Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-58300 |
|
Vulnerability in path-traversal (CVE-2026-58300)
vulnerability in path-traversal (CVE-2026-58300). Confidential information can be exposed externally.
|
| CVE-2026-49290 |
|
Path Traversal in CVE-2026-49290 (CVE-2026-49290)
path traversal in CVE-2026-49290 (CVE-2026-49290). Risk of unauthorized operations or information disclosure. Exploitable via ``zipfile``.
|
| CVE-2026-53698 |
|
Vulnerability in CVE-2026-53698 (CVE-2026-53698)
vulnerability in CVE-2026-53698 (CVE-2026-53698). Confidential information can be exposed externally.
|
| CVE-2026-10075 |
|
Vulnerability in path-traversal (CVE-2026-10075)
vulnerability in path-traversal (CVE-2026-10075). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10044 |
|
Vulnerability in path-traversal (CVE-2026-10044)
vulnerability in path-traversal (CVE-2026-10044). Confidential information can be exposed externally. Exploitable via `GET /api/prompts/{filename}`.
|
| CVE-2026-32997 |
|
Vulnerability in CVE-2026-32997 (CVE-2026-32997)
vulnerability in CVE-2026-32997 (CVE-2026-32997). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4782 |
|
Vulnerability in wordpress (CVE-2026-4782)
vulnerability in wordpress (CVE-2026-4782). Confidential information can be exposed externally.
|
| CVE-2026-32175 |
|
Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
|
| CVE-2026-42315 |
|
Path Traversal in pyload-ng (CVE-2026-42315)
path traversal in pyload-ng (CVE-2026-42315). Data can be tampered with by attackers. Exploitable via ``Perms.MODIFY``. Mitigation: upgrade to `0.5.0b3.dev100` or later.
|
| CVE-2026-6418 |
|
Vulnerability in papercut (CVE-2026-6418)
vulnerability in papercut (CVE-2026-6418). Confidential information can be exposed externally.
|
| CVE-2026-0846 |
|
Vulnerability in nltk (CVE-2026-0846)
vulnerability in nltk (CVE-2026-0846). Confidential information can be exposed externally. Exploitable via ``nltk.util``. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-2753 |
|
Vulnerability in path-traversal (CVE-2026-2753)
vulnerability in path-traversal (CVE-2026-2753). Confidential information can be exposed externally.
|
| CVE-2024-48248 KEV |
|
[KEV] Vulnerability in Nakivo backup-and-replication (CVE-2024-48248)
vulnerability in Nakivo backup-and-replication (CVE-2024-48248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-13159 KEV |
|
[KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-13160 KEV |
|
[KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-13161 KEV |
|
[KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-20250 KEV |
|
[KEV] Vulnerability in Rarlab winrar (CVE-2018-20250)
vulnerability in Rarlab winrar (CVE-2018-20250). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-7929 |
|
Vulnerability in path-traversal (CVE-2017-7929)
vulnerability in path-traversal (CVE-2017-7929). Risk of unauthorized operations or information disclosure.
|