Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-59806 |
|
Open Redirect in ssrf (CVE-2026-59806)
vulnerability in ssrf (CVE-2026-59806). Confidential information can be exposed externally.
|
| CVE-2026-55431 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55431)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55431). Confidential information can be exposed externally. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-14632 |
|
Open Redirect in CVE-2026-14632 (CVE-2026-14632)
vulnerability in CVE-2026-14632 (CVE-2026-14632). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41106 |
|
Open Redirect in microsoft (CVE-2026-41106)
vulnerability in microsoft (CVE-2026-41106). Confidential information can be exposed externally.
|
| CVE-2026-58520 |
|
Open Redirect in CVE-2026-58520 (CVE-2026-58520)
vulnerability in CVE-2026-58520 (CVE-2026-58520). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58450 |
|
Open Redirect in CVE-2026-58450 (CVE-2026-58450)
vulnerability in CVE-2026-58450 (CVE-2026-58450). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10562 |
|
Open Redirect in path-traversal (CVE-2026-10562)
vulnerability in path-traversal (CVE-2026-10562). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40080 |
|
Open Redirect in cacti (CVE-2026-40080)
vulnerability in cacti (CVE-2026-40080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13163 |
|
Open Redirect in c (CVE-2026-13163)
vulnerability in c (CVE-2026-13163). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54588 |
|
Vulnerability in CVE-2026-54588 (CVE-2026-54588)
vulnerability in CVE-2026-54588 (CVE-2026-54588). Confidential information can be exposed externally. Exploitable via ``HTTP_HOST``.
|
| CVE-2026-53662 |
|
Cross-Site Scripting (XSS) in CVE-2026-53662 (CVE-2026-53662)
cross-site scripting in CVE-2026-53662 (CVE-2026-53662). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52802 |
|
Open Redirect in gogs.io/gogs (CVE-2026-52802)
vulnerability in gogs.io/gogs (CVE-2026-52802). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-56697 |
|
Open Redirect in nuxt (CVE-2026-56697)
vulnerability in nuxt (CVE-2026-56697). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12863 |
|
Open Redirect in CVE-2026-12863 (CVE-2026-12863)
vulnerability in CVE-2026-12863 (CVE-2026-12863). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12804 |
|
Open Redirect in CVE-2026-12804 (CVE-2026-12804)
vulnerability in CVE-2026-12804 (CVE-2026-12804). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56332 |
|
Open Redirect in CVE-2026-56332 (CVE-2026-56332)
vulnerability in CVE-2026-56332 (CVE-2026-56332). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56330 |
|
Open Redirect in CVE-2026-56330 (CVE-2026-56330)
vulnerability in CVE-2026-56330 (CVE-2026-56330). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47645 |
|
Open Redirect in microsoft (CVE-2026-47645)
vulnerability in microsoft (CVE-2026-47645). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55660 |
|
Cross-Site Scripting (XSS) in tinacms (CVE-2026-55660)
cross-site scripting in tinacms (CVE-2026-55660). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.9.3` or later.
|
| CVE-2026-12622 |
|
Open Redirect in CVE-2026-12622 (CVE-2026-12622)
vulnerability in CVE-2026-12622 (CVE-2026-12622). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48895 |
|
Open Redirect in apache (CVE-2026-48895)
vulnerability in apache (CVE-2026-48895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44915 |
|
Open Redirect in apache (CVE-2026-44915)
vulnerability in apache (CVE-2026-44915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12049 |
|
Open Redirect in pgadmin (CVE-2026-12049)
vulnerability in pgadmin (CVE-2026-12049). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55237 |
|
Vulnerability in CVE-2026-55237 (CVE-2026-55237)
vulnerability in CVE-2026-55237 (CVE-2026-55237). Confidential information can be exposed externally. Exploitable via ``next``.
|
| CVE-2025-32748 |
|
Open Redirect in CVE-2025-32748 (CVE-2025-32748)
vulnerability in CVE-2025-32748 (CVE-2025-32748). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-10837 |
|
Open Redirect in CVE-2026-10837 (CVE-2026-10837)
vulnerability in CVE-2026-10837 (CVE-2026-10837). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-10839 |
|
Open Redirect in CVE-2026-10839 (CVE-2026-10839)
vulnerability in CVE-2026-10839 (CVE-2026-10839). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-46955 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-46955)
cross-site scripting in c (CVE-2026-46955). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46894 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46894)
vulnerability in c (CVE-2026-46894). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46796 |
|
Open Redirect in c (CVE-2026-46796)
vulnerability in c (CVE-2026-46796). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46806 |
|
Open Redirect in c (CVE-2026-46806)
vulnerability in c (CVE-2026-46806). Confidential information can be exposed externally.
|
| CVE-2026-35302 |
|
Open Redirect in c (CVE-2026-35302)
vulnerability in c (CVE-2026-35302). Successful exploitation can lead to full system takeover.
|
| CVE-2026-35258 |
|
Open Redirect in c (CVE-2026-35258)
vulnerability in c (CVE-2026-35258). Confidential information can be exposed externally.
|
| CVE-2026-35259 |
|
Open Redirect in c (CVE-2026-35259)
vulnerability in c (CVE-2026-35259). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25779 |
|
Open Redirect in github.com/go-gitea/gitea (CVE-2026-25779)
vulnerability in github.com/go-gitea/gitea (CVE-2026-25779). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`. Mitigation: upgrade to `1.26.0` or later.
|
| CVE-2026-20178 |
|
Open Redirect in Cisco webex-web-app (CVE-2026-20178)
vulnerability in Cisco webex-web-app (CVE-2026-20178). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56326 |
|
Open Redirect in nuxt (CVE-2026-56326)
vulnerability in nuxt (CVE-2026-56326). Risk of unauthorized operations or information disclosure. Exploitable via ``navigateTo``. Mitigation: upgrade to `3.21.7` or later.
|
| CVE-2026-54276 |
|
Information Disclosure in aiohttp (CVE-2026-54276)
vulnerability in aiohttp (CVE-2026-54276). Risk of unauthorized operations or information disclosure. Exploitable via ``DigestAuthMiddleware``. Mitigation: upgrade to `3.14.1` or later.
|
| CVE-2026-53523 |
|
Open Redirect in github.com/nezhahq/nezha (CVE-2026-53523)
vulnerability in github.com/nezhahq/nezha (CVE-2026-53523). Confidential information can be exposed externally. Exploitable via `GET /api/v1/oauth2/github`. Mitigation: upgrade to `2.2.0` or later.
|
| CVE-2026-50089 |
|
Open Redirect in c (CVE-2026-50089)
vulnerability in c (CVE-2026-50089). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48856 |
|
Open Redirect in erlang (CVE-2026-48856)
vulnerability in erlang (CVE-2026-48856). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2026-45566 |
|
Open Redirect in nginx (CVE-2026-45566)
vulnerability in nginx (CVE-2026-45566). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53436 |
|
Open Redirect in jenkins (CVE-2026-53436)
vulnerability in jenkins (CVE-2026-53436). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53440 |
|
Open Redirect in jenkins (CVE-2026-53440)
vulnerability in jenkins (CVE-2026-53440). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-53437 |
|
Open Redirect in jenkins (CVE-2026-53437)
vulnerability in jenkins (CVE-2026-53437). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.555.3, 2.568.0` or later.
|
| CVE-2026-41706 |
|
Open Redirect in vmware (CVE-2026-41706)
vulnerability in vmware (CVE-2026-41706). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41008 |
|
Open Redirect in broadcom (CVE-2026-41008)
vulnerability in broadcom (CVE-2026-41008). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28301 |
|
Open Redirect in CVE-2026-28301 (CVE-2026-28301)
vulnerability in CVE-2026-28301 (CVE-2026-28301). Confidential information can be exposed externally.
|
| CVE-2026-47991 |
|
Open Redirect in adobe (CVE-2026-47991)
vulnerability in adobe (CVE-2026-47991). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47347 |
|
Open Redirect in typo3/cms-core (CVE-2026-47347)
vulnerability in typo3/cms-core (CVE-2026-47347). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.3.3` or later.
|