Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-44734 Vulnerability in CVE-2026-44734 (CVE-2026-44734)
vulnerability in CVE-2026-44734 (CVE-2026-44734). Data can be tampered with by attackers. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-44733 Vulnerability in CVE-2026-44733 (CVE-2026-44733)
vulnerability in CVE-2026-44733 (CVE-2026-44733). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-44732 Vulnerability in CVE-2026-44732 (CVE-2026-44732)
vulnerability in CVE-2026-44732 (CVE-2026-44732). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-44731 Vulnerability in CVE-2026-44731 (CVE-2026-44731)
vulnerability in CVE-2026-44731 (CVE-2026-44731). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-44696 Cross-Site Scripting (XSS) in CVE-2026-44696 (CVE-2026-44696)
cross-site scripting in CVE-2026-44696 (CVE-2026-44696). Data can be tampered with by attackers. Mitigation: upgrade to `17.4.0` or later.
GHSA-qh5x-rfwf-rvfv Vulnerability in github.com/apernet/hysteria (GHSA-qh5x-rfwf-rvfv)
vulnerability in github.com/apernet/hysteria (GHSA-qh5x-rfwf-rvfv). Risk of unauthorized operations or information disclosure. Exploitable via ``max_datagram_frame_size``. Mitigation: upgrade to `2.9.2` or later.
GHSA-vgrc-hq28-p3xp Vulnerability in github.com/apernet/hysteria/core/v2 (GHSA-vgrc-hq28-p3xp)
vulnerability in github.com/apernet/hysteria/core/v2 (GHSA-vgrc-hq28-p3xp). Risk of unauthorized operations or information disclosure. Exploitable via ``UDPMessage``. Mitigation: upgrade to `2.9.2` or later.
GHSA-5vwr-qchf-q4pf OS Command Injection in @cyclonedx/cdxgen (GHSA-5vwr-qchf-q4pf)
OS command injection in @cyclonedx/cdxgen (GHSA-5vwr-qchf-q4pf). Risk of unauthorized operations or information disclosure. Exploitable via `POST /sbom`. Mitigation: upgrade to `12.4.3` or later.
CVE-2026-48785 Path Traversal in github.com/apptainer/apptainer (CVE-2026-48785)
path traversal in github.com/apptainer/apptainer (CVE-2026-48785). Risk of unauthorized operations or information disclosure. Exploitable via ``apptainer.conf``. Mitigation: upgrade to `1.5.1` or later.
CVE-2026-54753 Vulnerability in CVE-2026-54753 (CVE-2026-54753)
vulnerability in CVE-2026-54753 (CVE-2026-54753). Confidential information can be exposed externally. Mitigation: upgrade to `22.7.2` or later.
CVE-2026-48090 Use-After-Free in dos (CVE-2026-48090)
vulnerability in dos (CVE-2026-48090). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-47220 Vulnerability in envoyproxy (CVE-2026-47220)
vulnerability in envoyproxy (CVE-2026-47220). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-47205 Use-After-Free in envoyproxy (CVE-2026-47205)
vulnerability in envoyproxy (CVE-2026-47205). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.36.9` or later.
CVE-2026-48769 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48769)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48769). Risk of unauthorized operations or information disclosure. Exploitable via `POST /1.0/images`. Mitigation: upgrade to `7.2.0` or later.
CVE-2026-48758 Vulnerability in @sigstore/core (CVE-2026-48758)
vulnerability in @sigstore/core (CVE-2026-48758). Risk of unauthorized operations or information disclosure. Exploitable via ``preAuthEncoding``. Mitigation: upgrade to `3.2.1` or later.
CVE-2026-48756 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48756)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48756). Risk of unauthorized operations or information disclosure. Exploitable via `POST /1.0/storage-pools/`. Mitigation: upgrade to `7.1.0` or later.
CVE-2026-48755 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48755)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48755). Risk of unauthorized operations or information disclosure. Exploitable via ``compression_algorithm``. Mitigation: upgrade to `7.2.0` or later.
CVE-2026-48754 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48754)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48754). Risk of unauthorized operations or information disclosure. Exploitable via `POST /1.0/instances`. Mitigation: upgrade to `7.1.0` or later.
CVE-2026-48753 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48753)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48753). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.0` or later.
CVE-2026-48752 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48752)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48752). Risk of unauthorized operations or information disclosure. Exploitable via ``templates``. Mitigation: upgrade to `7.2.0` or later.
CVE-2026-56876 Path Traversal in max-mapper (CVE-2026-56876)
path traversal in max-mapper (CVE-2026-56876). Confidential information can be exposed externally.
CVE-2026-11779 Vulnerability in CVE-2026-11779 (CVE-2026-11779)
vulnerability in CVE-2026-11779 (CVE-2026-11779). Risk of unauthorized operations or information disclosure.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2026-0828 Vulnerability in CVE-2026-0828 (CVE-2026-0828)
vulnerability in CVE-2026-0828 (CVE-2026-0828). Confidential information can be exposed externally.
CVE-2026-5757 Out-of-Bounds Read in ollama (CVE-2026-5757)
vulnerability in ollama (CVE-2026-5757). Confidential information can be exposed externally.
CVE-2026-13434 Vulnerability in kubevirt (CVE-2026-13434)
vulnerability in kubevirt (CVE-2026-13434). Risk of unauthorized operations or information disclosure.
CVE-2026-45195 Vulnerability in imaginationtech (CVE-2026-45195)
vulnerability in imaginationtech (CVE-2026-45195). Successful exploitation can lead to full system takeover.
CVE-2026-0685 Vulnerability in CVE-2026-0685 (CVE-2026-0685)
vulnerability in CVE-2026-0685 (CVE-2026-0685). Successful exploitation can lead to full system takeover.
CVE-2026-21734 Vulnerability in imaginationtech (CVE-2026-21734)
vulnerability in imaginationtech (CVE-2026-21734). Data can be tampered with by attackers.
CVE-2023-20540 Vulnerability in CVE-2023-20540 (CVE-2023-20540)
vulnerability in CVE-2023-20540 (CVE-2023-20540). Risk of unauthorized operations or information disclosure.
CVE-2023-20572 Vulnerability in CVE-2023-20572 (CVE-2023-20572)
vulnerability in CVE-2023-20572 (CVE-2023-20572). Risk of unauthorized operations or information disclosure.
CVE-2025-11919 Vulnerability in CVE-2025-11919 (CVE-2025-11919)
vulnerability in CVE-2025-11919 (CVE-2025-11919). Confidential information can be exposed externally.
CVE-2026-48751 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48751)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48751). Risk of unauthorized operations or information disclosure. Exploitable via ``raw.lxc``. Mitigation: upgrade to `7.2.0` or later.
CVE-2026-48750 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48750)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48750). Risk of unauthorized operations or information disclosure. Exploitable via ``exec_UUID.stdout``. Mitigation: upgrade to `7.2.0` or later.
CVE-2026-48749 Vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48749)
vulnerability in github.com/lxc/incus/v7/cmd/incusd (CVE-2026-48749). Risk of unauthorized operations or information disclosure. Exploitable via ``metadata.yaml``. Mitigation: upgrade to `7.2.0` or later.
CVE-2026-54341 Out-of-Bounds Read in dos (CVE-2026-54341)
vulnerability in dos (CVE-2026-54341). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.39.0` or later.
CVE-2026-48743 Vulnerability in envoyproxy (CVE-2026-48743)
vulnerability in envoyproxy (CVE-2026-48743). Data can be tampered with by attackers. Exploitable via `GET /pwn`. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48706 Vulnerability in envoyproxy (CVE-2026-48706)
vulnerability in envoyproxy (CVE-2026-48706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-48497 Vulnerability in c (CVE-2026-48497)
vulnerability in c (CVE-2026-48497). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48044 Vulnerability in dos (CVE-2026-48044)
vulnerability in dos (CVE-2026-48044). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48042 Vulnerability in envoyproxy (CVE-2026-48042)
vulnerability in envoyproxy (CVE-2026-48042). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47778 Vulnerability in c (CVE-2026-47778)
vulnerability in c (CVE-2026-47778). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47775 Vulnerability in envoyproxy (CVE-2026-47775)
vulnerability in envoyproxy (CVE-2026-47775). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-47692 Vulnerability in envoyproxy (CVE-2026-47692)
vulnerability in envoyproxy (CVE-2026-47692). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47221 Vulnerability in dos (CVE-2026-47221)
vulnerability in dos (CVE-2026-47221). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47207 Use-After-Free in envoyproxy (CVE-2026-47207)
vulnerability in envoyproxy (CVE-2026-47207). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-47206 Vulnerability in CVE-2026-47206 (CVE-2026-47206)
vulnerability in CVE-2026-47206 (CVE-2026-47206). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.39.9` or later.
CVE-2026-47204 Vulnerability in envoyproxy (CVE-2026-47204)
vulnerability in envoyproxy (CVE-2026-47204). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-46623 Vulnerability in org.openidentityplatform.openam:openam-auth-oauth2 (CVE-2026-46623)
vulnerability in org.openidentityplatform.openam:openam-auth-oauth2 (CVE-2026-46623). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.1.1` or later.
CVE-2026-46619 Vulnerability in org.openidentityplatform.openam:openam-auth-msisdn (CVE-2026-46619)
vulnerability in org.openidentityplatform.openam:openam-auth-msisdn (CVE-2026-46619). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.1.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →