Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-11348 |
|
Vulnerability in CVE-2026-11348 (CVE-2026-11348)
vulnerability in CVE-2026-11348 (CVE-2026-11348). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58426 |
|
Vulnerability in CVE-2026-58426 (CVE-2026-58426)
vulnerability in CVE-2026-58426 (CVE-2026-58426). Confidential information can be exposed externally.
|
| CVE-2026-13722 |
|
Vulnerability in CVE-2026-13722 (CVE-2026-13722)
vulnerability in CVE-2026-13722 (CVE-2026-13722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50721 |
|
Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify...
Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify...
|
| CVE-2026-50722 |
|
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly...
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly...
|
| CVE-2026-13743 |
|
Vulnerability in cisa (CVE-2026-13743)
vulnerability in cisa (CVE-2026-13743). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-0824 |
|
Vulnerability in CVE-2025-0824 (CVE-2025-0824)
vulnerability in CVE-2025-0824 (CVE-2025-0824). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-23581 |
|
Vulnerability in hcltech (CVE-2024-23581)
vulnerability in hcltech (CVE-2024-23581). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7511 |
|
Vulnerability in wolfssl (CVE-2026-7511)
vulnerability in wolfssl (CVE-2026-7511). Data can be tampered with by attackers.
|
| CVE-2026-6329 |
|
Vulnerability in wolfssl (CVE-2026-6329)
vulnerability in wolfssl (CVE-2026-6329). Data can be tampered with by attackers.
|
| CVE-2026-6331 |
|
Vulnerability in wolfssl (CVE-2026-6331)
vulnerability in wolfssl (CVE-2026-6331). Data can be tampered with by attackers.
|
| CVE-2026-11800 |
|
Vulnerability in privilege-escalation (CVE-2026-11800)
vulnerability in privilege-escalation (CVE-2026-11800). Confidential information can be exposed externally.
|
| CVE-2026-40941 |
|
Vulnerability in cacti (CVE-2026-40941)
vulnerability in cacti (CVE-2026-40941). Data can be tampered with by attackers.
|
| CVE-2026-55961 |
|
Vulnerability in wolfssl (CVE-2026-55961)
vulnerability in wolfssl (CVE-2026-55961). Data can be tampered with by attackers.
|
| CVE-2026-9779 |
|
Vulnerability in aten (CVE-2026-9779)
vulnerability in aten (CVE-2026-9779). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46423 |
|
Vulnerability in CVE-2026-46423 (CVE-2026-46423)
vulnerability in CVE-2026-46423 (CVE-2026-46423). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.5.0` or later.
|
| CVE-2026-46349 |
|
Vulnerability in CVE-2026-46349 (CVE-2026-46349)
vulnerability in CVE-2026-46349 (CVE-2026-46349). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.5.10` or later.
|
| CVE-2026-49454 |
|
Authentication Bypass in relyra (CVE-2026-49454)
authentication bypass in relyra (CVE-2026-49454). Confidential information can be exposed externally. Exploitable via ``SignatureValue``. Mitigation: upgrade to `1.2.0` or later.
|
| CVE-2026-42743 |
|
Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions.
Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions.
|
| CVE-2026-48558 KEV |
|
[KEV] Vulnerability in Simplehelp simple-help (CVE-2026-48558)
vulnerability in Simplehelp simple-help (CVE-2026-48558). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-50010 |
|
Vulnerability in io.netty:netty-handler (CVE-2026-50010)
vulnerability in io.netty:netty-handler (CVE-2026-50010). Confidential information can be exposed externally. Mitigation: upgrade to `4.1.135.Final` or later.
|
| CVE-2026-50634 |
|
Vulnerability in apache (CVE-2026-50634)
vulnerability in apache (CVE-2026-50634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41005 |
|
Vulnerability in CVE-2026-41005 (CVE-2026-41005)
vulnerability in CVE-2026-41005 (CVE-2026-41005). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10795 |
|
Vulnerability in wordpress (CVE-2026-10795)
vulnerability in wordpress (CVE-2026-10795). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52754 |
|
Vulnerability in nsa (CVE-2026-52754)
vulnerability in nsa (CVE-2026-52754). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41694 |
|
Vulnerability in vmware (CVE-2026-41694)
vulnerability in vmware (CVE-2026-41694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36721 |
|
Vulnerability in CVE-2026-36721 (CVE-2026-36721)
vulnerability in CVE-2026-36721 (CVE-2026-36721). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44748 |
|
Vulnerability in CVE-2026-44748 (CVE-2026-44748)
vulnerability in CVE-2026-44748 (CVE-2026-44748). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45614 |
|
Vulnerability in linaro (CVE-2026-45614)
vulnerability in linaro (CVE-2026-45614). Confidential information can be exposed externally.
|
| CVE-2026-6873 |
|
Vulnerability in django (CVE-2026-6873)
vulnerability in django (CVE-2026-6873). Risk of unauthorized operations or information disclosure. Exploitable via ``django.http.HttpRequest.get_signed_cookie``. Mitigation: upgrade to `5.2.15, 6.0.6` or later.
|
| CVE-2026-47201 |
|
Vulnerability in goauthentik.io (CVE-2026-47201)
vulnerability in goauthentik.io (CVE-2026-47201). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.0.0-20260528144335-a370d76d23c7` or later.
|
| CVE-2026-48523 |
|
Vulnerability in pyjwt (CVE-2026-48523)
vulnerability in pyjwt (CVE-2026-48523). Risk of unauthorized operations or information disclosure. Exploitable via ``PyJWK``. Mitigation: upgrade to `2.12.1` or later.
|
| CVE-2026-48526 |
|
Authentication Bypass in pyjwt (CVE-2026-48526)
authentication bypass in pyjwt (CVE-2026-48526). Confidential information can be exposed externally. Mitigation: upgrade to `2.13.0` or later.
|
| CVE-2026-9793 |
|
Vulnerability in org.keycloak:keycloak-services (CVE-2026-9793)
vulnerability in org.keycloak:keycloak-services (CVE-2026-9793). Data can be tampered with by attackers.
|
| CVE-2025-67903 |
|
Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass.
Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass.
|
| CVE-2025-41669 |
|
Vulnerability in CVE-2025-41669 (CVE-2025-41669)
vulnerability in CVE-2025-41669 (CVE-2025-41669). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42462 |
|
Vulnerability in @fedify/fedify (CVE-2026-42462)
vulnerability in @fedify/fedify (CVE-2026-42462). Data can be tampered with by attackers. Exploitable via ``Activity``. Mitigation: upgrade to `1.9.11` or later.
|
| CVE-2026-39829 |
|
Vulnerability in golang.org/x/crypto (CVE-2026-39829)
vulnerability in golang.org/x/crypto (CVE-2026-39829). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.52.0` or later.
|
| CVE-2026-46354 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-46354)
vulnerability in github.com/coder/coder/v2 (CVE-2026-46354). Confidential information can be exposed externally. Exploitable via `POST /api/v2/workspaceagents/azure-instance-identity`. Mitigation: upgrade to `2.24.5` or later.
|
| CVE-2026-45575 |
|
Vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-45575)
vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-45575). Confidential information can be exposed externally. Mitigation: upgrade to `1.2.2` or later.
|
| CVE-2026-44699 |
|
Vulnerability in c (CVE-2026-44699)
vulnerability in c (CVE-2026-44699). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.3` or later.
|
| CVE-2024-36334 |
|
Vulnerability in CVE-2024-36334 (CVE-2024-36334)
vulnerability in CVE-2024-36334 (CVE-2024-36334). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42602 |
|
Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension (CVE-2026-42602)
vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension (CVE-2026-42602). Data can be tampered with by attackers. Exploitable via `POST /v1/traces`.
|
| CVE-2026-0265 |
|
Vulnerability in CVE-2026-0265 (CVE-2026-0265)
vulnerability in CVE-2026-0265 (CVE-2026-0265). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44720 |
|
Authentication Bypass in openlearnx (CVE-2026-44720)
authentication bypass in openlearnx (CVE-2026-44720). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.4` or later.
|
| CVE-2026-33117 |
|
Authentication Bypass in com.azure:azure-security-keyvault-keys (CVE-2026-33117)
authentication bypass in com.azure:azure-security-keyvault-keys (CVE-2026-33117). Confidential information can be exposed externally. Mitigation: upgrade to `4.10.6` or later.
|
| CVE-2026-41431 |
|
Vulnerability in CVE-2026-41431 (CVE-2026-41431)
vulnerability in CVE-2026-41431 (CVE-2026-41431). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.19.9b` or later.
|
| CVE-2026-44309 |
|
Vulnerability in github.com/sigstore/gitsign (CVE-2026-44309)
vulnerability in github.com/sigstore/gitsign (CVE-2026-44309). Data can be tampered with by attackers. Exploitable via ``EncodeWithoutSignature``. Mitigation: upgrade to `0.16.0` or later.
|
| CVE-2026-42193 |
|
Vulnerability in aws (CVE-2026-42193)
vulnerability in aws (CVE-2026-42193). Data can be tampered with by attackers.
|
| CVE-2026-44714 |
|
Vulnerability in org.bitcoinj:bitcoinj-core (CVE-2026-44714)
vulnerability in org.bitcoinj:bitcoinj-core (CVE-2026-44714). Data can be tampered with by attackers. Exploitable via ``P2PKH``. Mitigation: upgrade to `0.17.1` or later.
|