Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-39868 |
|
Vulnerability in apple (CVE-2026-39868)
vulnerability in apple (CVE-2026-39868). Data can be tampered with by attackers.
|
| CVE-2026-37637 |
|
Code Injection in CVE-2026-37637 (CVE-2026-37637)
code injection in CVE-2026-37637 (CVE-2026-37637). Confidential information can be exposed externally.
|
| CVE-2026-31016 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-31016 (CVE-2026-31016)
vulnerability in CVE-2026-31016 (CVE-2026-31016). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28979 |
|
Out-of-Bounds Read in apple (CVE-2026-28979)
vulnerability in apple (CVE-2026-28979). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13763 |
|
Vulnerability in amazon (CVE-2026-13763)
vulnerability in amazon (CVE-2026-13763). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13593 |
|
Vulnerability in CVE-2026-13593 (CVE-2026-13593)
vulnerability in CVE-2026-13593 (CVE-2026-13593). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13008 |
|
Vulnerability in c (CVE-2026-13008)
vulnerability in c (CVE-2026-13008). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58000 |
|
OS Command Injection in CVE-2026-58000 (CVE-2026-58000)
OS command injection in CVE-2026-58000 (CVE-2026-58000). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57999 |
|
OS Command Injection in CVE-2026-57999 (CVE-2026-57999)
OS command injection in CVE-2026-57999 (CVE-2026-57999). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53428 |
|
Vulnerability in dos (CVE-2026-53428)
vulnerability in dos (CVE-2026-53428). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53427 |
|
Cross-Site Scripting (XSS) in CVE-2026-53427 (CVE-2026-53427)
cross-site scripting in CVE-2026-53427 (CVE-2026-53427). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13757 |
|
Vulnerability in redhat (CVE-2026-13757)
vulnerability in redhat (CVE-2026-13757). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57958 |
|
Cross-Site Scripting (XSS) in laravel (CVE-2026-57958)
cross-site scripting in laravel (CVE-2026-57958). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57951 |
|
Authorization Flaw in its-a-feature (CVE-2026-57951)
vulnerability in its-a-feature (CVE-2026-57951). Confidential information can be exposed externally.
|
| CVE-2026-57950 |
|
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
|
| CVE-2026-57959 |
|
Vulnerability in CVE-2026-57959 (CVE-2026-57959)
vulnerability in CVE-2026-57959 (CVE-2026-57959). Data can be tampered with by attackers.
|
| CVE-2026-57949 |
|
Vulnerability in vue (CVE-2026-57949)
vulnerability in vue (CVE-2026-57949). Confidential information can be exposed externally. Exploitable via `GET /admin-api/crm/follow-up-record/get`.
|
| CVE-2026-57948 |
|
Vulnerability in CVE-2026-57948 (CVE-2026-57948)
vulnerability in CVE-2026-57948 (CVE-2026-57948). Confidential information can be exposed externally.
|
| CVE-2026-57952 |
|
Vulnerability in its-a-feature (CVE-2026-57952)
vulnerability in its-a-feature (CVE-2026-57952). Confidential information can be exposed externally.
|
| CVE-2026-57947 |
|
Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook...
Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook...
|
| CVE-2026-57953 |
|
Authorization Flaw in its-a-feature (CVE-2026-57953)
vulnerability in its-a-feature (CVE-2026-57953). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57954 |
|
Vulnerability in CVE-2026-57954 (CVE-2026-57954)
vulnerability in CVE-2026-57954 (CVE-2026-57954). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57960 |
|
Vulnerability in CVE-2026-57960 (CVE-2026-57960)
vulnerability in CVE-2026-57960 (CVE-2026-57960). Confidential information can be exposed externally. Exploitable via `GET /api/public/check-in-lists/{short_id}/attendees`.
|
| CVE-2026-57957 |
|
Vulnerability in CVE-2026-57957 (CVE-2026-57957)
vulnerability in CVE-2026-57957 (CVE-2026-57957). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57955 |
|
SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers...
SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers...
|
| CVE-2026-57956 |
|
Vulnerability in CVE-2026-57956 (CVE-2026-57956)
vulnerability in CVE-2026-57956 (CVE-2026-57956). Data can be tampered with by attackers.
|
| CVE-2026-57946 |
|
Vulnerability in CVE-2026-57946 (CVE-2026-57946)
vulnerability in CVE-2026-57946 (CVE-2026-57946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56781 |
|
Vulnerability in CVE-2026-56781 (CVE-2026-56781)
vulnerability in CVE-2026-56781 (CVE-2026-56781). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56285 |
|
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
|
| CVE-2026-56783 |
|
Vulnerability in CVE-2026-56783 (CVE-2026-56783)
vulnerability in CVE-2026-56783 (CVE-2026-56783). Confidential information can be exposed externally. Exploitable via `GET /api/v1/targets`.
|
| CVE-2026-13591 |
|
Vulnerability in CVE-2026-13591 (CVE-2026-13591)
vulnerability in CVE-2026-13591 (CVE-2026-13591). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56780 |
|
Modoboa before 2.9.0 contains an insecure direct object reference vulnerability in the PUT /api...
Modoboa before 2.9.0 contains an insecure direct object reference vulnerability in the PUT /api...
|
| CVE-2026-56782 |
|
Vulnerability in CVE-2026-56782 (CVE-2026-56782)
vulnerability in CVE-2026-56782 (CVE-2026-56782). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13590 |
|
Buffer Overflow in CVE-2026-13590 (CVE-2026-13590)
vulnerability in CVE-2026-13590 (CVE-2026-13590). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57942 |
|
Vulnerability in CVE-2026-57942 (CVE-2026-57942)
vulnerability in CVE-2026-57942 (CVE-2026-57942). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13592 |
|
Buffer Overflow in CVE-2026-13592 (CVE-2026-13592)
vulnerability in CVE-2026-13592 (CVE-2026-13592). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57945 |
|
Vulnerability in CVE-2026-57945 (CVE-2026-57945)
vulnerability in CVE-2026-57945 (CVE-2026-57945). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11720 |
|
Path Traversal in path-traversal (CVE-2026-11720)
path traversal in path-traversal (CVE-2026-11720). Confidential information can be exposed externally.
|
| CVE-2026-57943 |
|
Vulnerability in CVE-2026-57943 (CVE-2026-57943)
vulnerability in CVE-2026-57943 (CVE-2026-57943). Confidential information can be exposed externally.
|
| CVE-2026-36848 |
|
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
|
| CVE-2026-13588 |
|
Buffer Overflow in cpp (CVE-2026-13588)
vulnerability in cpp (CVE-2026-13588). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13751 |
|
Vulnerability in snowflake (CVE-2026-13751)
vulnerability in snowflake (CVE-2026-13751). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13589 |
|
Buffer Overflow in cpp (CVE-2026-13589)
vulnerability in cpp (CVE-2026-13589). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13752 |
|
SQL Injection in snowflake (CVE-2026-13752)
SQL injection in snowflake (CVE-2026-13752). Confidential information can be exposed externally.
|
| CVE-2026-12912 |
|
Vulnerability in dos (CVE-2026-12912)
vulnerability in dos (CVE-2026-12912). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48717 |
|
Vulnerability in org.openidentityplatform.openam:openam-oauth2 (CVE-2026-48717)
vulnerability in org.openidentityplatform.openam:openam-oauth2 (CVE-2026-48717). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.1.1` or later.
|
| CVE-2026-47426 |
|
Authentication Bypass in org.openidentityplatform.openam:openam-oauth2 (CVE-2026-47426)
authentication bypass in org.openidentityplatform.openam:openam-oauth2 (CVE-2026-47426). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.1.1` or later.
|
| CVE-2026-47424 |
|
Vulnerability in org.openidentityplatform.openam:openam-scripting (CVE-2026-47424)
vulnerability in org.openidentityplatform.openam:openam-scripting (CVE-2026-47424). Risk of unauthorized operations or information disclosure. Exploitable via ``RealmAdmin``. Mitigation: upgrade to `16.1.1` or later.
|
| CVE-2026-12672 |
|
Vulnerability in CVE-2026-12672 (CVE-2026-12672)
vulnerability in CVE-2026-12672 (CVE-2026-12672). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9105 |
|
Vulnerability in tp-link (CVE-2026-9105)
vulnerability in tp-link (CVE-2026-9105). Risk of unauthorized operations or information disclosure.
|