Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-346 Clear
ID Title
CVE-2026-59883 Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP-address or bare-numeric Domain values to the exact host that set them, because SetCookie::matc...
Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP-address or bare-numeric Domain values to the exact host that set them, because SetCookie::matchesDomain() applied ordinary suffix matching to domains such as 192.168.0.1, [::1], or 1, allowing c...
CVE-2026-59153 Vulnerability in CVE-2026-59153 (CVE-2026-59153)
vulnerability in CVE-2026-59153 (CVE-2026-59153). Risk of unauthorized operations or information disclosure.
CVE-2026-58266 Vulnerability in CVE-2026-58266 (CVE-2026-58266)
vulnerability in CVE-2026-58266 (CVE-2026-58266). Confidential information can be exposed externally.
CVE-2026-34198 Vulnerability in CVE-2026-34198 (CVE-2026-34198)
vulnerability in CVE-2026-34198 (CVE-2026-34198). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2026-42341 Vulnerability in CVE-2026-42341 (CVE-2026-42341)
vulnerability in CVE-2026-42341 (CVE-2026-42341). Risk of unauthorized operations or information disclosure.
CVE-2026-55438 Vulnerability in github.com/coder/coder/v2 (CVE-2026-55438)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55438). Confidential information can be exposed externally. Mitigation: upgrade to `2.29.17` or later.
CVE-2026-59152 Path Traversal in CVE-2026-59152 (CVE-2026-59152)
path traversal in CVE-2026-59152 (CVE-2026-59152). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.8.18` or later.
CVE-2026-59096 Vulnerability in CVE-2026-59096 (CVE-2026-59096)
vulnerability in CVE-2026-59096 (CVE-2026-59096). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2026-56277 Vulnerability in flowiseai (CVE-2026-56277)
vulnerability in flowiseai (CVE-2026-56277). Risk of unauthorized operations or information disclosure.
CVE-2026-14105 Vulnerability in google (CVE-2026-14105)
vulnerability in google (CVE-2026-14105). Risk of unauthorized operations or information disclosure.
CVE-2026-14079 Vulnerability in google (CVE-2026-14079)
vulnerability in google (CVE-2026-14079). Risk of unauthorized operations or information disclosure.
CVE-2026-14057 Vulnerability in google (CVE-2026-14057)
vulnerability in google (CVE-2026-14057). Risk of unauthorized operations or information disclosure.
CVE-2026-14053 Vulnerability in google (CVE-2026-14053)
vulnerability in google (CVE-2026-14053). Risk of unauthorized operations or information disclosure.
CVE-2026-14046 Vulnerability in google (CVE-2026-14046)
vulnerability in google (CVE-2026-14046). Risk of unauthorized operations or information disclosure.
CVE-2026-14039 Vulnerability in google (CVE-2026-14039)
vulnerability in google (CVE-2026-14039). Risk of unauthorized operations or information disclosure.
CVE-2026-13913 Vulnerability in google (CVE-2026-13913)
vulnerability in google (CVE-2026-13913). Confidential information can be exposed externally.
CVE-2026-13881 Vulnerability in google (CVE-2026-13881)
vulnerability in google (CVE-2026-13881). Data can be tampered with by attackers.
CVE-2026-13887 Vulnerability in google (CVE-2026-13887)
vulnerability in google (CVE-2026-13887). Confidential information can be exposed externally.
CVE-2026-13868 Vulnerability in google (CVE-2026-13868)
vulnerability in google (CVE-2026-13868). Data can be tampered with by attackers.
CVE-2026-13840 Vulnerability in google (CVE-2026-13840)
vulnerability in google (CVE-2026-13840). Confidential information can be exposed externally.
CVE-2026-13839 Vulnerability in google (CVE-2026-13839)
vulnerability in google (CVE-2026-13839). Data can be tampered with by attackers.
CVE-2026-13838 Vulnerability in google (CVE-2026-13838)
vulnerability in google (CVE-2026-13838). Data can be tampered with by attackers.
CVE-2026-13826 Vulnerability in google (CVE-2026-13826)
vulnerability in google (CVE-2026-13826). Confidential information can be exposed externally.
CVE-2026-13822 Vulnerability in google (CVE-2026-13822)
vulnerability in google (CVE-2026-13822). Data can be tampered with by attackers.
CVE-2026-13793 Vulnerability in google (CVE-2026-13793)
vulnerability in google (CVE-2026-13793). Confidential information can be exposed externally.
CVE-2026-58169 Vulnerability in CVE-2026-58169 (CVE-2026-58169)
vulnerability in CVE-2026-58169 (CVE-2026-58169). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
CVE-2026-43700 Vulnerability in apple (CVE-2026-43700)
vulnerability in apple (CVE-2026-43700). Confidential information can be exposed externally.
CVE-2026-55487 Vulnerability in pnpm (CVE-2026-55487)
vulnerability in pnpm (CVE-2026-55487). Successful exploitation can lead to full system takeover. Exploitable via ``bf1b731ee6``. Mitigation: upgrade to `10.34.2` or later.
CVE-2026-54030 Vulnerability in librechat (CVE-2026-54030)
vulnerability in librechat (CVE-2026-54030). Confidential information can be exposed externally. Mitigation: upgrade to `0.8.5` or later.
CVE-2026-54069 Vulnerability in CVE-2026-54069 (CVE-2026-54069)
vulnerability in CVE-2026-54069 (CVE-2026-54069). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2026-13034 Vulnerability in google (CVE-2026-13034)
vulnerability in google (CVE-2026-13034). Risk of unauthorized operations or information disclosure.
CVE-2026-13021 Vulnerability in google (CVE-2026-13021)
vulnerability in google (CVE-2026-13021). Risk of unauthorized operations or information disclosure.
CVE-2026-13022 Vulnerability in google (CVE-2026-13022)
vulnerability in google (CVE-2026-13022). Confidential information can be exposed externally.
CVE-2026-46611 Vulnerability in glances (CVE-2026-46611)
vulnerability in glances (CVE-2026-46611). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `4.5.2` or later.
CVE-2026-54665 Vulnerability in apache (CVE-2026-54665)
vulnerability in apache (CVE-2026-54665). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2026-55660 Cross-Site Scripting (XSS) in tinacms (CVE-2026-55660)
cross-site scripting in tinacms (CVE-2026-55660). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-55767 Vulnerability in guzzlehttp/guzzle (CVE-2026-55767)
vulnerability in guzzlehttp/guzzle (CVE-2026-55767). Risk of unauthorized operations or information disclosure. Exploitable via ``CookieJar``. Mitigation: upgrade to `7.12.1` or later.
CVE-2026-6734 Vulnerability in undici (CVE-2026-6734)
vulnerability in undici (CVE-2026-6734). Successful exploitation can lead to full system takeover. Exploitable via ``Socks5ProxyAgent``. Mitigation: upgrade to `8.2.0` or later.
CVE-2026-54007 Vulnerability in open-webui (CVE-2026-54007)
vulnerability in open-webui (CVE-2026-54007). Data can be tampered with by attackers. Exploitable via `POST /api/v1/chats/new`. Mitigation: upgrade to `0.9.6` or later.
CVE-2026-12304 Vulnerability in mozilla (CVE-2026-12304)
vulnerability in mozilla (CVE-2026-12304). Confidential information can be exposed externally.
CVE-2026-47825 Vulnerability in CVE-2026-47825 (CVE-2026-47825)
vulnerability in CVE-2026-47825 (CVE-2026-47825). Data can be tampered with by attackers.
CVE-2026-50168 Vulnerability in @angular/platform-server (CVE-2026-50168)
vulnerability in @angular/platform-server (CVE-2026-50168). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `21.2.15` or later.
CVE-2026-9595 Vulnerability in webpack-dev-server (CVE-2026-9595)
vulnerability in webpack-dev-server (CVE-2026-9595). Risk of unauthorized operations or information disclosure. Exploitable via ``Origin``. Mitigation: upgrade to `5.2.5` or later.
CVE-2026-11624 Vulnerability in CVE-2026-11624 (CVE-2026-11624)
vulnerability in CVE-2026-11624 (CVE-2026-11624). Risk of unauthorized operations or information disclosure.
CVE-2026-45173 Vulnerability in paloaltonetworks (CVE-2026-45173)
vulnerability in paloaltonetworks (CVE-2026-45173). Data can be tampered with by attackers.
CVE-2026-12032 Vulnerability in google (CVE-2026-12032)
vulnerability in google (CVE-2026-12032). Risk of unauthorized operations or information disclosure.
CVE-2026-12024 Vulnerability in google (CVE-2026-12024)
vulnerability in google (CVE-2026-12024). Data can be tampered with by attackers.
CVE-2026-41700 Vulnerability in vmware (CVE-2026-41700)
vulnerability in vmware (CVE-2026-41700). Confidential information can be exposed externally.
CVE-2026-42558 Cross-Site Scripting (XSS) in CVE-2026-42558 (CVE-2026-42558)
cross-site scripting in CVE-2026-42558 (CVE-2026-42558). Confidential information can be exposed externally.
CVE-2026-10846 Vulnerability in CVE-2026-10846 (CVE-2026-10846)
vulnerability in CVE-2026-10846 (CVE-2026-10846). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →