Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-15063 |
|
Vulnerability in CVE-2026-15063 (CVE-2026-15063)
vulnerability in CVE-2026-15063 (CVE-2026-15063). Confidential information can be exposed externally.
|
| CVE-2026-54061 |
|
Vulnerability in CVE-2026-54061 (CVE-2026-54061)
vulnerability in CVE-2026-54061 (CVE-2026-54061). Data can be tampered with by attackers. Exploitable via ``StreamExtSnapshot``.
|
| CVE-2026-59705 |
|
Vulnerability in CVE-2026-59705 (CVE-2026-59705)
vulnerability in CVE-2026-59705 (CVE-2026-59705). Successful exploitation can lead to full system takeover.
|
| CVE-2026-51937 |
|
Vulnerability in CVE-2026-51937 (CVE-2026-51937)
vulnerability in CVE-2026-51937 (CVE-2026-51937). Confidential information can be exposed externally.
|
| CVE-2026-59706 |
|
Vulnerability in ssrf (CVE-2026-59706)
vulnerability in ssrf (CVE-2026-59706). Confidential information can be exposed externally. Exploitable via `GET /api/v1/config/`.
|
| CVE-2026-58473 |
|
Vulnerability in CVE-2026-58473 (CVE-2026-58473)
vulnerability in CVE-2026-58473 (CVE-2026-58473). Confidential information can be exposed externally.
|
| CVE-2026-49471 |
|
Vulnerability in flask (CVE-2026-49471)
vulnerability in flask (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
|
| CVE-2026-53647 |
|
Information Disclosure in CVE-2026-53647 (CVE-2026-53647)
vulnerability in CVE-2026-53647 (CVE-2026-53647). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41899 |
|
Vulnerability in CVE-2026-41899 (CVE-2026-41899)
vulnerability in CVE-2026-41899 (CVE-2026-41899). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/feedback`.
|
| CVE-2026-42341 |
|
Vulnerability in CVE-2026-42341 (CVE-2026-42341)
vulnerability in CVE-2026-42341 (CVE-2026-42341). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42331 |
|
Vulnerability in CVE-2026-42331 (CVE-2026-42331)
vulnerability in CVE-2026-42331 (CVE-2026-42331). Risk of unauthorized operations or information disclosure. Exploitable via ``gateway_id``.
|
| CVE-2026-53913 |
|
Authentication Bypass in apache (CVE-2026-53913)
authentication bypass in apache (CVE-2026-53913). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14714 |
|
Authentication Bypass in CVE-2026-14714 (CVE-2026-14714)
authentication bypass in CVE-2026-14714 (CVE-2026-14714). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14622 |
|
Authentication Bypass in CVE-2026-14622 (CVE-2026-14622)
authentication bypass in CVE-2026-14622 (CVE-2026-14622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10054 |
|
Vulnerability in CVE-2026-10054 (CVE-2026-10054)
vulnerability in CVE-2026-10054 (CVE-2026-10054). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4767 |
|
Vulnerability in CVE-2026-4767 (CVE-2026-4767)
vulnerability in CVE-2026-4767 (CVE-2026-4767). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13125 |
|
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
|
| CVE-2026-58127 |
|
Vulnerability in csharp (CVE-2026-58127)
vulnerability in csharp (CVE-2026-58127). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58126 |
|
Vulnerability in csharp (CVE-2026-58126)
vulnerability in csharp (CVE-2026-58126). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56286 |
|
Vulnerability in csrf (CVE-2026-56286)
vulnerability in csrf (CVE-2026-56286). Data can be tampered with by attackers.
|
| CVE-2026-58446 |
|
Vulnerability in nginx (CVE-2026-58446)
vulnerability in nginx (CVE-2026-58446). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58375 |
|
Vulnerability in CVE-2026-58375 (CVE-2026-58375)
vulnerability in CVE-2026-58375 (CVE-2026-58375). Confidential information can be exposed externally. Exploitable via `POST /jmreport/auto/export`.
|
| CVE-2026-44949 |
|
Vulnerability in CVE-2026-44949 (CVE-2026-44949)
vulnerability in CVE-2026-44949 (CVE-2026-44949). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14162 |
|
Vulnerability in CVE-2026-14162 (CVE-2026-14162)
vulnerability in CVE-2026-14162 (CVE-2026-14162). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12819 |
|
Vulnerability in cisa (CVE-2026-12819)
vulnerability in cisa (CVE-2026-12819). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56782 |
|
Vulnerability in CVE-2026-56782 (CVE-2026-56782)
vulnerability in CVE-2026-56782 (CVE-2026-56782). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13546 |
|
Authentication Bypass in CVE-2026-13546 (CVE-2026-13546)
authentication bypass in CVE-2026-13546 (CVE-2026-13546). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13325 |
|
Vulnerability in kubevirt (CVE-2026-13325)
vulnerability in kubevirt (CVE-2026-13325). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40702 |
|
Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
|
| CVE-2025-71327 |
|
Vulnerability in flowiseai (CVE-2025-71327)
vulnerability in flowiseai (CVE-2025-71327). Confidential information can be exposed externally.
|
| CVE-2026-43920 |
|
Vulnerability in csrf (CVE-2026-43920)
vulnerability in csrf (CVE-2026-43920). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54088 |
|
OS Command Injection in CVE-2026-54088 (CVE-2026-54088)
OS command injection in CVE-2026-54088 (CVE-2026-54088). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.63.6` or later.
|
| CVE-2026-4522 |
|
Vulnerability in CVE-2026-4522 (CVE-2026-4522)
vulnerability in CVE-2026-4522 (CVE-2026-4522). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54040 |
|
Vulnerability in librechat (CVE-2026-54040)
vulnerability in librechat (CVE-2026-54040). Data can be tampered with by attackers. Exploitable via `POST /api/auth/2fa/backup/regenerate`. Mitigation: upgrade to `0.8.4-rc1` or later.
|
| CVE-2026-54036 |
|
Vulnerability in librechat (CVE-2026-54036)
vulnerability in librechat (CVE-2026-54036). Data can be tampered with by attackers. Exploitable via `GET /api/auth/2fa/enable`. Mitigation: upgrade to `0.8.4-rc1` or later.
|
| CVE-2026-12490 |
|
Vulnerability in nlnetlabs (CVE-2026-12490)
vulnerability in nlnetlabs (CVE-2026-12490). Confidential information can be exposed externally.
|
| CVE-2026-54068 |
|
Vulnerability in CVE-2026-54068 (CVE-2026-54068)
vulnerability in CVE-2026-54068 (CVE-2026-54068). Confidential information can be exposed externally. Mitigation: upgrade to `3.7.0` or later.
|
| CVE-2026-33543 |
|
Vulnerability in CVE-2026-33543 (CVE-2026-33543)
vulnerability in CVE-2026-33543 (CVE-2026-33543). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13164 |
|
Vulnerability in CVE-2026-13164 (CVE-2026-13164)
vulnerability in CVE-2026-13164 (CVE-2026-13164). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/auth/register/`.
|
| CVE-2026-56262 |
|
Vulnerability in kidocode (CVE-2026-56262)
vulnerability in kidocode (CVE-2026-56262). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13007 |
|
Vulnerability in CVE-2026-13007 (CVE-2026-13007)
vulnerability in CVE-2026-13007 (CVE-2026-13007). Confidential information can be exposed externally.
|
| CVE-2026-1840 |
|
Vulnerability in cisa (CVE-2026-1840)
vulnerability in cisa (CVE-2026-1840). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27604 |
|
Information Disclosure in csrf (CVE-2026-27604)
vulnerability in csrf (CVE-2026-27604). Risk of unauthorized operations or information disclosure. Exploitable via ``system``.
|
| CVE-2026-10711 |
|
Vulnerability in CVE-2026-10711 (CVE-2026-10711)
vulnerability in CVE-2026-10711 (CVE-2026-10711). Successful exploitation can lead to full system takeover.
|
| CVE-2026-50136 |
|
Vulnerability in @budibase/server (CVE-2026-50136)
vulnerability in @budibase/server (CVE-2026-50136). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/attachments/`. Mitigation: upgrade to `3.39.2` or later.
|
| CVE-2026-56321 |
|
Vulnerability in CVE-2026-56321 (CVE-2026-56321)
vulnerability in CVE-2026-56321 (CVE-2026-56321). Risk of unauthorized operations or information disclosure. Exploitable via `GET /private/role_bindings/`.
|
| CVE-2026-41047 |
|
Vulnerability in presire (CVE-2026-41047)
vulnerability in presire (CVE-2026-41047). Confidential information can be exposed externally.
|
| CVE-2026-6673 |
|
Vulnerability in mattermost (CVE-2026-6673)
vulnerability in mattermost (CVE-2026-6673). Data can be tampered with by attackers.
|
| CVE-2026-56299 |
|
Vulnerability in dos (CVE-2026-56299)
vulnerability in dos (CVE-2026-56299). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12795 |
|
Authentication Bypass in litellm (CVE-2026-12795)
authentication bypass in litellm (CVE-2026-12795). Risk of unauthorized operations or information disclosure.
|