Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-33646 |
|
Code Injection in mise (CVE-2026-33646)
code injection in mise (CVE-2026-33646). Successful exploitation can lead to full system takeover. Exploitable via ``tera_exec``. Mitigation: upgrade to `2026.3.10` or later.
|
| CVE-2026-32315 |
|
Information Disclosure in motioneye (CVE-2026-32315)
vulnerability in motioneye (CVE-2026-32315). Confidential information can be exposed externally. Exploitable via ``motion.conf``. Mitigation: upgrade to `0.44.0` or later.
|
| CVE-2026-31978 |
|
Path Traversal in motioneye (CVE-2026-31978)
path traversal in motioneye (CVE-2026-31978). Confidential information can be exposed externally. Exploitable via ``mediafiles.py``. Mitigation: upgrade to `0.44.0` or later.
|
| CVE-2026-25119 |
|
Vulnerability in gogs.io/gogs (CVE-2026-25119)
vulnerability in gogs.io/gogs (CVE-2026-25119). Risk of unauthorized operations or information disclosure. Exploitable via ``ENABLE_REVERSE_PROXY_AUTHENTICATION``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2025-64719 |
|
Vulnerability in gogs.io/gogs (CVE-2025-64719)
vulnerability in gogs.io/gogs (CVE-2025-64719). Risk of unauthorized operations or information disclosure. Exploitable via ``view.go``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2025-58048 |
|
Unrestricted File Upload in paymenter/paymenter (CVE-2025-58048)
vulnerability in paymenter/paymenter (CVE-2025-58048). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.11` or later.
|
| CVE-2024-37155 |
|
Vulnerability in pycti (CVE-2024-37155)
vulnerability in pycti (CVE-2024-37155). Risk of unauthorized operations or information disclosure. Exploitable via ``secureIntrospectionPlugin``. Mitigation: upgrade to `6.1.9` or later.
|
| CVE-2026-9610 |
|
Vulnerability in ibm (CVE-2026-9610)
vulnerability in ibm (CVE-2026-9610). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9320 |
|
Vulnerability in dos (CVE-2026-9320)
vulnerability in dos (CVE-2026-9320). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9072 |
|
Code Injection in dos (CVE-2026-9072)
code injection in dos (CVE-2026-9072). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9071 |
|
Vulnerability in dos (CVE-2026-9071)
vulnerability in dos (CVE-2026-9071). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9006 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9006)
SSRF in ssrf (CVE-2026-9006). Confidential information can be exposed externally.
|
| CVE-2026-8934 |
|
Vulnerability in CVE-2026-8934 (CVE-2026-8934)
vulnerability in CVE-2026-8934 (CVE-2026-8934). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8858 |
|
Code Injection in dos (CVE-2026-8858)
code injection in dos (CVE-2026-8858). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8823 |
|
Authorization Flaw in mattermost (CVE-2026-8823)
vulnerability in mattermost (CVE-2026-8823). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8646 |
|
Vulnerability in ibm (CVE-2026-8646)
vulnerability in ibm (CVE-2026-8646). Confidential information can be exposed externally.
|
| CVE-2026-8636 |
|
Vulnerability in ibm (CVE-2026-8636)
vulnerability in ibm (CVE-2026-8636). Confidential information can be exposed externally.
|
| CVE-2026-8059 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2026-8059)
cross-site scripting in ibm (CVE-2026-8059). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7664 |
|
Authentication Bypass in langflow (CVE-2026-7664)
authentication bypass in langflow (CVE-2026-7664). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7253 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-7253)
SSRF in ssrf (CVE-2026-7253). Confidential information can be exposed externally.
|
| CVE-2026-56104 |
|
Vulnerability in CVE-2026-56104 (CVE-2026-56104)
vulnerability in CVE-2026-56104 (CVE-2026-56104). Confidential information can be exposed externally.
|
| CVE-2026-50178 |
|
Cross-Site Scripting (XSS) in angular (CVE-2026-50178)
cross-site scripting in angular (CVE-2026-50178). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
|
| CVE-2026-49241 |
|
Cross-Site Scripting (XSS) in angular (CVE-2026-49241)
cross-site scripting in angular (CVE-2026-49241). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `21.2.4` or later.
|
| CVE-2026-41049 |
|
Authorization Flaw in presire (CVE-2026-41049)
vulnerability in presire (CVE-2026-41049). Data can be tampered with by attackers.
|
| CVE-2026-41048 |
|
Authorization Flaw in presire (CVE-2026-41048)
vulnerability in presire (CVE-2026-41048). Data can be tampered with by attackers.
|
| CVE-2026-41047 |
|
Vulnerability in presire (CVE-2026-41047)
vulnerability in presire (CVE-2026-41047). Confidential information can be exposed externally.
|
| CVE-2026-41046 |
|
Vulnerability in path-traversal (CVE-2026-41046)
vulnerability in path-traversal (CVE-2026-41046). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41045 |
|
Vulnerability in presire (CVE-2026-41045)
vulnerability in presire (CVE-2026-41045). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12725 |
|
Vulnerability in dos (CVE-2026-12725)
vulnerability in dos (CVE-2026-12725). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12628 |
|
Vulnerability in ibm (CVE-2026-12628)
vulnerability in ibm (CVE-2026-12628). Confidential information can be exposed externally.
|
| CVE-2026-12549 |
|
Vulnerability in redhat (CVE-2026-12549)
vulnerability in redhat (CVE-2026-12549). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12479 |
|
Path Traversal in path-traversal (CVE-2026-12479)
path traversal in path-traversal (CVE-2026-12479). Risk of unauthorized operations or information disclosure. Exploitable via ``DiskIOStore.make``.
|
| CVE-2026-11943 |
|
Cross-Site Scripting (XSS) in CVE-2026-11943 (CVE-2026-11943)
cross-site scripting in CVE-2026-11943 (CVE-2026-11943). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11942 |
|
Cross-Site Scripting (XSS) in CVE-2026-11942 (CVE-2026-11942)
cross-site scripting in CVE-2026-11942 (CVE-2026-11942). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11372 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2026-11372)
cross-site scripting in ibm (CVE-2026-11372). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10845 |
|
Authentication Bypass in ibm (CVE-2026-10845)
authentication bypass in ibm (CVE-2026-10845). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-51454 |
|
Vulnerability in ibm (CVE-2024-51454)
vulnerability in ibm (CVE-2024-51454). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2023-33854 |
|
Vulnerability in ibm (CVE-2023-33854)
vulnerability in ibm (CVE-2023-33854). Data can be tampered with by attackers.
|
| CVE-2026-20055 |
|
Vulnerability in cisco (CVE-2026-20055)
vulnerability in cisco (CVE-2026-20055). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9162 |
|
Vulnerability in mattermost (CVE-2026-9162)
vulnerability in mattermost (CVE-2026-9162). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9029 |
|
The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug....
The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug....
|
| CVE-2026-8074 |
|
Authorization Flaw in mattermost (CVE-2026-8074)
vulnerability in mattermost (CVE-2026-8074). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /api/v4/users/{id}/active`.
|
| CVE-2026-7167 |
|
Information Disclosure in CVE-2026-7167 (CVE-2026-7167)
vulnerability in CVE-2026-7167 (CVE-2026-7167). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7166 |
|
Information Disclosure in CVE-2026-7166 (CVE-2026-7166)
vulnerability in CVE-2026-7166 (CVE-2026-7166). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7165 |
|
Vulnerability in dos (CVE-2026-7165)
vulnerability in dos (CVE-2026-7165). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6673 |
|
Vulnerability in mattermost (CVE-2026-6673)
vulnerability in mattermost (CVE-2026-6673). Data can be tampered with by attackers.
|
| CVE-2026-6653 |
|
Use-After-Free in CVE-2026-6653 (CVE-2026-6653)
vulnerability in CVE-2026-6653 (CVE-2026-6653). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6062 |
|
Vulnerability in mattermost (CVE-2026-6062)
vulnerability in mattermost (CVE-2026-6062). Confidential information can be exposed externally.
|
| CVE-2026-5139 |
|
Vulnerability in mattermost (CVE-2026-5139)
vulnerability in mattermost (CVE-2026-5139). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56450 |
|
Vulnerability in CVE-2026-56450 (CVE-2026-56450)
vulnerability in CVE-2026-56450 (CVE-2026-56450). Risk of unauthorized operations or information disclosure.
|