Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43865 |
|
Unsafe Deserialization in csharp (CVE-2026-43865)
vulnerability in csharp (CVE-2026-43865). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42527 |
|
Unsafe Deserialization in csharp (CVE-2026-42527)
vulnerability in csharp (CVE-2026-42527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10657 |
|
Out-of-Bounds Read in c (CVE-2026-10657)
vulnerability in c (CVE-2026-10657). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47896 |
|
Path Traversal in csharp (CVE-2026-47896)
path traversal in csharp (CVE-2026-47896). Confidential information can be exposed externally.
|
| CVE-2026-47898 |
|
XXE (XML External Entity) in csharp (CVE-2026-47898)
vulnerability in csharp (CVE-2026-47898). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47897 |
|
Path Traversal in csharp (CVE-2026-47897)
path traversal in csharp (CVE-2026-47897). Data can be tampered with by attackers.
|
| CVE-2026-58126 |
|
Vulnerability in csharp (CVE-2026-58126)
vulnerability in csharp (CVE-2026-58126). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58127 |
|
Vulnerability in csharp (CVE-2026-58127)
vulnerability in csharp (CVE-2026-58127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49451 |
|
Vulnerability in Microsoft.OpenAPI (CVE-2026-49451)
vulnerability in Microsoft.OpenAPI (CVE-2026-49451). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.7.5` or later.
|
| CVE-2023-37524 |
|
Vulnerability in csharp (CVE-2023-37524)
vulnerability in csharp (CVE-2023-37524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36478 |
|
Vulnerability in csharp (CVE-2026-36478)
vulnerability in csharp (CVE-2026-36478). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49246 |
|
Path Traversal in csharp (CVE-2026-49246)
path traversal in csharp (CVE-2026-49246). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.11.10` or later.
|
| CVE-2026-48513 |
|
Vulnerability in MessagePack (CVE-2026-48513)
vulnerability in MessagePack (CVE-2026-48513). Risk of unauthorized operations or information disclosure. Exploitable via ``DynamicUnionResolver``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48514 |
|
Vulnerability in MessagePack (CVE-2026-48514)
vulnerability in MessagePack (CVE-2026-48514). Risk of unauthorized operations or information disclosure. Exploitable via ``byteLength``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48515 |
|
Vulnerability in MessagePack (CVE-2026-48515)
vulnerability in MessagePack (CVE-2026-48515). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48516 |
|
Vulnerability in MessagePack (CVE-2026-48516)
vulnerability in MessagePack (CVE-2026-48516). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48517 |
|
Vulnerability in MessagePack (CVE-2026-48517)
vulnerability in MessagePack (CVE-2026-48517). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializer.Typeless``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48502 |
|
Out-of-Bounds Read in MessagePack (CVE-2026-48502)
vulnerability in MessagePack (CVE-2026-48502). Risk of unauthorized operations or information disclosure. Exploitable via ``tokenSize``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48506 |
|
Vulnerability in MessagePack (CVE-2026-48506)
vulnerability in MessagePack (CVE-2026-48506). Risk of unauthorized operations or information disclosure. Exploitable via ``StackOverflowException``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48509 |
|
Vulnerability in MessagePack (CVE-2026-48509)
vulnerability in MessagePack (CVE-2026-48509). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializerOptions.Standard``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48510 |
|
Vulnerability in MessagePack (CVE-2026-48510)
vulnerability in MessagePack (CVE-2026-48510). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48511 |
|
Vulnerability in MessagePack (CVE-2026-48511)
vulnerability in MessagePack (CVE-2026-48511). Risk of unauthorized operations or information disclosure. Exploitable via ``ExpandoObjectFormatter.Deserialize``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48512 |
|
Vulnerability in MessagePack (CVE-2026-48512)
vulnerability in MessagePack (CVE-2026-48512). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSerializer.ConvertFromJson``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-12580 |
|
Cross-Site Scripting (XSS) in csharp (CVE-2026-12580)
cross-site scripting in csharp (CVE-2026-12580). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12581 |
|
Vulnerability in csharp (CVE-2026-12581)
vulnerability in csharp (CVE-2026-12581). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56341 |
|
Vulnerability in csharp (CVE-2026-56341)
vulnerability in csharp (CVE-2026-56341). Confidential information can be exposed externally.
|
| CVE-2026-54784 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54784)
vulnerability in CoreWCF.Primitives (CVE-2026-54784). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54783 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54783)
vulnerability in CoreWCF.Primitives (CVE-2026-54783). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54782 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54782)
vulnerability in CoreWCF.Primitives (CVE-2026-54782). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54781 |
|
Authentication Bypass in CoreWCF.Primitives (CVE-2026-54781)
authentication bypass in CoreWCF.Primitives (CVE-2026-54781). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54780 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54780)
vulnerability in CoreWCF.Primitives (CVE-2026-54780). Risk of unauthorized operations or information disclosure. Exploitable via ``SignatureMethod``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54779 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54779)
vulnerability in CoreWCF.Primitives (CVE-2026-54779). Data can be tampered with by attackers. Exploitable via ``ITokenReplayCache``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54778 |
|
Vulnerability in CoreWCF.UnixDomainSocket (CVE-2026-54778)
vulnerability in CoreWCF.UnixDomainSocket (CVE-2026-54778). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54777 |
|
Vulnerability in CoreWCF.NetNamedPipe (CVE-2026-54777)
vulnerability in CoreWCF.NetNamedPipe (CVE-2026-54777). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54776 |
|
Vulnerability in CoreWCF.UnixDomainSocket (CVE-2026-54776)
vulnerability in CoreWCF.UnixDomainSocket (CVE-2026-54776). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54775 |
|
Vulnerability in CoreWCF.Kafka (CVE-2026-54775)
vulnerability in CoreWCF.Kafka (CVE-2026-54775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54774 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54774)
vulnerability in CoreWCF.Primitives (CVE-2026-54774). Confidential information can be exposed externally. Exploitable via ``BinarySecretSecurityToken``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54773 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54773)
vulnerability in CoreWCF.Primitives (CVE-2026-54773). Data can be tampered with by attackers. Exploitable via ``KeyInfo``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54772 |
|
Vulnerability in CoreWCF.NetFramingBase (CVE-2026-54772)
vulnerability in CoreWCF.NetFramingBase (CVE-2026-54772). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-50200 |
|
Information Disclosure in Steeltoe.Management.Endpoint (CVE-2026-50200)
vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50200). Confidential information can be exposed externally. Exploitable via ``Sanitizer``. Mitigation: upgrade to `4.2.0` or later.
|
| CVE-2026-50194 |
|
Vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50194)
vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50194). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `4.2.0` or later.
|
| CVE-2026-11858 |
|
Vulnerability in csharp (CVE-2026-11858)
vulnerability in csharp (CVE-2026-11858). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11857 |
|
Unsafe Deserialization in csharp (CVE-2026-11857)
vulnerability in csharp (CVE-2026-11857). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-68049 |
|
Subscriber Broken Access Control in bunny.net <= 2.3.6 versions.
Subscriber Broken Access Control in bunny.net <= 2.3.6 versions.
|
| CVE-2025-7008 |
|
Out-of-Bounds Read in csharp (CVE-2025-7008)
vulnerability in csharp (CVE-2025-7008). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48109 |
|
Vulnerability in MessagePack (CVE-2026-48109)
vulnerability in MessagePack (CVE-2026-48109). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-45490 |
|
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-45591 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.9` or later.
|
| CVE-2026-45491 |
|
Vulnerability in Microsoft.NETCore.App.Runtime.linux-x64 (CVE-2026-45491)
vulnerability in Microsoft.NETCore.App.Runtime.linux-x64 (CVE-2026-45491). Data can be tampered with by attackers. Exploitable via ``TarFile.ExtractToDirectory``. Mitigation: upgrade to `10.0.9` or later.
|
| CVE-2026-46319 |
|
Use-After-Free in csharp (CVE-2026-46319)
vulnerability in csharp (CVE-2026-46319). Successful exploitation can lead to full system takeover.
|