Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-180 Clear
ID Title
CVE-2026-49984 Path Traversal in kestra (CVE-2026-49984)
path traversal in kestra (CVE-2026-49984). Confidential information can be exposed externally. Exploitable via `GET /api/v1/{tenant}/executions/{executionId}/file`. Mitigation: upgrade to `1.0.45` or later.
CVE-2026-48721 Vulnerability in c (CVE-2026-48721)
vulnerability in c (CVE-2026-48721). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.2026.05.06.15.42.stable` or later.
CVE-2026-42462 Vulnerability in @fedify/fedify (CVE-2026-42462)
vulnerability in @fedify/fedify (CVE-2026-42462). Data can be tampered with by attackers. Exploitable via ``Activity``. Mitigation: upgrade to `1.9.11` or later.
CVE-2026-45022 Vulnerability in github.com/go-git/go-git/v6 (CVE-2026-45022)
vulnerability in github.com/go-git/go-git/v6 (CVE-2026-45022). Data can be tampered with by attackers. Exploitable via ``commit``. Mitigation: upgrade to `6.0.0-alpha.3` or later.
CVE-2026-39364 Vulnerability in vitejs (CVE-2026-39364)
vulnerability in vitejs (CVE-2026-39364). Confidential information can be exposed externally. Mitigation: upgrade to `7.3.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →