Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41053 |
|
Vulnerability in github.com/rancher/rancher (CVE-2026-41053)
vulnerability in github.com/rancher/rancher (CVE-2026-41053). Successful exploitation can lead to full system takeover. Exploitable via ``allowedPrincipalIds``. Mitigation: upgrade to `0.0.0-20260519172014-d0c047bbc6d2` or later.
|
| CVE-2026-41049 |
|
Authorization Flaw in presire (CVE-2026-41049)
vulnerability in presire (CVE-2026-41049). Data can be tampered with by attackers.
|
| CVE-2026-41048 |
|
Authorization Flaw in presire (CVE-2026-41048)
vulnerability in presire (CVE-2026-41048). Data can be tampered with by attackers.
|
| CVE-2026-12773 |
|
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
|
| CVE-2026-50627 |
|
Vulnerability in apache (CVE-2026-50627)
vulnerability in apache (CVE-2026-50627). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46389 |
|
Authentication Bypass in defenseunicorns (CVE-2026-46389)
authentication bypass in defenseunicorns (CVE-2026-46389). Successful exploitation can lead to full system takeover. Exploitable via ``client_secret``.
|
| CVE-2026-46595 |
|
Vulnerability in golang.org/x/crypto (CVE-2026-46595)
vulnerability in golang.org/x/crypto (CVE-2026-46595). Confidential information can be exposed externally. Mitigation: upgrade to `0.52.0` or later.
|
| CVE-2026-8922 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-8922)
vulnerability in org.keycloak:keycloak-services (CVE-2026-8922). Risk of unauthorized operations or information disclosure. Exploitable via ``notBefore``.
|
| CVE-2026-41103 |
|
Vulnerability in microsoft (CVE-2026-41103)
vulnerability in microsoft (CVE-2026-41103). Confidential information can be exposed externally.
|
| CVE-2026-43640 |
|
Vulnerability in bitwarden (CVE-2026-43640)
vulnerability in bitwarden (CVE-2026-43640). Confidential information can be exposed externally.
|
| CVE-2026-35579 |
|
Authentication Bypass in github.com/coredns/coredns (CVE-2026-35579)
authentication bypass in github.com/coredns/coredns (CVE-2026-35579). Successful exploitation can lead to full system takeover. Exploitable via ``tsigStatus``. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-33190 |
|
Authentication Bypass in github.com/coredns/coredns (CVE-2026-33190)
authentication bypass in github.com/coredns/coredns (CVE-2026-33190). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-33557 |
|
Vulnerability in apache (CVE-2026-33557)
vulnerability in apache (CVE-2026-33557). Confidential information can be exposed externally. Exploitable via ``sasl.oauthbearer.jwt.validator.class``.
|
| CVE-2025-53782 |
|
Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
|
| CVE-2024-7593 KEV |
|
[KEV] Authentication Bypass in Ivanti virtual-traffic-manager (CVE-2024-7593)
authentication bypass in Ivanti virtual-traffic-manager (CVE-2024-7593). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2023-29357 KEV |
|
[KEV] Vulnerability in Microsoft sharepoint-server (CVE-2023-29357)
vulnerability in Microsoft sharepoint-server (CVE-2023-29357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-9463 |
|
Vulnerability in nextcloud (CVE-2016-9463)
vulnerability in nextcloud (CVE-2016-9463). Successful exploitation can lead to full system takeover.
|