Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-49145 |
|
Vulnerability in CVE-2026-49145 (CVE-2026-49145)
vulnerability in CVE-2026-49145 (CVE-2026-49145). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6101 |
|
Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53648 |
|
Vulnerability in CVE-2026-53648 (CVE-2026-53648)
vulnerability in CVE-2026-53648 (CVE-2026-53648). Risk of unauthorized operations or information disclosure. Exploitable via ``servicedownloadable.manage``.
|
| CVE-2026-59196 |
|
Path Traversal in pnpm (CVE-2026-59196)
path traversal in pnpm (CVE-2026-59196). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
|
| CVE-2026-59194 |
|
Path Traversal in pnpm (CVE-2026-59194)
path traversal in pnpm (CVE-2026-59194). Data can be tampered with by attackers. Mitigation: upgrade to `10.34.4` or later.
|
| CVE-2026-58293 |
|
Vulnerability in microsoft (CVE-2026-58293)
vulnerability in microsoft (CVE-2026-58293). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8921 |
|
Vulnerability in CVE-2026-8921 (CVE-2026-8921)
vulnerability in CVE-2026-8921 (CVE-2026-8921). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5821 |
|
Vulnerability in wordpress (CVE-2026-5821)
vulnerability in wordpress (CVE-2026-5821). Data can be tampered with by attackers.
|
| CVE-2026-55628 |
|
Vulnerability in CVE-2026-55628 (CVE-2026-55628)
vulnerability in CVE-2026-55628 (CVE-2026-55628). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12480 |
|
Vulnerability in CVE-2026-12480 (CVE-2026-12480)
vulnerability in CVE-2026-12480 (CVE-2026-12480). Confidential information can be exposed externally. Exploitable via ``file_editor.py``.
|
| CVE-2026-6070 |
|
Vulnerability in wordpress (CVE-2026-6070)
vulnerability in wordpress (CVE-2026-6070). Data can be tampered with by attackers.
|
| CVE-2026-3602 |
|
Vulnerability in sqli (CVE-2026-3602)
vulnerability in sqli (CVE-2026-3602). Data can be tampered with by attackers.
|
| CVE-2026-10816 |
|
Vulnerability in citrix (CVE-2026-10816)
vulnerability in citrix (CVE-2026-10816). Confidential information can be exposed externally.
|
| CVE-2026-13748 |
|
Path Traversal in snowflake (CVE-2026-13748)
path traversal in snowflake (CVE-2026-13748). Confidential information can be exposed externally.
|
| CVE-2026-8095 |
|
Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
|
| CVE-2026-55700 |
|
Path Traversal in pnpm (CVE-2026-55700)
path traversal in pnpm (CVE-2026-55700). Data can be tampered with by attackers. Exploitable via ``main``. Mitigation: upgrade to `11.5.3` or later.
|
| CVE-2026-55699 |
|
Path Traversal in pnpm (CVE-2026-55699)
path traversal in pnpm (CVE-2026-55699). Risk of unauthorized operations or information disclosure. Exploitable via ``a93449314f398cf4bdf2e28d033c02d37395ad22``. Mitigation: upgrade to `11.5.3` or later.
|
| CVE-2025-71334 |
|
Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71338 |
|
Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71333 |
|
Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71324 |
|
Vulnerability in path-traversal (CVE-2025-71324)
vulnerability in path-traversal (CVE-2025-71324). Confidential information can be exposed externally.
|
| CVE-2026-55477 |
|
Vulnerability in CVE-2026-55477 (CVE-2026-55477)
vulnerability in CVE-2026-55477 (CVE-2026-55477). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.3.1` or later.
|
| CVE-2026-48720 |
|
Vulnerability in CVE-2026-48720 (CVE-2026-48720)
vulnerability in CVE-2026-48720 (CVE-2026-48720). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.2026.05.06.15.42.stable` or later.
|
| CVE-2026-49358 |
|
Vulnerability in pontedilana/php-weasyprint (CVE-2026-49358)
vulnerability in pontedilana/php-weasyprint (CVE-2026-49358). Risk of unauthorized operations or information disclosure. Exploitable via ``realpath``. Mitigation: upgrade to `2.6.0` or later.
|
| CVE-2026-53915 |
|
Vulnerability in jetbrains (CVE-2026-53915)
vulnerability in jetbrains (CVE-2026-53915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8118 |
|
Vulnerability in wordpress (CVE-2026-8118)
vulnerability in wordpress (CVE-2026-8118). Confidential information can be exposed externally.
|
| CVE-2026-2604 |
|
Vulnerability in path-traversal (CVE-2026-2604)
vulnerability in path-traversal (CVE-2026-2604). Data can be tampered with by attackers.
|
| CVE-2026-10303 |
|
Vulnerability in path-traversal (CVE-2026-10303)
vulnerability in path-traversal (CVE-2026-10303). Confidential information can be exposed externally.
|
| CVE-2026-48520 |
|
Vulnerability in langflow (CVE-2026-48520)
vulnerability in langflow (CVE-2026-48520). Confidential information can be exposed externally. Exploitable via ``files``. Mitigation: upgrade to `1.10.0` or later.
|
| CVE-2026-39006 |
|
Vulnerability in CVE-2026-39006 (CVE-2026-39006)
vulnerability in CVE-2026-39006 (CVE-2026-39006). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53632 |
|
Vulnerability in launch-editor (CVE-2026-53632)
vulnerability in launch-editor (CVE-2026-53632). Risk of unauthorized operations or information disclosure. Exploitable via ``smbserver.py``. Mitigation: upgrade to `2.14.1` or later.
|
| CVE-2026-34030 |
|
Vulnerability in path-traversal (CVE-2026-34030)
vulnerability in path-traversal (CVE-2026-34030). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11527 |
|
Vulnerability in CVE-2026-11527 (CVE-2026-11527)
vulnerability in CVE-2026-11527 (CVE-2026-11527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11526 |
|
Vulnerability in CVE-2026-11526 (CVE-2026-11526)
vulnerability in CVE-2026-11526 (CVE-2026-11526). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52465 |
|
Vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465)
vulnerability in org.geoserver.web:gs-web-app (CVE-2025-52465). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.26.4` or later.
|
| CVE-2026-45556 |
|
Vulnerability in nginx (CVE-2026-45556)
vulnerability in nginx (CVE-2026-45556). Successful exploitation can lead to full system takeover. Exploitable via `POST /waf/`.
|
| CVE-2026-47643 |
|
Vulnerability in microsoft (CVE-2026-47643)
vulnerability in microsoft (CVE-2026-47643). Successful exploitation can lead to full system takeover.
|
| CVE-2025-12656 |
|
Vulnerability in wordpress (CVE-2025-12656)
vulnerability in wordpress (CVE-2025-12656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46397 |
|
Path Traversal in CVE-2026-46397 (CVE-2026-46397)
path traversal in CVE-2026-46397 (CVE-2026-46397). Confidential information can be exposed externally.
|
| CVE-2026-46399 |
|
Vulnerability in CVE-2026-46399 (CVE-2026-46399)
vulnerability in CVE-2026-46399 (CVE-2026-46399). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40605 |
|
Path Traversal in path-traversal (CVE-2026-40605)
path traversal in path-traversal (CVE-2026-40605). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47214 |
|
Vulnerability in docling (CVE-2026-47214)
vulnerability in docling (CVE-2026-47214). Confidential information can be exposed externally. Exploitable via ``base_path``. Mitigation: upgrade to `2.94.0` or later.
|
| CVE-2026-20175 |
|
Vulnerability in cisco (CVE-2026-20175)
vulnerability in cisco (CVE-2026-20175). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35079 |
|
Vulnerability in mbs-solutions (CVE-2026-35079)
vulnerability in mbs-solutions (CVE-2026-35079). Data can be tampered with by attackers.
|
| CVE-2026-35080 |
|
Vulnerability in mbs-solutions (CVE-2026-35080)
vulnerability in mbs-solutions (CVE-2026-35080). Data can be tampered with by attackers.
|
| CVE-2026-35078 |
|
Vulnerability in mbs-solutions (CVE-2026-35078)
vulnerability in mbs-solutions (CVE-2026-35078). Data can be tampered with by attackers.
|
| CVE-2026-35077 |
|
Vulnerability in mbs-solutions (CVE-2026-35077)
vulnerability in mbs-solutions (CVE-2026-35077). Data can be tampered with by attackers.
|
| CVE-2026-35076 |
|
Vulnerability in mbs-solutions (CVE-2026-35076)
vulnerability in mbs-solutions (CVE-2026-35076). Data can be tampered with by attackers.
|
| CVE-2026-10694 |
|
Vulnerability in CVE-2026-10694 (CVE-2026-10694)
vulnerability in CVE-2026-10694 (CVE-2026-10694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41412 |
|
Path Traversal in CVE-2026-41412 (CVE-2026-41412)
path traversal in CVE-2026-41412 (CVE-2026-41412). Confidential information can be exposed externally. Exploitable via ``simpleHttpClient``.
|