Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

KEV

Categories

All 🌐 Web Application 🧭 Browser 🖥️ Operating System 📱 Mobile 🛰️ Network Infrastructure ☁️ Cloud / Container 📝 CMS / Site Builder 🗄️ Database / Storage 🔐 Auth / Identity 🔑 Cryptography 🛠️ DevOps / CI-CD 🤖 AI / ML 🔌 IoT / Embedded 🧩 Hardware / Firmware 🏢 Enterprise SaaS 🧰 Developer Tooling ☠️ Malicious Package 📦 Other

Tag groups

All 💬 Programming Languages 22 🧱 Web Frameworks 29 📱 Mobile Platforms 6 🤖 AI/ML Frameworks 11 🖥️ Web Servers 9 🗄️ Databases 13 📝 CMS 9 ☁️ Cloud Platforms 11 📦 Container Tech 12 🖥️ Operating Systems 15 ⚔️ Attack Types 25 🧬 CWE 185 🏢 Vendors 581 📦 Products 666 🌳 Package Ecosystems 24 🛠️ DevOps Tools 17 📡 Protocols 15

Popular tags (Top 40)

Rootio Linux419 Microsoft386 C237 Java183 Jre178 Java Min178 Bitnami178 Windows177 Rootdebian11175 Rootdebian12151 Linux130 Cwe 20125 Cwe 78120 Linux Kernel106 Cwe 787105 Apple99 Cwe 41699 Cwe 2296 Rootdebian1393 Cwe 11990 Cisco89 Denial of Service85 Cwe 9484 Multiple Products79 Adobe78 Google77 Cwe 50270 Cwe 7966 Cwe 8954 Apache47 Cwe 91844 Cwe 28443 Oracle42 Cwe 28741 JavaScript41 PHP41 Cwe 7740 Chromium V838 Cwe 30638 Cwe 84337

Filtering: Tag: cwe-306 Clear

ID	Title	Severity	Tags	Detected
CVE-2026-8185	Authentication Bypass in CVE-2026-8185 (CVE-2026-8185) authentication bypass in CVE-2026-8185 (CVE-2026-8185). Risk of unauthorized operations or information disclosure.	Medium	Cwe 287 Cwe 306	8 hours ago
CVE-2026-42302	Vulnerability in openai-sdk (CVE-2026-42302) vulnerability in openai-sdk (CVE-2026-42302). Successful exploitation can lead to full system takeover. Exploitable via ``entrypoint.sh``.	Critical	Remote Code Execution Cwe 306 OpenAI SDK Ai Ml +10	20 hours ago
CVE-2026-42176	Vulnerability in CVE-2026-42176 (CVE-2026-42176) vulnerability in CVE-2026-42176 (CVE-2026-42176). Confidential information can be exposed externally.	Medium	Cwe 306	23 hours ago
CVE-2026-44338	Vulnerability in c (CVE-2026-44338) vulnerability in c (CVE-2026-44338). Risk of unauthorized operations or information disclosure.	High	C Flask Cwe 306 Cwe 668 +3	1 day ago
CVE-2026-6736	Vulnerability in CVE-2026-6736 (CVE-2026-6736) vulnerability in CVE-2026-6736 (CVE-2026-6736). Risk of unauthorized operations or information disclosure.		Authentication Bypass Cwe 306	1 day ago
CVE-2026-41940 KEV	[KEV] Vulnerability in Webpros cpanel-whm-and-wp2-wordpress-squared (CVE-2026-41940) vulnerability in Webpros cpanel-whm-and-wp2-wordpress-squared (CVE-2026-41940). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Webpros Cpanel Whm And Wp2 Wordpress Squared Cwe 306 WordPress +6	1 week ago
CVE-2026-39987 KEV	[KEV] Vulnerability in Marimo remote-attack (CVE-2026-39987) vulnerability in Marimo remote-attack (CVE-2026-39987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Marimo Cwe 306 Remote Code Execution Remote Attack +6	2 weeks ago
CVE-2026-33017 KEV	[KEV] Code Injection in langflow (CVE-2026-33017) code injection in langflow (CVE-2026-33017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Langflow Cwe 94 Cwe 95 Cwe 306 +1	1 month ago
CVE-2026-24423 KEV	[KEV] Vulnerability in Smartertools smartermail (CVE-2026-24423) vulnerability in Smartertools smartermail (CVE-2026-24423). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Smartertools Smartermail Cwe 306	3 months ago
CVE-2025-61757 KEV	[KEV] Vulnerability in Oracle fusion-middleware (CVE-2025-61757) vulnerability in Oracle fusion-middleware (CVE-2025-61757). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Oracle Fusion Middleware Cwe 306	5 months ago
CVE-2025-4008 KEV	[KEV] Vulnerability in Smartbedded meteobridge (CVE-2025-4008) vulnerability in Smartbedded meteobridge (CVE-2025-4008). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Smartbedded Meteobridge Cwe 306 Cwe 77	7 months ago
CVE-2020-24363 KEV	[KEV] Vulnerability in Tp-link tl-wa855re (CVE-2020-24363) vulnerability in Tp-link tl-wa855re (CVE-2020-24363). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Tp Link Tl Wa855Re Cwe 306	8 months ago
CVE-2025-32433 KEV	[KEV] Vulnerability in erlang (CVE-2025-32433) vulnerability in erlang (CVE-2025-32433). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Erlang Erlangotp Cwe 306	11 months ago
CVE-2025-3248 KEV	[KEV] Vulnerability in langflow (CVE-2025-3248) vulnerability in langflow (CVE-2025-3248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Langflow Cwe 306	1 year ago
CVE-2025-0108 KEV	[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0108) vulnerability in Palo alto networks palo-alto-networks (CVE-2025-0108). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Palo Alto Networks Pan Os Cwe 306	1 year ago
CVE-2022-23227 KEV	[KEV] Vulnerability in Nuuo nvrmini2-devices (CVE-2022-23227) vulnerability in Nuuo nvrmini2-devices (CVE-2022-23227). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Nuuo Nvrmini2 Devices Cwe 306	1 year ago
CVE-2023-28461 KEV	[KEV] Vulnerability in Array networks array-networks (CVE-2023-28461) vulnerability in Array networks array-networks (CVE-2023-28461). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Array Networks Agvxag Arrayos Cwe 306	1 year ago
CVE-2024-0012 KEV	[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-0012) vulnerability in Palo alto networks palo-alto-networks (CVE-2024-0012). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Palo Alto Networks Pan Os Cwe 306	1 year ago
CVE-2024-5910 KEV	[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-5910) vulnerability in Palo alto networks palo-alto-networks (CVE-2024-5910). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Palo Alto Networks Expedition Cwe 306	1 year ago
CVE-2024-47575 KEV	[KEV] Vulnerability in Fortinet fortimanager (CVE-2024-47575) vulnerability in Fortinet fortimanager (CVE-2024-47575). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Fortimanager Cwe 306	1 year ago
CVE-2023-36846 KEV	[KEV] Vulnerability in Juniper junos-os (CVE-2023-36846) vulnerability in Juniper junos-os (CVE-2023-36846). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Juniper Junos Os Cwe 306	2 years ago
CVE-2023-36847 KEV	[KEV] Vulnerability in Juniper junos-os (CVE-2023-36847) vulnerability in Juniper junos-os (CVE-2023-36847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Juniper Junos Os Cwe 306	2 years ago
CVE-2023-36851 KEV	[KEV] Vulnerability in Juniper junos-os (CVE-2023-36851) vulnerability in Juniper junos-os (CVE-2023-36851). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Juniper Junos Os Cwe 306	2 years ago
CVE-2023-27532 KEV	[KEV] Vulnerability in Veeam backup-replication (CVE-2023-27532) vulnerability in Veeam backup-replication (CVE-2023-27532). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Veeam Backup Replication Cwe 306	2 years ago
CVE-2022-24990 KEV	[KEV] Vulnerability in terramaster (CVE-2022-24990) vulnerability in terramaster (CVE-2022-24990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Terramaster Terramaster Os Cwe 306	3 years ago
CVE-2022-21587 KEV	[KEV] Vulnerability in Oracle e-business-suite (CVE-2022-21587) vulnerability in Oracle e-business-suite (CVE-2022-21587). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Oracle E Business Suite Cwe 306	3 years ago
CVE-2022-26501 KEV	[KEV] Vulnerability in Veeam backup-replication (CVE-2022-26501) vulnerability in Veeam backup-replication (CVE-2022-26501). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Veeam Backup Replication Cwe 306	3 years ago
CVE-2022-26925 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2022-26925) vulnerability in Microsoft windows (CVE-2022-26925). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Microsoft Windows Cwe 306	3 years ago
CVE-2022-1388 KEV	[KEV] Vulnerability in F5 big-ip (CVE-2022-1388) vulnerability in F5 big-ip (CVE-2022-1388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	F5 Big Ip Cwe 306	3 years ago
CVE-2022-26143 KEV	[KEV] Vulnerability in Mitel micollab (CVE-2022-26143) vulnerability in Mitel micollab (CVE-2022-26143). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Mitel Micollab Mivoice Business Express Cwe 306 +1	4 years ago
CVE-2020-13927 KEV	[KEV] Vulnerability in Apache airflows-experimental-api (CVE-2020-13927) vulnerability in Apache airflows-experimental-api (CVE-2020-13927). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Apache Airflows Experimental Api Cwe 1188 Cwe 306	4 years ago
CVE-2021-44077 KEV	[KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077) vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zoho Manageengine Servicedesk Plus Sdp Supportcenter Plus Cwe 306	4 years ago
CVE-2021-37415 KEV	[KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415) vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Zoho Manageengine Servicedesk Plus Sdp Cwe 306	4 years ago
CVE-2019-5591 KEV	[KEV] Vulnerability in Fortinet fortios (CVE-2019-5591) vulnerability in Fortinet fortios (CVE-2019-5591). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Fortinet Fortios Cwe 306	4 years ago
CVE-2020-6287 KEV	[KEV] Vulnerability in Sap netweaver (CVE-2020-6287) vulnerability in Sap netweaver (CVE-2020-6287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sap Netweaver Cwe 306	4 years ago
CVE-2020-6207 KEV	[KEV] Vulnerability in Sap solution-manager (CVE-2020-6207) vulnerability in Sap solution-manager (CVE-2020-6207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sap Solution Manager Cwe 306	4 years ago
CVE-2021-20021 KEV	[KEV] Vulnerability in sonicwall (CVE-2021-20021) vulnerability in sonicwall (CVE-2021-20021). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Sonicwall Sonicwall Email Security Cwe 306	4 years ago
CVE-2019-9082 KEV	[KEV] Vulnerability in thinkphp (CVE-2019-9082) vulnerability in thinkphp (CVE-2019-9082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Thinkphp Cwe 306 Cwe 94	4 years ago
CVE-2020-3952 KEV	[KEV] Vulnerability in Vmware vcenter-server (CVE-2020-3952) vulnerability in Vmware vcenter-server (CVE-2020-3952). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.	High	Vmware Vcenter Server Cwe 306	4 years ago

Vulnerabilities

🍪 About cookies