Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-24194 |
|
Vulnerability in dos (CVE-2026-24194)
vulnerability in dos (CVE-2026-24194). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24192 |
|
Vulnerability in dos (CVE-2026-24192)
vulnerability in dos (CVE-2026-24192). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44730 |
|
Vulnerability in pycti (CVE-2026-44730)
vulnerability in pycti (CVE-2026-44730). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.9.7` or later.
|
| CVE-2026-44667 |
|
Cross-Site Scripting (XSS) in CVE-2026-44667 (CVE-2026-44667)
cross-site scripting in CVE-2026-44667 (CVE-2026-44667). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.3` or later.
|
| CVE-2026-44669 |
|
Cross-Site Scripting (XSS) in CVE-2026-44669 (CVE-2026-44669)
cross-site scripting in CVE-2026-44669 (CVE-2026-44669). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.3` or later.
|
| CVE-2026-44706 |
|
SQL Injection in sqli (CVE-2026-44706)
SQL injection in sqli (CVE-2026-44706). Confidential information can be exposed externally. Mitigation: upgrade to `4.11.2` or later.
|
| CVE-2026-9562 |
|
Vulnerability in CVE-2026-9562 (CVE-2026-9562)
vulnerability in CVE-2026-9562 (CVE-2026-9562). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8850 |
|
Vulnerability in dos (CVE-2026-8850)
vulnerability in dos (CVE-2026-8850). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48864 |
|
Out-of-Bounds Write in dos (CVE-2026-48864)
out-of-bounds write in dos (CVE-2026-48864). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48896 |
|
Joomla! Core - [20260511] - MFA Authentication Bypass
Joomla! Core - [20260511] - MFA Authentication Bypass
|
| CVE-2026-48897 |
|
Joomla! Core - [20260512] - MFA Authentication Bypass
Joomla! Core - [20260512] - MFA Authentication Bypass
|
| CVE-2026-48901 |
|
Vulnerability in joomla (CVE-2026-48901)
vulnerability in joomla (CVE-2026-48901). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-48690 |
|
Vulnerability in pavel-odintsov (CVE-2026-48690)
vulnerability in pavel-odintsov (CVE-2026-48690). Confidential information can be exposed externally.
|
| CVE-2026-48697 |
|
Vulnerability in cpp (CVE-2026-48697)
vulnerability in cpp (CVE-2026-48697). Confidential information can be exposed externally.
|
| CVE-2026-48126 |
|
Path Traversal in github.com/xyproto/algernon (CVE-2026-48126)
path traversal in github.com/xyproto/algernon (CVE-2026-48126). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `1.17.8` or later.
|
| CVE-2026-44729 |
|
Cross-Site Scripting (XSS) in twenty (CVE-2026-44729)
cross-site scripting in twenty (CVE-2026-44729). Confidential information can be exposed externally.
|
| CVE-2026-40384 |
|
Path Traversal in joomla (CVE-2026-40384)
path traversal in joomla (CVE-2026-40384). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-24212 |
|
Vulnerability in nvidia (CVE-2026-24212)
vulnerability in nvidia (CVE-2026-24212). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24162 |
|
Unsafe Deserialization in deserialization (CVE-2026-24162)
vulnerability in deserialization (CVE-2026-24162). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48692 |
|
Vulnerability in cpp (CVE-2026-48692)
vulnerability in cpp (CVE-2026-48692). Confidential information can be exposed externally.
|
| CVE-2026-48688 |
|
Out-of-Bounds Read in cpp (CVE-2026-48688)
vulnerability in cpp (CVE-2026-48688). Confidential information can be exposed externally.
|
| CVE-2026-43935 |
|
Vulnerability in CVE-2026-43935 (CVE-2026-43935)
vulnerability in CVE-2026-43935 (CVE-2026-43935). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `2.3.4` or later.
|
| CVE-2026-25112 |
|
Vulnerability in privilege-escalation (CVE-2026-25112)
vulnerability in privilege-escalation (CVE-2026-25112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9552 |
|
Vulnerability in sqli (CVE-2026-9552)
vulnerability in sqli (CVE-2026-9552). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9551 |
|
Vulnerability in sqli (CVE-2026-9551)
vulnerability in sqli (CVE-2026-9551). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9550 |
|
Path Traversal in path-traversal (CVE-2026-9550)
path traversal in path-traversal (CVE-2026-9550). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46368 |
|
Command Injection in c (CVE-2026-46368)
command injection in c (CVE-2026-46368). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42785 |
|
Code Injection in CVE-2026-42785 (CVE-2026-42785)
code injection in CVE-2026-42785 (CVE-2026-42785). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45082 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45082)
SSRF in ssrf (CVE-2026-45082). Confidential information can be exposed externally.
|
| CVE-2026-42425 |
|
SQL Injection in CVE-2026-42425 (CVE-2026-42425)
SQL injection in CVE-2026-42425 (CVE-2026-42425). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40034 |
|
Command Injection in gix (CVE-2026-40034)
command injection in gix (CVE-2026-40034). Successful exploitation can lead to full system takeover. Exploitable via ``update``. Mitigation: upgrade to `0.83.0` or later.
|
| CVE-2026-40033 |
|
Vulnerability in freerdp (CVE-2026-40033)
vulnerability in freerdp (CVE-2026-40033). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9544 |
|
Vulnerability in sqli (CVE-2026-9544)
vulnerability in sqli (CVE-2026-9544). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48131 |
|
Vulnerability in dos (CVE-2026-48131)
vulnerability in dos (CVE-2026-48131). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48132 |
|
Out-of-Bounds Read in dos (CVE-2026-48132)
vulnerability in dos (CVE-2026-48132). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48133 |
|
Vulnerability in CVE-2026-48133 (CVE-2026-48133)
vulnerability in CVE-2026-48133 (CVE-2026-48133). Confidential information can be exposed externally.
|
| CVE-2025-11482 |
|
Vulnerability in CVE-2025-11482 (CVE-2025-11482)
vulnerability in CVE-2025-11482 (CVE-2025-11482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25713 |
|
MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability
MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability
|
| CVE-2026-25104 |
|
MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
|
| CVE-2026-39661 |
|
Vulnerability in CVE-2026-39661 (CVE-2026-39661)
vulnerability in CVE-2026-39661 (CVE-2026-39661). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8047 |
|
Vulnerability in dos (CVE-2026-8047)
vulnerability in dos (CVE-2026-8047). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9495 |
|
Vulnerability in @koa/router (CVE-2026-9495)
vulnerability in @koa/router (CVE-2026-9495). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `15.0.0` or later.
|
| CVE-2026-8046 |
|
Authorization Flaw in CVE-2026-8046 (CVE-2026-8046)
vulnerability in CVE-2026-8046 (CVE-2026-8046). Data can be tampered with by attackers.
|
| CVE-2026-9496 |
|
Vulnerability in dos (CVE-2026-9496)
vulnerability in dos (CVE-2026-9496). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44468 |
|
Vulnerability in privilege-escalation (CVE-2026-44468)
vulnerability in privilege-escalation (CVE-2026-44468). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44469 |
|
Vulnerability in privilege-escalation (CVE-2026-44469)
vulnerability in privilege-escalation (CVE-2026-44469). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42497 |
|
Vulnerability in archive (CVE-2026-42497)
vulnerability in archive (CVE-2026-42497). Data can be tampered with by attackers.
|
| CVE-2026-9526 |
|
Vulnerability in sqli (CVE-2026-9526)
vulnerability in sqli (CVE-2026-9526). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9528 |
|
Vulnerability in sqli (CVE-2026-9528)
vulnerability in sqli (CVE-2026-9528). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9521 |
|
Vulnerability in CVE-2026-9521 (CVE-2026-9521)
vulnerability in CVE-2026-9521 (CVE-2026-9521). Risk of unauthorized operations or information disclosure.
|