Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-15036 |
|
Vulnerability in CVE-2026-15036 (CVE-2026-15036)
vulnerability in CVE-2026-15036 (CVE-2026-15036). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59253 |
|
Vulnerability in CVE-2026-59253 (CVE-2026-59253)
vulnerability in CVE-2026-59253 (CVE-2026-59253). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5459 |
|
Vulnerability in wordpress (CVE-2026-5459)
vulnerability in wordpress (CVE-2026-5459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3688 |
|
Vulnerability in wordpress (CVE-2026-3688)
vulnerability in wordpress (CVE-2026-3688). Data can be tampered with by attackers.
|
| CVE-2026-54602 |
|
Vulnerability in CVE-2026-54602 (CVE-2026-54602)
vulnerability in CVE-2026-54602 (CVE-2026-54602). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/core/ai/record/getRecord`.
|
| CVE-2026-55418 |
|
Vulnerability in CVE-2026-55418 (CVE-2026-55418)
vulnerability in CVE-2026-55418 (CVE-2026-55418). Confidential information can be exposed externally.
|
| CVE-2026-53729 |
|
Vulnerability in CVE-2026-53729 (CVE-2026-53729)
vulnerability in CVE-2026-53729 (CVE-2026-53729). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50530 |
|
Vulnerability in CVE-2026-50530 (CVE-2026-50530)
vulnerability in CVE-2026-50530 (CVE-2026-50530). Risk of unauthorized operations or information disclosure. Exploitable via `POST /de2api/chartData/getData.`.
|
| CVE-2026-49296 |
|
Vulnerability in apache (CVE-2026-49296)
vulnerability in apache (CVE-2026-49296). Confidential information can be exposed externally. Exploitable via `GET /api/v2/dagSources/{dag_id}`.
|
| CVE-2026-5799 |
|
Vulnerability in CVE-2026-5799 (CVE-2026-5799)
vulnerability in CVE-2026-5799 (CVE-2026-5799). Confidential information can be exposed externally.
|
| CVE-2026-5730 |
|
Vulnerability in CVE-2026-5730 (CVE-2026-5730)
vulnerability in CVE-2026-5730 (CVE-2026-5730). Confidential information can be exposed externally.
|
| CVE-2026-57868 |
|
Vulnerability in CVE-2026-57868 (CVE-2026-57868)
vulnerability in CVE-2026-57868 (CVE-2026-57868). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57870 |
|
Vulnerability in CVE-2026-57870 (CVE-2026-57870)
vulnerability in CVE-2026-57870 (CVE-2026-57870). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57869 |
|
Vulnerability in CVE-2026-57869 (CVE-2026-57869)
vulnerability in CVE-2026-57869 (CVE-2026-57869). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34037 |
|
Vulnerability in CVE-2026-34037 (CVE-2026-34037)
vulnerability in CVE-2026-34037 (CVE-2026-34037). Confidential information can be exposed externally.
|
| CVE-2026-34044 |
|
Vulnerability in CVE-2026-34044 (CVE-2026-34044)
vulnerability in CVE-2026-34044 (CVE-2026-34044). Confidential information can be exposed externally.
|
| CVE-2026-53643 |
|
Information Disclosure in c (CVE-2026-53643)
vulnerability in c (CVE-2026-53643). Risk of unauthorized operations or information disclosure. Exploitable via ``can_always_access``.
|
| CVE-2026-53644 |
|
Vulnerability in CVE-2026-53644 (CVE-2026-53644)
vulnerability in CVE-2026-53644 (CVE-2026-53644). Risk of unauthorized operations or information disclosure. Exploitable via ``active``.
|
| CVE-2026-34167 |
|
Vulnerability in CVE-2026-34167 (CVE-2026-34167)
vulnerability in CVE-2026-34167 (CVE-2026-34167). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59712 |
|
Vulnerability in CVE-2026-59712 (CVE-2026-59712)
vulnerability in CVE-2026-59712 (CVE-2026-59712). Confidential information can be exposed externally.
|
| CVE-2026-55429 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55429)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55429). Confidential information can be exposed externally. Exploitable via ``UpsertWorkspaceApp``. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-12686 |
|
Vulnerability in CVE-2026-12686 (CVE-2026-12686)
vulnerability in CVE-2026-12686 (CVE-2026-12686). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48206 |
|
Vulnerability in apache (CVE-2026-48206)
vulnerability in apache (CVE-2026-48206). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49099 |
|
Vulnerability in apache (CVE-2026-49099)
vulnerability in apache (CVE-2026-49099). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46585 |
|
Vulnerability in apache (CVE-2026-46585)
vulnerability in apache (CVE-2026-46585). Confidential information can be exposed externally.
|
| CVE-2026-46453 |
|
Vulnerability in apache (CVE-2026-46453)
vulnerability in apache (CVE-2026-46453). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14793 |
|
Vulnerability in CVE-2026-14793 (CVE-2026-14793)
vulnerability in CVE-2026-14793 (CVE-2026-14793). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14753 |
|
Vulnerability in CVE-2026-14753 (CVE-2026-14753)
vulnerability in CVE-2026-14753 (CVE-2026-14753). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25782 |
|
Vulnerability in CVE-2026-25782 (CVE-2026-25782)
vulnerability in CVE-2026-25782 (CVE-2026-25782). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-27657 |
|
Gitea versions before 1.25.5 allow a user to change another user's primary email address.
Gitea versions before 1.25.5 allow a user to change another user's primary email address.
|
| CVE-2026-28740 |
|
Vulnerability in CVE-2026-28740 (CVE-2026-28740)
vulnerability in CVE-2026-28740 (CVE-2026-28740). Confidential information can be exposed externally.
|
| CVE-2026-14608 |
|
Vulnerability in CVE-2026-14608 (CVE-2026-14608)
vulnerability in CVE-2026-14608 (CVE-2026-14608). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59234 |
|
Vulnerability in CVE-2026-59234 (CVE-2026-59234)
vulnerability in CVE-2026-59234 (CVE-2026-59234). Risk of unauthorized operations or information disclosure. Exploitable via `GET /calendar/event/delete/{id}`.
|
| CVE-2026-11900 |
|
Vulnerability in wordpress (CVE-2026-11900)
vulnerability in wordpress (CVE-2026-11900). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9180 |
|
Vulnerability in wordpress (CVE-2026-9180)
vulnerability in wordpress (CVE-2026-9180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /motopress/appointment/v1/bookings`.
|
| CVE-2026-59100 |
|
Vulnerability in CVE-2026-59100 (CVE-2026-59100)
vulnerability in CVE-2026-59100 (CVE-2026-59100). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-59098 |
|
Vulnerability in CVE-2026-59098 (CVE-2026-59098)
vulnerability in CVE-2026-59098 (CVE-2026-59098). Confidential information can be exposed externally.
|
| CVE-2026-58580 |
|
Vulnerability in CVE-2026-58580 (CVE-2026-58580)
vulnerability in CVE-2026-58580 (CVE-2026-58580). Data can be tampered with by attackers.
|
| CVE-2026-58653 |
|
Vulnerability in CVE-2026-58653 (CVE-2026-58653)
vulnerability in CVE-2026-58653 (CVE-2026-58653). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57680 |
|
Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions.
Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions.
|
| CVE-2026-9188 |
|
Vulnerability in wordpress (CVE-2026-9188)
vulnerability in wordpress (CVE-2026-9188). Risk of unauthorized operations or information disclosure. Exploitable via ``appointmentkey``.
|
| CVE-2026-12657 |
|
Vulnerability in wordpress (CVE-2026-12657)
vulnerability in wordpress (CVE-2026-12657). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11896 |
|
Vulnerability in wordpress (CVE-2026-11896)
vulnerability in wordpress (CVE-2026-11896). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5348 |
|
Vulnerability in wordpress (CVE-2026-5348)
vulnerability in wordpress (CVE-2026-5348). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50283 |
|
Vulnerability in craftcms/cms (CVE-2026-50283)
vulnerability in craftcms/cms (CVE-2026-50283). Risk of unauthorized operations or information disclosure. Exploitable via ``assetId``. Mitigation: upgrade to `4.17.14` or later.
|
| CVE-2026-49858 |
|
Vulnerability in CVE-2026-49858 (CVE-2026-49858)
vulnerability in CVE-2026-49858 (CVE-2026-49858). Confidential information can be exposed externally.
|
| CVE-2026-5138 |
|
Vulnerability in CVE-2026-5138 (CVE-2026-5138)
vulnerability in CVE-2026-5138 (CVE-2026-5138). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5135 |
|
Vulnerability in CVE-2026-5135 (CVE-2026-5135)
vulnerability in CVE-2026-5135 (CVE-2026-5135). Data can be tampered with by attackers.
|
| CVE-2026-5142 |
|
Vulnerability in CVE-2026-5142 (CVE-2026-5142)
vulnerability in CVE-2026-5142 (CVE-2026-5142). Confidential information can be exposed externally.
|
| CVE-2026-53903 |
|
Vulnerability in mycomplianceoffice (CVE-2026-53903)
vulnerability in mycomplianceoffice (CVE-2026-53903). Confidential information can be exposed externally.
|