Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56812 |
|
Vulnerability in dos (CVE-2026-56812)
vulnerability in dos (CVE-2026-56812). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56811 |
|
Vulnerability in dos (CVE-2026-56811)
vulnerability in dos (CVE-2026-56811). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14969 |
|
Vulnerability in CVE-2026-14969 (CVE-2026-14969)
vulnerability in CVE-2026-14969 (CVE-2026-14969). Confidential information can be exposed externally.
|
| CVE-2026-14935 |
|
Vulnerability in CVE-2026-14935 (CVE-2026-14935)
vulnerability in CVE-2026-14935 (CVE-2026-14935). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59709 |
|
Vulnerability in CVE-2026-59709 (CVE-2026-59709)
vulnerability in CVE-2026-59709 (CVE-2026-59709). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v1/portfolio/holding/`.
|
| CVE-2026-53878 |
|
Vulnerability in django (CVE-2026-53878)
vulnerability in django (CVE-2026-53878). Risk of unauthorized operations or information disclosure. Exploitable via ``DomainNameValidator``.
|
| CVE-2026-53877 |
|
Vulnerability in django (CVE-2026-53877)
vulnerability in django (CVE-2026-53877). Risk of unauthorized operations or information disclosure. Exploitable via ``django.contrib.gis.gdal.GDALRaster``.
|
| CVE-2026-48588 |
|
Vulnerability in django (CVE-2026-48588)
vulnerability in django (CVE-2026-48588). Risk of unauthorized operations or information disclosure. Exploitable via ``UpdateCacheMiddleware``.
|
| CVE-2026-14940 |
|
Vulnerability in dos (CVE-2026-14940)
vulnerability in dos (CVE-2026-14940). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12948 |
|
Cross-Site Scripting (XSS) in CVE-2026-12948 (CVE-2026-12948)
cross-site scripting in CVE-2026-12948 (CVE-2026-12948). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12352 |
|
Authorization Flaw in cisa (CVE-2026-12352)
vulnerability in cisa (CVE-2026-12352). Confidential information can be exposed externally.
|
| CVE-2026-6101 |
|
Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53479 |
|
OS Command Injection in CVE-2026-53479 (CVE-2026-53479)
OS command injection in CVE-2026-53479 (CVE-2026-53479). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53483 |
|
Authentication Bypass in CVE-2026-53483 (CVE-2026-53483)
authentication bypass in CVE-2026-53483 (CVE-2026-53483). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53481 |
|
Path Traversal in path-traversal (CVE-2026-53481)
path traversal in path-traversal (CVE-2026-53481). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10659 |
|
Vulnerability in c (CVE-2026-10659)
vulnerability in c (CVE-2026-10659). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45016 |
|
Vulnerability in egroupware/egroupware (CVE-2026-45016)
vulnerability in egroupware/egroupware (CVE-2026-45016). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `23.1.20260601` or later.
|
| CVE-2026-44512 |
|
Vulnerability in onnx (CVE-2026-44512)
vulnerability in onnx (CVE-2026-44512). Risk of unauthorized operations or information disclosure. Exploitable via ``width_scale``. Mitigation: upgrade to `1.22.0` or later.
|
| CVE-2026-44342 |
|
Cross-Site Request Forgery (CSRF) in github.com/QuantumNous/new-api (CVE-2026-44342)
vulnerability in github.com/QuantumNous/new-api (CVE-2026-44342). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/oauth/email/bind`. Mitigation: upgrade to `0.12.0-alpha.1` or later.
|
| CVE-2026-40187 |
|
OS Command Injection in egroupware/egroupware (CVE-2026-40187)
OS command injection in egroupware/egroupware (CVE-2026-40187). Risk of unauthorized operations or information disclosure. Exploitable via ``chgrp``. Mitigation: upgrade to `23.1.20260601` or later.
|
| CVE-2026-34151 |
|
Vulnerability in org.xwiki.platform:xwiki-platform-oldcore (CVE-2026-34151)
vulnerability in org.xwiki.platform:xwiki-platform-oldcore (CVE-2026-34151). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.2.0` or later.
|
| CVE-2026-33655 |
|
SSRF (Server-Side Request Forgery) in github.com/QuantumNous/new-api (CVE-2026-33655)
SSRF in github.com/QuantumNous/new-api (CVE-2026-33655). Risk of unauthorized operations or information disclosure. Exploitable via ``ApplyIPFilterForDomain``. Mitigation: upgrade to `0.12.0-alpha.1` or later.
|
| CVE-2026-27823 |
|
Path Traversal in egroupware/egroupware (CVE-2026-27823)
path traversal in egroupware/egroupware (CVE-2026-27823). Risk of unauthorized operations or information disclosure. Exploitable via ``participant_role``. Mitigation: upgrade to `23.1.20260224` or later.
|
| CVE-2026-13696 |
|
Vulnerability in CVE-2026-13696 (CVE-2026-13696)
vulnerability in CVE-2026-13696 (CVE-2026-13696). Successful exploitation can lead to full system takeover.
|
| CVE-2011-10043 |
|
Vulnerability in CVE-2011-10043 (CVE-2011-10043)
vulnerability in CVE-2011-10043 (CVE-2011-10043). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11348 |
|
Vulnerability in CVE-2026-11348 (CVE-2026-11348)
vulnerability in CVE-2026-11348 (CVE-2026-11348). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11340 |
|
Vulnerability in CVE-2026-11340 (CVE-2026-11340)
vulnerability in CVE-2026-11340 (CVE-2026-11340). Data can be tampered with by attackers.
|
| CVE-2026-49487 |
|
Information Disclosure in apache (CVE-2026-49487)
vulnerability in apache (CVE-2026-49487). Confidential information can be exposed externally.
|
| CVE-2026-49296 |
|
Vulnerability in apache (CVE-2026-49296)
vulnerability in apache (CVE-2026-49296). Confidential information can be exposed externally. Exploitable via `GET /api/v2/dagSources/{dag_id}`.
|
| CVE-2026-48892 |
|
Information Disclosure in apache (CVE-2026-48892)
vulnerability in apache (CVE-2026-48892). Confidential information can be exposed externally. Exploitable via ``sensitive_config_values``.
|
| CVE-2026-48891 |
|
Information Disclosure in apache (CVE-2026-48891)
vulnerability in apache (CVE-2026-48891). Risk of unauthorized operations or information disclosure. Exploitable via ``dep.source``.
|
| CVE-2026-48828 |
|
Information Disclosure in apache (CVE-2026-48828)
vulnerability in apache (CVE-2026-48828). Confidential information can be exposed externally. Exploitable via ``should_hide_value_for_key``.
|
| CVE-2026-33264 |
|
Unsafe Deserialization in apache (CVE-2026-33264)
vulnerability in apache (CVE-2026-33264). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14868 |
|
Vulnerability in CVE-2026-14868 (CVE-2026-14868)
vulnerability in CVE-2026-14868 (CVE-2026-14868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14867 |
|
Vulnerability in CVE-2026-14867 (CVE-2026-14867)
vulnerability in CVE-2026-14867 (CVE-2026-14867). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14476 |
|
Vulnerability in path-traversal (CVE-2026-14476)
vulnerability in path-traversal (CVE-2026-14476). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14474 |
|
Vulnerability in CVE-2026-14474 (CVE-2026-14474)
vulnerability in CVE-2026-14474 (CVE-2026-14474). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11610 |
|
Vulnerability in c (CVE-2026-11610)
vulnerability in c (CVE-2026-11610). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58384 |
|
Vulnerability in dos (CVE-2026-58384)
vulnerability in dos (CVE-2026-58384). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13199 |
|
Vulnerability in CVE-2026-13199 (CVE-2026-13199)
vulnerability in CVE-2026-13199 (CVE-2026-13199). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8377 |
|
Vulnerability in CVE-2026-8377 (CVE-2026-8377)
vulnerability in CVE-2026-8377 (CVE-2026-8377). Confidential information can be exposed externally.
|
| CVE-2026-8309 |
|
Cross-Site Scripting (XSS) in CVE-2026-8309 (CVE-2026-8309)
cross-site scripting in CVE-2026-8309 (CVE-2026-8309). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8306 |
|
Cross-Site Scripting (XSS) in CVE-2026-8306 (CVE-2026-8306)
cross-site scripting in CVE-2026-8306 (CVE-2026-8306). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7380 |
|
Vulnerability in CVE-2026-7380 (CVE-2026-7380)
vulnerability in CVE-2026-7380 (CVE-2026-7380). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5799 |
|
Vulnerability in CVE-2026-5799 (CVE-2026-5799)
vulnerability in CVE-2026-5799 (CVE-2026-5799). Confidential information can be exposed externally.
|
| CVE-2026-5730 |
|
Vulnerability in CVE-2026-5730 (CVE-2026-5730)
vulnerability in CVE-2026-5730 (CVE-2026-5730). Confidential information can be exposed externally.
|
| CVE-2026-57869 |
|
Vulnerability in CVE-2026-57869 (CVE-2026-57869)
vulnerability in CVE-2026-57869 (CVE-2026-57869). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57868 |
|
Vulnerability in CVE-2026-57868 (CVE-2026-57868)
vulnerability in CVE-2026-57868 (CVE-2026-57868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12375 |
|
Vulnerability in wordpress (CVE-2026-12375)
vulnerability in wordpress (CVE-2026-12375). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12277 |
|
Vulnerability in wordpress (CVE-2026-12277)
vulnerability in wordpress (CVE-2026-12277). Data can be tampered with by attackers.
|