Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-71381 |
|
Vulnerability in CVE-2025-71381 (CVE-2025-71381)
vulnerability in CVE-2025-71381 (CVE-2025-71381). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.10.3` or later.
|
| CVE-2026-56762 |
|
Vulnerability in CVE-2026-56762 (CVE-2026-56762)
vulnerability in CVE-2026-56762 (CVE-2026-56762). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
|
| CVE-2026-55766 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-55766)
vulnerability in guzzlehttp/psr7 (CVE-2026-55766). Risk of unauthorized operations or information disclosure. Exploitable via ``Request``. Mitigation: upgrade to `2.12.1` or later.
|
| CVE-2026-50269 |
|
Vulnerability in aiohttp (CVE-2026-50269)
vulnerability in aiohttp (CVE-2026-50269). Risk of unauthorized operations or information disclosure. Exploitable via ``Payload.headers``. Mitigation: upgrade to `3.14.0` or later.
|
| CVE-2026-50630 |
|
Vulnerability in apache (CVE-2026-50630)
vulnerability in apache (CVE-2026-50630). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49214 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-49214)
vulnerability in guzzlehttp/psr7 (CVE-2026-49214). Risk of unauthorized operations or information disclosure. Exploitable via ``Uri``. Mitigation: upgrade to `2.10.2` or later.
|
| CVE-2026-43966 |
|
Vulnerability in cowlib (CVE-2026-43966)
vulnerability in cowlib (CVE-2026-43966). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48596 |
|
Vulnerability in tesla (CVE-2026-48596)
vulnerability in tesla (CVE-2026-48596). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.18.3` or later.
|
| CVE-2026-38967 |
|
Vulnerability in CVE-2026-38967 (CVE-2026-38967)
vulnerability in CVE-2026-38967 (CVE-2026-38967). Successful exploitation can lead to full system takeover.
|
| CVE-2026-38978 |
|
Vulnerability in CVE-2026-38978 (CVE-2026-38978)
vulnerability in CVE-2026-38978 (CVE-2026-38978). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44489 |
|
Vulnerability in axios (CVE-2026-44489)
vulnerability in axios (CVE-2026-44489). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-47675 |
|
Vulnerability in hono (CVE-2026-47675)
vulnerability in hono (CVE-2026-47675). Risk of unauthorized operations or information disclosure. Exploitable via ``domain``. Mitigation: upgrade to `4.12.21` or later.
|
| CVE-2026-9658 |
|
Vulnerability in CVE-2026-9658 (CVE-2026-9658)
vulnerability in CVE-2026-9658 (CVE-2026-9658). Risk of unauthorized operations or information disclosure. Exploitable via `GET /path`.
|
| CVE-2026-42578 |
|
Vulnerability in io.netty:netty-handler-proxy (CVE-2026-42578)
vulnerability in io.netty:netty-handler-proxy (CVE-2026-42578). Data can be tampered with by attackers. Exploitable via ``io.netty.handler.proxy.HttpProxyHandler``. Mitigation: upgrade to `4.2.13.Final` or later.
|
| CVE-2026-7010 |
|
Vulnerability in CVE-2026-7010 (CVE-2026-7010)
vulnerability in CVE-2026-7010 (CVE-2026-7010). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42874 |
|
Vulnerability in microdot (CVE-2026-42874)
vulnerability in microdot (CVE-2026-42874). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.6.1` or later.
|
| CVE-2026-44214 |
|
Vulnerability in eventsource-encoder (CVE-2026-44214)
vulnerability in eventsource-encoder (CVE-2026-44214). Risk of unauthorized operations or information disclosure. Exploitable via ``event``. Mitigation: upgrade to `1.0.2` or later.
|
| CVE-2026-41683 |
|
Vulnerability in i18next-http-middleware (CVE-2026-41683)
vulnerability in i18next-http-middleware (CVE-2026-41683). Data can be tampered with by attackers. Exploitable via ``i18next``. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-40175 |
|
Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
|
| CVE-2017-1262 |
|
Vulnerability in ibm (CVE-2017-1262)
vulnerability in ibm (CVE-2017-1262). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12309 |
|
Vulnerability in cisco (CVE-2017-12309)
vulnerability in cisco (CVE-2017-12309). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1445 |
|
HTTP header injection in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30.
HTTP header injection in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30.
|
| CVE-2017-7443 |
|
Vulnerability in apt-cacher-ng-project (CVE-2017-7443)
vulnerability in apt-cacher-ng-project (CVE-2017-7443). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8024 |
|
Vulnerability in mcafee (CVE-2016-8024)
vulnerability in mcafee (CVE-2016-8024). Successful exploitation can lead to full system takeover.
|