Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-42342 Vulnerability in react-router (CVE-2026-42342)
vulnerability in react-router (CVE-2026-42342). Risk of unauthorized operations or information disclosure. Exploitable via ``createBrowserRouter``. Mitigation: upgrade to `7.15.0` or later.
CVE-2026-42211 React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE
React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE
CVE-2026-41577 Vulnerability in authentik (CVE-2026-41577)
vulnerability in authentik (CVE-2026-41577). Data can be tampered with by attackers. Mitigation: upgrade to `2025.12.5, 2026.2.3` or later.
CVE-2026-34077 Vulnerability in react-router (CVE-2026-34077)
vulnerability in react-router (CVE-2026-34077). Risk of unauthorized operations or information disclosure. Exploitable via ``createBrowserRouter``. Mitigation: upgrade to `7.14.0` or later.
CVE-2026-33245 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
CVE-2026-1829 The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
CVE-2026-10701 Buffer Overflow in mozilla (CVE-2026-10701)
vulnerability in mozilla (CVE-2026-10701). Confidential information can be exposed externally.
CVE-2026-28299 SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
CVE-2026-10617 Authentication Bypass in CVE-2026-10617 (CVE-2026-10617)
authentication bypass in CVE-2026-10617 (CVE-2026-10617). Risk of unauthorized operations or information disclosure.
CVE-2026-10608 Vulnerability in sqli (CVE-2026-10608)
vulnerability in sqli (CVE-2026-10608). Risk of unauthorized operations or information disclosure.
CVE-2026-10607 Vulnerability in sqli (CVE-2026-10607)
vulnerability in sqli (CVE-2026-10607). Risk of unauthorized operations or information disclosure.
CVE-2025-64390 Vulnerability in privilege-escalation (CVE-2025-64390)
vulnerability in privilege-escalation (CVE-2025-64390). Successful exploitation can lead to full system takeover.
CVE-2021-4478 Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of...
Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of...
CVE-2019-25722 Vulnerability in CVE-2019-25722 (CVE-2019-25722)
vulnerability in CVE-2019-25722 (CVE-2019-25722). Risk of unauthorized operations or information disclosure.
CVE-2026-40715 Vulnerability in privilege-escalation (CVE-2026-40715)
vulnerability in privilege-escalation (CVE-2026-40715). Successful exploitation can lead to full system takeover.
CVE-2026-24221 Unsafe Deserialization in deserialization (CVE-2026-24221)
vulnerability in deserialization (CVE-2026-24221). Successful exploitation can lead to full system takeover.
CVE-2026-24237 Unsafe Deserialization in deserialization (CVE-2026-24237)
vulnerability in deserialization (CVE-2026-24237). Successful exploitation can lead to full system takeover.
CVE-2026-10606 Vulnerability in sqli (CVE-2026-10606)
vulnerability in sqli (CVE-2026-10606). Risk of unauthorized operations or information disclosure.
CVE-2026-10591 Vulnerability in Amazon aws (CVE-2026-10591)
vulnerability in Amazon aws (CVE-2026-10591). Successful exploitation can lead to full system takeover.
CVE-2026-42654 Vulnerability in CVE-2026-42654 (CVE-2026-42654)
vulnerability in CVE-2026-42654 (CVE-2026-42654). Data can be tampered with by attackers.
CVE-2026-40780 Vulnerability in CVE-2026-40780 (CVE-2026-40780)
vulnerability in CVE-2026-40780 (CVE-2026-40780). Data can be tampered with by attackers.
CVE-2026-40619 Vulnerability in CVE-2026-40619 (CVE-2026-40619)
vulnerability in CVE-2026-40619 (CVE-2026-40619). Successful exploitation can lead to full system takeover.
CVE-2026-30649 Vulnerability in vivotek (CVE-2026-30649)
vulnerability in vivotek (CVE-2026-30649). Risk of unauthorized operations or information disclosure.
CVE-2026-30652 Vulnerability in vivotek (CVE-2026-30652)
vulnerability in vivotek (CVE-2026-30652). Successful exploitation can lead to full system takeover.
CVE-2026-30650 Vulnerability in vivotek (CVE-2026-30650)
vulnerability in vivotek (CVE-2026-30650). Successful exploitation can lead to full system takeover.
CVE-2026-10629 Vulnerability in CVE-2026-10629 (CVE-2026-10629)
vulnerability in CVE-2026-10629 (CVE-2026-10629). Confidential information can be exposed externally.
CVE-2026-10047 Out-of-Bounds Write in c (CVE-2026-10047)
out-of-bounds write in c (CVE-2026-10047). Successful exploitation can lead to full system takeover.
CVE-2026-10046 Out-of-Bounds Write in c (CVE-2026-10046)
out-of-bounds write in c (CVE-2026-10046). Successful exploitation can lead to full system takeover.
CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CVE-2026-7201 CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CVE-2026-7313 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CVE-2026-39555 Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...
CVE-2026-39553 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-39552 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-10622 Vulnerability in CVE-2026-10622 (CVE-2026-10622)
vulnerability in CVE-2026-10622 (CVE-2026-10622). Confidential information can be exposed externally.
CVE-2026-10621 Vulnerability in path-traversal (CVE-2026-10621)
vulnerability in path-traversal (CVE-2026-10621). Data can be tampered with by attackers.
CVE-2025-68886 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2025-69369 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2025-58707 Vulnerability in CVE-2025-58707 (CVE-2025-58707)
vulnerability in CVE-2025-58707 (CVE-2025-58707). Successful exploitation can lead to full system takeover.
CVE-2025-58897 Vulnerability in CVE-2025-58897 (CVE-2025-58897)
vulnerability in CVE-2025-58897 (CVE-2025-58897). Successful exploitation can lead to full system takeover.
CVE-2019-25719 Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software...
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software...
CVE-2026-42685 Cross-Site Scripting (XSS) in CVE-2026-42685 (CVE-2026-42685)
cross-site scripting in CVE-2026-42685 (CVE-2026-42685). Risk of unauthorized operations or information disclosure.
CVE-2026-39551 Unsafe Deserialization in deserialization (CVE-2026-39551)
vulnerability in deserialization (CVE-2026-39551). Successful exploitation can lead to full system takeover.
CVE-2025-53440 Vulnerability in CVE-2025-53440 (CVE-2025-53440)
vulnerability in CVE-2025-53440 (CVE-2025-53440). Successful exploitation can lead to full system takeover.
CVE-2025-58705 Vulnerability in CVE-2025-58705 (CVE-2025-58705)
vulnerability in CVE-2025-58705 (CVE-2025-58705). Successful exploitation can lead to full system takeover.
CVE-2026-42670 Vulnerability in CVE-2026-42670 (CVE-2026-42670)
vulnerability in CVE-2026-42670 (CVE-2026-42670). Confidential information can be exposed externally.
CVE-2025-58024 Vulnerability in CVE-2025-58024 (CVE-2025-58024)
vulnerability in CVE-2025-58024 (CVE-2025-58024). Successful exploitation can lead to full system takeover.
CVE-2026-39550 Unsafe Deserialization in deserialization (CVE-2026-39550)
vulnerability in deserialization (CVE-2026-39550). Successful exploitation can lead to full system takeover.
CVE-2026-42669 Vulnerability in CVE-2026-42669 (CVE-2026-42669)
vulnerability in CVE-2026-42669 (CVE-2026-42669). Data can be tampered with by attackers.
CVE-2026-5422 Vulnerability in path-traversal (CVE-2026-5422)
vulnerability in path-traversal (CVE-2026-5422). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →