Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-53833 Vulnerability in openclaw (CVE-2026-53833)
vulnerability in openclaw (CVE-2026-53833). Confidential information can be exposed externally.
CVE-2026-53832 Vulnerability in CVE-2026-53832 (CVE-2026-53832)
vulnerability in CVE-2026-53832 (CVE-2026-53832). Confidential information can be exposed externally.
CVE-2026-53831 Vulnerability in openclaw (CVE-2026-53831)
vulnerability in openclaw (CVE-2026-53831). Confidential information can be exposed externally.
CVE-2026-53829 Vulnerability in openclaw (CVE-2026-53829)
vulnerability in openclaw (CVE-2026-53829). Successful exploitation can lead to full system takeover.
CVE-2026-53828 Authorization Flaw in openclaw (CVE-2026-53828)
vulnerability in openclaw (CVE-2026-53828). Successful exploitation can lead to full system takeover.
CVE-2026-53823 Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
CVE-2026-53822 Command Injection in openclaw (CVE-2026-53822)
command injection in openclaw (CVE-2026-53822). Successful exploitation can lead to full system takeover.
CVE-2026-53821 Vulnerability in openclaw (CVE-2026-53821)
vulnerability in openclaw (CVE-2026-53821). Successful exploitation can lead to full system takeover.
CVE-2026-53608 Cross-Site Scripting (XSS) in CVE-2026-53608 (CVE-2026-53608)
cross-site scripting in CVE-2026-53608 (CVE-2026-53608). Confidential information can be exposed externally. Exploitable via ``seoGoogleTrackingId``.
CVE-2026-41158 Use-After-Free in CVE-2026-41158 (CVE-2026-41158)
vulnerability in CVE-2026-41158 (CVE-2026-41158). Successful exploitation can lead to full system takeover.
CVE-2026-34195 Out-of-Bounds Write in CVE-2026-34195 (CVE-2026-34195)
out-of-bounds write in CVE-2026-34195 (CVE-2026-34195). Successful exploitation can lead to full system takeover.
CVE-2025-7017 Out-of-Bounds Read in CVE-2025-7017 (CVE-2025-7017)
vulnerability in CVE-2025-7017 (CVE-2025-7017). Successful exploitation can lead to full system takeover.
CVE-2025-7011 Out-of-Bounds Read in CVE-2025-7011 (CVE-2025-7011)
vulnerability in CVE-2025-7011 (CVE-2025-7011). Successful exploitation can lead to full system takeover.
CVE-2025-7009 Out-of-Bounds Read in CVE-2025-7009 (CVE-2025-7009)
vulnerability in CVE-2025-7009 (CVE-2025-7009). Successful exploitation can lead to full system takeover.
CVE-2025-7008 Out-of-Bounds Read in csharp (CVE-2025-7008)
vulnerability in csharp (CVE-2025-7008). Successful exploitation can lead to full system takeover.
CVE-2025-7004 Out-of-Bounds Write in CVE-2025-7004 (CVE-2025-7004)
out-of-bounds write in CVE-2025-7004 (CVE-2025-7004). Successful exploitation can lead to full system takeover.
CVE-2025-7003 Out-of-Bounds Read in CVE-2025-7003 (CVE-2025-7003)
vulnerability in CVE-2025-7003 (CVE-2025-7003). Successful exploitation can lead to full system takeover.
CVE-2025-7002 Out-of-Bounds Read in CVE-2025-7002 (CVE-2025-7002)
vulnerability in CVE-2025-7002 (CVE-2025-7002). Successful exploitation can lead to full system takeover.
CVE-2026-54091 Authorization Flaw in github.com/filebrowser/filebrowser/v2 (CVE-2026-54091)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-54091). Confidential information can be exposed externally. Exploitable via `GET /api/public/share/`. Mitigation: upgrade to `2.63.6` or later.
CVE-2026-54094 Path Traversal in github.com/filebrowser/filebrowser/v2 (CVE-2026-54094)
path traversal in github.com/filebrowser/filebrowser/v2 (CVE-2026-54094). Confidential information can be exposed externally. Exploitable via `GET /api/raw/{path}`. Mitigation: upgrade to `2.63.14` or later.
CVE-2026-54057 Code Injection in kovidgoyal (CVE-2026-54057)
code injection in kovidgoyal (CVE-2026-54057). Successful exploitation can lead to full system takeover.
CVE-2026-54056 Vulnerability in kovidgoyal (CVE-2026-54056)
vulnerability in kovidgoyal (CVE-2026-54056). Data can be tampered with by attackers. Exploitable via ``O_NOFOLLOW``.
CVE-2026-4870 Vulnerability in dos (CVE-2026-4870)
vulnerability in dos (CVE-2026-4870). Risk of unauthorized operations or information disclosure.
CVE-2026-44786 Information Disclosure in discourse (CVE-2026-44786)
vulnerability in discourse (CVE-2026-44786). Confidential information can be exposed externally.
CVE-2026-54096 Authorization Flaw in github.com/filebrowser/filebrowser/v2 (CVE-2026-54096)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-54096). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/share/`. Mitigation: upgrade to `2.63.7` or later.
CVE-2026-42851 Code Injection in kovidgoyal (CVE-2026-42851)
code injection in kovidgoyal (CVE-2026-42851). Successful exploitation can lead to full system takeover. Exploitable via ``cat``.
CVE-2026-42850 Command Injection in kovidgoyal (CVE-2026-42850)
command injection in kovidgoyal (CVE-2026-42850). Successful exploitation can lead to full system takeover.
CVE-2026-53408 Vulnerability in zoom (CVE-2026-53408)
vulnerability in zoom (CVE-2026-53408). Confidential information can be exposed externally.
CVE-2026-53407 Vulnerability in zoom (CVE-2026-53407)
vulnerability in zoom (CVE-2026-53407). Confidential information can be exposed externally.
CVE-2026-50108 Vulnerability in CVE-2026-50108 (CVE-2026-50108)
vulnerability in CVE-2026-50108 (CVE-2026-50108). Confidential information can be exposed externally.
CVE-2026-50101 Vulnerability in CVE-2026-50101 (CVE-2026-50101)
vulnerability in CVE-2026-50101 (CVE-2026-50101). Successful exploitation can lead to full system takeover.
CVE-2026-12143 Vulnerability in form-data (CVE-2026-12143)
vulnerability in form-data (CVE-2026-12143). Data can be tampered with by attackers. Exploitable via ``field``. Mitigation: upgrade to `4.0.6` or later.
CVE-2026-12043 Vulnerability in Amazon aws (CVE-2026-12043)
vulnerability in Amazon aws (CVE-2026-12043). Successful exploitation can lead to full system takeover.
CVE-2026-47965 Out-of-Bounds Write in adobe (CVE-2026-47965)
out-of-bounds write in adobe (CVE-2026-47965). Successful exploitation can lead to full system takeover.
CVE-2026-53406 Vulnerability in zoom (CVE-2026-53406)
vulnerability in zoom (CVE-2026-53406). Successful exploitation can lead to full system takeover.
CVE-2026-7387 Authorization Flaw in mattermost (CVE-2026-7387)
vulnerability in mattermost (CVE-2026-7387). Successful exploitation can lead to full system takeover.
CVE-2026-6961 Path Traversal in path-traversal (CVE-2026-6961)
path traversal in path-traversal (CVE-2026-6961). Data can be tampered with by attackers.
CVE-2026-3840 Path Traversal in path-traversal (CVE-2026-3840)
path traversal in path-traversal (CVE-2026-3840). Confidential information can be exposed externally.
CVE-2025-52465 Vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465)
vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.26.4` or later.
CVE-2026-48165 OS Command Injection in mariadb (CVE-2026-48165)
OS command injection in mariadb (CVE-2026-48165). Successful exploitation can lead to full system takeover.
CVE-2026-48163 OS Command Injection in mariadb (CVE-2026-48163)
OS command injection in mariadb (CVE-2026-48163). Successful exploitation can lead to full system takeover.
CVE-2026-44168 OS Command Injection in mariadb (CVE-2026-44168)
OS command injection in mariadb (CVE-2026-44168). Successful exploitation can lead to full system takeover.
CVE-2026-53981 Vulnerability in CVE-2026-53981 (CVE-2026-53981)
vulnerability in CVE-2026-53981 (CVE-2026-53981). Confidential information can be exposed externally.
CVE-2026-9638 Vulnerability in CVE-2026-9638 (CVE-2026-9638)
vulnerability in CVE-2026-9638 (CVE-2026-9638). Confidential information can be exposed externally.
CVE-2026-50088 Vulnerability in c (CVE-2026-50088)
vulnerability in c (CVE-2026-50088). Confidential information can be exposed externally.
CVE-2026-50087 Vulnerability in c (CVE-2026-50087)
vulnerability in c (CVE-2026-50087). Confidential information can be exposed externally.
CVE-2026-50085 Vulnerability in c (CVE-2026-50085)
vulnerability in c (CVE-2026-50085). Data can be tampered with by attackers.
CVE-2026-50011 Vulnerability in io.netty:netty-codec-redis (CVE-2026-50011)
vulnerability in io.netty:netty-codec-redis (CVE-2026-50011). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-50010 Vulnerability in io.netty:netty-handler (CVE-2026-50010)
vulnerability in io.netty:netty-handler (CVE-2026-50010). Confidential information can be exposed externally. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-48748 Vulnerability in io.netty:netty-codec-http3 (CVE-2026-48748)
vulnerability in io.netty:netty-codec-http3 (CVE-2026-48748). Risk of unauthorized operations or information disclosure. Exploitable via ``HTTP3_SETTINGS_QPACK_MAX_TABLE_CAPACITY``. Mitigation: upgrade to `4.2.15.Final` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →