Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54820 |
|
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
|
| CVE-2025-55017 |
|
Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
|
| CVE-2025-64152 |
|
Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
|
| CVE-2026-57880 |
|
Vulnerability in dos (CVE-2026-57880)
vulnerability in dos (CVE-2026-57880). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57881 |
|
Vulnerability in dos (CVE-2026-57881)
vulnerability in dos (CVE-2026-57881). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57878 |
|
Vulnerability in dos (CVE-2026-57878)
vulnerability in dos (CVE-2026-57878). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57879 |
|
Vulnerability in dos (CVE-2026-57879)
vulnerability in dos (CVE-2026-57879). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40702 |
|
Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
|
| CVE-2026-48930 |
|
Vulnerability in c (CVE-2026-48930)
vulnerability in c (CVE-2026-48930). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71334 |
|
Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71336 |
|
OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71338 |
|
Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71333 |
|
Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71327 |
|
Vulnerability in flowiseai (CVE-2025-71327)
vulnerability in flowiseai (CVE-2025-71327). Confidential information can be exposed externally.
|
| CVE-2026-56445 |
|
Path Traversal in c (CVE-2026-56445)
path traversal in c (CVE-2026-56445). Data can be tampered with by attackers.
|
| CVE-2026-7531 |
|
Use-After-Free in wolfssl (CVE-2026-7531)
vulnerability in wolfssl (CVE-2026-7531). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57700 |
|
Unrestricted File Upload in CVE-2026-57700 (CVE-2026-57700)
vulnerability in CVE-2026-57700 (CVE-2026-57700). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56786 |
|
Out-of-Bounds Write in dos (CVE-2026-56786)
out-of-bounds write in dos (CVE-2026-56786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54917 |
|
Path Traversal in seaweedfs (CVE-2026-54917)
path traversal in seaweedfs (CVE-2026-54917). Confidential information can be exposed externally. Exploitable via `GET /bucket-A/../evil-bucket/key`. Mitigation: upgrade to `4.30` or later.
|
| CVE-2026-54089 |
|
Authentication Bypass in CVE-2026-54089 (CVE-2026-54089)
authentication bypass in CVE-2026-54089 (CVE-2026-54089). Confidential information can be exposed externally.
|
| CVE-2026-50549 |
|
Vulnerability in anysphere (CVE-2026-50549)
vulnerability in anysphere (CVE-2026-50549). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0` or later.
|
| CVE-2026-50548 |
|
Path Traversal in anysphere (CVE-2026-50548)
path traversal in anysphere (CVE-2026-50548). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0` or later.
|
| CVE-2026-6094 |
|
Out-of-Bounds Read in wolfssl (CVE-2026-6094)
vulnerability in wolfssl (CVE-2026-6094). Confidential information can be exposed externally.
|
| CVE-2026-54849 |
|
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
|
| CVE-2026-54843 |
|
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
|
| CVE-2026-54836 |
|
SQL Injection in sqli (CVE-2026-54836)
SQL injection in sqli (CVE-2026-54836). Confidential information can be exposed externally.
|
| CVE-2026-54823 |
|
Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
|
| CVE-2026-41120 |
|
Vulnerability in dell (CVE-2026-41120)
vulnerability in dell (CVE-2026-41120). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53260 |
|
Use-After-Free in c (CVE-2026-53260)
vulnerability in c (CVE-2026-53260). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53247 |
|
Use-After-Free in linux (CVE-2026-53247)
vulnerability in linux (CVE-2026-53247). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53246 |
|
Out-of-Bounds Write in linux (CVE-2026-53246)
out-of-bounds write in linux (CVE-2026-53246). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53225 |
|
Vulnerability in c (CVE-2026-53225)
vulnerability in c (CVE-2026-53225). Confidential information can be exposed externally.
|
| CVE-2026-53228 |
|
Vulnerability in linux (CVE-2026-53228)
vulnerability in linux (CVE-2026-53228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53224 |
|
Out-of-Bounds Read in linux (CVE-2026-53224)
vulnerability in linux (CVE-2026-53224). Confidential information can be exposed externally.
|
| CVE-2026-53215 |
|
Vulnerability in linux (CVE-2026-53215)
vulnerability in linux (CVE-2026-53215). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53221 |
|
Vulnerability in linux (CVE-2026-53221)
vulnerability in linux (CVE-2026-53221). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53216 |
|
Vulnerability in linux (CVE-2026-53216)
vulnerability in linux (CVE-2026-53216). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53186 |
|
Vulnerability in linux (CVE-2026-53186)
vulnerability in linux (CVE-2026-53186). Confidential information can be exposed externally.
|
| CVE-2026-53175 |
|
Use-After-Free in linux (CVE-2026-53175)
vulnerability in linux (CVE-2026-53175). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53176 |
|
Vulnerability in c (CVE-2026-53176)
vulnerability in c (CVE-2026-53176). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53151 |
|
Vulnerability in linux (CVE-2026-53151)
vulnerability in linux (CVE-2026-53151). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53131 |
|
Vulnerability in linux (CVE-2026-53131)
vulnerability in linux (CVE-2026-53131). Confidential information can be exposed externally. Exploitable via ``ip6t_eui64``.
|
| CVE-2026-40079 |
|
OS Command Injection in cacti (CVE-2026-40079)
OS command injection in cacti (CVE-2026-40079). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39955 |
|
SQL Injection in sqli (CVE-2026-39955)
SQL injection in sqli (CVE-2026-39955). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39948 |
|
SQL Injection in cacti (CVE-2026-39948)
SQL injection in cacti (CVE-2026-39948). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39938 |
|
Path Traversal in cacti (CVE-2026-39938)
path traversal in cacti (CVE-2026-39938). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55570 |
|
Cross-Site Scripting (XSS) in CVE-2026-55570 (CVE-2026-55570)
cross-site scripting in CVE-2026-55570 (CVE-2026-55570). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-55455 |
|
SSRF (Server-Side Request Forgery) in appsmith (CVE-2026-55455)
SSRF in appsmith (CVE-2026-55455). Confidential information can be exposed externally. Mitigation: upgrade to `2.1` or later.
|
| CVE-2026-55454 |
|
Vulnerability in ssrf (CVE-2026-55454)
vulnerability in ssrf (CVE-2026-55454). Successful exploitation can lead to full system takeover. Exploitable via `POST /load`. Mitigation: upgrade to `2.1` or later.
|
| CVE-2026-54158 |
|
Cross-Site Scripting (XSS) in CVE-2026-54158 (CVE-2026-54158)
cross-site scripting in CVE-2026-54158 (CVE-2026-54158). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
|