Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-829 Clear
ID Title
CVE-2026-58116 Code Injection in hiyouga (CVE-2026-58116)
code injection in hiyouga (CVE-2026-58116). Successful exploitation can lead to full system takeover.
CVE-2026-13751 Vulnerability in snowflake (CVE-2026-13751)
vulnerability in snowflake (CVE-2026-13751). Risk of unauthorized operations or information disclosure.
CVE-2026-55698 Vulnerability in pnpm (CVE-2026-55698)
vulnerability in pnpm (CVE-2026-55698). Successful exploitation can lead to full system takeover. Exploitable via ``a93449314f398cf4bdf2e28d033c02d37395ad22``. Mitigation: upgrade to `11.5.3` or later.
CVE-2026-55697 OS Command Injection in pnpm (CVE-2026-55697)
OS command injection in pnpm (CVE-2026-55697). Successful exploitation can lead to full system takeover. Exploitable via ``a93449314f398cf4bdf2e28d033c02d37395ad22``. Mitigation: upgrade to `11.5.3` or later.
CVE-2026-55487 Vulnerability in pnpm (CVE-2026-55487)
vulnerability in pnpm (CVE-2026-55487). Successful exploitation can lead to full system takeover. Exploitable via ``bf1b731ee6``. Mitigation: upgrade to `10.34.2` or later.
CVE-2026-56447 Vulnerability in misp-project (CVE-2026-56447)
vulnerability in misp-project (CVE-2026-56447). Successful exploitation can lead to full system takeover.
CVE-2026-50195 Vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195)
vulnerability in Amazon github.com/containerd/containerd/v2 (CVE-2026-50195). Successful exploitation can lead to full system takeover. Exploitable via ``IfNotPresent``. Mitigation: upgrade to `2.3.2` or later.
CVE-2026-46580 Vulnerability in @theia/ai-chat-ui (CVE-2026-46580)
vulnerability in @theia/ai-chat-ui (CVE-2026-46580). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.71.0` or later.
CVE-2026-44691 Vulnerability in @theia/debug (CVE-2026-44691)
vulnerability in @theia/debug (CVE-2026-44691). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.69.0` or later.
CVE-2026-44688 Vulnerability in @theia/ai-chat-ui (CVE-2026-44688)
vulnerability in @theia/ai-chat-ui (CVE-2026-44688). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.71.0` or later.
CVE-2026-22551 Vulnerability in @theia/ai-chat-ui (CVE-2026-22551)
vulnerability in @theia/ai-chat-ui (CVE-2026-22551). Confidential information can be exposed externally. Mitigation: upgrade to `1.71.0` or later.
CVE-2026-22283 Vulnerability in dell (CVE-2026-22283)
vulnerability in dell (CVE-2026-22283). Successful exploitation can lead to full system takeover.
CVE-2026-54325 Vulnerability in @earendil-works/pi-coding-agent (CVE-2026-54325)
vulnerability in @earendil-works/pi-coding-agent (CVE-2026-54325). Risk of unauthorized operations or information disclosure. Exploitable via ``project_trust``. Mitigation: upgrade to `0.79.0` or later.
CVE-2026-48124 Code Injection in CVE-2026-48124 (CVE-2026-48124)
code injection in CVE-2026-48124 (CVE-2026-48124). Risk of unauthorized operations or information disclosure.
CVE-2026-12057 Vulnerability in foxit (CVE-2026-12057)
vulnerability in foxit (CVE-2026-12057). Successful exploitation can lead to full system takeover.
CVE-2026-53810 OS Command Injection in openclaw (CVE-2026-53810)
OS command injection in openclaw (CVE-2026-53810). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.18` or later.
CVE-2026-52858 Code Injection in vim (CVE-2026-52858)
code injection in vim (CVE-2026-52858). Successful exploitation can lead to full system takeover.
CVE-2026-47174 Vulnerability in CVE-2026-47174 (CVE-2026-47174)
vulnerability in CVE-2026-47174 (CVE-2026-47174). Risk of unauthorized operations or information disclosure.
CVE-2026-47172 Vulnerability in CVE-2026-47172 (CVE-2026-47172)
vulnerability in CVE-2026-47172 (CVE-2026-47172). Risk of unauthorized operations or information disclosure.
CVE-2026-46529 Command Injection in c (CVE-2026-46529)
command injection in c (CVE-2026-46529). Successful exploitation can lead to full system takeover. Exploitable via ``g_shell_quote``. Mitigation: upgrade to `1.6.2` or later.
CVE-2026-47292 Code Injection in microsoft (CVE-2026-47292)
code injection in microsoft (CVE-2026-47292). Successful exploitation can lead to full system takeover.
CVE-2026-11269 Vulnerability in google (CVE-2026-11269)
vulnerability in google (CVE-2026-11269). Successful exploitation can lead to full system takeover.
CVE-2026-8879 Vulnerability in securly (CVE-2026-8879)
vulnerability in securly (CVE-2026-8879). Risk of unauthorized operations or information disclosure.
CVE-2026-5241 Vulnerability in huggingface (CVE-2026-5241)
vulnerability in huggingface (CVE-2026-5241). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``.
CVE-2022-49042 Vulnerability in synology (CVE-2022-49042)
vulnerability in synology (CVE-2022-49042). Successful exploitation can lead to full system takeover.
CVE-2022-49036 Vulnerability in synology (CVE-2022-49036)
vulnerability in synology (CVE-2022-49036). Successful exploitation can lead to full system takeover.
CVE-2026-44358 Vulnerability in CVE-2026-44358 (CVE-2026-44358)
vulnerability in CVE-2026-44358 (CVE-2026-44358). Data can be tampered with by attackers. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-42089 Vulnerability in yeoman-environment (CVE-2026-42089)
vulnerability in yeoman-environment (CVE-2026-42089). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.0.1` or later.
CVE-2026-5817 Vulnerability in docker (CVE-2026-5817)
vulnerability in docker (CVE-2026-5817). Successful exploitation can lead to full system takeover.
CVE-2026-5843 Vulnerability in docker (CVE-2026-5843)
vulnerability in docker (CVE-2026-5843). Successful exploitation can lead to full system takeover.
CVE-2026-8428 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8428)
vulnerability in concrete5/concrete5 (CVE-2026-8428). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8426 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8426)
vulnerability in concrete5/concrete5 (CVE-2026-8426). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-7373 Vulnerability in privilege-escalation (CVE-2026-7373)
vulnerability in privilege-escalation (CVE-2026-7373). Risk of unauthorized operations or information disclosure.
CVE-2026-43999 Authorization Flaw in vm2 (CVE-2026-43999)
vulnerability in vm2 (CVE-2026-43999). Successful exploitation can lead to full system takeover. Exploitable via ``builtin``. Mitigation: upgrade to `3.11.0` or later.
CVE-2026-44995 Vulnerability in openclaw (CVE-2026-44995)
vulnerability in openclaw (CVE-2026-44995). Successful exploitation can lead to full system takeover. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.20` or later.
CVE-2026-45184 Vulnerability in CVE-2026-45184 (CVE-2026-45184)
vulnerability in CVE-2026-45184 (CVE-2026-45184). Confidential information can be exposed externally.
CVE-2026-44336 Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
CVE-2026-43944 Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
CVE-2026-43940 Path Traversal in electerm (CVE-2026-43940)
path traversal in electerm (CVE-2026-43940). Successful exploitation can lead to full system takeover. Exploitable via ``runWidget``. Mitigation: upgrade to `3.7.16` or later.
CVE-2026-44312 Vulnerability in css_parser (CVE-2026-44312)
vulnerability in css_parser (CVE-2026-44312). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.22.0` or later.
CVE-2026-44484 Vulnerability in pytorch-lightning (CVE-2026-44484)
vulnerability in pytorch-lightning (CVE-2026-44484). Successful exploitation can lead to full system takeover.
CVE-2026-43003 OS Command Injection in ironic-python-agent (CVE-2026-43003)
OS command injection in ironic-python-agent (CVE-2026-43003). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `11.6.0` or later.
CVE-2026-42510 Vulnerability in ironic (CVE-2026-42510)
vulnerability in ironic (CVE-2026-42510). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `35.0.1` or later.
CVE-2026-41355 Vulnerability in openclaw (CVE-2026-41355)
vulnerability in openclaw (CVE-2026-41355). Successful exploitation can lead to full system takeover.
CVE-2026-6859 Vulnerability in redhat (CVE-2026-6859)
vulnerability in redhat (CVE-2026-6859). Successful exploitation can lead to full system takeover. Exploitable via ``linux_train.py``.
CVE-2026-41253 Vulnerability in c (CVE-2026-41253)
vulnerability in c (CVE-2026-41253). Confidential information can be exposed externally.
CVE-2026-40959 Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
CVE-2026-22217 Vulnerability in openclaw (CVE-2026-22217)
vulnerability in openclaw (CVE-2026-22217). Data can be tampered with by attackers. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.2.23` or later.
CVE-2026-28500 Vulnerability in onnx (CVE-2026-28500)
vulnerability in onnx (CVE-2026-28500). Confidential information can be exposed externally. Mitigation: upgrade to `1.21.0rc1` or later.
CVE-2026-4255 Vulnerability in thermalright (CVE-2026-4255)
vulnerability in thermalright (CVE-2026-4255). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →