Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-59879 |
|
Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, List#set, List#setSize, List#setIn, List#updateIn, and the functional set, setIn, and updateIn mishandle an i...
Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, List#set, List#setSize, List#setIn, List#updateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 ** 30 to 2 ** 31 in setListBounds in src/List.js, causing an empty List...
|
| CVE-2026-53482 |
|
Vulnerability in dos (CVE-2026-53482)
vulnerability in dos (CVE-2026-53482). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58470 |
|
Vulnerability in c (CVE-2026-58470)
vulnerability in c (CVE-2026-58470). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58472 |
|
Vulnerability in c (CVE-2026-58472)
vulnerability in c (CVE-2026-58472). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58384 |
|
Vulnerability in dos (CVE-2026-58384)
vulnerability in dos (CVE-2026-58384). Successful exploitation can lead to full system takeover.
|
| CVE-2026-59089 |
|
Vulnerability in dos (CVE-2026-59089)
vulnerability in dos (CVE-2026-59089). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53763 |
|
Vulnerability in trustedfirmware (CVE-2026-53763)
vulnerability in trustedfirmware (CVE-2026-53763). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14787 |
|
Vulnerability in CVE-2026-14787 (CVE-2026-14787)
vulnerability in CVE-2026-14787 (CVE-2026-14787). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14786 |
|
Vulnerability in c (CVE-2026-14786)
vulnerability in c (CVE-2026-14786). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14761 |
|
Vulnerability in c (CVE-2026-14761)
vulnerability in c (CVE-2026-14761). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14757 |
|
Vulnerability in radare (CVE-2026-14757)
vulnerability in radare (CVE-2026-14757). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14758 |
|
Vulnerability in c (CVE-2026-14758)
vulnerability in c (CVE-2026-14758). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57974 |
|
Vulnerability in microsoft (CVE-2026-57974)
vulnerability in microsoft (CVE-2026-57974). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46463 |
|
Vulnerability in dos (CVE-2026-46463)
vulnerability in dos (CVE-2026-46463). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14544 |
|
Vulnerability in CVE-2026-14544 (CVE-2026-14544)
vulnerability in CVE-2026-14544 (CVE-2026-14544). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14430 |
|
Vulnerability in google (CVE-2026-14430)
vulnerability in google (CVE-2026-14430). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14391 |
|
Vulnerability in google (CVE-2026-14391)
vulnerability in google (CVE-2026-14391). Confidential information can be exposed externally.
|
| CVE-2026-53466 |
|
Vulnerability in imagemagick (CVE-2026-53466)
vulnerability in imagemagick (CVE-2026-53466). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6682 |
|
Vulnerability in c (CVE-2026-6682)
vulnerability in c (CVE-2026-6682). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7838 |
|
Vulnerability in cpp (CVE-2026-7838)
vulnerability in cpp (CVE-2026-7838). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7828 |
|
Vulnerability in c (CVE-2026-7828)
vulnerability in c (CVE-2026-7828). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56363 |
|
Vulnerability in dos (CVE-2026-56363)
vulnerability in dos (CVE-2026-56363). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13974 |
|
Vulnerability in google (CVE-2026-13974)
vulnerability in google (CVE-2026-13974). Data can be tampered with by attackers.
|
| CVE-2026-53432 |
|
Vulnerability in junegunn (CVE-2026-53432)
vulnerability in junegunn (CVE-2026-53432). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57965 |
|
Vulnerability in dos (CVE-2026-57965)
vulnerability in dos (CVE-2026-57965). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58050 |
|
libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey...
libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey...
|
| CVE-2026-49416 |
|
Vulnerability in freebsd (CVE-2026-49416)
vulnerability in freebsd (CVE-2026-49416). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45258 |
|
Out-of-Bounds Read in dos (CVE-2026-45258)
vulnerability in dos (CVE-2026-45258). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48933 |
|
Vulnerability in nodejs (CVE-2026-48933)
vulnerability in nodejs (CVE-2026-48933). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6679 |
|
Vulnerability in wolfssl (CVE-2026-6679)
vulnerability in wolfssl (CVE-2026-6679). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54679 |
|
Vulnerability in jqlang (CVE-2026-54679)
vulnerability in jqlang (CVE-2026-54679). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.2` or later.
|
| CVE-2026-57235 |
|
Out-of-Bounds Read in nokogiri (CVE-2026-57235)
vulnerability in nokogiri (CVE-2026-57235). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
|
| CVE-2026-54226 |
|
Vulnerability in apache (CVE-2026-54226)
vulnerability in apache (CVE-2026-54226). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12244 |
|
Vulnerability in nlnetlabs (CVE-2026-12244)
vulnerability in nlnetlabs (CVE-2026-12244). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53059 |
|
Vulnerability in CVE-2026-53059 (CVE-2026-53059)
vulnerability in CVE-2026-53059 (CVE-2026-53059). Confidential information can be exposed externally.
|
| CVE-2026-52972 |
|
Vulnerability in CVE-2026-52972 (CVE-2026-52972)
vulnerability in CVE-2026-52972 (CVE-2026-52972). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52969 |
|
Vulnerability in CVE-2026-52969 (CVE-2026-52969)
vulnerability in CVE-2026-52969 (CVE-2026-52969). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48502 |
|
Out-of-Bounds Read in MessagePack (CVE-2026-48502)
vulnerability in MessagePack (CVE-2026-48502). Risk of unauthorized operations or information disclosure. Exploitable via ``tokenSize``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-56410 |
|
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId.
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId.
|
| CVE-2026-56411 |
|
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations.
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations.
|
| CVE-2026-56408 |
|
libexpat before 2.8.2 has an integer overflow in copyString.
libexpat before 2.8.2 has an integer overflow in copyString.
|
| CVE-2026-56409 |
|
Vulnerability in libexpat-project (CVE-2026-56409)
vulnerability in libexpat-project (CVE-2026-56409). Confidential information can be exposed externally.
|
| CVE-2026-56407 |
|
Vulnerability in libexpat-project (CVE-2026-56407)
vulnerability in libexpat-project (CVE-2026-56407). Confidential information can be exposed externally.
|
| CVE-2026-56405 |
|
libexpat before 2.8.2 has an integer overflow in getAttributeId.
libexpat before 2.8.2 has an integer overflow in getAttributeId.
|
| CVE-2026-56406 |
|
Vulnerability in libexpat-project (CVE-2026-56406)
vulnerability in libexpat-project (CVE-2026-56406). Confidential information can be exposed externally.
|
| CVE-2026-56404 |
|
libexpat before 2.8.2 has an integer overflow in addBinding.
libexpat before 2.8.2 has an integer overflow in addBinding.
|
| CVE-2026-56403 |
|
libexpat before 2.8.2 has an integer overflow in storeAtts.
libexpat before 2.8.2 has an integer overflow in storeAtts.
|
| CVE-2026-49346 |
|
Vulnerability in struktur (CVE-2026-49346)
vulnerability in struktur (CVE-2026-49346). Risk of unauthorized operations or information disclosure. Exploitable via ``size_t``.
|
| CVE-2026-54903 |
|
Vulnerability in oj (CVE-2026-54903)
vulnerability in oj (CVE-2026-54903). Risk of unauthorized operations or information disclosure. Exploitable via ``Oj.load``. Mitigation: upgrade to `3.17.3` or later.
|
| CVE-2026-54900 |
|
Vulnerability in oj (CVE-2026-54900)
vulnerability in oj (CVE-2026-54900). Risk of unauthorized operations or information disclosure. Exploitable via ``create_id``. Mitigation: upgrade to `3.17.3` or later.
|