Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-12506 |
|
Vulnerability in CVE-2025-12506 (CVE-2025-12506)
vulnerability in CVE-2025-12506 (CVE-2025-12506). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13372 |
|
Vulnerability in devolutions (CVE-2026-13372)
vulnerability in devolutions (CVE-2026-13372). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10696 |
|
Vulnerability in devolutions (CVE-2026-10696)
vulnerability in devolutions (CVE-2026-10696). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54022 |
|
Vulnerability in open-webui (CVE-2026-54022)
vulnerability in open-webui (CVE-2026-54022). Confidential information can be exposed externally. Exploitable via ``document_id``. Mitigation: upgrade to `0.8.11` or later.
|
| CVE-2026-54282 |
|
Vulnerability in Starlette (CVE-2026-54282)
vulnerability in Starlette (CVE-2026-54282). Risk of unauthorized operations or information disclosure. Exploitable via ``request.url``. Mitigation: upgrade to `1.3.0` or later.
|
| CVE-2026-8716 |
|
Vulnerability in gitlab (CVE-2026-8716)
vulnerability in gitlab (CVE-2026-8716). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
|
| CVE-2026-45306 |
|
Vulnerability in pyload-ng (CVE-2026-45306)
vulnerability in pyload-ng (CVE-2026-45306). Confidential information can be exposed externally. Exploitable via `GET /files/get/`.
|
| CVE-2026-40912 |
|
Vulnerability in traefik (CVE-2026-40912)
vulnerability in traefik (CVE-2026-40912). Confidential information can be exposed externally.
|
| CVE-2020-15505 KEV |
|
[KEV] Vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505)
vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|