Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-10882 |
|
Use-After-Free in google (CVE-2026-10882)
vulnerability in google (CVE-2026-10882). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10873 |
|
Command Injection in CVE-2026-10873 (CVE-2026-10873)
command injection in CVE-2026-10873 (CVE-2026-10873). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10872 |
|
Command Injection in CVE-2026-10872 (CVE-2026-10872)
command injection in CVE-2026-10872 (CVE-2026-10872). Successful exploitation can lead to full system takeover.
|
| CVE-2025-8873 |
|
Vulnerability in CVE-2025-8873 (CVE-2025-8873)
vulnerability in CVE-2025-8873 (CVE-2025-8873). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10871 |
|
Command Injection in CVE-2026-10871 (CVE-2026-10871)
command injection in CVE-2026-10871 (CVE-2026-10871). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10870 |
|
Command Injection in CVE-2026-10870 (CVE-2026-10870)
command injection in CVE-2026-10870 (CVE-2026-10870). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41518 |
|
Cross-Site Scripting (XSS) in CVE-2026-41518 (CVE-2026-41518)
cross-site scripting in CVE-2026-41518 (CVE-2026-41518). Confidential information can be exposed externally. Exploitable via ``ChartDatasetConfig.legend``.
|
| CVE-2026-50292 |
|
Vulnerability in freedesktop (CVE-2026-50292)
vulnerability in freedesktop (CVE-2026-50292). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25551 |
|
Unsafe Deserialization in csharp (CVE-2026-25551)
vulnerability in csharp (CVE-2026-25551). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10796 |
|
OS Command Injection in openjsf (CVE-2026-10796)
OS command injection in openjsf (CVE-2026-10796). Successful exploitation can lead to full system takeover. Exploitable via ``eval``.
|
| CVE-2025-69755 |
|
OS Command Injection in CVE-2025-69755 (CVE-2025-69755)
OS command injection in CVE-2025-69755 (CVE-2025-69755). Confidential information can be exposed externally.
|
| CVE-2025-67448 |
|
Cross-Site Scripting (XSS) in CVE-2025-67448 (CVE-2025-67448)
cross-site scripting in CVE-2025-67448 (CVE-2025-67448). Confidential information can be exposed externally.
|
| CVE-2026-49942 |
|
Vulnerability in rrwo (CVE-2026-49942)
vulnerability in rrwo (CVE-2026-49942). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49941 |
|
Vulnerability in dos (CVE-2026-49941)
vulnerability in dos (CVE-2026-49941). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46741 |
|
Vulnerability in sanbeg (CVE-2026-46741)
vulnerability in sanbeg (CVE-2026-46741). Data can be tampered with by attackers.
|
| CVE-2026-5228 |
|
Vulnerability in CVE-2026-5228 (CVE-2026-5228)
vulnerability in CVE-2026-5228 (CVE-2026-5228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44393 |
|
Vulnerability in CVE-2026-44393 (CVE-2026-44393)
vulnerability in CVE-2026-44393 (CVE-2026-44393). Confidential information can be exposed externally.
|
| CVE-2026-43985 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-43985)
vulnerability in csrf (CVE-2026-43985). Successful exploitation can lead to full system takeover. Exploitable via ``configUpdate``.
|
| CVE-2026-43984 |
|
Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
cross-site scripting in CVE-2026-43984 (CVE-2026-43984). Confidential information can be exposed externally. Exploitable via ``log_js_errors``.
|
| CVE-2026-38570 |
|
Out-of-Bounds Read in dos (CVE-2026-38570)
vulnerability in dos (CVE-2026-38570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36176 |
|
Vulnerability in CVE-2026-36176 (CVE-2026-36176)
vulnerability in CVE-2026-36176 (CVE-2026-36176). Confidential information can be exposed externally.
|
| CVE-2026-10863 |
|
Vulnerability in sqli (CVE-2026-10863)
vulnerability in sqli (CVE-2026-10863). Confidential information can be exposed externally.
|
| CVE-2026-28318 KEV |
|
[KEV] Vulnerability in Solarwinds serv-u (CVE-2026-28318)
vulnerability in Solarwinds serv-u (CVE-2026-28318). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-59874 |
|
Vulnerability in CVE-2025-59874 (CVE-2025-59874)
vulnerability in CVE-2025-59874 (CVE-2025-59874). Confidential information can be exposed externally.
|
| CVE-2019-25736 |
|
Vulnerability in CVE-2019-25736 (CVE-2019-25736)
vulnerability in CVE-2019-25736 (CVE-2019-25736). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25735 |
|
Vulnerability in CVE-2019-25735 (CVE-2019-25735)
vulnerability in CVE-2019-25735 (CVE-2019-25735). Successful exploitation can lead to full system takeover.
|
| CVE-2025-46638 |
|
Vulnerability in dos (CVE-2025-46638)
vulnerability in dos (CVE-2025-46638). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25745 |
|
SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.
|
| CVE-2019-25733 |
|
Vulnerability in CVE-2019-25733 (CVE-2019-25733)
vulnerability in CVE-2019-25733 (CVE-2019-25733). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25732 |
|
SQL Injection in sqli (CVE-2019-25732)
SQL injection in sqli (CVE-2019-25732). Confidential information can be exposed externally.
|
| CVE-2019-25730 |
|
SQL Injection in sqli (CVE-2019-25730)
SQL injection in sqli (CVE-2019-25730). Confidential information can be exposed externally.
|
| CVE-2019-25726 |
|
SQL Injection in sqli (CVE-2019-25726)
SQL injection in sqli (CVE-2019-25726). Confidential information can be exposed externally.
|
| CVE-2019-25728 |
|
SQL Injection in sqli (CVE-2019-25728)
SQL injection in sqli (CVE-2019-25728). Confidential information can be exposed externally.
|
| CVE-2026-44496 |
|
Vulnerability in axios (CVE-2026-44496)
vulnerability in axios (CVE-2026-44496). Risk of unauthorized operations or information disclosure. Exploitable via ``document.cookie``. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2026-44488 |
|
Vulnerability in axios (CVE-2026-44488)
vulnerability in axios (CVE-2026-44488). Risk of unauthorized operations or information disclosure. Exploitable via ``fetch``. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-44487 |
|
Vulnerability in axios (CVE-2026-44487)
vulnerability in axios (CVE-2026-44487). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2026-44486 |
|
Information Disclosure in axios (CVE-2026-44486)
vulnerability in axios (CVE-2026-44486). Confidential information can be exposed externally. Exploitable via `GET /start`. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2026-10840 |
|
Vulnerability in CVE-2026-10840 (CVE-2026-10840)
vulnerability in CVE-2026-10840 (CVE-2026-10840). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52612 |
|
Vulnerability in hcltech (CVE-2025-52612)
vulnerability in hcltech (CVE-2025-52612). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10843 |
|
Vulnerability in CVE-2026-10843 (CVE-2026-10843)
vulnerability in CVE-2026-10843 (CVE-2026-10843). Successful exploitation can lead to full system takeover.
|
| CVE-2025-12694 |
|
Vulnerability in privilege-escalation (CVE-2025-12694)
vulnerability in privilege-escalation (CVE-2025-12694). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49771 |
|
SQL Injection in sqli (CVE-2026-49771)
SQL injection in sqli (CVE-2026-49771). Confidential information can be exposed externally.
|
| CVE-2026-50213 |
|
Vulnerability in acer (CVE-2026-50213)
vulnerability in acer (CVE-2026-50213). Confidential information can be exposed externally.
|
| CVE-2026-50210 |
|
Information Disclosure in acer (CVE-2026-50210)
vulnerability in acer (CVE-2026-50210). Confidential information can be exposed externally.
|
| CVE-2026-50209 |
|
Vulnerability in acer (CVE-2026-50209)
vulnerability in acer (CVE-2026-50209). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50207 |
|
Path Traversal in acer (CVE-2026-50207)
path traversal in acer (CVE-2026-50207). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3820 |
|
OS Command Injection in CVE-2026-3820 (CVE-2026-3820)
OS command injection in CVE-2026-3820 (CVE-2026-3820). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50205 |
|
Vulnerability in acer (CVE-2026-50205)
vulnerability in acer (CVE-2026-50205). Confidential information can be exposed externally.
|
| CVE-2026-49203 |
|
Authentication Bypass in acer (CVE-2026-49203)
authentication bypass in acer (CVE-2026-49203). Data can be tampered with by attackers.
|
| CVE-2026-49202 |
|
Authentication Bypass in acer (CVE-2026-49202)
authentication bypass in acer (CVE-2026-49202). Confidential information can be exposed externally.
|