Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-59930 |
|
Vulnerability in CVE-2026-59930 (CVE-2026-59930)
vulnerability in CVE-2026-59930 (CVE-2026-59930). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54764 |
|
Vulnerability in traefik (CVE-2026-54764)
vulnerability in traefik (CVE-2026-54764). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54763 |
|
Vulnerability in traefik (CVE-2026-54763)
vulnerability in traefik (CVE-2026-54763). Confidential information can be exposed externally.
|
| CVE-2026-55430 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55430)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55430). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-58593 |
|
Vulnerability in nodebb (CVE-2026-58593)
vulnerability in nodebb (CVE-2026-58593). Data can be tampered with by attackers.
|
| CVE-2026-13513 |
|
Vulnerability in CVE-2026-13513 (CVE-2026-13513)
vulnerability in CVE-2026-13513 (CVE-2026-13513). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13507 |
|
Vulnerability in CVE-2026-13507 (CVE-2026-13507)
vulnerability in CVE-2026-13507 (CVE-2026-13507). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13483 |
|
Vulnerability in CVE-2026-13483 (CVE-2026-13483)
vulnerability in CVE-2026-13483 (CVE-2026-13483). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9242 |
|
Vulnerability in wordpress (CVE-2026-9242)
vulnerability in wordpress (CVE-2026-9242). Risk of unauthorized operations or information disclosure. Exploitable via ``callback``.
|
| CVE-2026-55698 |
|
Vulnerability in pnpm (CVE-2026-55698)
vulnerability in pnpm (CVE-2026-55698). Successful exploitation can lead to full system takeover. Exploitable via ``a93449314f398cf4bdf2e28d033c02d37395ad22``. Mitigation: upgrade to `11.5.3` or later.
|
| CVE-2026-50573 |
|
Vulnerability in pnpm (CVE-2026-50573)
vulnerability in pnpm (CVE-2026-50573). Confidential information can be exposed externally. Exploitable via ``integrity``. Mitigation: upgrade to `11.4.0` or later.
|
| CVE-2026-52812 |
|
Vulnerability in gogs.io/gogs (CVE-2026-52812)
vulnerability in gogs.io/gogs (CVE-2026-52812). Risk of unauthorized operations or information disclosure. Exploitable via ``lfs_object``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-56073 |
|
Vulnerability in CVE-2026-56073 (CVE-2026-56073)
vulnerability in CVE-2026-56073 (CVE-2026-56073). Confidential information can be exposed externally.
|
| CVE-2026-54783 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54783)
vulnerability in CoreWCF.Primitives (CVE-2026-54783). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54781 |
|
Authentication Bypass in CoreWCF.Primitives (CVE-2026-54781)
authentication bypass in CoreWCF.Primitives (CVE-2026-54781). Confidential information can be exposed externally. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-54774 |
|
Vulnerability in CoreWCF.Primitives (CVE-2026-54774)
vulnerability in CoreWCF.Primitives (CVE-2026-54774). Confidential information can be exposed externally. Exploitable via ``BinarySecretSecurityToken``. Mitigation: upgrade to `1.9.1` or later.
|
| CVE-2026-44087 |
|
Vulnerability in apache (CVE-2026-44087)
vulnerability in apache (CVE-2026-44087). Confidential information can be exposed externally.
|
| CVE-2026-50195 |
|
Vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195)
vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195). Successful exploitation can lead to full system takeover. Exploitable via ``IfNotPresent``. Mitigation: upgrade to `2.3.2` or later.
|
| CVE-2026-48783 |
|
Vulnerability in CVE-2026-48783 (CVE-2026-48783)
vulnerability in CVE-2026-48783 (CVE-2026-48783). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48781 |
|
Vulnerability in CVE-2026-48781 (CVE-2026-48781)
vulnerability in CVE-2026-48781 (CVE-2026-48781). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53862 |
|
Privilege Escalation in openclaw (CVE-2026-53862)
vulnerability in openclaw (CVE-2026-53862). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.5.12` or later.
|
| CVE-2026-54288 |
|
Vulnerability in hono (CVE-2026-54288)
vulnerability in hono (CVE-2026-54288). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.12.25` or later.
|
| CVE-2026-53899 |
|
Vulnerability in mozilla (CVE-2026-53899)
vulnerability in mozilla (CVE-2026-53899). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53900 |
|
Vulnerability in mozilla (CVE-2026-53900)
vulnerability in mozilla (CVE-2026-53900). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47777 |
|
Vulnerability in CVE-2026-47777 (CVE-2026-47777)
vulnerability in CVE-2026-47777 (CVE-2026-47777). Data can be tampered with by attackers.
|
| CVE-2026-54266 |
|
Vulnerability in @angular/common (CVE-2026-54266)
vulnerability in @angular/common (CVE-2026-54266). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpTransferCache``.
|
| CVE-2026-53406 |
|
Vulnerability in zoom (CVE-2026-53406)
vulnerability in zoom (CVE-2026-53406). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47155 |
|
Vulnerability in vllm (CVE-2026-47155)
vulnerability in vllm (CVE-2026-47155). Data can be tampered with by attackers. Exploitable via ``main``. Mitigation: upgrade to `0.22.0` or later.
|
| CVE-2026-48096 |
|
Vulnerability in github.com/openfga/openfga (CVE-2026-48096)
vulnerability in github.com/openfga/openfga (CVE-2026-48096). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-47691 |
|
Vulnerability in io.netty:netty-resolver-dns (CVE-2026-47691)
vulnerability in io.netty:netty-resolver-dns (CVE-2026-47691). Confidential information can be exposed externally. Exploitable via ``DnsResolveContext``. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-45674 |
|
Vulnerability in io.netty:netty-resolver-dns (CVE-2026-45674)
vulnerability in io.netty:netty-resolver-dns (CVE-2026-45674). Confidential information can be exposed externally. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-7792 |
|
Vulnerability in wordpress (CVE-2026-7792)
vulnerability in wordpress (CVE-2026-7792). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8608 |
|
Vulnerability in wordpress (CVE-2026-8608)
vulnerability in wordpress (CVE-2026-8608). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50214 |
|
Vulnerability in acer (CVE-2026-50214)
vulnerability in acer (CVE-2026-50214). Successful exploitation can lead to full system takeover.
|
| CVE-2022-4992 |
|
Vulnerability in CVE-2022-4992 (CVE-2022-4992)
vulnerability in CVE-2022-4992 (CVE-2022-4992). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41577 |
|
Vulnerability in authentik (CVE-2026-41577)
vulnerability in authentik (CVE-2026-41577). Data can be tampered with by attackers. Mitigation: upgrade to `2025.12.5, 2026.2.3` or later.
|
| CVE-2026-47123 |
|
Vulnerability in laravel (CVE-2026-47123)
vulnerability in laravel (CVE-2026-47123). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.220` or later.
|
| CVE-2026-47696 |
|
Vulnerability in WWBN/AVideo (CVE-2026-47696)
vulnerability in WWBN/AVideo (CVE-2026-47696). Risk of unauthorized operations or information disclosure. Exploitable via ``amount``.
|
| CVE-2026-9189 |
|
Vulnerability in wordpress (CVE-2026-9189)
vulnerability in wordpress (CVE-2026-9189). Risk of unauthorized operations or information disclosure. Exploitable via ``mc_gross``.
|
| CVE-2026-46538 |
|
Vulnerability in CVE-2026-46538 (CVE-2026-46538)
vulnerability in CVE-2026-46538 (CVE-2026-46538). Data can be tampered with by attackers.
|
| CVE-2026-3012 |
|
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
|
| CVE-2026-47202 |
|
Authentication Bypass in CVE-2026-47202 (CVE-2026-47202)
authentication bypass in CVE-2026-47202 (CVE-2026-47202). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.9.0.2` or later.
|
| CVE-2026-41164 |
|
Vulnerability in github.com/nuts-foundation/nuts-node (CVE-2026-41164)
vulnerability in github.com/nuts-foundation/nuts-node (CVE-2026-41164). Risk of unauthorized operations or information disclosure. Exploitable via ``iss``.
|
| CVE-2026-46654 |
|
Vulnerability in p3-challenger (CVE-2026-46654)
vulnerability in p3-challenger (CVE-2026-46654). Risk of unauthorized operations or information disclosure. Exploitable via ``transcript_malleability``. Mitigation: upgrade to `0.5.3` or later.
|
| CVE-2026-46539 |
|
Vulnerability in nimiq-primitives (CVE-2026-46539)
vulnerability in nimiq-primitives (CVE-2026-46539). Data can be tampered with by attackers. Exploitable via ``get_interlink_hops``.
|
| CVE-2026-45792 |
|
Vulnerability in rtk (CVE-2026-45792)
vulnerability in rtk (CVE-2026-45792). Data can be tampered with by attackers. Exploitable via ``strip_lines_matching``. Mitigation: upgrade to `0.32.0` or later.
|
| CVE-2026-25602 |
|
Vulnerability in CVE-2026-25602 (CVE-2026-25602)
vulnerability in CVE-2026-25602 (CVE-2026-25602). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33233 |
|
Code Injection in deserialization (CVE-2026-33233)
code injection in deserialization (CVE-2026-33233). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32323 |
|
Privilege Escalation in privilege-escalation (CVE-2026-32323)
vulnerability in privilege-escalation (CVE-2026-32323). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45058 |
|
Vulnerability in electerm (CVE-2026-45058)
vulnerability in electerm (CVE-2026-45058). Risk of unauthorized operations or information disclosure.
|