Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-209 Clear
ID Title
CVE-2026-56139 Vulnerability in apache (CVE-2026-56139)
vulnerability in apache (CVE-2026-56139). Risk of unauthorized operations or information disclosure.
CVE-2026-49365 Vulnerability in apache (CVE-2026-49365)
vulnerability in apache (CVE-2026-49365). Risk of unauthorized operations or information disclosure.
CVE-2026-53906 Path Traversal in path-traversal (CVE-2026-53906)
path traversal in path-traversal (CVE-2026-53906). Data can be tampered with by attackers.
CVE-2026-56331 Vulnerability in CVE-2026-56331 (CVE-2026-56331)
vulnerability in CVE-2026-56331 (CVE-2026-56331). Risk of unauthorized operations or information disclosure.
CVE-2025-36328 Vulnerability in ibm (CVE-2025-36328)
vulnerability in ibm (CVE-2025-36328). Risk of unauthorized operations or information disclosure.
CVE-2026-47775 Vulnerability in envoyproxy (CVE-2026-47775)
vulnerability in envoyproxy (CVE-2026-47775). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-49979 Vulnerability in appsmith (CVE-2026-49979)
vulnerability in appsmith (CVE-2026-49979). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/admin/send-test-email`. Mitigation: upgrade to `1.99` or later.
CVE-2025-59872 Vulnerability in hcltech (CVE-2025-59872)
vulnerability in hcltech (CVE-2025-59872). Risk of unauthorized operations or information disclosure.
CVE-2026-40997 Vulnerability in CVE-2026-40997 (CVE-2026-40997)
vulnerability in CVE-2026-40997 (CVE-2026-40997). Risk of unauthorized operations or information disclosure.
CVE-2026-41730 Vulnerability in vmware (CVE-2026-41730)
vulnerability in vmware (CVE-2026-41730). Risk of unauthorized operations or information disclosure.
CVE-2025-52611 Vulnerability in hcltech (CVE-2025-52611)
vulnerability in hcltech (CVE-2025-52611). Risk of unauthorized operations or information disclosure.
CVE-2025-52606 Vulnerability in hcltech (CVE-2025-52606)
vulnerability in hcltech (CVE-2025-52606). Risk of unauthorized operations or information disclosure.
CVE-2026-47248 Vulnerability in parse-server (CVE-2026-47248)
vulnerability in parse-server (CVE-2026-47248). Risk of unauthorized operations or information disclosure. Exploitable via ``IntrospectionControlPlugin``. Mitigation: upgrade to `8.6.78` or later.
CVE-2026-9794 Vulnerability in org.keycloak:keycloak-services (CVE-2026-9794)
vulnerability in org.keycloak:keycloak-services (CVE-2026-9794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.6.3` or later.
CVE-2026-42459 Vulnerability in github.com/free5gc/udm (CVE-2026-42459)
vulnerability in github.com/free5gc/udm (CVE-2026-42459). Confidential information can be exposed externally. Exploitable via ``supi``.
CVE-2024-28765 Vulnerability in ibm (CVE-2024-28765)
vulnerability in ibm (CVE-2024-28765). Risk of unauthorized operations or information disclosure.
CVE-2026-1248 Vulnerability in ibm (CVE-2026-1248)
vulnerability in ibm (CVE-2026-1248). Risk of unauthorized operations or information disclosure.
CVE-2026-9583 Information Disclosure in CVE-2026-9583 (CVE-2026-9583)
vulnerability in CVE-2026-9583 (CVE-2026-9583). Risk of unauthorized operations or information disclosure.
CVE-2026-5511 Vulnerability in tp-link (CVE-2026-5511)
vulnerability in tp-link (CVE-2026-5511). Risk of unauthorized operations or information disclosure.
CVE-2026-45728 Vulnerability in github.com/xyproto/algernon (CVE-2026-45728)
vulnerability in github.com/xyproto/algernon (CVE-2026-45728). Confidential information can be exposed externally. Exploitable via ``singleFileMode``. Mitigation: upgrade to `1.17.7` or later.
CVE-2026-7860 Vulnerability in com.vaadin:flow-plugins (CVE-2026-7860)
vulnerability in com.vaadin:flow-plugins (CVE-2026-7860). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `25.1.5` or later.
CVE-2026-41935 Vulnerability in dos (CVE-2026-41935)
vulnerability in dos (CVE-2026-41935). Risk of unauthorized operations or information disclosure.
CVE-2026-42552 Vulnerability in flightphp/core (CVE-2026-42552)
vulnerability in flightphp/core (CVE-2026-42552). Confidential information can be exposed externally. Exploitable via ``flight.debug``. Mitigation: upgrade to `3.18.1` or later.
CVE-2026-44002 Vulnerability in vm2 (CVE-2026-44002)
vulnerability in vm2 (CVE-2026-44002). Risk of unauthorized operations or information disclosure. Exploitable via ``CallSite``. Mitigation: upgrade to `3.11.0` or later.
CVE-2026-43873 Vulnerability in wwbn/avideo (CVE-2026-43873)
vulnerability in wwbn/avideo (CVE-2026-43873). Confidential information can be exposed externally. Exploitable via ``cloneSiteURL``.
CVE-2026-44226 Vulnerability in pyload-ng (CVE-2026-44226)
vulnerability in pyload-ng (CVE-2026-44226). Risk of unauthorized operations or information disclosure. Exploitable via ``filename``. Mitigation: upgrade to `0.5.0b3.dev100` or later.
CVE-2026-41644 Vulnerability in github.com/monetr/monetr (CVE-2026-41644)
vulnerability in github.com/monetr/monetr (CVE-2026-41644). Confidential information can be exposed externally. Exploitable via `POST /api/lunch_flow/link`. Mitigation: upgrade to `1.12.5` or later.
CVE-2026-29146 Vulnerability in apache (CVE-2026-29146)
vulnerability in apache (CVE-2026-29146). Confidential information can be exposed externally.
CVE-2026-34045 Vulnerability in linuxfoundation (CVE-2026-34045)
vulnerability in linuxfoundation (CVE-2026-34045). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.26.2` or later.
CVE-2025-47813 KEV [KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47813). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-2752 Vulnerability in csharp (CVE-2026-2752)
vulnerability in csharp (CVE-2026-2752). Risk of unauthorized operations or information disclosure.
CVE-2026-22778 Vulnerability in vllm (CVE-2026-22778)
vulnerability in vllm (CVE-2026-22778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
CVE-2025-1395 Vulnerability in CVE-2025-1395 (CVE-2025-1395)
vulnerability in CVE-2025-1395 (CVE-2025-1395). Confidential information can be exposed externally.
CVE-2025-11065 Vulnerability in CVE-2025-11065 (CVE-2025-11065)
vulnerability in CVE-2025-11065 (CVE-2025-11065). Confidential information can be exposed externally.
CVE-2025-52023 Vulnerability in aptsys (CVE-2025-52023)
vulnerability in aptsys (CVE-2025-52023). Risk of unauthorized operations or information disclosure.
CVE-2025-52022 Vulnerability in aptsys (CVE-2025-52022)
vulnerability in aptsys (CVE-2025-52022). Risk of unauthorized operations or information disclosure.
CVE-2024-29059 KEV [KEV] Vulnerability in Microsoft net-framework (CVE-2024-29059)
vulnerability in Microsoft net-framework (CVE-2024-29059). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-35935 Vulnerability in linux (CVE-2024-35935)
vulnerability in linux (CVE-2024-35935). Risk of unauthorized operations or information disclosure.
CVE-2023-0833 Vulnerability in squareup (CVE-2023-0833)
vulnerability in squareup (CVE-2023-0833). Confidential information can be exposed externally.
CVE-2023-37306 Vulnerability in misp-project (CVE-2023-37306)
vulnerability in misp-project (CVE-2023-37306). Confidential information can be exposed externally.
CVE-2021-29040 Vulnerability in liferay (CVE-2021-29040)
vulnerability in liferay (CVE-2021-29040). Risk of unauthorized operations or information disclosure.
CVE-2017-7551 Vulnerability in fedoraproject (CVE-2017-7551)
vulnerability in fedoraproject (CVE-2017-7551). Successful exploitation can lead to full system takeover.
CVE-2017-1370 Vulnerability in ibm (CVE-2017-1370)
vulnerability in ibm (CVE-2017-1370). Confidential information can be exposed externally.
CVE-2017-7945 Vulnerability in paloaltonetworks (CVE-2017-7945)
vulnerability in paloaltonetworks (CVE-2017-7945). Successful exploitation can lead to full system takeover.
CVE-2017-0885 Vulnerability in nextcloud (CVE-2017-0885)
vulnerability in nextcloud (CVE-2017-0885). Risk of unauthorized operations or information disclosure.
CVE-2016-9459 Vulnerability in nextcloud (CVE-2016-9459)
vulnerability in nextcloud (CVE-2016-9459). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →