Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12295 |
|
Vulnerability in mozilla (CVE-2026-12295)
vulnerability in mozilla (CVE-2026-12295). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12297 |
|
Buffer Overflow in mozilla (CVE-2026-12297)
vulnerability in mozilla (CVE-2026-12297). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41155 |
|
Vulnerability in CVE-2026-41155 (CVE-2026-41155)
vulnerability in CVE-2026-41155 (CVE-2026-41155). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42782 |
|
Vulnerability in org.apache.syncope.core:syncope-core-spring (CVE-2026-42782)
vulnerability in org.apache.syncope.core:syncope-core-spring (CVE-2026-42782). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.1.1` or later.
|
| CVE-2026-8945 |
|
Vulnerability in mozilla (CVE-2026-8945)
vulnerability in mozilla (CVE-2026-8945). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44005 |
|
Code Injection in vm2 (CVE-2026-44005)
code injection in vm2 (CVE-2026-44005). Data can be tampered with by attackers. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-43997 |
|
Code Injection in vm2 (CVE-2026-43997)
code injection in vm2 (CVE-2026-43997). Successful exploitation can lead to full system takeover. Exploitable via ``Object``. Mitigation: upgrade to `3.11.0` or later.
|
| CVE-2026-8401 |
|
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3.
|
| CVE-2026-44009 |
|
Vulnerability in vm2 (CVE-2026-44009)
vulnerability in vm2 (CVE-2026-44009). Successful exploitation can lead to full system takeover. Exploitable via ``handleException``. Mitigation: upgrade to `3.11.2` or later.
|
| CVE-2026-26956 |
|
Vulnerability in vm2-project (CVE-2026-26956)
vulnerability in vm2-project (CVE-2026-26956). Successful exploitation can lead to full system takeover. Exploitable via ``catch``.
|
| CVE-2026-26332 |
|
Code Injection in vm2-project (CVE-2026-26332)
code injection in vm2-project (CVE-2026-26332). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24781 |
|
Code Injection in vm2-project (CVE-2026-24781)
code injection in vm2-project (CVE-2026-24781). Successful exploitation can lead to full system takeover. Exploitable via ``inspect``.
|
| CVE-2026-4282 |
|
Vulnerability in privilege-escalation (CVE-2026-4282)
vulnerability in privilege-escalation (CVE-2026-4282). Confidential information can be exposed externally.
|
| CVE-2026-4692 |
|
Vulnerability in mozilla (CVE-2026-4692)
vulnerability in mozilla (CVE-2026-4692). Successful exploitation can lead to full system takeover.
|
| CVE-2025-21590 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2025-21590)
vulnerability in Juniper junos-os (CVE-2025-21590). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|