Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-59873 |
|
node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.19, node-tar does not enforce hard upper bounds on total decompressed data, entry counts, or decompression ratio in extraction...
node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.19, node-tar does not enforce hard upper bounds on total decompressed data, entry counts, or decompression ratio in extraction and parsing paths such as src/extract.ts, allowing a small crafted gzip bomb to exhaust disk space a...
|
| CVE-2026-49146 |
|
Vulnerability in c (CVE-2026-49146)
vulnerability in c (CVE-2026-49146). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60000 |
|
Vulnerability in dos (CVE-2026-60000)
vulnerability in dos (CVE-2026-60000). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-60001 |
|
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
|
| CVE-2026-56811 |
|
Vulnerability in dos (CVE-2026-56811)
vulnerability in dos (CVE-2026-56811). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42145 |
|
Unrestricted File Upload in CVE-2026-42145 (CVE-2026-42145)
vulnerability in CVE-2026-42145 (CVE-2026-42145). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41899 |
|
Vulnerability in CVE-2026-41899 (CVE-2026-41899)
vulnerability in CVE-2026-41899 (CVE-2026-41899). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/feedback`.
|
| CVE-2026-55434 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55434)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55434). Risk of unauthorized operations or information disclosure. Exploitable via ``io.ReadAll``. Mitigation: upgrade to `2.33.8` or later.
|
| CVE-2026-55078 |
|
Vulnerability in github.com/coder/coder/v2 (CVE-2026-55078)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55078). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v2/files`. Mitigation: upgrade to `2.29.17` or later.
|
| CVE-2026-55646 |
|
Vulnerability in vllm (CVE-2026-55646)
vulnerability in vllm (CVE-2026-55646). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42546 |
|
Vulnerability in c (CVE-2026-42546)
vulnerability in c (CVE-2026-42546). Risk of unauthorized operations or information disclosure. Exploitable via ``OPTEE_MSG_ATTR_TYPE_MASK``.
|
| CVE-2026-13698 |
|
Vulnerability in dos (CVE-2026-13698)
vulnerability in dos (CVE-2026-13698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56810 |
|
Vulnerability in dos (CVE-2026-56810)
vulnerability in dos (CVE-2026-56810). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11586 |
|
Vulnerability in haxx (CVE-2026-11586)
vulnerability in haxx (CVE-2026-11586). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58465 |
|
Vulnerability in c (CVE-2026-58465)
vulnerability in c (CVE-2026-58465). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11946 |
|
Vulnerability in CVE-2026-11946 (CVE-2026-11946)
vulnerability in CVE-2026-11946 (CVE-2026-11946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9563 |
|
Vulnerability in dos (CVE-2026-9563)
vulnerability in dos (CVE-2026-9563). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33592 |
|
Vulnerability in CVE-2026-33592 (CVE-2026-33592)
vulnerability in CVE-2026-33592 (CVE-2026-33592). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54428 |
|
Vulnerability in apache (CVE-2026-54428)
vulnerability in apache (CVE-2026-54428). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56149 |
|
Vulnerability in dos (CVE-2026-56149)
vulnerability in dos (CVE-2026-56149). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56150 |
|
Vulnerability in dos (CVE-2026-56150)
vulnerability in dos (CVE-2026-56150). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49087 |
|
Vulnerability in dos (CVE-2026-49087)
vulnerability in dos (CVE-2026-49087). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20216 |
|
Vulnerability in dos (CVE-2026-20216)
vulnerability in dos (CVE-2026-20216). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14330 |
|
Multiple unbounded alloca() calls in the PulseAudio protocol server.
Multiple unbounded alloca() calls in the PulseAudio protocol server.
|
| CVE-2025-36319 |
|
Vulnerability in ibm (CVE-2025-36319)
vulnerability in ibm (CVE-2025-36319). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57080 |
|
Vulnerability in CVE-2026-57080 (CVE-2026-57080)
vulnerability in CVE-2026-57080 (CVE-2026-57080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12818 |
|
Vulnerability in CVE-2026-12818 (CVE-2026-12818)
vulnerability in CVE-2026-12818 (CVE-2026-12818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53426 |
|
Vulnerability in CVE-2026-53426 (CVE-2026-53426)
vulnerability in CVE-2026-53426 (CVE-2026-53426). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-32423 |
|
Vulnerability in dos (CVE-2025-32423)
vulnerability in dos (CVE-2025-32423). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.32` or later.
|
| CVE-2025-32394 |
|
Vulnerability in dos (CVE-2025-32394)
vulnerability in dos (CVE-2025-32394). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.32` or later.
|
| CVE-2026-48933 |
|
Vulnerability in nodejs (CVE-2026-48933)
vulnerability in nodejs (CVE-2026-48933). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13322 |
|
Vulnerability in redhat (CVE-2026-13322)
vulnerability in redhat (CVE-2026-13322). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54037 |
|
Vulnerability in librechat (CVE-2026-54037)
vulnerability in librechat (CVE-2026-54037). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/convos/fork`. Mitigation: upgrade to `0.8.4-rc1` or later.
|
| CVE-2026-54448 |
|
Vulnerability in aquasec (CVE-2026-54448)
vulnerability in aquasec (CVE-2026-54448). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.71.0` or later.
|
| CVE-2026-54024 |
|
Vulnerability in librechat (CVE-2026-54024)
vulnerability in librechat (CVE-2026-54024). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/convos/import`. Mitigation: upgrade to `0.8.4-rc1` or later.
|
| CVE-2026-40211 |
|
Vulnerability in dos (CVE-2026-40211)
vulnerability in dos (CVE-2026-40211). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12760 |
|
Vulnerability in dos (CVE-2026-12760)
vulnerability in dos (CVE-2026-12760). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49851 |
|
Vulnerability in dos (CVE-2026-49851)
vulnerability in dos (CVE-2026-49851). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.0` or later.
|
| CVE-2026-11972 |
|
Vulnerability in CVE-2026-11972 (CVE-2026-11972)
vulnerability in CVE-2026-11972 (CVE-2026-11972). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61028 |
|
SQL Injection in dos (CVE-2025-61028)
SQL injection in dos (CVE-2025-61028). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-54365 |
|
Vulnerability in CVE-2023-54365 (CVE-2023-54365)
vulnerability in CVE-2023-54365 (CVE-2023-54365). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56324 |
|
Vulnerability in CVE-2026-56324 (CVE-2026-56324)
vulnerability in CVE-2026-56324 (CVE-2026-56324). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56255 |
|
Vulnerability in dos (CVE-2026-56255)
vulnerability in dos (CVE-2026-56255). Risk of unauthorized operations or information disclosure. Exploitable via `POST /app/demo`.
|
| CVE-2026-48514 |
|
Vulnerability in MessagePack (CVE-2026-48514)
vulnerability in MessagePack (CVE-2026-48514). Risk of unauthorized operations or information disclosure. Exploitable via ``byteLength``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48515 |
|
Vulnerability in MessagePack (CVE-2026-48515)
vulnerability in MessagePack (CVE-2026-48515). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSecurity.UntrustedData``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48510 |
|
Vulnerability in MessagePack (CVE-2026-48510)
vulnerability in MessagePack (CVE-2026-48510). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-39904 |
|
Vulnerability in dos (CVE-2026-39904)
vulnerability in dos (CVE-2026-39904). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42127 |
|
Vulnerability in dos (CVE-2026-42127)
vulnerability in dos (CVE-2026-42127). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-54178 |
|
Vulnerability in dos (CVE-2024-54178)
vulnerability in dos (CVE-2024-54178). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49337 |
|
Vulnerability in CVE-2026-49337 (CVE-2026-49337)
vulnerability in CVE-2026-49337 (CVE-2026-49337). Risk of unauthorized operations or information disclosure.
|