Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

ID	Title	Severity	Tags	Detected
CVE-2026-21514 KEV	[KEV] Vulnerability in Microsoft office (CVE-2026-21514) vulnerability in Microsoft office (CVE-2026-21514). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Office Cwe 807	2 months ago
CVE-2026-21510 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2026-21510) vulnerability in Microsoft windows (CVE-2026-21510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 693	2 months ago
CVE-2026-21525 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2026-21525) vulnerability in Microsoft windows (CVE-2026-21525). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 476	2 months ago
CVE-2026-21513 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2026-21513) vulnerability in Microsoft windows (CVE-2026-21513). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 693	2 months ago
CVE-2025-11953 KEV	[KEV] OS Command Injection in React native community react-native-community (CVE-2025-11953) OS command injection in React native community react-native-community (CVE-2025-11953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	React Native Community Cli Cwe 78	3 months ago
CVE-2026-24423 KEV	[KEV] Vulnerability in Smartertools smartermail (CVE-2026-24423) vulnerability in Smartertools smartermail (CVE-2026-24423). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Smartertools Smartermail Cwe 306	3 months ago
CVE-2021-39935 KEV	[KEV] SSRF (Server-Side Request Forgery) in Gitlab community-and-enterprise-editions (CVE-2021-39935) SSRF in Gitlab community-and-enterprise-editions (CVE-2021-39935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Gitlab Community And Enterprise Editions Cwe 918	3 months ago
CVE-2025-64328 KEV	[KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328) OS command injection in Sangoma freepbx (CVE-2025-64328). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sangoma Freepbx Cwe 78	3 months ago
CVE-2019-19006 KEV	[KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006) authentication bypass in Sangoma freepbx (CVE-2019-19006). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sangoma Freepbx Cwe 287	3 months ago
CVE-2025-40551 KEV	[KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-40551) vulnerability in Solarwinds web-help-desk (CVE-2025-40551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Solarwinds Web Help Desk Cwe 502	3 months ago
CVE-2026-1281 KEV	[KEV] Code Injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281) code injection in Ivanti endpoint-manager-mobile-epmm (CVE-2026-1281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Ivanti Endpoint Manager Mobile Epmm Cwe 94	3 months ago
CVE-2026-24858 KEV	[KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858) vulnerability in Fortinet multiple-products (CVE-2026-24858). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Multiple Products Cwe 288	3 months ago
CVE-2018-14634 KEV	[KEV] Vulnerability in Linux kernel (CVE-2018-14634) vulnerability in Linux kernel (CVE-2018-14634). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Linux Kernel Cwe 190	3 months ago
CVE-2025-52691 KEV	[KEV] Unrestricted File Upload in Smartertools smartermail (CVE-2025-52691) vulnerability in Smartertools smartermail (CVE-2025-52691). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Smartertools Smartermail Cwe 434	3 months ago
CVE-2026-23760 KEV	[KEV] Vulnerability in Smartertools smartermail (CVE-2026-23760) vulnerability in Smartertools smartermail (CVE-2026-23760). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Smartertools Smartermail Cwe 288	3 months ago
CVE-2026-24061 KEV	[KEV] Vulnerability in Gnu inetutils (CVE-2026-24061) vulnerability in Gnu inetutils (CVE-2026-24061). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Gnu Inetutils Cwe 88	3 months ago
CVE-2026-21509 KEV	[KEV] Vulnerability in Microsoft office (CVE-2026-21509) vulnerability in Microsoft office (CVE-2026-21509). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Office Cwe 807	3 months ago
CVE-2024-37079 KEV	[KEV] Out-of-Bounds Write in Broadcom vmware-vcenter-server (CVE-2024-37079) out-of-bounds write in Broadcom vmware-vcenter-server (CVE-2024-37079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Broadcom Vmware Vcenter Server Cwe 787	3 months ago
CVE-2025-68645 KEV	[KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2025-68645) vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2025-68645). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Synacor Zimbra Collaboration Suite Zcs Cwe 98	3 months ago
CVE-2025-34026 KEV	[KEV] Vulnerability in Versa concerto (CVE-2025-34026) vulnerability in Versa concerto (CVE-2025-34026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Versa Concerto Cwe 288	3 months ago
CVE-2025-31125 KEV	[KEV] Information Disclosure in vite (CVE-2025-31125) vulnerability in vite (CVE-2025-31125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vite Vitejs Cwe 200 Cwe 284	3 months ago
CVE-2025-54313 KEV	[KEV] Vulnerability in prettier (CVE-2025-54313) vulnerability in prettier (CVE-2025-54313). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Prettier Eslint Config Prettier Cwe 506	3 months ago
CVE-2026-20045 KEV	[KEV] Code Injection in Cisco unified-communications-manager (CVE-2026-20045) code injection in Cisco unified-communications-manager (CVE-2026-20045). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco Unified Communications Manager Cwe 94	3 months ago
CVE-2026-20805 KEV	[KEV] Information Disclosure in Microsoft windows (CVE-2026-20805) vulnerability in Microsoft windows (CVE-2026-20805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 200	3 months ago
CVE-2025-8110 KEV	[KEV] Path Traversal in gogs (CVE-2025-8110) path traversal in gogs (CVE-2025-8110). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Gogs Cwe 22	3 months ago
CVE-2025-37164 KEV	[KEV] Code Injection in Hewlett packard enterprise (hpe) hewlett-packard-enterprise-hpe (CVE-2025-37164) code injection in Hewlett packard enterprise (hpe) hewlett-packard-enterprise-hpe (CVE-2025-37164). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Hewlett Packard Enterprise Hpe Oneview Cwe 94	4 months ago
CVE-2009-0556 KEV	[KEV] Code Injection in Microsoft office (CVE-2009-0556) code injection in Microsoft office (CVE-2009-0556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Office Cwe 94	4 months ago
CVE-2025-14847 KEV	[KEV] Vulnerability in mongodb (CVE-2025-14847) vulnerability in mongodb (CVE-2025-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	MongoDB Mongodb And Mongodb Server Cwe 130	4 months ago
CVE-2023-52163 KEV	[KEV] Vulnerability in Digiever ds-2105-pro (CVE-2023-52163) vulnerability in Digiever ds-2105-pro (CVE-2023-52163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Digiever Ds 2105 Pro Cwe 862	4 months ago
CVE-2025-14733 KEV	[KEV] Out-of-Bounds Write in Watchguard firebox (CVE-2025-14733) out-of-bounds write in Watchguard firebox (CVE-2025-14733). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Watchguard Firebox Cwe 787	4 months ago
CVE-2025-20393 KEV	[KEV] Vulnerability in Cisco multiple-products (CVE-2025-20393) vulnerability in Cisco multiple-products (CVE-2025-20393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Cisco Multiple Products Cwe 20	4 months ago
CVE-2025-59374 KEV	[KEV] Vulnerability in Asus live-update (CVE-2025-59374) vulnerability in Asus live-update (CVE-2025-59374). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Asus Live Update Cwe 506	4 months ago
CVE-2025-40602 KEV	[KEV] Vulnerability in Sonicwall sma1000-appliance (CVE-2025-40602) vulnerability in Sonicwall sma1000-appliance (CVE-2025-40602). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sonicwall Sma1000 Appliance Cwe 862 Cwe 250	4 months ago
CVE-2025-59718 KEV	[KEV] Vulnerability in Fortinet multiple-products (CVE-2025-59718) vulnerability in Fortinet multiple-products (CVE-2025-59718). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Multiple Products Cwe 347	4 months ago
CVE-2025-43529 KEV	[KEV] Use-After-Free in Apple multiple-products (CVE-2025-43529) vulnerability in Apple multiple-products (CVE-2025-43529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apple Multiple Products Cwe 416	4 months ago
CVE-2025-14611 KEV	[KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-14611) vulnerability in Gladinet centrestack-and-triofox (CVE-2025-14611). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Gladinet Centrestack And Triofox Cwe 798	4 months ago
CVE-2018-4063 KEV	[KEV] Unrestricted File Upload in Sierra wireless sierra-wireless (CVE-2018-4063) vulnerability in Sierra wireless sierra-wireless (CVE-2018-4063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sierra Wireless Airlink Aleos Cwe 434	4 months ago
CVE-2025-14174 KEV	[KEV] Vulnerability in Google chromium (CVE-2025-14174) vulnerability in Google chromium (CVE-2025-14174). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Google Chromium	4 months ago
CVE-2025-58360 KEV	[KEV] XXE (XML External Entity) in Osgeo geoserver (CVE-2025-58360) vulnerability in Osgeo geoserver (CVE-2025-58360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Osgeo Geoserver Cwe 611	4 months ago
CVE-2025-62221 KEV	[KEV] Use-After-Free in Microsoft windows (CVE-2025-62221) vulnerability in Microsoft windows (CVE-2025-62221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 416	5 months ago
CVE-2025-6218 KEV	[KEV] Path Traversal in Rarlab winrar (CVE-2025-6218) path traversal in Rarlab winrar (CVE-2025-6218). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Rarlab Winrar Cwe 22	5 months ago
CVE-2025-66644 KEV	[KEV] OS Command Injection in Array networks array-networks (CVE-2025-66644) OS command injection in Array networks array-networks (CVE-2025-66644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Array Networks Arrayos Ag Cwe 78	5 months ago
CVE-2022-37055 KEV	[KEV] Vulnerability in D-link routers (CVE-2022-37055) vulnerability in D-link routers (CVE-2022-37055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	D Link Routers Cwe 120	5 months ago
CVE-2025-55182 KEV	[KEV] Vulnerability in Meta react-server-components (CVE-2025-55182) vulnerability in Meta react-server-components (CVE-2025-55182). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Meta React Server Components	5 months ago
CVE-2021-26828 KEV	[KEV] Unrestricted File Upload in Openplc scadabr (CVE-2021-26828) vulnerability in Openplc scadabr (CVE-2021-26828). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Openplc Scadabr Cwe 434	5 months ago
CVE-2025-48572 KEV	[KEV] Vulnerability in Android framework (CVE-2025-48572) vulnerability in Android framework (CVE-2025-48572). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Android Framework	5 months ago
CVE-2025-48633 KEV	[KEV] Vulnerability in Android framework (CVE-2025-48633) vulnerability in Android framework (CVE-2025-48633). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Android Framework	5 months ago
CVE-2021-26829 KEV	[KEV] Cross-Site Scripting (XSS) in Openplc scadabr (CVE-2021-26829) cross-site scripting in Openplc scadabr (CVE-2021-26829). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Openplc Scadabr Cwe 79	5 months ago
CVE-2025-61757 KEV	[KEV] Vulnerability in Oracle fusion-middleware (CVE-2025-61757) vulnerability in Oracle fusion-middleware (CVE-2025-61757). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Oracle Fusion Middleware Cwe 306	5 months ago
CVE-2025-13223 KEV	[KEV] Vulnerability in Google chromium-v8 (CVE-2025-13223) vulnerability in Google chromium-v8 (CVE-2025-13223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Google Chromium V8 Cwe 843	5 months ago

Vulnerabilities

🍪 About cookies