Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-290 Clear
ID Title
CVE-2026-56360 Vulnerability in CVE-2026-56360 (CVE-2026-56360)
vulnerability in CVE-2026-56360 (CVE-2026-56360). Risk of unauthorized operations or information disclosure.
CVE-2026-54763 Vulnerability in traefik (CVE-2026-54763)
vulnerability in traefik (CVE-2026-54763). Confidential information can be exposed externally.
CVE-2026-24013 Vulnerability in apache (CVE-2026-24013)
vulnerability in apache (CVE-2026-24013). Confidential information can be exposed externally.
CVE-2026-45489 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2026-14381 Vulnerability in google (CVE-2026-14381)
vulnerability in google (CVE-2026-14381). Data can be tampered with by attackers.
CVE-2026-58593 Vulnerability in nodebb (CVE-2026-58593)
vulnerability in nodebb (CVE-2026-58593). Data can be tampered with by attackers.
CVE-2026-24270 Vulnerability in dos (CVE-2026-24270)
vulnerability in dos (CVE-2026-24270). Successful exploitation can lead to full system takeover.
CVE-2026-14118 Vulnerability in google (CVE-2026-14118)
vulnerability in google (CVE-2026-14118). Data can be tampered with by attackers.
CVE-2026-13984 Vulnerability in google (CVE-2026-13984)
vulnerability in google (CVE-2026-13984). Risk of unauthorized operations or information disclosure.
CVE-2026-13985 Vulnerability in google (CVE-2026-13985)
vulnerability in google (CVE-2026-13985). Data can be tampered with by attackers.
CVE-2026-13207 Vulnerability in CVE-2026-13207 (CVE-2026-13207)
vulnerability in CVE-2026-13207 (CVE-2026-13207). Confidential information can be exposed externally.
CVE-2026-58370 Vulnerability in CVE-2026-58370 (CVE-2026-58370)
vulnerability in CVE-2026-58370 (CVE-2026-58370). Successful exploitation can lead to full system takeover.
CVE-2026-7656 Vulnerability in c (CVE-2026-7656)
vulnerability in c (CVE-2026-7656). Data can be tampered with by attackers.
CVE-2026-54089 Authentication Bypass in CVE-2026-54089 (CVE-2026-54089)
authentication bypass in CVE-2026-54089 (CVE-2026-54089). Confidential information can be exposed externally.
CVE-2026-52690 Vulnerability in CVE-2026-52690 (CVE-2026-52690)
vulnerability in CVE-2026-52690 (CVE-2026-52690). Risk of unauthorized operations or information disclosure.
CVE-2026-25119 Vulnerability in gogs.io/gogs (CVE-2026-25119)
vulnerability in gogs.io/gogs (CVE-2026-25119). Risk of unauthorized operations or information disclosure. Exploitable via ``ENABLE_REVERSE_PROXY_AUTHENTICATION``. Mitigation: upgrade to `0.14.3` or later.
CVE-2026-49231 Vulnerability in apache (CVE-2026-49231)
vulnerability in apache (CVE-2026-49231). Risk of unauthorized operations or information disclosure.
CVE-2026-39999 Vulnerability in apache (CVE-2026-39999)
vulnerability in apache (CVE-2026-39999). Confidential information can be exposed externally.
CVE-2026-56020 Vulnerability in CVE-2026-56020 (CVE-2026-56020)
vulnerability in CVE-2026-56020 (CVE-2026-56020). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.641` or later.
CVE-2026-50141 Vulnerability in CVE-2026-50141 (CVE-2026-50141)
vulnerability in CVE-2026-50141 (CVE-2026-50141). Risk of unauthorized operations or information disclosure. Exploitable via ``agent_id``.
CVE-2026-55202 Vulnerability in CVE-2026-55202 (CVE-2026-55202)
vulnerability in CVE-2026-55202 (CVE-2026-55202). Confidential information can be exposed externally. Exploitable via `Host header`.
CVE-2026-49468 Vulnerability in litellm (CVE-2026-49468)
vulnerability in litellm (CVE-2026-49468). Successful exploitation can lead to full system takeover. Exploitable via ``request.url.path``. Mitigation: upgrade to `1.84.0` or later.
CVE-2026-52845 Authentication Bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845)
authentication bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845). Confidential information can be exposed externally. Exploitable via `GET /index.php`. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-53857 OpenClaw: Zalo allowFrom could bind to mutable display names
OpenClaw: Zalo allowFrom could bind to mutable display names
CVE-2026-53849 OpenClaw: Discord allowFrom could bind to mutable display names
OpenClaw: Discord allowFrom could bind to mutable display names
CVE-2026-54308 Vulnerability in n8n (CVE-2026-54308)
vulnerability in n8n (CVE-2026-54308). Risk of unauthorized operations or information disclosure. Exploitable via ``MicrosoftAgent365Trigger``. Mitigation: upgrade to `2.25.7` or later.
CVE-2026-42662 Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
CVE-2026-27089 Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions.
Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions.
CVE-2026-36537 Vulnerability in CVE-2026-36537 (CVE-2026-36537)
vulnerability in CVE-2026-36537 (CVE-2026-36537). Successful exploitation can lead to full system takeover.
CVE-2026-49757 Vulnerability in ash_authentication (CVE-2026-49757)
vulnerability in ash_authentication (CVE-2026-49757). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.14.0, 5.0.0-rc.10` or later.
CVE-2026-34025 Vulnerability in CVE-2026-34025 (CVE-2026-34025)
vulnerability in CVE-2026-34025 (CVE-2026-34025). Risk of unauthorized operations or information disclosure.
CVE-2026-53833 Vulnerability in openclaw (CVE-2026-53833)
vulnerability in openclaw (CVE-2026-53833). Confidential information can be exposed externally.
CVE-2026-53832 Vulnerability in CVE-2026-53832 (CVE-2026-53832)
vulnerability in CVE-2026-53832 (CVE-2026-53832). Confidential information can be exposed externally.
CVE-2026-53823 Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
CVE-2026-5792 Vulnerability in CVE-2026-5792 (CVE-2026-5792)
vulnerability in CVE-2026-5792 (CVE-2026-5792). Risk of unauthorized operations or information disclosure.
CVE-2026-53817 Vulnerability in openclaw (CVE-2026-53817)
vulnerability in openclaw (CVE-2026-53817). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.22` or later.
CVE-2026-53811 Vulnerability in openclaw (CVE-2026-53811)
vulnerability in openclaw (CVE-2026-53811). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.7` or later.
CVE-2026-6090 Vulnerability in CVE-2026-6090 (CVE-2026-6090)
vulnerability in CVE-2026-6090 (CVE-2026-6090). Successful exploitation can lead to full system takeover.
CVE-2026-47381 Vulnerability in nocodb (CVE-2026-47381)
vulnerability in nocodb (CVE-2026-47381). Risk of unauthorized operations or information disclosure. Exploitable via ``testConnection``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-48567 Vulnerability in microsoft (CVE-2026-48567)
vulnerability in microsoft (CVE-2026-48567). Data can be tampered with by attackers.
CVE-2026-11019 Vulnerability in google (CVE-2026-11019)
vulnerability in google (CVE-2026-11019). Data can be tampered with by attackers.
CVE-2026-11001 Vulnerability in google (CVE-2026-11001)
vulnerability in google (CVE-2026-11001). Data can be tampered with by attackers.
CVE-2026-8644 IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
CVE-2026-42674 Vulnerability in CVE-2026-42674 (CVE-2026-42674)
vulnerability in CVE-2026-42674 (CVE-2026-42674). Data can be tampered with by attackers.
CVE-2026-47123 Vulnerability in laravel (CVE-2026-47123)
vulnerability in laravel (CVE-2026-47123). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.220` or later.
CVE-2026-46414 Vulnerability in CVE-2026-46414 (CVE-2026-46414)
vulnerability in CVE-2026-46414 (CVE-2026-46414). Successful exploitation can lead to full system takeover.
CVE-2026-8676 Vulnerability in CVE-2026-8676 (CVE-2026-8676)
vulnerability in CVE-2026-8676 (CVE-2026-8676). Successful exploitation can lead to full system takeover.
CVE-2018-25361 Vulnerability in CVE-2018-25361 (CVE-2018-25361)
vulnerability in CVE-2018-25361 (CVE-2018-25361). Confidential information can be exposed externally.
CVE-2026-39309 Vulnerability in CVE-2026-39309 (CVE-2026-39309)
vulnerability in CVE-2026-39309 (CVE-2026-39309). Confidential information can be exposed externally.
CVE-2026-8960 Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →