Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56293 |
|
Vulnerability in CVE-2026-56293 (CVE-2026-56293)
vulnerability in CVE-2026-56293 (CVE-2026-56293). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56246 |
|
Vulnerability in CVE-2026-56246 (CVE-2026-56246)
vulnerability in CVE-2026-56246 (CVE-2026-56246). Data can be tampered with by attackers. Exploitable via `DELETE /organization`.
|
| CVE-2026-15036 |
|
Vulnerability in CVE-2026-15036 (CVE-2026-15036)
vulnerability in CVE-2026-15036 (CVE-2026-15036). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34048 |
|
Vulnerability in CVE-2026-34048 (CVE-2026-34048)
vulnerability in CVE-2026-34048 (CVE-2026-34048). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55428 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55428)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55428). Confidential information can be exposed externally. Exploitable via ``Addresses``. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-55077 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55077)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55077). Successful exploitation can lead to full system takeover. Exploitable via `PUT /api/v2/users/{user}/password`. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-44362 |
|
Vulnerability in c (CVE-2026-44362)
vulnerability in c (CVE-2026-44362). Data can be tampered with by attackers. Exploitable via ``subkey_version``.
|
| CVE-2026-14793 |
|
Vulnerability in CVE-2026-14793 (CVE-2026-14793)
vulnerability in CVE-2026-14793 (CVE-2026-14793). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14794 |
|
Vulnerability in CVE-2026-14794 (CVE-2026-14794)
vulnerability in CVE-2026-14794 (CVE-2026-14794). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14778 |
|
Vulnerability in CVE-2026-14778 (CVE-2026-14778)
vulnerability in CVE-2026-14778 (CVE-2026-14778). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14753 |
|
Vulnerability in CVE-2026-14753 (CVE-2026-14753)
vulnerability in CVE-2026-14753 (CVE-2026-14753). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14716 |
|
Vulnerability in CVE-2026-14716 (CVE-2026-14716)
vulnerability in CVE-2026-14716 (CVE-2026-14716). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14690 |
|
Vulnerability in CVE-2026-14690 (CVE-2026-14690)
vulnerability in CVE-2026-14690 (CVE-2026-14690). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14693 |
|
Vulnerability in CVE-2026-14693 (CVE-2026-14693)
vulnerability in CVE-2026-14693 (CVE-2026-14693). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58284 |
|
Vulnerability in microsoft (CVE-2026-58284)
vulnerability in microsoft (CVE-2026-58284). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57983 |
|
Vulnerability in microsoft (CVE-2026-57983)
vulnerability in microsoft (CVE-2026-57983). Confidential information can be exposed externally.
|
| CVE-2026-58424 |
|
Permanent Fork PR Workflow Approval Gate Bypass
Permanent Fork PR Workflow Approval Gate Bypass
|
| CVE-2026-14608 |
|
Vulnerability in CVE-2026-14608 (CVE-2026-14608)
vulnerability in CVE-2026-14608 (CVE-2026-14608). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50279 |
|
Vulnerability in craftcms/cms (CVE-2026-50279)
vulnerability in craftcms/cms (CVE-2026-50279). Risk of unauthorized operations or information disclosure. Exploitable via ``authors``. Mitigation: upgrade to `5.9.21` or later.
|
| CVE-2026-56320 |
|
Vulnerability in CVE-2026-56320 (CVE-2026-56320)
vulnerability in CVE-2026-56320 (CVE-2026-56320). Data can be tampered with by attackers. Exploitable via `POST /private/create_device`.
|
| CVE-2026-56249 |
|
Vulnerability in CVE-2026-56249 (CVE-2026-56249)
vulnerability in CVE-2026-56249 (CVE-2026-56249). Data can be tampered with by attackers.
|
| CVE-2026-56350 |
|
Vulnerability in n8n (CVE-2026-56350)
vulnerability in n8n (CVE-2026-56350). Data can be tampered with by attackers.
|
| CVE-2026-7663 |
|
Vulnerability in langflow (CVE-2026-7663)
vulnerability in langflow (CVE-2026-7663). Confidential information can be exposed externally.
|
| CVE-2026-6556 |
|
Vulnerability in express (CVE-2026-6556)
vulnerability in express (CVE-2026-6556). Confidential information can be exposed externally.
|
| CVE-2026-49877 |
|
Vulnerability in apache (CVE-2026-49877)
vulnerability in apache (CVE-2026-49877). Confidential information can be exposed externally.
|
| CVE-2026-55956 |
|
Vulnerability in apache (CVE-2026-55956)
vulnerability in apache (CVE-2026-55956). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13591 |
|
Vulnerability in CVE-2026-13591 (CVE-2026-13591)
vulnerability in CVE-2026-13591 (CVE-2026-13591). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13549 |
|
Vulnerability in CVE-2026-13549 (CVE-2026-13549)
vulnerability in CVE-2026-13549 (CVE-2026-13549). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13534 |
|
Vulnerability in CVE-2026-13534 (CVE-2026-13534)
vulnerability in CVE-2026-13534 (CVE-2026-13534). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13524 |
|
Vulnerability in CVE-2026-13524 (CVE-2026-13524)
vulnerability in CVE-2026-13524 (CVE-2026-13524). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13512 |
|
Vulnerability in CVE-2026-13512 (CVE-2026-13512)
vulnerability in CVE-2026-13512 (CVE-2026-13512). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13511 |
|
Vulnerability in CVE-2026-13511 (CVE-2026-13511)
vulnerability in CVE-2026-13511 (CVE-2026-13511). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13514 |
|
Vulnerability in CVE-2026-13514 (CVE-2026-13514)
vulnerability in CVE-2026-13514 (CVE-2026-13514). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13508 |
|
Vulnerability in CVE-2026-13508 (CVE-2026-13508)
vulnerability in CVE-2026-13508 (CVE-2026-13508). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13490 |
|
Vulnerability in CVE-2026-13490 (CVE-2026-13490)
vulnerability in CVE-2026-13490 (CVE-2026-13490). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49278 |
|
Vulnerability in CVE-2026-49278 (CVE-2026-49278)
vulnerability in CVE-2026-49278 (CVE-2026-49278). Confidential information can be exposed externally. Mitigation: upgrade to `8.5.0` or later.
|
| CVE-2026-56310 |
|
Vulnerability in CVE-2026-56310 (CVE-2026-56310)
vulnerability in CVE-2026-56310 (CVE-2026-56310). Risk of unauthorized operations or information disclosure. Exploitable via `GET /organization/members`.
|
| CVE-2026-56231 |
|
Vulnerability in dos (CVE-2026-56231)
vulnerability in dos (CVE-2026-56231). Risk of unauthorized operations or information disclosure. Exploitable via `POST /build/start/`.
|
| CVE-2026-56311 |
|
Vulnerability in CVE-2026-56311 (CVE-2026-56311)
vulnerability in CVE-2026-56311 (CVE-2026-56311). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46700 |
|
Vulnerability in @actual-app/sync-server (CVE-2026-46700)
vulnerability in @actual-app/sync-server (CVE-2026-46700). Risk of unauthorized operations or information disclosure. Exploitable via `GET /secret/`. Mitigation: upgrade to `26.6.0` or later.
|
| CVE-2026-12799 |
|
Vulnerability in litellm (CVE-2026-12799)
vulnerability in litellm (CVE-2026-12799). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12797 |
|
Vulnerability in litellm (CVE-2026-12797)
vulnerability in litellm (CVE-2026-12797). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12771 |
|
Vulnerability in litellm (CVE-2026-12771)
vulnerability in litellm (CVE-2026-12771). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12770 |
|
Vulnerability in litellm (CVE-2026-12770)
vulnerability in litellm (CVE-2026-12770). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56295 |
|
Vulnerability in CVE-2026-56295 (CVE-2026-56295)
vulnerability in CVE-2026-56295 (CVE-2026-56295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12673 |
|
Vulnerability in privilege-escalation (CVE-2026-12673)
vulnerability in privilege-escalation (CVE-2026-12673). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49338 |
|
Vulnerability in go.senan.xyz/gonic (CVE-2026-49338)
vulnerability in go.senan.xyz/gonic (CVE-2026-49338). Data can be tampered with by attackers. Exploitable via `GET /rest/deletePlaylist.view`. Mitigation: upgrade to `0.21.0` or later.
|
| CVE-2026-50201 |
|
Privilege Escalation in Steeltoe.Management.Endpoint (CVE-2026-50201)
vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50201). Confidential information can be exposed externally. Exploitable via ``EndpointPermissions.Restricted``. Mitigation: upgrade to `4.2.0` or later.
|
| CVE-2026-20190 |
|
Vulnerability in cisco (CVE-2026-20190)
vulnerability in cisco (CVE-2026-20190). Confidential information can be exposed externally.
|
| CVE-2026-54012 |
|
Vulnerability in open-webui (CVE-2026-54012)
vulnerability in open-webui (CVE-2026-54012). Confidential information can be exposed externally. Exploitable via `GET /api/v1/files/{id}/content`. Mitigation: upgrade to `0.9.6` or later.
|