Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-14345 |
|
Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4375 |
|
Vulnerability in wordpress (CVE-2026-4375)
vulnerability in wordpress (CVE-2026-4375). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57871 |
|
Vulnerability in path-traversal (CVE-2026-57871)
vulnerability in path-traversal (CVE-2026-57871). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57867 |
|
Vulnerability in CVE-2026-57867 (CVE-2026-57867)
vulnerability in CVE-2026-57867 (CVE-2026-57867). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10834 |
|
Vulnerability in wordpress (CVE-2026-10834)
vulnerability in wordpress (CVE-2026-10834). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58315 |
|
Cross-Site Request Forgery (CSRF) in jvn (CVE-2026-58315)
vulnerability in jvn (CVE-2026-58315). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57870 |
|
Vulnerability in CVE-2026-57870 (CVE-2026-57870)
vulnerability in CVE-2026-57870 (CVE-2026-57870). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42201 |
|
OS Command Injection in CVE-2026-42201 (CVE-2026-42201)
OS command injection in CVE-2026-42201 (CVE-2026-42201). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34158 |
|
OS Command Injection in CVE-2026-34158 (CVE-2026-34158)
OS command injection in CVE-2026-34158 (CVE-2026-34158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27844 |
|
Vulnerability in dos (CVE-2026-27844)
vulnerability in dos (CVE-2026-27844). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27790 |
|
Vulnerability in dos (CVE-2026-27790)
vulnerability in dos (CVE-2026-27790). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26053 |
|
Vulnerability in CVE-2026-26053 (CVE-2026-26053)
vulnerability in CVE-2026-26053 (CVE-2026-26053). Data can be tampered with by attackers.
|
| CVE-2026-42200 |
|
Path Traversal in CVE-2026-42200 (CVE-2026-42200)
path traversal in CVE-2026-42200 (CVE-2026-42200). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42172 |
|
Vulnerability in CVE-2026-42172 (CVE-2026-42172)
vulnerability in CVE-2026-42172 (CVE-2026-42172). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42147 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-42147 (CVE-2026-42147)
SSRF in CVE-2026-42147 (CVE-2026-42147). Confidential information can be exposed externally.
|
| CVE-2026-42145 |
|
Unrestricted File Upload in CVE-2026-42145 (CVE-2026-42145)
vulnerability in CVE-2026-42145 (CVE-2026-42145). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42143 |
|
OS Command Injection in CVE-2026-42143 (CVE-2026-42143)
OS command injection in CVE-2026-42143 (CVE-2026-42143). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34198 |
|
Vulnerability in CVE-2026-34198 (CVE-2026-34198)
vulnerability in CVE-2026-34198 (CVE-2026-34198). Data can be tampered with by attackers. Exploitable via `Host header`.
|
| CVE-2026-34171 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-34171 (CVE-2026-34171)
vulnerability in CVE-2026-34171 (CVE-2026-34171). Confidential information can be exposed externally. Exploitable via `GET /invitations/{uuid}`.
|
| CVE-2026-34170 |
|
SSRF (Server-Side Request Forgery) in CVE-2026-34170 (CVE-2026-34170)
SSRF in CVE-2026-34170 (CVE-2026-34170). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34168 |
|
OS Command Injection in CVE-2026-34168 (CVE-2026-34168)
OS command injection in CVE-2026-34168 (CVE-2026-34168). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34152 |
|
OS Command Injection in CVE-2026-34152 (CVE-2026-34152)
OS command injection in CVE-2026-34152 (CVE-2026-34152). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34149 |
|
OS Command Injection in CVE-2026-34149 (CVE-2026-34149)
OS command injection in CVE-2026-34149 (CVE-2026-34149). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34058 |
|
OS Command Injection in CVE-2026-34058 (CVE-2026-34058)
OS command injection in CVE-2026-34058 (CVE-2026-34058). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34057 |
|
OS Command Injection in CVE-2026-34057 (CVE-2026-34057)
OS command injection in CVE-2026-34057 (CVE-2026-34057). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34048 |
|
Vulnerability in CVE-2026-34048 (CVE-2026-34048)
vulnerability in CVE-2026-34048 (CVE-2026-34048). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34047 |
|
Authorization Flaw in CVE-2026-34047 (CVE-2026-34047)
vulnerability in CVE-2026-34047 (CVE-2026-34047). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34044 |
|
Vulnerability in CVE-2026-34044 (CVE-2026-34044)
vulnerability in CVE-2026-34044 (CVE-2026-34044). Confidential information can be exposed externally.
|
| CVE-2026-34037 |
|
Vulnerability in CVE-2026-34037 (CVE-2026-34037)
vulnerability in CVE-2026-34037 (CVE-2026-34037). Confidential information can be exposed externally.
|
| CVE-2026-34035 |
|
OS Command Injection in CVE-2026-34035 (CVE-2026-34035)
OS command injection in CVE-2026-34035 (CVE-2026-34035). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34034 |
|
OS Command Injection in CVE-2026-34034 (CVE-2026-34034)
OS command injection in CVE-2026-34034 (CVE-2026-34034). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11328 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11328)
cross-site scripting in wordpress (CVE-2026-11328). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13356 |
|
Vulnerability in mozilla (CVE-2026-13356)
vulnerability in mozilla (CVE-2026-13356). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53648 |
|
Vulnerability in CVE-2026-53648 (CVE-2026-53648)
vulnerability in CVE-2026-53648 (CVE-2026-53648). Risk of unauthorized operations or information disclosure. Exploitable via ``servicedownloadable.manage``.
|
| CVE-2026-53647 |
|
Information Disclosure in CVE-2026-53647 (CVE-2026-53647)
vulnerability in CVE-2026-53647 (CVE-2026-53647). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-56141 |
|
Vulnerability in CVE-2024-56141 (CVE-2024-56141)
vulnerability in CVE-2024-56141 (CVE-2024-56141). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53646 |
|
Vulnerability in nginx (CVE-2026-53646)
vulnerability in nginx (CVE-2026-53646). Risk of unauthorized operations or information disclosure. Exploitable via ``ClientPasswordReset``.
|
| CVE-2026-53645 |
|
Privilege Escalation in privilege-escalation (CVE-2026-53645)
vulnerability in privilege-escalation (CVE-2026-53645). Risk of unauthorized operations or information disclosure. Exploitable via ``staff.create_and_edit_staff``.
|
| CVE-2026-53644 |
|
Vulnerability in CVE-2026-53644 (CVE-2026-53644)
vulnerability in CVE-2026-53644 (CVE-2026-53644). Risk of unauthorized operations or information disclosure. Exploitable via ``active``.
|
| CVE-2026-53643 |
|
Information Disclosure in c (CVE-2026-53643)
vulnerability in c (CVE-2026-53643). Risk of unauthorized operations or information disclosure. Exploitable via ``can_always_access``.
|
| CVE-2026-53642 |
|
Authorization Flaw in CVE-2026-53642 (CVE-2026-53642)
vulnerability in CVE-2026-53642 (CVE-2026-53642). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53641 |
|
Cross-Site Scripting (XSS) in CVE-2026-53641 (CVE-2026-53641)
cross-site scripting in CVE-2026-53641 (CVE-2026-53641). Risk of unauthorized operations or information disclosure. Exploitable via ``content_html``.
|
| CVE-2026-53640 |
|
Information Disclosure in CVE-2026-53640 (CVE-2026-53640)
vulnerability in CVE-2026-53640 (CVE-2026-53640). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59710 |
|
Cross-Site Scripting (XSS) in CVE-2026-59710 (CVE-2026-59710)
cross-site scripting in CVE-2026-59710 (CVE-2026-59710). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43928 |
|
Vulnerability in CVE-2026-43928 (CVE-2026-43928)
vulnerability in CVE-2026-43928 (CVE-2026-43928). Risk of unauthorized operations or information disclosure. Exploitable via ``mc_gross``.
|
| CVE-2026-43927 |
|
Vulnerability in CVE-2026-43927 (CVE-2026-43927)
vulnerability in CVE-2026-43927 (CVE-2026-43927). Risk of unauthorized operations or information disclosure. Exploitable via ``promo``.
|
| CVE-2026-43925 |
|
Vulnerability in CVE-2026-43925 (CVE-2026-43925)
vulnerability in CVE-2026-43925 (CVE-2026-43925). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43921 |
|
Code Injection in CVE-2026-43921 (CVE-2026-43921)
code injection in CVE-2026-43921 (CVE-2026-43921). Risk of unauthorized operations or information disclosure. Exploitable via ``config.php``.
|
| CVE-2026-43918 |
|
Vulnerability in CVE-2026-43918 (CVE-2026-43918)
vulnerability in CVE-2026-43918 (CVE-2026-43918). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42204 |
|
OS Command Injection in CVE-2026-42204 (CVE-2026-42204)
OS command injection in CVE-2026-42204 (CVE-2026-42204). Successful exploitation can lead to full system takeover.
|