Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-42153 OS Command Injection in CVE-2026-42153 (CVE-2026-42153)
OS command injection in CVE-2026-42153 (CVE-2026-42153). Successful exploitation can lead to full system takeover.
CVE-2026-42148 OS Command Injection in CVE-2026-42148 (CVE-2026-42148)
OS command injection in CVE-2026-42148 (CVE-2026-42148). Risk of unauthorized operations or information disclosure.
CVE-2026-41899 Vulnerability in CVE-2026-41899 (CVE-2026-41899)
vulnerability in CVE-2026-41899 (CVE-2026-41899). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/feedback`.
CVE-2026-38979 Vulnerability in CVE-2026-38979 (CVE-2026-38979)
vulnerability in CVE-2026-38979 (CVE-2026-38979). Risk of unauthorized operations or information disclosure.
CVE-2026-38976 Vulnerability in c (CVE-2026-38976)
vulnerability in c (CVE-2026-38976). Risk of unauthorized operations or information disclosure.
CVE-2026-38973 Vulnerability in CVE-2026-38973 (CVE-2026-38973)
vulnerability in CVE-2026-38973 (CVE-2026-38973). Risk of unauthorized operations or information disclosure.
CVE-2026-34599 OS Command Injection in CVE-2026-34599 (CVE-2026-34599)
OS command injection in CVE-2026-34599 (CVE-2026-34599). Successful exploitation can lead to full system takeover.
CVE-2026-34167 Vulnerability in CVE-2026-34167 (CVE-2026-34167)
vulnerability in CVE-2026-34167 (CVE-2026-34167). Risk of unauthorized operations or information disclosure.
CVE-2026-34153 OS Command Injection in CVE-2026-34153 (CVE-2026-34153)
OS command injection in CVE-2026-34153 (CVE-2026-34153). Successful exploitation can lead to full system takeover.
CVE-2026-34050 Vulnerability in CVE-2026-34050 (CVE-2026-34050)
vulnerability in CVE-2026-34050 (CVE-2026-34050). Data can be tampered with by attackers.
CVE-2026-34049 OS Command Injection in CVE-2026-34049 (CVE-2026-34049)
OS command injection in CVE-2026-34049 (CVE-2026-34049). Risk of unauthorized operations or information disclosure.
CVE-2026-32718 Authorization Flaw in CVE-2026-32718 (CVE-2026-32718)
vulnerability in CVE-2026-32718 (CVE-2026-32718). Data can be tampered with by attackers.
CVE-2026-35381 Vulnerability in uu_cut (CVE-2026-35381)
vulnerability in uu_cut (CVE-2026-35381). Risk of unauthorized operations or information disclosure. Exploitable via ``cut``. Mitigation: upgrade to `0.7.0` or later.
CVE-2026-35361 Vulnerability in uu_mknod (CVE-2026-35361)
vulnerability in uu_mknod (CVE-2026-35361). Risk of unauthorized operations or information disclosure. Exploitable via ``mknod``. Mitigation: upgrade to `0.6.0` or later.
GHSA-qrwj-vh9x-gw5v Authorization Flaw in github.com/coder/coder/v2 (GHSA-qrwj-vh9x-gw5v)
vulnerability in github.com/coder/coder/v2 (GHSA-qrwj-vh9x-gw5v). Risk of unauthorized operations or information disclosure. Exploitable via ``http.Client``. Mitigation: upgrade to `2.29.19` or later.
GHSA-cgfv-jrfp-2r7v SQL Injection in io.openremote:openremote-manager (GHSA-cgfv-jrfp-2r7v)
SQL injection in io.openremote:openremote-manager (GHSA-cgfv-jrfp-2r7v). Risk of unauthorized operations or information disclosure. Exploitable via ``SELECT``. Mitigation: upgrade to `1.26.0` or later.
CVE-2026-55630 Cross-Site Scripting (XSS) in kiwitcms (CVE-2026-55630)
cross-site scripting in kiwitcms (CVE-2026-55630). Risk of unauthorized operations or information disclosure. Exploitable via ``TestCase.extra_link``.
CVE-2026-55501 Vulnerability in 9router (CVE-2026-55501)
vulnerability in 9router (CVE-2026-55501). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/auth/login`. Mitigation: upgrade to `0.4.77` or later.
CVE-2026-55500 Information Disclosure in 9router (CVE-2026-55500)
vulnerability in 9router (CVE-2026-55500). Risk of unauthorized operations or information disclosure. Exploitable via ``ALWAYS_PROTECTED``.
CVE-2026-59713 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59713)
vulnerability in csrf (CVE-2026-59713). Confidential information can be exposed externally.
CVE-2026-59711 Cross-Site Scripting (XSS) in CVE-2026-59711 (CVE-2026-59711)
cross-site scripting in CVE-2026-59711 (CVE-2026-59711). Risk of unauthorized operations or information disclosure.
CVE-2026-55727 Authentication Bypass in CVE-2026-55727 (CVE-2026-55727)
authentication bypass in CVE-2026-55727 (CVE-2026-55727). Confidential information can be exposed externally.
CVE-2026-59712 Vulnerability in CVE-2026-59712 (CVE-2026-59712)
vulnerability in CVE-2026-59712 (CVE-2026-59712). Confidential information can be exposed externally.
CVE-2026-48267 Vulnerability in CVE-2026-48267 (CVE-2026-48267)
vulnerability in CVE-2026-48267 (CVE-2026-48267). Risk of unauthorized operations or information disclosure.
CVE-2026-25268 Vulnerability in qualcomm (CVE-2026-25268)
vulnerability in qualcomm (CVE-2026-25268). Successful exploitation can lead to full system takeover.
CVE-2026-21368 Out-of-Bounds Write in qualcomm (CVE-2026-21368)
out-of-bounds write in qualcomm (CVE-2026-21368). Risk of unauthorized operations or information disclosure.
CVE-2026-21369 Out-of-Bounds Write in qualcomm (CVE-2026-21369)
out-of-bounds write in qualcomm (CVE-2026-21369). Risk of unauthorized operations or information disclosure.
CVE-2026-25271 Vulnerability in qualcomm (CVE-2026-25271)
vulnerability in qualcomm (CVE-2026-25271). Successful exploitation can lead to full system takeover.
CVE-2026-21383 Vulnerability in qualcomm (CVE-2026-21383)
vulnerability in qualcomm (CVE-2026-21383). Confidential information can be exposed externally.
CVE-2026-21379 Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
CVE-2026-21370 Out-of-Bounds Write in qualcomm (CVE-2026-21370)
out-of-bounds write in qualcomm (CVE-2026-21370). Risk of unauthorized operations or information disclosure.
CVE-2026-21384 Out-of-Bounds Write in qualcomm (CVE-2026-21384)
out-of-bounds write in qualcomm (CVE-2026-21384). Risk of unauthorized operations or information disclosure.
CVE-2026-14468 Path Traversal in CVE-2026-14468 (CVE-2026-14468)
path traversal in CVE-2026-14468 (CVE-2026-14468). Confidential information can be exposed externally.
CVE-2025-59617 Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
CVE-2025-59615 Use-After-Free in qualcomm (CVE-2025-59615)
vulnerability in qualcomm (CVE-2025-59615). Data can be tampered with by attackers.
CVE-2025-59616 Use-After-Free in qualcomm (CVE-2025-59616)
vulnerability in qualcomm (CVE-2025-59616). Data can be tampered with by attackers.
CVE-2026-14471 SQL Injection in Amazon aws (CVE-2026-14471)
SQL injection in Amazon aws (CVE-2026-14471). Confidential information can be exposed externally.
CVE-2026-54724 Open Redirect in kiwitcms (CVE-2026-54724)
vulnerability in kiwitcms (CVE-2026-54724). Risk of unauthorized operations or information disclosure.
CVE-2026-54496 Vulnerability in zebrad (CVE-2026-54496)
vulnerability in zebrad (CVE-2026-54496). Risk of unauthorized operations or information disclosure. Exploitable via ``halo2_gadgets``. Mitigation: upgrade to `5.0.0` or later.
CVE-2026-55615 Vulnerability in langroid (CVE-2026-55615)
vulnerability in langroid (CVE-2026-55615). Risk of unauthorized operations or information disclosure. Exploitable via ``Neo4jChatAgent``. Mitigation: upgrade to `0.65.5` or later.
GHSA-vjc7-jrh9-9j86 Information Disclosure in 9router (GHSA-vjc7-jrh9-9j86)
vulnerability in 9router (GHSA-vjc7-jrh9-9j86). Risk of unauthorized operations or information disclosure.
CVE-2026-57573 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57573)
SSRF in ssrf (CVE-2026-57573). Confidential information can be exposed externally. Exploitable via `POST /crawl/stream`.
CVE-2026-57572 Vulnerability in kidocode (CVE-2026-57572)
vulnerability in kidocode (CVE-2026-57572). Successful exploitation can lead to full system takeover.
CVE-2026-57571 Path Traversal in kidocode (CVE-2026-57571)
path traversal in kidocode (CVE-2026-57571). Successful exploitation can lead to full system takeover.
CVE-2026-55574 Vulnerability in vllm (CVE-2026-55574)
vulnerability in vllm (CVE-2026-55574). Risk of unauthorized operations or information disclosure.
CVE-2026-55514 Vulnerability in vllm (CVE-2026-55514)
vulnerability in vllm (CVE-2026-55514). Risk of unauthorized operations or information disclosure.
CVE-2026-54765 Vulnerability in traefik (CVE-2026-54765)
vulnerability in traefik (CVE-2026-54765). Data can be tampered with by attackers.
CVE-2026-54764 Vulnerability in traefik (CVE-2026-54764)
vulnerability in traefik (CVE-2026-54764). Risk of unauthorized operations or information disclosure.
CVE-2026-54763 Vulnerability in traefik (CVE-2026-54763)
vulnerability in traefik (CVE-2026-54763). Confidential information can be exposed externally.
CVE-2026-54709 Vulnerability in CVE-2026-54709 (CVE-2026-54709)
vulnerability in CVE-2026-54709 (CVE-2026-54709). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →