Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-303 Clear
ID Title
CVE-2026-41053 Vulnerability in github.com/rancher/rancher (CVE-2026-41053)
vulnerability in github.com/rancher/rancher (CVE-2026-41053). Successful exploitation can lead to full system takeover. Exploitable via ``allowedPrincipalIds``. Mitigation: upgrade to `0.0.0-20260519172014-d0c047bbc6d2` or later.
CVE-2026-41049 Authorization Flaw in presire (CVE-2026-41049)
vulnerability in presire (CVE-2026-41049). Data can be tampered with by attackers.
CVE-2026-41048 Authorization Flaw in presire (CVE-2026-41048)
vulnerability in presire (CVE-2026-41048). Data can be tampered with by attackers.
CVE-2026-12773 A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function...
CVE-2026-50627 Vulnerability in apache (CVE-2026-50627)
vulnerability in apache (CVE-2026-50627). Successful exploitation can lead to full system takeover.
CVE-2026-46389 Authentication Bypass in defenseunicorns (CVE-2026-46389)
authentication bypass in defenseunicorns (CVE-2026-46389). Successful exploitation can lead to full system takeover. Exploitable via ``client_secret``.
CVE-2026-46595 Vulnerability in golang.org/x/crypto (CVE-2026-46595)
vulnerability in golang.org/x/crypto (CVE-2026-46595). Confidential information can be exposed externally. Mitigation: upgrade to `0.52.0` or later.
CVE-2026-8922 Vulnerability in org.keycloak:keycloak-services (CVE-2026-8922)
vulnerability in org.keycloak:keycloak-services (CVE-2026-8922). Risk of unauthorized operations or information disclosure. Exploitable via ``notBefore``.
CVE-2026-41103 Vulnerability in microsoft (CVE-2026-41103)
vulnerability in microsoft (CVE-2026-41103). Confidential information can be exposed externally.
CVE-2026-43640 Vulnerability in bitwarden (CVE-2026-43640)
vulnerability in bitwarden (CVE-2026-43640). Confidential information can be exposed externally.
CVE-2026-35579 Authentication Bypass in github.com/coredns/coredns (CVE-2026-35579)
authentication bypass in github.com/coredns/coredns (CVE-2026-35579). Successful exploitation can lead to full system takeover. Exploitable via ``tsigStatus``. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-33190 Authentication Bypass in github.com/coredns/coredns (CVE-2026-33190)
authentication bypass in github.com/coredns/coredns (CVE-2026-33190). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.
CVE-2026-33557 Vulnerability in apache (CVE-2026-33557)
vulnerability in apache (CVE-2026-33557). Confidential information can be exposed externally. Exploitable via ``sasl.oauthbearer.jwt.validator.class``.
CVE-2025-53782 Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
CVE-2024-7593 KEV [KEV] Authentication Bypass in Ivanti virtual-traffic-manager (CVE-2024-7593)
authentication bypass in Ivanti virtual-traffic-manager (CVE-2024-7593). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-29357 KEV [KEV] Vulnerability in Microsoft sharepoint-server (CVE-2023-29357)
vulnerability in Microsoft sharepoint-server (CVE-2023-29357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-9463 Vulnerability in nextcloud (CVE-2016-9463)
vulnerability in nextcloud (CVE-2016-9463). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →