Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-7871 Unsafe Deserialization in langflow (CVE-2026-7871)
vulnerability in langflow (CVE-2026-7871). Successful exploitation can lead to full system takeover.
CVE-2026-13772 Vulnerability in ibm (CVE-2026-13772)
vulnerability in ibm (CVE-2026-13772). Successful exploitation can lead to full system takeover.
CVE-2026-9836 Information Disclosure in ibm (CVE-2026-9836)
vulnerability in ibm (CVE-2026-9836). Risk of unauthorized operations or information disclosure.
CVE-2026-7803 Vulnerability in langflow (CVE-2026-7803)
vulnerability in langflow (CVE-2026-7803). Successful exploitation can lead to full system takeover.
CVE-2026-13449 XXE (XML External Entity) in ibm (CVE-2026-13449)
vulnerability in ibm (CVE-2026-13449). Risk of unauthorized operations or information disclosure.
CVE-2026-13773 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
CVE-2026-7873 Code Injection in langflow (CVE-2026-7873)
code injection in langflow (CVE-2026-7873). Successful exploitation can lead to full system takeover.
CVE-2025-12530 Vulnerability in ibm (CVE-2025-12530)
vulnerability in ibm (CVE-2025-12530). Confidential information can be exposed externally.
CVE-2026-12084 Vulnerability in ibm (CVE-2026-12084)
vulnerability in ibm (CVE-2026-12084). Risk of unauthorized operations or information disclosure.
CVE-2026-11712 Cross-Site Scripting (XSS) in ibm (CVE-2026-11712)
cross-site scripting in ibm (CVE-2026-11712). Confidential information can be exposed externally.
CVE-2025-36320 Cross-Site Scripting (XSS) in ibm (CVE-2025-36320)
cross-site scripting in ibm (CVE-2025-36320). Risk of unauthorized operations or information disclosure.
CVE-2026-10546 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10546)
SSRF in ssrf (CVE-2026-10546). Confidential information can be exposed externally.
CVE-2026-12085 Vulnerability in ibm (CVE-2026-12085)
vulnerability in ibm (CVE-2026-12085). Confidential information can be exposed externally.
CVE-2026-10564 SSRF (Server-Side Request Forgery) in c (CVE-2026-10564)
SSRF in c (CVE-2026-10564). Confidential information can be exposed externally.
CVE-2026-11906 Vulnerability in dos (CVE-2026-11906)
vulnerability in dos (CVE-2026-11906). Risk of unauthorized operations or information disclosure.
CVE-2026-3602 Vulnerability in sqli (CVE-2026-3602)
vulnerability in sqli (CVE-2026-3602). Data can be tampered with by attackers.
CVE-2026-11708 Cross-Site Scripting (XSS) in ibm (CVE-2026-11708)
cross-site scripting in ibm (CVE-2026-11708). Confidential information can be exposed externally.
CVE-2026-12086 Vulnerability in ibm (CVE-2026-12086)
vulnerability in ibm (CVE-2026-12086). Confidential information can be exposed externally.
CVE-2026-13759 Unsafe Deserialization in ibm (CVE-2026-13759)
vulnerability in ibm (CVE-2026-13759). Successful exploitation can lead to full system takeover.
CVE-2026-11806 Vulnerability in ibm (CVE-2026-11806)
vulnerability in ibm (CVE-2026-11806). Successful exploitation can lead to full system takeover.
CVE-2026-11714 SSRF (Server-Side Request Forgery) in ibm (CVE-2026-11714)
SSRF in ibm (CVE-2026-11714). Confidential information can be exposed externally.
CVE-2026-11595 Path Traversal in ibm (CVE-2026-11595)
path traversal in ibm (CVE-2026-11595). Risk of unauthorized operations or information disclosure.
CVE-2026-10140 Vulnerability in langflow (CVE-2026-10140)
vulnerability in langflow (CVE-2026-10140). Confidential information can be exposed externally.
CVE-2026-11546 SSRF (Server-Side Request Forgery) in ibm (CVE-2026-11546)
SSRF in ibm (CVE-2026-11546). Risk of unauthorized operations or information disclosure.
CVE-2026-10560 Authentication Bypass in dos (CVE-2026-10560)
authentication bypass in dos (CVE-2026-10560). Confidential information can be exposed externally.
CVE-2026-58138 Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
CVE-2026-10129 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10129)
SSRF in ssrf (CVE-2026-10129). Confidential information can be exposed externally.
CVE-2025-36372 Vulnerability in ibm (CVE-2025-36372)
vulnerability in ibm (CVE-2025-36372). Confidential information can be exposed externally.
CVE-2026-10134 Code Injection in langflow (CVE-2026-10134)
code injection in langflow (CVE-2026-10134). Successful exploitation can lead to full system takeover. Exploitable via ``tool_code``.
CVE-2026-10109 Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
CVE-2026-10513 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10513)
cross-site scripting in wordpress (CVE-2026-10513). Risk of unauthorized operations or information disclosure.
CVE-2025-10995 Out-of-Bounds Write in openbabel (CVE-2025-10995)
out-of-bounds write in openbabel (CVE-2025-10995). Risk of unauthorized operations or information disclosure. Exploitable via ``memcpy``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-55219 Vulnerability in paymenter/paymenter (CVE-2026-55219)
vulnerability in paymenter/paymenter (CVE-2026-55219). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.5.5` or later.
CVE-2025-10994 Buffer Overflow in openbabel (CVE-2025-10994)
vulnerability in openbabel (CVE-2025-10994). Risk of unauthorized operations or information disclosure. Exploitable via ``obabel``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-3408 Vulnerability in openbabel (CVE-2026-3408)
vulnerability in openbabel (CVE-2026-3408). Risk of unauthorized operations or information disclosure. Exploitable via ``obabel``. Mitigation: upgrade to `3.2.0` or later.
CVE-2026-48808 Vulnerability in twig/twig (CVE-2026-48808)
vulnerability in twig/twig (CVE-2026-48808). Risk of unauthorized operations or information disclosure. Exploitable via ``SourcePolicyInterface``. Mitigation: upgrade to `3.27.0` or later.
CVE-2026-48807 Vulnerability in twig/twig (CVE-2026-48807)
vulnerability in twig/twig (CVE-2026-48807). Risk of unauthorized operations or information disclosure. Exploitable via ``Traversable``. Mitigation: upgrade to `3.27.0` or later.
CVE-2026-48806 Vulnerability in twig/twig (CVE-2026-48806)
vulnerability in twig/twig (CVE-2026-48806). Risk of unauthorized operations or information disclosure. Exploitable via ``CheckToStringNode``. Mitigation: upgrade to `3.27.0` or later.
CVE-2026-48805 Vulnerability in twig/twig (CVE-2026-48805)
vulnerability in twig/twig (CVE-2026-48805). Risk of unauthorized operations or information disclosure. Exploitable via ``Environment``. Mitigation: upgrade to `3.27.0` or later.
CVE-2026-49835 Vulnerability in github.com/sigstore/timestamp-authority/v2 (CVE-2026-49835)
vulnerability in github.com/sigstore/timestamp-authority/v2 (CVE-2026-49835). Risk of unauthorized operations or information disclosure. Exploitable via ``wrapMetrics``. Mitigation: upgrade to `2.1.0` or later.
CVE-2026-49478 SSRF (Server-Side Request Forgery) in github.com/sigstore/fulcio (CVE-2026-49478)
SSRF in github.com/sigstore/fulcio (CVE-2026-49478). Risk of unauthorized operations or information disclosure. Exploitable via ``jwks_uri``. Mitigation: upgrade to `1.8.6` or later.
CVE-2026-48796 Path Traversal in CefSharp.Common (CVE-2026-48796)
path traversal in CefSharp.Common (CVE-2026-48796). Risk of unauthorized operations or information disclosure. Exploitable via ``FolderSchemeHandlerFactory``. Mitigation: upgrade to `148.0.90` or later.
CVE-2026-48795 Vulnerability in @adonisjs/bodyparser (CVE-2026-48795)
vulnerability in @adonisjs/bodyparser (CVE-2026-48795). Risk of unauthorized operations or information disclosure. Exploitable via ``FormFields``. Mitigation: upgrade to `11.0.3` or later.
CVE-2026-49820 Open Redirect in go.probo.inc/probo (CVE-2026-49820)
vulnerability in go.probo.inc/probo (CVE-2026-49820). Risk of unauthorized operations or information disclosure. Exploitable via ``saferedirect``. Mitigation: upgrade to `0.204.0` or later.
CVE-2026-58370 Vulnerability in CVE-2026-58370 (CVE-2026-58370)
vulnerability in CVE-2026-58370 (CVE-2026-58370). Successful exploitation can lead to full system takeover.
CVE-2026-58377 Vulnerability in CVE-2026-58377 (CVE-2026-58377)
vulnerability in CVE-2026-58377 (CVE-2026-58377). Confidential information can be exposed externally.
CVE-2026-58174 Vulnerability in CVE-2026-58174 (CVE-2026-58174)
vulnerability in CVE-2026-58174 (CVE-2026-58174). Confidential information can be exposed externally.
CVE-2026-58372 Path Traversal in path-traversal (CVE-2026-58372)
path traversal in path-traversal (CVE-2026-58372). Data can be tampered with by attackers.
CVE-2026-58369 Vulnerability in CVE-2026-58369 (CVE-2026-58369)
vulnerability in CVE-2026-58369 (CVE-2026-58369). Risk of unauthorized operations or information disclosure.
CVE-2026-58173 Path Traversal in path-traversal (CVE-2026-58173)
path traversal in path-traversal (CVE-2026-58173). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →