Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-9733 Vulnerability in csrf (CVE-2026-9733)
vulnerability in csrf (CVE-2026-9733). Confidential information can be exposed externally.
CVE-2026-12866 Code Injection in CVE-2026-12866 (CVE-2026-12866)
code injection in CVE-2026-12866 (CVE-2026-12866). Successful exploitation can lead to full system takeover.
CVE-2025-67038 KEV An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell...
CVE-2026-54352 Path Traversal in @budibase/server (CVE-2026-54352)
path traversal in @budibase/server (CVE-2026-54352). Confidential information can be exposed externally. Exploitable via `POST /api/pwa/process-zip`. Mitigation: upgrade to `3.39.9` or later.
CVE-2026-50137 Vulnerability in @budibase/server (CVE-2026-50137)
vulnerability in @budibase/server (CVE-2026-50137). Confidential information can be exposed externally. Exploitable via `POST /api/attachments/`. Mitigation: upgrade to `3.39.0` or later.
CVE-2026-48509 Vulnerability in MessagePack (CVE-2026-48509)
vulnerability in MessagePack (CVE-2026-48509). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializerOptions.Standard``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-12249 Vulnerability in CVE-2026-12249 (CVE-2026-12249)
vulnerability in CVE-2026-12249 (CVE-2026-12249). Successful exploitation can lead to full system takeover.
CVE-2026-10789 Code Injection in autodesk (CVE-2026-10789)
code injection in autodesk (CVE-2026-10789). Successful exploitation can lead to full system takeover.
CVE-2026-33646 Code Injection in mise (CVE-2026-33646)
code injection in mise (CVE-2026-33646). Successful exploitation can lead to full system takeover. Exploitable via ``tera_exec``. Mitigation: upgrade to `2026.3.10` or later.
CVE-2026-7664 Authentication Bypass in langflow (CVE-2026-7664)
authentication bypass in langflow (CVE-2026-7664). Successful exploitation can lead to full system takeover.
CVE-2026-12628 Vulnerability in ibm (CVE-2026-12628)
vulnerability in ibm (CVE-2026-12628). Confidential information can be exposed externally.
CVE-2026-28381 Vulnerability in grafana (CVE-2026-28381)
vulnerability in grafana (CVE-2026-28381). Confidential information can be exposed externally.
CVE-2026-10561 Code Injection in langflow (CVE-2026-10561)
code injection in langflow (CVE-2026-10561). Successful exploitation can lead to full system takeover.
CVE-2026-11373 Vulnerability in CVE-2026-11373 (CVE-2026-11373)
vulnerability in CVE-2026-11373 (CVE-2026-11373). Confidential information can be exposed externally.
CVE-2026-56397 Cross-Site Scripting (XSS) in CVE-2026-56397 (CVE-2026-56397)
cross-site scripting in CVE-2026-56397 (CVE-2026-56397). Successful exploitation can lead to full system takeover.
CVE-2026-56395 Cross-Site Scripting (XSS) in CVE-2026-56395 (CVE-2026-56395)
cross-site scripting in CVE-2026-56395 (CVE-2026-56395). Successful exploitation can lead to full system takeover.
CVE-2026-56265 Vulnerability in kidocode (CVE-2026-56265)
vulnerability in kidocode (CVE-2026-56265). Successful exploitation can lead to full system takeover.
CVE-2026-5366 Code Injection in prefect (CVE-2026-5366)
code injection in prefect (CVE-2026-5366). Successful exploitation can lead to full system takeover. Exploitable via ``GitRepository``.
CVE-2024-58351 Code Injection in dos (CVE-2024-58351)
code injection in dos (CVE-2024-58351). Successful exploitation can lead to full system takeover.
CVE-2022-50972 Code Injection in CVE-2022-50972 (CVE-2022-50972)
code injection in CVE-2022-50972 (CVE-2022-50972). Successful exploitation can lead to full system takeover.
CVE-2019-25763 Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.
CVE-2026-48939 Unrestricted File Upload in joomlic (CVE-2026-48939)
vulnerability in joomlic (CVE-2026-48939). Successful exploitation can lead to full system takeover.
CVE-2026-48908 KEV [KEV] Unrestricted File Upload in Joomshaper ollyo (CVE-2026-48908)
vulnerability in Joomshaper ollyo (CVE-2026-48908). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-9265 Out-of-Bounds Read in CVE-2026-9265 (CVE-2026-9265)
vulnerability in CVE-2026-9265 (CVE-2026-9265). Confidential information can be exposed externally.
CVE-2026-11551 Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
CVE-2026-56081 Vulnerability in CVE-2026-56081 (CVE-2026-56081)
vulnerability in CVE-2026-56081 (CVE-2026-56081). Confidential information can be exposed externally.
CVE-2026-56073 Vulnerability in CVE-2026-56073 (CVE-2026-56073)
vulnerability in CVE-2026-56073 (CVE-2026-56073). Confidential information can be exposed externally.
CVE-2026-48584 Vulnerability in microsoft (CVE-2026-48584)
vulnerability in microsoft (CVE-2026-48584). Successful exploitation can lead to full system takeover.
CVE-2026-48582 Vulnerability in microsoft (CVE-2026-48582)
vulnerability in microsoft (CVE-2026-48582). Confidential information can be exposed externally.
CVE-2026-45480 Authentication Bypass in microsoft (CVE-2026-45480)
authentication bypass in microsoft (CVE-2026-45480). Successful exploitation can lead to full system takeover.
CVE-2026-55447 Vulnerability in langflow (CVE-2026-55447)
vulnerability in langflow (CVE-2026-55447). Successful exploitation can lead to full system takeover. Exploitable via ``BaseFileComponent``. Mitigation: upgrade to `1.9.2` or later.
CVE-2026-54906 Vulnerability in concurrent-ruby (CVE-2026-54906)
vulnerability in concurrent-ruby (CVE-2026-54906). Successful exploitation can lead to full system takeover. Exploitable via ``release_write_lock``. Mitigation: upgrade to `1.3.7` or later.
CVE-2026-48773 Out-of-Bounds Write in CVE-2026-48773 (CVE-2026-48773)
out-of-bounds write in CVE-2026-48773 (CVE-2026-48773). Successful exploitation can lead to full system takeover.
CVE-2026-48772 Vulnerability in CVE-2026-48772 (CVE-2026-48772)
vulnerability in CVE-2026-48772 (CVE-2026-48772). Confidential information can be exposed externally. Exploitable via ``UNKNOWN``.
CVE-2026-53492 Vulnerability in github.com/containerd/containerd/v2 (CVE-2026-53492)
vulnerability in github.com/containerd/containerd/v2 (CVE-2026-53492). Confidential information can be exposed externally. Mitigation: upgrade to `2.3.2` or later.
CVE-2026-51846 Vulnerability in CVE-2026-51846 (CVE-2026-51846)
vulnerability in CVE-2026-51846 (CVE-2026-51846). Successful exploitation can lead to full system takeover.
CVE-2026-51845 Vulnerability in CVE-2026-51845 (CVE-2026-51845)
vulnerability in CVE-2026-51845 (CVE-2026-51845). Successful exploitation can lead to full system takeover.
CVE-2026-51843 Vulnerability in CVE-2026-51843 (CVE-2026-51843)
vulnerability in CVE-2026-51843 (CVE-2026-51843). Successful exploitation can lead to full system takeover.
CVE-2026-51844 Vulnerability in CVE-2026-51844 (CVE-2026-51844)
vulnerability in CVE-2026-51844 (CVE-2026-51844). Successful exploitation can lead to full system takeover.
CVE-2026-49230 Vulnerability in apache (CVE-2026-49230)
vulnerability in apache (CVE-2026-49230). Confidential information can be exposed externally.
CVE-2026-49871 Cross-Site Request Forgery (CSRF) in apache (CVE-2026-49871)
vulnerability in apache (CVE-2026-49871). Confidential information can be exposed externally.
CVE-2026-39999 Vulnerability in apache (CVE-2026-39999)
vulnerability in apache (CVE-2026-39999). Confidential information can be exposed externally.
CVE-2026-44087 Vulnerability in apache (CVE-2026-44087)
vulnerability in apache (CVE-2026-44087). Confidential information can be exposed externally.
CVE-2025-62821 Out-of-Bounds Read in microsoft (CVE-2025-62821)
vulnerability in microsoft (CVE-2025-62821). Confidential information can be exposed externally.
CVE-2026-9142 Vulnerability in ni (CVE-2026-9142)
vulnerability in ni (CVE-2026-9142). Confidential information can be exposed externally.
CVE-2026-48137 Vulnerability in ni (CVE-2026-48137)
vulnerability in ni (CVE-2026-48137). Confidential information can be exposed externally.
CVE-2026-56142 Vulnerability in privilege-escalation (CVE-2026-56142)
vulnerability in privilege-escalation (CVE-2026-56142). Successful exploitation can lead to full system takeover.
CVE-2026-56141 Vulnerability in jetbrains (CVE-2026-56141)
vulnerability in jetbrains (CVE-2026-56141). Successful exploitation can lead to full system takeover.
CVE-2026-50242 Vulnerability in jetbrains (CVE-2026-50242)
vulnerability in jetbrains (CVE-2026-50242). Successful exploitation can lead to full system takeover.
CVE-2026-8713 Path Traversal in wordpress (CVE-2026-8713)
path traversal in wordpress (CVE-2026-8713). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →