Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-42754 Cross-Site Scripting (XSS) in CVE-2026-42754 (CVE-2026-42754)
cross-site scripting in CVE-2026-42754 (CVE-2026-42754). Risk of unauthorized operations or information disclosure.
CVE-2026-42737 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
CVE-2026-42738 Cross-Site Scripting (XSS) in CVE-2026-42738 (CVE-2026-42738)
cross-site scripting in CVE-2026-42738 (CVE-2026-42738). Risk of unauthorized operations or information disclosure.
CVE-2026-42735 Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
CVE-2026-42739 Cross-Site Scripting (XSS) in CVE-2026-42739 (CVE-2026-42739)
cross-site scripting in CVE-2026-42739 (CVE-2026-42739). Risk of unauthorized operations or information disclosure.
CVE-2026-42745 Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
CVE-2026-42736 Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp...
Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp...
CVE-2026-42733 Cross-Site Scripting (XSS) in CVE-2026-42733 (CVE-2026-42733)
cross-site scripting in CVE-2026-42733 (CVE-2026-42733). Risk of unauthorized operations or information disclosure.
CVE-2026-42730 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
CVE-2026-42729 Cross-Site Scripting (XSS) in CVE-2026-42729 (CVE-2026-42729)
cross-site scripting in CVE-2026-42729 (CVE-2026-42729). Risk of unauthorized operations or information disclosure.
CVE-2026-42728 Cross-Site Scripting (XSS) in CVE-2026-42728 (CVE-2026-42728)
cross-site scripting in CVE-2026-42728 (CVE-2026-42728). Risk of unauthorized operations or information disclosure.
CVE-2026-42734 Cross-Site Scripting (XSS) in CVE-2026-42734 (CVE-2026-42734)
cross-site scripting in CVE-2026-42734 (CVE-2026-42734). Risk of unauthorized operations or information disclosure.
CVE-2026-3012 A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
CVE-2026-40852 OS Command Injection in CVE-2026-40852 (CVE-2026-40852)
OS command injection in CVE-2026-40852 (CVE-2026-40852). Successful exploitation can lead to full system takeover.
CVE-2026-40851 Vulnerability in CVE-2026-40851 (CVE-2026-40851)
vulnerability in CVE-2026-40851 (CVE-2026-40851). Successful exploitation can lead to full system takeover.
CVE-2026-40850 SQL Injection in sqli (CVE-2026-40850)
SQL injection in sqli (CVE-2026-40850). Confidential information can be exposed externally.
CVE-2025-22741 Cross-Site Scripting (XSS) in CVE-2025-22741 (CVE-2025-22741)
cross-site scripting in CVE-2025-22741 (CVE-2025-22741). Risk of unauthorized operations or information disclosure.
CVE-2025-52747 Cross-Site Scripting (XSS) in CVE-2025-52747 (CVE-2025-52747)
cross-site scripting in CVE-2025-52747 (CVE-2025-52747). Risk of unauthorized operations or information disclosure.
CVE-2025-13392 Vulnerability in synology (CVE-2025-13392)
vulnerability in synology (CVE-2025-13392). Successful exploitation can lead to full system takeover.
CVE-2025-14713 Vulnerability in synology (CVE-2025-14713)
vulnerability in synology (CVE-2025-14713). Confidential information can be exposed externally.
CVE-2025-30028 SQL Injection in synology (CVE-2025-30028)
SQL injection in synology (CVE-2025-30028). Confidential information can be exposed externally.
CVE-2026-40834 SQL Injection in sqli (CVE-2026-40834)
SQL injection in sqli (CVE-2026-40834). Confidential information can be exposed externally.
CVE-2026-40833 SQL Injection in sqli (CVE-2026-40833)
SQL injection in sqli (CVE-2026-40833). Confidential information can be exposed externally.
CVE-2026-40836 SQL Injection in sqli (CVE-2026-40836)
SQL injection in sqli (CVE-2026-40836). Confidential information can be exposed externally.
CVE-2026-6169 Code Injection in wordpress (CVE-2026-6169)
code injection in wordpress (CVE-2026-6169). Successful exploitation can lead to full system takeover.
CVE-2023-52945 Vulnerability in synology (CVE-2023-52945)
vulnerability in synology (CVE-2023-52945). Successful exploitation can lead to full system takeover.
CVE-2026-8832 Code Injection in wordpress (CVE-2026-8832)
code injection in wordpress (CVE-2026-8832). Successful exploitation can lead to full system takeover.
CVE-2026-8143 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8143)
cross-site scripting in wordpress (CVE-2026-8143). Risk of unauthorized operations or information disclosure.
CVE-2026-40814 SQL Injection in sqli (CVE-2026-40814)
SQL injection in sqli (CVE-2026-40814). Confidential information can be exposed externally.
CVE-2026-40815 SQL Injection in sqli (CVE-2026-40815)
SQL injection in sqli (CVE-2026-40815). Confidential information can be exposed externally.
CVE-2026-40819 SQL Injection in c (CVE-2026-40819)
SQL injection in c (CVE-2026-40819). Confidential information can be exposed externally.
CVE-2026-40817 SQL Injection in sqli (CVE-2026-40817)
SQL injection in sqli (CVE-2026-40817). Confidential information can be exposed externally.
CVE-2026-40818 SQL Injection in sqli (CVE-2026-40818)
SQL injection in sqli (CVE-2026-40818). Confidential information can be exposed externally.
CVE-2026-40816 SQL Injection in sqli (CVE-2026-40816)
SQL injection in sqli (CVE-2026-40816). Confidential information can be exposed externally.
CVE-2025-41670 Vulnerability in privilege-escalation (CVE-2025-41670)
vulnerability in privilege-escalation (CVE-2025-41670). Successful exploitation can lead to full system takeover.
CVE-2025-41669 Vulnerability in CVE-2025-41669 (CVE-2025-41669)
vulnerability in CVE-2025-41669 (CVE-2025-41669). Successful exploitation can lead to full system takeover.
CVE-2026-40813 SQL Injection in sqli (CVE-2026-40813)
SQL injection in sqli (CVE-2026-40813). Confidential information can be exposed externally.
CVE-2026-40810 SQL Injection in sqli (CVE-2026-40810)
SQL injection in sqli (CVE-2026-40810). Confidential information can be exposed externally.
CVE-2026-40811 SQL Injection in sqli (CVE-2026-40811)
SQL injection in sqli (CVE-2026-40811). Confidential information can be exposed externally.
CVE-2026-40812 SQL Injection in sqli (CVE-2026-40812)
SQL injection in sqli (CVE-2026-40812). Confidential information can be exposed externally.
CVE-2026-3375 Cross-Site Scripting (XSS) in wordpress (CVE-2026-3375)
cross-site scripting in wordpress (CVE-2026-3375). Risk of unauthorized operations or information disclosure.
CVE-2026-9200 Vulnerability in wordpress (CVE-2026-9200)
vulnerability in wordpress (CVE-2026-9200). Successful exploitation can lead to full system takeover.
CVE-2026-8994 Authentication Bypass in wordpress (CVE-2026-8994)
authentication bypass in wordpress (CVE-2026-8994). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv``.
CVE-2026-8787 Privilege Escalation in wordpress (CVE-2026-8787)
vulnerability in wordpress (CVE-2026-8787). Successful exploitation can lead to full system takeover. Exploitable via ``user_email``.
CVE-2026-6268 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6268)
cross-site scripting in wordpress (CVE-2026-6268). Risk of unauthorized operations or information disclosure.
CVE-2026-49000 Vulnerability in CVE-2026-49000 (CVE-2026-49000)
vulnerability in CVE-2026-49000 (CVE-2026-49000). Confidential information can be exposed externally.
CVE-2026-48959 Vulnerability in c (CVE-2026-48959)
vulnerability in c (CVE-2026-48959). Risk of unauthorized operations or information disclosure.
CVE-2026-48961 Vulnerability in CVE-2026-48961 (CVE-2026-48961)
vulnerability in CVE-2026-48961 (CVE-2026-48961). Risk of unauthorized operations or information disclosure.
CVE-2026-48962 Vulnerability in CVE-2026-48962 (CVE-2026-48962)
vulnerability in CVE-2026-48962 (CVE-2026-48962). Risk of unauthorized operations or information disclosure.
CVE-2026-2253 Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0,...
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0,...

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →