Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-807 Clear
ID Title
CVE-2026-48980 Vulnerability in CVE-2026-48980 (CVE-2026-48980)
vulnerability in CVE-2026-48980 (CVE-2026-48980). Confidential information can be exposed externally.
CVE-2026-53860 Authorization Flaw in openclaw (CVE-2026-53860)
vulnerability in openclaw (CVE-2026-53860). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.5.7` or later.
CVE-2026-48491 Vulnerability in Traefik (CVE-2026-48491)
vulnerability in Traefik (CVE-2026-48491). Confidential information can be exposed externally. Exploitable via ``SNICheck``. Mitigation: upgrade to `3.7.3` or later.
CVE-2026-12058 The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.
The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.
CVE-2026-43935 Vulnerability in CVE-2026-43935 (CVE-2026-43935)
vulnerability in CVE-2026-43935 (CVE-2026-43935). Confidential information can be exposed externally. Exploitable via `Host header`. Mitigation: upgrade to `2.3.4` or later.
CVE-2026-44649 Vulnerability in sillytavern (CVE-2026-44649)
vulnerability in sillytavern (CVE-2026-44649). Successful exploitation can lead to full system takeover. Exploitable via ``config.yaml``. Mitigation: upgrade to `1.18.0` or later.
CVE-2026-6213 Vulnerability in CVE-2026-6213 (CVE-2026-6213)
vulnerability in CVE-2026-6213 (CVE-2026-6213). Risk of unauthorized operations or information disclosure.
CVE-2026-24120 Code Injection in vm2-project (CVE-2026-24120)
code injection in vm2-project (CVE-2026-24120). Successful exploitation can lead to full system takeover. Exploitable via ``resetPromiseSpecies``.
CVE-2026-34486 Vulnerability in tomcat (CVE-2026-34486)
vulnerability in tomcat (CVE-2026-34486). Confidential information can be exposed externally. Mitigation: upgrade to `9.0.117, 10.1.54, 11.0.21` or later.
CVE-2026-31892 Authorization Flaw in argoproj (CVE-2026-31892)
vulnerability in argoproj (CVE-2026-31892). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.2` or later.
CVE-2026-21514 KEV [KEV] Vulnerability in Microsoft office (CVE-2026-21514)
vulnerability in Microsoft office (CVE-2026-21514). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-21509 KEV [KEV] Vulnerability in Microsoft office (CVE-2026-21509)
vulnerability in Microsoft office (CVE-2026-21509). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-10161 Vulnerability in CVE-2025-10161 (CVE-2025-10161)
vulnerability in CVE-2025-10161 (CVE-2025-10161). Risk of unauthorized operations or information disclosure.
CVE-2019-9621 KEV [KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621)
SSRF in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-0887 Vulnerability in nextcloud (CVE-2017-0887)
vulnerability in nextcloud (CVE-2017-0887). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →