Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-54820 Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions.
CVE-2025-55017 Path Traversal in apache (CVE-2025-55017)
path traversal in apache (CVE-2025-55017). Confidential information can be exposed externally.
CVE-2025-64152 Path Traversal in apache (CVE-2025-64152)
path traversal in apache (CVE-2025-64152). Confidential information can be exposed externally.
CVE-2026-57880 Vulnerability in dos (CVE-2026-57880)
vulnerability in dos (CVE-2026-57880). Successful exploitation can lead to full system takeover.
CVE-2026-57881 Vulnerability in dos (CVE-2026-57881)
vulnerability in dos (CVE-2026-57881). Successful exploitation can lead to full system takeover.
CVE-2026-57878 Vulnerability in dos (CVE-2026-57878)
vulnerability in dos (CVE-2026-57878). Successful exploitation can lead to full system takeover.
CVE-2026-57879 Vulnerability in dos (CVE-2026-57879)
vulnerability in dos (CVE-2026-57879). Successful exploitation can lead to full system takeover.
CVE-2026-40702 Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
CVE-2026-48930 Vulnerability in c (CVE-2026-48930)
vulnerability in c (CVE-2026-48930). Successful exploitation can lead to full system takeover.
CVE-2025-71334 Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
CVE-2025-71336 OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
CVE-2025-71338 Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
CVE-2025-71333 Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
CVE-2025-71327 Vulnerability in flowiseai (CVE-2025-71327)
vulnerability in flowiseai (CVE-2025-71327). Confidential information can be exposed externally.
CVE-2026-56445 Path Traversal in c (CVE-2026-56445)
path traversal in c (CVE-2026-56445). Data can be tampered with by attackers.
CVE-2026-7531 Use-After-Free in wolfssl (CVE-2026-7531)
vulnerability in wolfssl (CVE-2026-7531). Successful exploitation can lead to full system takeover.
CVE-2026-57700 Unrestricted File Upload in CVE-2026-57700 (CVE-2026-57700)
vulnerability in CVE-2026-57700 (CVE-2026-57700). Successful exploitation can lead to full system takeover.
CVE-2026-56786 Out-of-Bounds Write in dos (CVE-2026-56786)
out-of-bounds write in dos (CVE-2026-56786). Successful exploitation can lead to full system takeover.
CVE-2026-54917 Path Traversal in seaweedfs (CVE-2026-54917)
path traversal in seaweedfs (CVE-2026-54917). Confidential information can be exposed externally. Exploitable via `GET /bucket-A/../evil-bucket/key`. Mitigation: upgrade to `4.30` or later.
CVE-2026-54089 Authentication Bypass in CVE-2026-54089 (CVE-2026-54089)
authentication bypass in CVE-2026-54089 (CVE-2026-54089). Confidential information can be exposed externally.
CVE-2026-50549 Vulnerability in anysphere (CVE-2026-50549)
vulnerability in anysphere (CVE-2026-50549). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0` or later.
CVE-2026-50548 Path Traversal in anysphere (CVE-2026-50548)
path traversal in anysphere (CVE-2026-50548). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0` or later.
CVE-2026-6094 Out-of-Bounds Read in wolfssl (CVE-2026-6094)
vulnerability in wolfssl (CVE-2026-6094). Confidential information can be exposed externally.
CVE-2026-54849 Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
CVE-2026-54843 Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
CVE-2026-54836 SQL Injection in sqli (CVE-2026-54836)
SQL injection in sqli (CVE-2026-54836). Confidential information can be exposed externally.
CVE-2026-54823 Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
CVE-2026-41120 Vulnerability in dell (CVE-2026-41120)
vulnerability in dell (CVE-2026-41120). Successful exploitation can lead to full system takeover.
CVE-2026-53260 Use-After-Free in c (CVE-2026-53260)
vulnerability in c (CVE-2026-53260). Successful exploitation can lead to full system takeover.
CVE-2026-53247 Use-After-Free in linux (CVE-2026-53247)
vulnerability in linux (CVE-2026-53247). Successful exploitation can lead to full system takeover.
CVE-2026-53246 Out-of-Bounds Write in linux (CVE-2026-53246)
out-of-bounds write in linux (CVE-2026-53246). Successful exploitation can lead to full system takeover.
CVE-2026-53225 Vulnerability in c (CVE-2026-53225)
vulnerability in c (CVE-2026-53225). Confidential information can be exposed externally.
CVE-2026-53228 Vulnerability in linux (CVE-2026-53228)
vulnerability in linux (CVE-2026-53228). Successful exploitation can lead to full system takeover.
CVE-2026-53224 Out-of-Bounds Read in linux (CVE-2026-53224)
vulnerability in linux (CVE-2026-53224). Confidential information can be exposed externally.
CVE-2026-53215 Vulnerability in linux (CVE-2026-53215)
vulnerability in linux (CVE-2026-53215). Successful exploitation can lead to full system takeover.
CVE-2026-53221 Vulnerability in linux (CVE-2026-53221)
vulnerability in linux (CVE-2026-53221). Successful exploitation can lead to full system takeover.
CVE-2026-53216 Vulnerability in linux (CVE-2026-53216)
vulnerability in linux (CVE-2026-53216). Successful exploitation can lead to full system takeover.
CVE-2026-53186 Vulnerability in linux (CVE-2026-53186)
vulnerability in linux (CVE-2026-53186). Confidential information can be exposed externally.
CVE-2026-53175 Use-After-Free in linux (CVE-2026-53175)
vulnerability in linux (CVE-2026-53175). Successful exploitation can lead to full system takeover.
CVE-2026-53176 Vulnerability in c (CVE-2026-53176)
vulnerability in c (CVE-2026-53176). Successful exploitation can lead to full system takeover.
CVE-2026-53151 Vulnerability in linux (CVE-2026-53151)
vulnerability in linux (CVE-2026-53151). Successful exploitation can lead to full system takeover.
CVE-2026-53131 Vulnerability in linux (CVE-2026-53131)
vulnerability in linux (CVE-2026-53131). Confidential information can be exposed externally. Exploitable via ``ip6t_eui64``.
CVE-2026-40079 OS Command Injection in cacti (CVE-2026-40079)
OS command injection in cacti (CVE-2026-40079). Successful exploitation can lead to full system takeover.
CVE-2026-39955 SQL Injection in sqli (CVE-2026-39955)
SQL injection in sqli (CVE-2026-39955). Successful exploitation can lead to full system takeover.
CVE-2026-39948 SQL Injection in cacti (CVE-2026-39948)
SQL injection in cacti (CVE-2026-39948). Successful exploitation can lead to full system takeover.
CVE-2026-39938 Path Traversal in cacti (CVE-2026-39938)
path traversal in cacti (CVE-2026-39938). Successful exploitation can lead to full system takeover.
CVE-2026-55570 Cross-Site Scripting (XSS) in CVE-2026-55570 (CVE-2026-55570)
cross-site scripting in CVE-2026-55570 (CVE-2026-55570). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.
CVE-2026-55455 SSRF (Server-Side Request Forgery) in appsmith (CVE-2026-55455)
SSRF in appsmith (CVE-2026-55455). Confidential information can be exposed externally. Mitigation: upgrade to `2.1` or later.
CVE-2026-55454 Vulnerability in ssrf (CVE-2026-55454)
vulnerability in ssrf (CVE-2026-55454). Successful exploitation can lead to full system takeover. Exploitable via `POST /load`. Mitigation: upgrade to `2.1` or later.
CVE-2026-54158 Cross-Site Scripting (XSS) in CVE-2026-54158 (CVE-2026-54158)
cross-site scripting in CVE-2026-54158 (CVE-2026-54158). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.7.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →