Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-40998 XXE (XML External Entity) in CVE-2026-40998 (CVE-2026-40998)
vulnerability in CVE-2026-40998 (CVE-2026-40998). Confidential information can be exposed externally.
CVE-2026-40994 Vulnerability in CVE-2026-40994 (CVE-2026-40994)
vulnerability in CVE-2026-40994 (CVE-2026-40994). Data can be tampered with by attackers.
CVE-2026-40987 Path Traversal in CVE-2026-40987 (CVE-2026-40987)
path traversal in CVE-2026-40987 (CVE-2026-40987). Data can be tampered with by attackers.
CVE-2026-10795 Vulnerability in wordpress (CVE-2026-10795)
vulnerability in wordpress (CVE-2026-10795). Successful exploitation can lead to full system takeover.
CVE-2026-53461 Out-of-Bounds Write in Magick.NET-Q16-AnyCPU (CVE-2026-53461)
out-of-bounds write in Magick.NET-Q16-AnyCPU (CVE-2026-53461). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-53460 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-53460). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-52726 Path Traversal in dulwich (CVE-2026-52726)
path traversal in dulwich (CVE-2026-52726). Risk of unauthorized operations or information disclosure. Exploitable via ``dulwich.porcelain.submodule_update``. Mitigation: upgrade to `1.2.5` or later.
CVE-2026-50223 Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
CVE-2026-49218 Vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218)
vulnerability in Magick.NET-Q16-AnyCPU (CVE-2026-49218). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-47342 Vulnerability in apache (CVE-2026-47342)
vulnerability in apache (CVE-2026-47342). Successful exploitation can lead to full system takeover.
CVE-2026-44693 Vulnerability in CVE-2026-44693 (CVE-2026-44693)
vulnerability in CVE-2026-44693 (CVE-2026-44693). Successful exploitation can lead to full system takeover.
CVE-2026-42558 Cross-Site Scripting (XSS) in CVE-2026-42558 (CVE-2026-42558)
cross-site scripting in CVE-2026-42558 (CVE-2026-42558). Confidential information can be exposed externally.
CVE-2026-53738 Authorization Flaw in CVE-2026-53738 (CVE-2026-53738)
vulnerability in CVE-2026-53738 (CVE-2026-53738). Data can be tampered with by attackers.
CVE-2026-50131 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-50131)
SSRF in ssrf (CVE-2026-50131). Confidential information can be exposed externally.
CVE-2026-48110 Vulnerability in russh (CVE-2026-48110)
vulnerability in russh (CVE-2026-48110). Risk of unauthorized operations or information disclosure. Exploitable via ``russh``. Mitigation: upgrade to `0.61.0` or later.
CVE-2026-46669 Vulnerability in openvm (CVE-2026-46669)
vulnerability in openvm (CVE-2026-46669). Data can be tampered with by attackers.
CVE-2026-42542 Vulnerability in tdengine (CVE-2026-42542)
vulnerability in tdengine (CVE-2026-42542). Risk of unauthorized operations or information disclosure.
CVE-2026-2049 Vulnerability in CVE-2026-2049 (CVE-2026-2049)
vulnerability in CVE-2026-2049 (CVE-2026-2049). Successful exploitation can lead to full system takeover.
CVE-2026-10143 Vulnerability in dpkp (CVE-2026-10143)
vulnerability in dpkp (CVE-2026-10143). Risk of unauthorized operations or information disclosure.
CVE-2026-10142 Vulnerability in dpkp (CVE-2026-10142)
vulnerability in dpkp (CVE-2026-10142). Risk of unauthorized operations or information disclosure.
CVE-2022-26758 Vulnerability in apple (CVE-2022-26758)
vulnerability in apple (CVE-2022-26758). Confidential information can be exposed externally.
CVE-2026-6893 OS Command Injection in CVE-2026-6893 (CVE-2026-6893)
OS command injection in CVE-2026-6893 (CVE-2026-6893). Successful exploitation can lead to full system takeover.
CVE-2026-1220 Vulnerability in google (CVE-2026-1220)
vulnerability in google (CVE-2026-1220). Successful exploitation can lead to full system takeover.
CVE-2026-46529 Command Injection in c (CVE-2026-46529)
command injection in c (CVE-2026-46529). Successful exploitation can lead to full system takeover. Exploitable via ``g_shell_quote``. Mitigation: upgrade to `1.6.2` or later.
CVE-2026-50637 Vulnerability in pevans (CVE-2026-50637)
vulnerability in pevans (CVE-2026-50637). Data can be tampered with by attackers.
CVE-2026-20251 Unsafe Deserialization in deserialization (CVE-2026-20251)
vulnerability in deserialization (CVE-2026-20251). Successful exploitation can lead to full system takeover.
CVE-2026-20258 Cross-Site Scripting (XSS) in splunk (CVE-2026-20258)
cross-site scripting in splunk (CVE-2026-20258). Successful exploitation can lead to full system takeover.
CVE-2026-20252 SSRF (Server-Side Request Forgery) in splunk (CVE-2026-20252)
SSRF in splunk (CVE-2026-20252). Confidential information can be exposed externally.
CVE-2026-50570 Privilege Escalation in CVE-2026-50570 (CVE-2026-50570)
vulnerability in CVE-2026-50570 (CVE-2026-50570). Data can be tampered with by attackers.
CVE-2026-50567 Path Traversal in CVE-2026-50567 (CVE-2026-50567)
path traversal in CVE-2026-50567 (CVE-2026-50567). Data can be tampered with by attackers.
CVE-2026-49824 Vulnerability in github.com/fission/fission (CVE-2026-49824)
vulnerability in github.com/fission/fission (CVE-2026-49824). Confidential information can be exposed externally. Exploitable via ``spec.environment.namespace``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-49823 Vulnerability in github.com/fission/fission (CVE-2026-49823)
vulnerability in github.com/fission/fission (CVE-2026-49823). Confidential information can be exposed externally. Exploitable via ``PackageRef.Namespace``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-49822 Vulnerability in github.com/fission/fission (CVE-2026-49822)
vulnerability in github.com/fission/fission (CVE-2026-49822). Confidential information can be exposed externally. Exploitable via ``KubernetesWatchTrigger``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-49821 Vulnerability in github.com/fission/fission (CVE-2026-49821)
vulnerability in github.com/fission/fission (CVE-2026-49821). Confidential information can be exposed externally. Exploitable via ``buildermgr``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-11417 OS Command Injection in aws-cdk-lib (CVE-2026-11417)
OS command injection in aws-cdk-lib (CVE-2026-11417). Successful exploitation can lead to full system takeover. Exploitable via ``NodejsFunction``. Mitigation: upgrade to `2.246.0` or later.
CVE-2025-53114 Vulnerability in org.cometd.java:cometd-java-server-common (CVE-2025-53114)
vulnerability in org.cometd.java:cometd-java-server-common (CVE-2025-53114). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.0.x` or later.
CVE-2026-49759 Vulnerability in c (CVE-2026-49759)
vulnerability in c (CVE-2026-49759). Risk of unauthorized operations or information disclosure.
CVE-2026-46558 Vulnerability in plane (CVE-2026-46558)
vulnerability in plane (CVE-2026-46558). Confidential information can be exposed externally.
CVE-2026-45569 Path Traversal in c (CVE-2026-45569)
path traversal in c (CVE-2026-45569). Confidential information can be exposed externally.
CVE-2026-45567 Authentication Bypass in nginx (CVE-2026-45567)
authentication bypass in nginx (CVE-2026-45567). Risk of unauthorized operations or information disclosure.
CVE-2026-45565 Vulnerability in nginx (CVE-2026-45565)
vulnerability in nginx (CVE-2026-45565). Confidential information can be exposed externally.
CVE-2026-25700 Vulnerability in apache (CVE-2026-25700)
vulnerability in apache (CVE-2026-25700). Successful exploitation can lead to full system takeover.
CVE-2026-9045 Vulnerability in CVE-2026-9045 (CVE-2026-9045)
vulnerability in CVE-2026-9045 (CVE-2026-9045). Successful exploitation can lead to full system takeover.
CVE-2026-8637 Vulnerability in CVE-2026-8637 (CVE-2026-8637)
vulnerability in CVE-2026-8637 (CVE-2026-8637). Successful exploitation can lead to full system takeover.
CVE-2026-6090 Vulnerability in CVE-2026-6090 (CVE-2026-6090)
vulnerability in CVE-2026-6090 (CVE-2026-6090). Successful exploitation can lead to full system takeover.
CVE-2026-53689 Vulnerability in c (CVE-2026-53689)
vulnerability in c (CVE-2026-53689). Confidential information can be exposed externally.
CVE-2026-53473 Cross-Site Scripting (XSS) in kubev2v (CVE-2026-53473)
cross-site scripting in kubev2v (CVE-2026-53473). Confidential information can be exposed externally.
CVE-2026-45564 OS Command Injection in c (CVE-2026-45564)
OS command injection in c (CVE-2026-45564). Successful exploitation can lead to full system takeover. Exploitable via `POST /config/versions/`.
CVE-2026-45549 Vulnerability in nginx (CVE-2026-45549)
vulnerability in nginx (CVE-2026-45549). Risk of unauthorized operations or information disclosure.
CVE-2026-9758 Vulnerability in CVE-2026-9758 (CVE-2026-9758)
vulnerability in CVE-2026-9758 (CVE-2026-9758). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →