2026-36162 (CVE-2026-36162)
cross-site scripting in CVE-2026-36162 (CVE-2026-36162). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14895 |
|
Vulnerability in dos (CVE-2026-14895)
vulnerability in dos (CVE-2026-14895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14740 |
|
Out-of-Bounds Read in CVE-2026-14740 (CVE-2026-14740)
vulnerability in CVE-2026-14740 (CVE-2026-14740). Confidential information can be exposed externally.
|
| CVE-2026-14739 |
|
Out-of-Bounds Write in CVE-2026-14739 (CVE-2026-14739)
out-of-bounds write in CVE-2026-14739 (CVE-2026-14739). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14380 |
|
Vulnerability in CVE-2026-14380 (CVE-2026-14380)
vulnerability in CVE-2026-14380 (CVE-2026-14380). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59706 |
|
Vulnerability in ssrf (CVE-2026-59706)
vulnerability in ssrf (CVE-2026-59706). Confidential information can be exposed externally. Exploitable via `GET /api/v1/config/`.
|
| CVE-2026-59153 |
|
Vulnerability in CVE-2026-59153 (CVE-2026-59153)
vulnerability in CVE-2026-59153 (CVE-2026-59153). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58266 |
|
Vulnerability in CVE-2026-58266 (CVE-2026-58266)
vulnerability in CVE-2026-58266 (CVE-2026-58266). Confidential information can be exposed externally.
|
| CVE-2026-55490 |
|
Vulnerability in CVE-2026-55490 (CVE-2026-55490)
vulnerability in CVE-2026-55490 (CVE-2026-55490). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55418 |
|
Vulnerability in CVE-2026-55418 (CVE-2026-55418)
vulnerability in CVE-2026-55418 (CVE-2026-55418). Confidential information can be exposed externally.
|
| CVE-2026-55408 |
|
Code Injection in CVE-2026-55408 (CVE-2026-55408)
code injection in CVE-2026-55408 (CVE-2026-55408). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54698 |
|
Authorization Flaw in CVE-2026-54698 (CVE-2026-54698)
vulnerability in CVE-2026-54698 (CVE-2026-54698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54607 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-54607 (CVE-2026-54607)
SSRF in CVE-2026-54607 (CVE-2026-54607). Confidential information can be exposed externally.
|
| CVE-2026-54602 |
|
Vulnerability in CVE-2026-54602 (CVE-2026-54602)
vulnerability in CVE-2026-54602 (CVE-2026-54602). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/core/ai/record/getRecord`.
|
| CVE-2026-54601 |
|
Vulnerability in CVE-2026-54601 (CVE-2026-54601)
vulnerability in CVE-2026-54601 (CVE-2026-54601). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/core/dataset/collection/create/reTrainingCollection`.
|
| CVE-2026-49033 |
|
Vulnerability in CVE-2026-49033 (CVE-2026-49033)
vulnerability in CVE-2026-49033 (CVE-2026-49033). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42958 |
|
Use-After-Free in CVE-2026-42958 (CVE-2026-42958)
vulnerability in CVE-2026-42958 (CVE-2026-42958). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28378 |
|
Vulnerability in CVE-2026-28378 (CVE-2026-28378)
vulnerability in CVE-2026-28378 (CVE-2026-28378). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59707 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-59707 (CVE-2026-59707)
SSRF in CVE-2026-59707 (CVE-2026-59707). Confidential information can be exposed externally. Exploitable via `POST /models/apply`.
|
| CVE-2026-58583 |
|
Privilege Escalation in privilege-escalation (CVE-2026-58583)
vulnerability in privilege-escalation (CVE-2026-58583). Confidential information can be exposed externally.
|
| CVE-2026-58473 |
|
Vulnerability in CVE-2026-58473 (CVE-2026-58473)
vulnerability in CVE-2026-58473 (CVE-2026-58473). Confidential information can be exposed externally.
|
| CVE-2026-58472 |
|
Vulnerability in c (CVE-2026-58472)
vulnerability in c (CVE-2026-58472). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58471 |
|
Vulnerability in c (CVE-2026-58471)
vulnerability in c (CVE-2026-58471). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58470 |
|
Vulnerability in c (CVE-2026-58470)
vulnerability in c (CVE-2026-58470). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58469 |
|
Out-of-Bounds Read in c (CVE-2026-58469)
vulnerability in c (CVE-2026-58469). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57172 |
|
Vulnerability in CVE-2026-57172 (CVE-2026-57172)
vulnerability in CVE-2026-57172 (CVE-2026-57172). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55647 |
|
Cross-Site Scripting (XSS) in vue (CVE-2026-55647)
cross-site scripting in vue (CVE-2026-55647). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55635 |
|
SQL Injection in CVE-2026-55635 (CVE-2026-55635)
SQL injection in CVE-2026-55635 (CVE-2026-55635). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55633 |
|
Unrestricted File Upload in CVE-2026-55633 (CVE-2026-55633)
vulnerability in CVE-2026-55633 (CVE-2026-55633). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55631 |
|
Path Traversal in path-traversal (CVE-2026-55631)
path traversal in path-traversal (CVE-2026-55631). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55592 |
|
Cross-Site Scripting (XSS) in CVE-2026-55592 (CVE-2026-55592)
cross-site scripting in CVE-2026-55592 (CVE-2026-55592). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55417 |
|
Vulnerability in CVE-2026-55417 (CVE-2026-55417)
vulnerability in CVE-2026-55417 (CVE-2026-55417). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53751 |
|
Code Injection in CVE-2026-53751 (CVE-2026-53751)
code injection in CVE-2026-53751 (CVE-2026-53751). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53730 |
|
Vulnerability in CVE-2026-53730 (CVE-2026-53730)
vulnerability in CVE-2026-53730 (CVE-2026-53730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53729 |
|
Vulnerability in CVE-2026-53729 (CVE-2026-53729)
vulnerability in CVE-2026-53729 (CVE-2026-53729). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53511 |
|
Code Injection in CVE-2026-53511 (CVE-2026-53511)
code injection in CVE-2026-53511 (CVE-2026-53511). Risk of unauthorized operations or information disclosure.
|