Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-613 Clear
ID Title
CVE-2026-42172 Vulnerability in CVE-2026-42172 (CVE-2026-42172)
vulnerability in CVE-2026-42172 (CVE-2026-42172). Risk of unauthorized operations or information disclosure.
CVE-2026-43918 Vulnerability in CVE-2026-43918 (CVE-2026-43918)
vulnerability in CVE-2026-43918 (CVE-2026-43918). Risk of unauthorized operations or information disclosure.
CVE-2026-46455 Vulnerability in apache (CVE-2026-46455)
vulnerability in apache (CVE-2026-46455). Successful exploitation can lead to full system takeover.
CVE-2026-14725 Vulnerability in CVE-2026-14725 (CVE-2026-14725)
vulnerability in CVE-2026-14725 (CVE-2026-14725). Risk of unauthorized operations or information disclosure.
CVE-2025-36359 Vulnerability in ibm (CVE-2025-36359)
vulnerability in ibm (CVE-2025-36359). Confidential information can be exposed externally.
CVE-2026-54479 Vulnerability in CVE-2026-54479 (CVE-2026-54479)
vulnerability in CVE-2026-54479 (CVE-2026-54479). Risk of unauthorized operations or information disclosure.
CVE-2025-71335 Vulnerability in flowiseai (CVE-2025-71335)
vulnerability in flowiseai (CVE-2025-71335). Confidential information can be exposed externally.
CVE-2026-9705 Vulnerability in redhat (CVE-2026-9705)
vulnerability in redhat (CVE-2026-9705). Risk of unauthorized operations or information disclosure.
CVE-2026-49277 Vulnerability in CVE-2026-49277 (CVE-2026-49277)
vulnerability in CVE-2026-49277 (CVE-2026-49277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.5.0` or later.
CVE-2026-45757 Vulnerability in CVE-2026-45757 (CVE-2026-45757)
vulnerability in CVE-2026-45757 (CVE-2026-45757). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.5.0` or later.
CVE-2026-52809 Vulnerability in gogs.io/gogs (CVE-2026-52809)
vulnerability in gogs.io/gogs (CVE-2026-52809). Confidential information can be exposed externally. Exploitable via `POST /user/forget_password`. Mitigation: upgrade to `0.14.3` or later.
CVE-2026-49229 Vulnerability in @actual-app/sync-server (CVE-2026-49229)
vulnerability in @actual-app/sync-server (CVE-2026-49229). Confidential information can be exposed externally. Exploitable via `PATCH /admin/users`. Mitigation: upgrade to `26.6.0` or later.
CVE-2026-9162 Vulnerability in mattermost (CVE-2026-9162)
vulnerability in mattermost (CVE-2026-9162). Risk of unauthorized operations or information disclosure.
CVE-2026-12796 Vulnerability in litellm (CVE-2026-12796)
vulnerability in litellm (CVE-2026-12796). Risk of unauthorized operations or information disclosure.
CVE-2026-12772 Vulnerability in litellm (CVE-2026-12772)
vulnerability in litellm (CVE-2026-12772). Risk of unauthorized operations or information disclosure.
CVE-2026-55423 Vulnerability in langflow (CVE-2026-55423)
vulnerability in langflow (CVE-2026-55423). Confidential information can be exposed externally. Exploitable via ``access_token_lf``. Mitigation: upgrade to `1.7.1` or later.
CVE-2025-62340 Vulnerability in hcltech (CVE-2025-62340)
vulnerability in hcltech (CVE-2025-62340). Risk of unauthorized operations or information disclosure.
CVE-2026-53928 Vulnerability in nocodb (CVE-2026-53928)
vulnerability in nocodb (CVE-2026-53928). Risk of unauthorized operations or information disclosure. Exploitable via ``passwordChange``.
CVE-2026-54321 Vulnerability in github.com/daytonaio/daytona (CVE-2026-54321)
vulnerability in github.com/daytonaio/daytona (CVE-2026-54321). Confidential information can be exposed externally. Mitigation: upgrade to `0.184.0` or later.
CVE-2026-53843 OpenClaw: Pairing-scoped device session could restore revoked node token authority
OpenClaw: Pairing-scoped device session could restore revoked node token authority
CVE-2026-53776 Vulnerability in CVE-2026-53776 (CVE-2026-53776)
vulnerability in CVE-2026-53776 (CVE-2026-53776). Confidential information can be exposed externally.
CVE-2026-44188 Vulnerability in CVE-2026-44188 (CVE-2026-44188)
vulnerability in CVE-2026-44188 (CVE-2026-44188). Confidential information can be exposed externally.
CVE-2026-53830 Vulnerability in openclaw (CVE-2026-53830)
vulnerability in openclaw (CVE-2026-53830). Data can be tampered with by attackers.
CVE-2026-53824 Vulnerability in openclaw (CVE-2026-53824)
vulnerability in openclaw (CVE-2026-53824). Data can be tampered with by attackers.
CVE-2026-46657 Vulnerability in CVE-2026-46657 (CVE-2026-46657)
vulnerability in CVE-2026-46657 (CVE-2026-46657). Confidential information can be exposed externally.
CVE-2026-46656 Vulnerability in CVE-2026-46656 (CVE-2026-46656)
vulnerability in CVE-2026-46656 (CVE-2026-46656). Successful exploitation can lead to full system takeover.
CVE-2026-46401 Vulnerability in CVE-2026-46401 (CVE-2026-46401)
vulnerability in CVE-2026-46401 (CVE-2026-46401). Risk of unauthorized operations or information disclosure.
CVE-2026-53926 Vulnerability in nocodb (CVE-2026-53926)
vulnerability in nocodb (CVE-2026-53926). Risk of unauthorized operations or information disclosure. Exploitable via ``revokeAllOAuthTokensByUser``. Mitigation: upgrade to `2026.05.1` or later.
CVE-2026-48726 Vulnerability in apache-airflow (CVE-2026-48726)
vulnerability in apache-airflow (CVE-2026-48726). Confidential information can be exposed externally. Exploitable via ``FabAuthManager``. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-9802 Vulnerability in org.keycloak:keycloak-services (CVE-2026-9802)
vulnerability in org.keycloak:keycloak-services (CVE-2026-9802). Confidential information can be exposed externally. Mitigation: upgrade to `26.6.3` or later.
CVE-2026-8670 Vulnerability in avantra (CVE-2026-8670)
vulnerability in avantra (CVE-2026-8670). Successful exploitation can lead to full system takeover.
CVE-2026-46554 Vulnerability in nocodb (CVE-2026-46554)
vulnerability in nocodb (CVE-2026-46554). Risk of unauthorized operations or information disclosure.
CVE-2026-1815 Vulnerability in CVE-2026-1815 (CVE-2026-1815)
vulnerability in CVE-2026-1815 (CVE-2026-1815). Confidential information can be exposed externally.
CVE-2026-44511 Vulnerability in katalyst-koi (CVE-2026-44511)
vulnerability in katalyst-koi (CVE-2026-44511). Confidential information can be exposed externally. Mitigation: upgrade to `5.6.0` or later.
CVE-2026-22706 Vulnerability in @strapi/admin (CVE-2026-22706)
vulnerability in @strapi/admin (CVE-2026-22706). Confidential information can be exposed externally. Exploitable via `POST /api/auth/refresh`. Mitigation: upgrade to `5.33.3` or later.
CVE-2026-5545 Vulnerability in haxx (CVE-2026-5545)
vulnerability in haxx (CVE-2026-5545). Data can be tampered with by attackers.
CVE-2026-44648 Vulnerability in sillytavern (CVE-2026-44648)
vulnerability in sillytavern (CVE-2026-44648). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/users/change-password`. Mitigation: upgrade to `1.18.0` or later.
CVE-2026-44873 Vulnerability in arubanetworks (CVE-2026-44873)
vulnerability in arubanetworks (CVE-2026-44873). Risk of unauthorized operations or information disclosure.
CVE-2026-43983 Vulnerability in pocket-id (CVE-2026-43983)
vulnerability in pocket-id (CVE-2026-43983). Confidential information can be exposed externally. Mitigation: upgrade to `2.6.0` or later.
CVE-2026-43911 Vulnerability in dani-garcia (CVE-2026-43911)
vulnerability in dani-garcia (CVE-2026-43911). Confidential information can be exposed externally. Mitigation: upgrade to `1.35.5` or later.
CVE-2026-44553 Vulnerability in open-webui (CVE-2026-44553)
vulnerability in open-webui (CVE-2026-44553). Confidential information can be exposed externally. Exploitable via `POST /api/v1/users/{B_id}/update`. Mitigation: upgrade to `0.9.0` or later.
CVE-2026-41902 Vulnerability in laravel (CVE-2026-41902)
vulnerability in laravel (CVE-2026-41902). Confidential information can be exposed externally. Exploitable via `Referer header`.
CVE-2026-40934 Vulnerability in jupyter-server (CVE-2026-40934)
vulnerability in jupyter-server (CVE-2026-40934). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.0` or later.
CVE-2026-41519 Vulnerability in weblate (CVE-2026-41519)
vulnerability in weblate (CVE-2026-41519). Risk of unauthorized operations or information disclosure. Exploitable via ``authtoken_token``. Mitigation: upgrade to `5.17.1` or later.
CVE-2026-6848 Vulnerability in redhat (CVE-2026-6848)
vulnerability in redhat (CVE-2026-6848). Risk of unauthorized operations or information disclosure.
CVE-2025-50486 Vulnerability in phpgurukul (CVE-2025-50486)
vulnerability in phpgurukul (CVE-2025-50486). Confidential information can be exposed externally.
CVE-2025-50485 Vulnerability in phpgurukul (CVE-2025-50485)
vulnerability in phpgurukul (CVE-2025-50485). Confidential information can be exposed externally.
CVE-2025-50487 Vulnerability in phpgurukul (CVE-2025-50487)
vulnerability in phpgurukul (CVE-2025-50487). Confidential information can be exposed externally.
CVE-2025-50484 Vulnerability in phpgurukul (CVE-2025-50484)
vulnerability in phpgurukul (CVE-2025-50484). Confidential information can be exposed externally.
CVE-2025-50491 Vulnerability in phpgurukul (CVE-2025-50491)
vulnerability in phpgurukul (CVE-2025-50491). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →