Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-749 Clear
ID Title
CVE-2025-53827 Vulnerability in CVE-2025-53827 (CVE-2025-53827)
vulnerability in CVE-2025-53827 (CVE-2025-53827). Successful exploitation can lead to full system takeover.
CVE-2026-14620 Cross-Site Request Forgery (CSRF) in webpackjs (CVE-2026-14620)
vulnerability in webpackjs (CVE-2026-14620). Risk of unauthorized operations or information disclosure.
CVE-2026-54753 Vulnerability in CVE-2026-54753 (CVE-2026-54753)
vulnerability in CVE-2026-54753 (CVE-2026-54753). Confidential information can be exposed externally. Mitigation: upgrade to `22.7.2` or later.
CVE-2026-55454 Vulnerability in ssrf (CVE-2026-55454)
vulnerability in ssrf (CVE-2026-55454). Successful exploitation can lead to full system takeover. Exploitable via `POST /load`. Mitigation: upgrade to `2.1` or later.
CVE-2026-48783 Vulnerability in CVE-2026-48783 (CVE-2026-48783)
vulnerability in CVE-2026-48783 (CVE-2026-48783). Risk of unauthorized operations or information disclosure.
CVE-2026-49993 Vulnerability in @nuxt/webpack-builder (CVE-2026-49993)
vulnerability in @nuxt/webpack-builder (CVE-2026-49993). Confidential information can be exposed externally. Exploitable via ``Origin``. Mitigation: upgrade to `3.21.7` or later.
CVE-2026-12060 Vulnerability in CVE-2026-12060 (CVE-2026-12060)
vulnerability in CVE-2026-12060 (CVE-2026-12060). Confidential information can be exposed externally.
CVE-2026-7516 Vulnerability in CVE-2026-7516 (CVE-2026-7516)
vulnerability in CVE-2026-7516 (CVE-2026-7516). Risk of unauthorized operations or information disclosure.
CVE-2026-47899 Vulnerability in CVE-2026-47899 (CVE-2026-47899)
vulnerability in CVE-2026-47899 (CVE-2026-47899). Risk of unauthorized operations or information disclosure.
CVE-2026-41283 Authorization Flaw in CVE-2026-41283 (CVE-2026-41283)
vulnerability in CVE-2026-41283 (CVE-2026-41283). Successful exploitation can lead to full system takeover.
CVE-2026-44698 Code Injection in CVE-2026-44698 (CVE-2026-44698)
code injection in CVE-2026-44698 (CVE-2026-44698). Successful exploitation can lead to full system takeover. Exploitable via ``window.externalApp``. Mitigation: upgrade to `2026.4.1` or later.
CVE-2025-14713 Vulnerability in synology (CVE-2025-14713)
vulnerability in synology (CVE-2025-14713). Confidential information can be exposed externally.
CVE-2026-4051 Vulnerability in ibm (CVE-2026-4051)
vulnerability in ibm (CVE-2026-4051). Successful exploitation can lead to full system takeover.
CVE-2026-45670 Vulnerability in @nuxt/rspack-builder (CVE-2026-45670)
vulnerability in @nuxt/rspack-builder (CVE-2026-45670). Risk of unauthorized operations or information disclosure. Exploitable via ``script.src``. Mitigation: upgrade to `4.4.6` or later.
CVE-2026-33584 Vulnerability in CVE-2026-33584 (CVE-2026-33584)
vulnerability in CVE-2026-33584 (CVE-2026-33584). Risk of unauthorized operations or information disclosure.
CVE-2026-33583 Vulnerability in CVE-2026-33583 (CVE-2026-33583)
vulnerability in CVE-2026-33583 (CVE-2026-33583). Confidential information can be exposed externally.
CVE-2026-44798 Vulnerability in nautobot (CVE-2026-44798)
vulnerability in nautobot (CVE-2026-44798). Risk of unauthorized operations or information disclosure. Exploitable via ``current_head``. Mitigation: upgrade to `2.4.33` or later.
CVE-2026-8108 Vulnerability in cisa (CVE-2026-8108)
vulnerability in cisa (CVE-2026-8108). Successful exploitation can lead to full system takeover.
CVE-2026-8109 Vulnerability in ivanti (CVE-2026-8109)
vulnerability in ivanti (CVE-2026-8109). Confidential information can be exposed externally.
CVE-2026-6402 Vulnerability in webpack-dev-server (CVE-2026-6402)
vulnerability in webpack-dev-server (CVE-2026-6402). Confidential information can be exposed externally. Mitigation: upgrade to `5.2.4` or later.
CVE-2026-44836 Vulnerability in view_component (CVE-2026-44836)
vulnerability in view_component (CVE-2026-44836). Confidential information can be exposed externally. Exploitable via `GET /rails/view_components/my_component/render_with_template`. Mitigation: upgrade to `4.9.0` or later.
CVE-2026-24118 Code Injection in vm2-project (CVE-2026-24118)
code injection in vm2-project (CVE-2026-24118). Successful exploitation can lead to full system takeover. Exploitable via ``__lookupGetter__``.
CVE-2026-22208 Vulnerability in CVE-2026-22208 (CVE-2026-22208)
vulnerability in CVE-2026-22208 (CVE-2026-22208). Successful exploitation can lead to full system takeover.
CVE-2024-12651 Vulnerability in CVE-2024-12651 (CVE-2024-12651)
vulnerability in CVE-2024-12651 (CVE-2024-12651). Confidential information can be exposed externally.
CVE-2024-25675 Vulnerability in misp-project (CVE-2024-25675)
vulnerability in misp-project (CVE-2024-25675). Successful exploitation can lead to full system takeover.
CVE-2018-19322 KEV [KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19322)
vulnerability in Gigabyte multiple-products (CVE-2018-19322). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-36942 KEV [KEV] Vulnerability in Microsoft windows (CVE-2021-36942)
vulnerability in Microsoft windows (CVE-2021-36942). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-2735 Vulnerability in huawei (CVE-2017-2735)
vulnerability in huawei (CVE-2017-2735). Data can be tampered with by attackers.
CVE-2016-9469 Vulnerability in gitlab (CVE-2016-9469)
vulnerability in gitlab (CVE-2016-9469). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →