Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-22879 |
|
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability
|
| CVE-2026-8720 |
|
Vulnerability in wolfssl (CVE-2026-8720)
vulnerability in wolfssl (CVE-2026-8720). Data can be tampered with by attackers.
|
| CVE-2026-6092 |
|
Vulnerability in wolfssl (CVE-2026-6092)
vulnerability in wolfssl (CVE-2026-6092). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55962 |
|
Authentication Bypass in wolfssl (CVE-2026-55962)
authentication bypass in wolfssl (CVE-2026-55962). Data can be tampered with by attackers.
|
| CVE-2026-7511 |
|
Vulnerability in wolfssl (CVE-2026-7511)
vulnerability in wolfssl (CVE-2026-7511). Data can be tampered with by attackers.
|
| CVE-2026-44622 |
|
Vulnerability in CVE-2026-44622 (CVE-2026-44622)
vulnerability in CVE-2026-44622 (CVE-2026-44622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6329 |
|
Vulnerability in wolfssl (CVE-2026-6329)
vulnerability in wolfssl (CVE-2026-6329). Data can be tampered with by attackers.
|
| CVE-2026-50176 |
|
Vulnerability in CVE-2026-50176 (CVE-2026-50176)
vulnerability in CVE-2026-50176 (CVE-2026-50176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54479 |
|
Vulnerability in CVE-2026-54479 (CVE-2026-54479)
vulnerability in CVE-2026-54479 (CVE-2026-54479). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13283 |
|
Use-After-Free in google (CVE-2026-13283)
vulnerability in google (CVE-2026-13283). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6325 |
|
Out-of-Bounds Write in wolfssl (CVE-2026-6325)
out-of-bounds write in wolfssl (CVE-2026-6325). Data can be tampered with by attackers.
|
| CVE-2026-6331 |
|
Vulnerability in wolfssl (CVE-2026-6331)
vulnerability in wolfssl (CVE-2026-6331). Data can be tampered with by attackers.
|
| CVE-2026-13282 |
|
Use-After-Free in google (CVE-2026-13282)
vulnerability in google (CVE-2026-13282). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10098 |
|
Vulnerability in wolfssl (CVE-2026-10098)
vulnerability in wolfssl (CVE-2026-10098). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71335 |
|
Vulnerability in flowiseai (CVE-2025-71335)
vulnerability in flowiseai (CVE-2025-71335). Confidential information can be exposed externally.
|
| CVE-2025-71334 |
|
Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12992 |
|
SSRF (Server-Side Request Forgery) in redhat (CVE-2026-12992)
SSRF in redhat (CVE-2026-12992). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71336 |
|
OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11800 |
|
Vulnerability in privilege-escalation (CVE-2026-11800)
vulnerability in privilege-escalation (CVE-2026-11800). Confidential information can be exposed externally.
|
| CVE-2025-71340 |
|
Unsafe Deserialization in CVE-2025-71340 (CVE-2025-71340)
vulnerability in CVE-2025-71340 (CVE-2025-71340). Confidential information can be exposed externally.
|
| CVE-2026-12975 |
|
XXE (XML External Entity) in ssrf (CVE-2026-12975)
vulnerability in ssrf (CVE-2026-12975). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71338 |
|
Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11703 |
|
Authentication Bypass in wolfssl (CVE-2026-11703)
authentication bypass in wolfssl (CVE-2026-11703). Data can be tampered with by attackers.
|
| CVE-2025-71333 |
|
Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71327 |
|
Vulnerability in flowiseai (CVE-2025-71327)
vulnerability in flowiseai (CVE-2025-71327). Confidential information can be exposed externally.
|
| CVE-2025-71324 |
|
Vulnerability in path-traversal (CVE-2025-71324)
vulnerability in path-traversal (CVE-2025-71324). Confidential information can be exposed externally.
|
| CVE-2020-37256 |
|
Cross-Site Scripting (XSS) in getgrav (CVE-2020-37256)
cross-site scripting in getgrav (CVE-2020-37256). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47986 |
|
Vulnerability in CVE-2021-47986 (CVE-2021-47986)
vulnerability in CVE-2021-47986 (CVE-2021-47986). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47987 |
|
Vulnerability in CVE-2021-47987 (CVE-2021-47987)
vulnerability in CVE-2021-47987 (CVE-2021-47987). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71328 |
|
Vulnerability in flowiseai (CVE-2025-71328)
vulnerability in flowiseai (CVE-2025-71328). Confidential information can be exposed externally.
|
| CVE-2026-43920 |
|
Vulnerability in csrf (CVE-2026-43920)
vulnerability in csrf (CVE-2026-43920). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40941 |
|
Vulnerability in cacti (CVE-2026-40941)
vulnerability in cacti (CVE-2026-40941). Data can be tampered with by attackers.
|
| CVE-2026-40084 |
|
Path Traversal in path-traversal (CVE-2026-40084)
path traversal in path-traversal (CVE-2026-40084). Confidential information can be exposed externally.
|
| CVE-2026-40083 |
|
SQL Injection in sqli (CVE-2026-40083)
SQL injection in sqli (CVE-2026-40083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40082 |
|
Vulnerability in cacti (CVE-2026-40082)
vulnerability in cacti (CVE-2026-40082). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40080 |
|
Open Redirect in cacti (CVE-2026-40080)
vulnerability in cacti (CVE-2026-40080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55166 |
|
Vulnerability in lemur (CVE-2026-55166)
vulnerability in lemur (CVE-2026-55166). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/1/authorities`. Mitigation: upgrade to `1.9.2` or later.
|
| CVE-2026-55165 |
|
Vulnerability in lemur (CVE-2026-55165)
vulnerability in lemur (CVE-2026-55165). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.9.2` or later.
|
| CVE-2026-55164 |
|
Vulnerability in lemur (CVE-2026-55164)
vulnerability in lemur (CVE-2026-55164). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/1/users/`. Mitigation: upgrade to `1.9.2` or later.
|
| CVE-2026-55163 |
|
Authorization Flaw in lemur (CVE-2026-55163)
vulnerability in lemur (CVE-2026-55163). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/1/roles/`. Mitigation: upgrade to `1.9.2` or later.
|
| CVE-2026-55162 |
|
SSRF (Server-Side Request Forgery) in lemur (CVE-2026-55162)
SSRF in lemur (CVE-2026-55162). Risk of unauthorized operations or information disclosure. Exploitable via `POST /certificates/upload`. Mitigation: upgrade to `1.9.2` or later.
|
| CVE-2026-48722 |
|
Vulnerability in io.nextflow:nextflow (CVE-2026-48722)
vulnerability in io.nextflow:nextflow (CVE-2026-48722). Risk of unauthorized operations or information disclosure. Exploitable via ``TOWER_ACCESS_TOKEN``. Mitigation: upgrade to `26.04.3` or later.
|
| CVE-2026-48702 |
|
Vulnerability in github.com/sigstore/rekor (CVE-2026-48702)
vulnerability in github.com/sigstore/rekor (CVE-2026-48702). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/log/entries`. Mitigation: upgrade to `1.5.2` or later.
|
| CVE-2026-48529 |
|
Vulnerability in github.com/github/github-mcp-server (CVE-2026-48529)
vulnerability in github.com/github/github-mcp-server (CVE-2026-48529). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.2` or later.
|
| CVE-2026-6412 |
|
Vulnerability in wolfssl (CVE-2026-6412)
vulnerability in wolfssl (CVE-2026-6412). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6450 |
|
Vulnerability in wolfssl (CVE-2026-6450)
vulnerability in wolfssl (CVE-2026-6450). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56445 |
|
Path Traversal in c (CVE-2026-56445)
path traversal in c (CVE-2026-56445). Data can be tampered with by attackers.
|
| CVE-2026-6731 |
|
Vulnerability in wolfssl (CVE-2026-6731)
vulnerability in wolfssl (CVE-2026-6731). Data can be tampered with by attackers.
|
| CVE-2026-6681 |
|
Vulnerability in wolfssl (CVE-2026-6681)
vulnerability in wolfssl (CVE-2026-6681). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-38637 |
|
Vulnerability in dos (CVE-2026-38637)
vulnerability in dos (CVE-2026-38637). Risk of unauthorized operations or information disclosure.
|