Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54274 |
|
Vulnerability in aiohttp (CVE-2026-54274)
vulnerability in aiohttp (CVE-2026-54274). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54275 |
|
Vulnerability in aiohttp (CVE-2026-54275)
vulnerability in aiohttp (CVE-2026-54275). Risk of unauthorized operations or information disclosure. Exploitable via ``server_hostname``. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54280 |
|
Vulnerability in aiohttp (CVE-2026-54280)
vulnerability in aiohttp (CVE-2026-54280). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54273 |
|
Vulnerability in aiohttp (CVE-2026-54273)
vulnerability in aiohttp (CVE-2026-54273). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54278 |
|
Vulnerability in aiohttp (CVE-2026-54278)
vulnerability in aiohttp (CVE-2026-54278). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54277 |
|
Vulnerability in aiohttp (CVE-2026-54277)
vulnerability in aiohttp (CVE-2026-54277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54276 |
|
Information Disclosure in aiohttp (CVE-2026-54276)
vulnerability in aiohttp (CVE-2026-54276). Risk of unauthorized operations or information disclosure. Exploitable via ``DigestAuthMiddleware``. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-54279 |
|
Vulnerability in aiohttp (CVE-2026-54279)
vulnerability in aiohttp (CVE-2026-54279). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-50269 |
|
Vulnerability in aiohttp (CVE-2026-50269)
vulnerability in aiohttp (CVE-2026-50269). Risk of unauthorized operations or information disclosure. Exploitable via ``Payload.headers``. Mitigation: upgrade to `3.14.0` or later.
|
| CVE-2026-47265 |
|
Vulnerability in aiohttp (CVE-2026-47265)
vulnerability in aiohttp (CVE-2026-47265). Confidential information can be exposed externally. Exploitable via ``cookies``. Mitigation: upgrade to `3.14.0` or later.
|
| CVE-2026-34993 |
|
Unsafe Deserialization in aiohttp (CVE-2026-34993)
vulnerability in aiohttp (CVE-2026-34993). Data can be tampered with by attackers. Mitigation: upgrade to `3.14.0` or later.
|
| CVE-2025-69223 |
|
Vulnerability in dos (CVE-2025-69223)
vulnerability in dos (CVE-2025-69223). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-49081 |
|
Vulnerability in aiohttp (CVE-2023-49081)
vulnerability in aiohttp (CVE-2023-49081). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-49082 |
|
Vulnerability in aiohttp (CVE-2023-49082)
vulnerability in aiohttp (CVE-2023-49082). Risk of unauthorized operations or information disclosure.
|