Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-444 Clear
ID Title
CVE-2025-3110 Vulnerability in CVE-2025-3110 (CVE-2025-3110)
vulnerability in CVE-2025-3110 (CVE-2025-3110). Risk of unauthorized operations or information disclosure.
CVE-2026-38969 Vulnerability in CVE-2026-38969 (CVE-2026-38969)
vulnerability in CVE-2026-38969 (CVE-2026-38969). Data can be tampered with by attackers.
CVE-2026-11541 Vulnerability in ibm (CVE-2026-11541)
vulnerability in ibm (CVE-2026-11541). Confidential information can be exposed externally.
CVE-2026-11806 Vulnerability in ibm (CVE-2026-11806)
vulnerability in ibm (CVE-2026-11806). Successful exploitation can lead to full system takeover.
CVE-2026-13762 Vulnerability in Amazon aws (CVE-2026-13762)
vulnerability in Amazon aws (CVE-2026-13762). Successful exploitation can lead to full system takeover.
CVE-2026-13763 Vulnerability in amazon (CVE-2026-13763)
vulnerability in amazon (CVE-2026-13763). Successful exploitation can lead to full system takeover.
CVE-2026-58055 Vulnerability in c (CVE-2026-58055)
vulnerability in c (CVE-2026-58055). Risk of unauthorized operations or information disclosure.
CVE-2026-48743 Vulnerability in envoyproxy (CVE-2026-48743)
vulnerability in envoyproxy (CVE-2026-48743). Data can be tampered with by attackers. Exploitable via `GET /pwn`. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-8646 Vulnerability in ibm (CVE-2026-8646)
vulnerability in ibm (CVE-2026-8646). Confidential information can be exposed externally.
CVE-2026-54388 Vulnerability in CVE-2026-54388 (CVE-2026-54388)
vulnerability in CVE-2026-54388 (CVE-2026-54388). Confidential information can be exposed externally.
CVE-2026-54387 Vulnerability in CVE-2026-54387 (CVE-2026-54387)
vulnerability in CVE-2026-54387 (CVE-2026-54387). Confidential information can be exposed externally.
CVE-2026-48979 Vulnerability in php-standard-library/h2 (CVE-2026-48979)
vulnerability in php-standard-library/h2 (CVE-2026-48979). Data can be tampered with by attackers. Exploitable via ``StreamException``. Mitigation: upgrade to `6.2.1` or later.
CVE-2026-52845 Authentication Bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845)
authentication bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845). Confidential information can be exposed externally. Exploitable via `GET /index.php`. Mitigation: upgrade to `2.11.4` or later.
CVE-2026-48746 Vulnerability in vllm (CVE-2026-48746)
vulnerability in vllm (CVE-2026-48746). Confidential information can be exposed externally. Exploitable via ``AuthenticationMiddleware``. Mitigation: upgrade to `0.22.0` or later.
CVE-2026-53538 Vulnerability in python-multipart (CVE-2026-53538)
vulnerability in python-multipart (CVE-2026-53538). Risk of unauthorized operations or information disclosure. Exploitable via ``QuerystringParser``. Mitigation: upgrade to `0.0.30` or later.
CVE-2026-50020 Vulnerability in io.netty:netty-codec-http (CVE-2026-50020)
vulnerability in io.netty:netty-codec-http (CVE-2026-50020). Risk of unauthorized operations or information disclosure. Exploitable via ``HttpObjectDecoder``. Mitigation: upgrade to `4.1.135.Final` or later.
CVE-2026-6338 Vulnerability in CVE-2026-6338 (CVE-2026-6338)
vulnerability in CVE-2026-6338 (CVE-2026-6338). Risk of unauthorized operations or information disclosure.
CVE-2026-41853 Vulnerability in spring (CVE-2026-41853)
vulnerability in spring (CVE-2026-41853). Risk of unauthorized operations or information disclosure.
CVE-2026-44546 Vulnerability in djangoproject (CVE-2026-44546)
vulnerability in djangoproject (CVE-2026-44546). Risk of unauthorized operations or information disclosure.
CVE-2026-50052 Vulnerability in CVE-2026-50052 (CVE-2026-50052)
vulnerability in CVE-2026-50052 (CVE-2026-50052). Risk of unauthorized operations or information disclosure.
CVE-2026-49753 Vulnerability in mint (CVE-2026-49753)
vulnerability in mint (CVE-2026-49753). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.9.0` or later.
CVE-2026-45372 Vulnerability in c (CVE-2026-45372)
vulnerability in c (CVE-2026-45372). Data can be tampered with by attackers. Mitigation: upgrade to `0.44.0` or later.
CVE-2026-6324 Vulnerability in CVE-2026-6324 (CVE-2026-6324)
vulnerability in CVE-2026-6324 (CVE-2026-6324). Risk of unauthorized operations or information disclosure.
CVE-2026-47676 Vulnerability in hono (CVE-2026-47676)
vulnerability in hono (CVE-2026-47676). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.12.21` or later.
CVE-2026-48710 Vulnerability in starlette (CVE-2026-48710)
vulnerability in starlette (CVE-2026-48710). Risk of unauthorized operations or information disclosure. Exploitable via `GET /foo`. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-8620 Vulnerability in ibm (CVE-2026-8620)
vulnerability in ibm (CVE-2026-8620). Confidential information can be exposed externally.
CVE-2026-9170 Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
CVE-2026-46342 Cross-Site Scripting (XSS) in nuxt (CVE-2026-46342)
cross-site scripting in nuxt (CVE-2026-46342). Risk of unauthorized operations or information disclosure. Exploitable via ``props``. Mitigation: upgrade to `4.4.6` or later.
CVE-2026-42584 Vulnerability in io.netty:netty-codec-http (CVE-2026-42584)
vulnerability in io.netty:netty-codec-http (CVE-2026-42584). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.133.Final` or later.
CVE-2026-42585 Vulnerability in io.netty:netty-codec-http (CVE-2026-42585)
vulnerability in io.netty:netty-codec-http (CVE-2026-42585). Risk of unauthorized operations or information disclosure. Exploitable via `GET /smuggled`. Mitigation: upgrade to `4.1.133.Final` or later.
CVE-2026-42580 Vulnerability in io.netty:netty-codec-http (CVE-2026-42580)
vulnerability in io.netty:netty-codec-http (CVE-2026-42580). Risk of unauthorized operations or information disclosure. Exploitable via `GET /smuggled`. Mitigation: upgrade to `4.1.133.Final` or later.
CVE-2026-42581 Vulnerability in io.netty:netty-codec-http (CVE-2026-42581)
vulnerability in io.netty:netty-codec-http (CVE-2026-42581). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api`. Mitigation: upgrade to `4.1.133.Final` or later.
CVE-2026-40562 Vulnerability in kazeburo (CVE-2026-40562)
vulnerability in kazeburo (CVE-2026-40562). Data can be tampered with by attackers.
CVE-2026-41417 Vulnerability in io.netty:netty-codec-http (CVE-2026-41417)
vulnerability in io.netty:netty-codec-http (CVE-2026-41417). Risk of unauthorized operations or information disclosure. Exploitable via `POST /s2`. Mitigation: upgrade to `4.2.13.Final` or later.
CVE-2026-33805 Vulnerability in @fastify/reply-from (CVE-2026-33805)
vulnerability in @fastify/reply-from (CVE-2026-33805). Data can be tampered with by attackers. Exploitable via ``Connection``. Mitigation: upgrade to `12.6.2` or later.
CVE-2026-2332 Vulnerability in org.eclipse.jetty:jetty-http (CVE-2026-2332)
vulnerability in org.eclipse.jetty:jetty-http (CVE-2026-2332). Confidential information can be exposed externally. Exploitable via `GET /smuggled`.
CVE-2026-40175 Vulnerability in axios (CVE-2026-40175)
vulnerability in axios (CVE-2026-40175). Risk of unauthorized operations or information disclosure. Exploitable via `GET /pings`. Mitigation: upgrade to `0.31.0` or later.
CVE-2026-33870 Vulnerability in netty (CVE-2026-33870)
vulnerability in netty (CVE-2026-33870). Data can be tampered with by attackers.
CVE-2026-28369 Vulnerability in io.undertow:undertow-parent (CVE-2026-28369)
vulnerability in io.undertow:undertow-parent (CVE-2026-28369). Confidential information can be exposed externally.
CVE-2026-28368 Vulnerability in io.undertow:undertow-parent (CVE-2026-28368)
vulnerability in io.undertow:undertow-parent (CVE-2026-28368). Confidential information can be exposed externally.
CVE-2026-28367 Vulnerability in io.undertow:undertow-parent (CVE-2026-28367)
vulnerability in io.undertow:undertow-parent (CVE-2026-28367). Confidential information can be exposed externally.
CVE-2026-4700 Vulnerability in mozilla (CVE-2026-4700)
vulnerability in mozilla (CVE-2026-4700). Successful exploitation can lead to full system takeover.
CVE-2026-23941 Vulnerability in nginx (CVE-2026-23941)
vulnerability in nginx (CVE-2026-23941). Confidential information can be exposed externally.
CVE-2026-20069 Vulnerability in cisco (CVE-2026-20069)
vulnerability in cisco (CVE-2026-20069). Risk of unauthorized operations or information disclosure.
CVE-2025-55018 Vulnerability in fortinet (CVE-2025-55018)
vulnerability in fortinet (CVE-2025-55018). Risk of unauthorized operations or information disclosure.
CVE-2025-14523 Vulnerability in CVE-2025-14523 (CVE-2025-14523)
vulnerability in CVE-2025-14523 (CVE-2025-14523). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2023-48365 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-48365)
vulnerability in Qlik sense (CVE-2023-48365). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41265 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-22536 KEV [KEV] Vulnerability in Sap multiple-products (CVE-2022-22536)
vulnerability in Sap multiple-products (CVE-2022-22536). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41442 Vulnerability in dos (CVE-2021-41442)
vulnerability in dos (CVE-2021-41442). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →