Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56226 |
|
Information Disclosure in CVE-2026-56226 (CVE-2026-56226)
vulnerability in CVE-2026-56226 (CVE-2026-56226). Confidential information can be exposed externally. Exploitable via `POST /rest/v1/rpc/get_orgs_v6`.
|
| CVE-2026-56298 |
|
Information Disclosure in CVE-2026-56298 (CVE-2026-56298)
vulnerability in CVE-2026-56298 (CVE-2026-56298). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56284 |
|
Information Disclosure in CVE-2026-56284 (CVE-2026-56284)
vulnerability in CVE-2026-56284 (CVE-2026-56284). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44877 |
|
Information Disclosure in CVE-2026-44877 (CVE-2026-44877)
vulnerability in CVE-2026-44877 (CVE-2026-44877). Confidential information can be exposed externally.
|
| CVE-2026-48892 |
|
Information Disclosure in apache (CVE-2026-48892)
vulnerability in apache (CVE-2026-48892). Confidential information can be exposed externally. Exploitable via ``sensitive_config_values``.
|
| CVE-2026-49487 |
|
Information Disclosure in apache (CVE-2026-49487)
vulnerability in apache (CVE-2026-49487). Confidential information can be exposed externally.
|
| CVE-2026-48828 |
|
Information Disclosure in apache (CVE-2026-48828)
vulnerability in apache (CVE-2026-48828). Confidential information can be exposed externally. Exploitable via ``should_hide_value_for_key``.
|
| CVE-2026-48891 |
|
Information Disclosure in apache (CVE-2026-48891)
vulnerability in apache (CVE-2026-48891). Risk of unauthorized operations or information disclosure. Exploitable via ``dep.source``.
|
| CVE-2026-53647 |
|
Information Disclosure in CVE-2026-53647 (CVE-2026-53647)
vulnerability in CVE-2026-53647 (CVE-2026-53647). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53643 |
|
Information Disclosure in c (CVE-2026-53643)
vulnerability in c (CVE-2026-53643). Risk of unauthorized operations or information disclosure. Exploitable via ``can_always_access``.
|
| CVE-2026-53640 |
|
Information Disclosure in CVE-2026-53640 (CVE-2026-53640)
vulnerability in CVE-2026-53640 (CVE-2026-53640). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14898 |
|
Information Disclosure in CVE-2026-14898 (CVE-2026-14898)
vulnerability in CVE-2026-14898 (CVE-2026-14898). Confidential information can be exposed externally.
|
| CVE-2026-55993 |
|
Vulnerability in apache (CVE-2026-55993)
vulnerability in apache (CVE-2026-55993). Confidential information can be exposed externally.
|
| CVE-2026-55994 |
|
Vulnerability in apache (CVE-2026-55994)
vulnerability in apache (CVE-2026-55994). Confidential information can be exposed externally.
|
| CVE-2026-46584 |
|
Vulnerability in apache (CVE-2026-46584)
vulnerability in apache (CVE-2026-46584). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46726 |
|
Vulnerability in apache (CVE-2026-46726)
vulnerability in apache (CVE-2026-46726). Confidential information can be exposed externally.
|
| CVE-2026-56646 |
|
Information Disclosure in microsoft (CVE-2026-56646)
vulnerability in microsoft (CVE-2026-56646). Confidential information can be exposed externally.
|
| CVE-2026-14611 |
|
Information Disclosure in CVE-2026-14611 (CVE-2026-14611)
vulnerability in CVE-2026-14611 (CVE-2026-14611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58419 |
|
Notification API leaks private issue metadata after access revocation
Notification API leaks private issue metadata after access revocation
|
| CVE-2026-25038 |
|
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
|
| CVE-2026-24451 |
|
Information Disclosure in CVE-2026-24451 (CVE-2026-24451)
vulnerability in CVE-2026-24451 (CVE-2026-24451). Confidential information can be exposed externally.
|
| CVE-2026-10055 |
|
Information Disclosure in CVE-2026-10055 (CVE-2026-10055)
vulnerability in CVE-2026-10055 (CVE-2026-10055). Confidential information can be exposed externally.
|
| CVE-2026-55792 |
|
Information Disclosure in craftcms/cms (CVE-2026-55792)
vulnerability in craftcms/cms (CVE-2026-55792). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
|
| CVE-2026-53467 |
|
Information Disclosure in imagemagick (CVE-2026-53467)
vulnerability in imagemagick (CVE-2026-53467). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58033 |
|
Information Disclosure in CVE-2026-58033 (CVE-2026-58033)
vulnerability in CVE-2026-58033 (CVE-2026-58033). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58036 |
|
Information Disclosure in CVE-2026-58036 (CVE-2026-58036)
vulnerability in CVE-2026-58036 (CVE-2026-58036). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58026 |
|
Information Disclosure in CVE-2026-58026 (CVE-2026-58026)
vulnerability in CVE-2026-58026 (CVE-2026-58026). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58027 |
|
Information Disclosure in CVE-2026-58027 (CVE-2026-58027)
vulnerability in CVE-2026-58027 (CVE-2026-58027). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58024 |
|
Information Disclosure in CVE-2026-58024 (CVE-2026-58024)
vulnerability in CVE-2026-58024 (CVE-2026-58024). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12408 |
|
Information Disclosure in wordpress (CVE-2026-12408)
vulnerability in wordpress (CVE-2026-12408). Risk of unauthorized operations or information disclosure. Exploitable via ``permission_callback``.
|
| CVE-2026-56300 |
|
Information Disclosure in CVE-2026-56300 (CVE-2026-56300)
vulnerability in CVE-2026-56300 (CVE-2026-56300). Confidential information can be exposed externally.
|
| CVE-2026-56318 |
|
Information Disclosure in CVE-2026-56318 (CVE-2026-56318)
vulnerability in CVE-2026-56318 (CVE-2026-56318). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14146 |
|
Information Disclosure in google (CVE-2026-14146)
vulnerability in google (CVE-2026-14146). Confidential information can be exposed externally.
|
| CVE-2026-14098 |
|
Information Disclosure in google (CVE-2026-14098)
vulnerability in google (CVE-2026-14098). Confidential information can be exposed externally.
|
| CVE-2026-14096 |
|
Information Disclosure in google (CVE-2026-14096)
vulnerability in google (CVE-2026-14096). Confidential information can be exposed externally.
|
| CVE-2026-14049 |
|
Information Disclosure in google (CVE-2026-14049)
vulnerability in google (CVE-2026-14049). Confidential information can be exposed externally.
|
| CVE-2026-14062 |
|
Information Disclosure in google (CVE-2026-14062)
vulnerability in google (CVE-2026-14062). Confidential information can be exposed externally.
|
| CVE-2026-14004 |
|
Information Disclosure in google (CVE-2026-14004)
vulnerability in google (CVE-2026-14004). Confidential information can be exposed externally.
|
| CVE-2026-13810 |
|
Information Disclosure in google (CVE-2026-13810)
vulnerability in google (CVE-2026-13810). Confidential information can be exposed externally.
|
| CVE-2026-54673 |
|
Information Disclosure in CVE-2026-54673 (CVE-2026-54673)
vulnerability in CVE-2026-54673 (CVE-2026-54673). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9836 |
|
Information Disclosure in ibm (CVE-2026-9836)
vulnerability in ibm (CVE-2026-9836). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14161 |
|
Information Disclosure in CVE-2026-14161 (CVE-2026-14161)
vulnerability in CVE-2026-14161 (CVE-2026-14161). Confidential information can be exposed externally.
|
| CVE-2026-55180 |
|
Information Disclosure in pnpm (CVE-2026-55180)
vulnerability in pnpm (CVE-2026-55180). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `11.5.3` or later.
|
| CVE-2026-50017 |
|
Information Disclosure in pnpm (CVE-2026-50017)
vulnerability in pnpm (CVE-2026-50017). Confidential information can be exposed externally. Exploitable via ``_authToken``. Mitigation: upgrade to `11.4.0` or later.
|
| CVE-2026-49984 |
|
Path Traversal in kestra (CVE-2026-49984)
path traversal in kestra (CVE-2026-49984). Confidential information can be exposed externally. Exploitable via `GET /api/v1/{tenant}/executions/{executionId}/file`. Mitigation: upgrade to `1.0.45` or later.
|
| CVE-2026-55188 |
|
Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
|
| CVE-2026-49355 |
|
Information Disclosure in CVE-2026-49355 (CVE-2026-49355)
vulnerability in CVE-2026-49355 (CVE-2026-49355). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v3/meetings/`. Mitigation: upgrade to `17.4.0` or later.
|
| CVE-2026-47193 |
|
Information Disclosure in CVE-2026-47193 (CVE-2026-47193)
vulnerability in CVE-2026-47193 (CVE-2026-47193). Confidential information can be exposed externally. Mitigation: upgrade to `17.3.3` or later.
|
| CVE-2026-44736 |
|
Information Disclosure in CVE-2026-44736 (CVE-2026-44736)
vulnerability in CVE-2026-44736 (CVE-2026-44736). Confidential information can be exposed externally. Exploitable via `GET /api/v3/relations`. Mitigation: upgrade to `17.4.0` or later.
|
| CVE-2026-57231 |
|
Information Disclosure in podman-project (CVE-2026-57231)
vulnerability in podman-project (CVE-2026-57231). Confidential information can be exposed externally. Mitigation: upgrade to `5.8.4` or later.
|