Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-863 Clear
ID Title
CVE-2026-56776 Authorization Flaw in CVE-2026-56776 (CVE-2026-56776)
vulnerability in CVE-2026-56776 (CVE-2026-56776). Risk of unauthorized operations or information disclosure. Exploitable via `POST /workflows/{workflowId}/test-runs/new`.
CVE-2026-56220 Authorization Flaw in CVE-2026-56220 (CVE-2026-56220)
vulnerability in CVE-2026-56220 (CVE-2026-56220). Data can be tampered with by attackers.
CVE-2026-56086 Authorization Flaw in CVE-2026-56086 (CVE-2026-56086)
vulnerability in CVE-2026-56086 (CVE-2026-56086). Successful exploitation can lead to full system takeover.
CVE-2026-55873 Authorization Flaw in CVE-2026-55873 (CVE-2026-55873)
vulnerability in CVE-2026-55873 (CVE-2026-55873). Risk of unauthorized operations or information disclosure.
CVE-2026-54652 Privilege Escalation in nginx (CVE-2026-54652)
vulnerability in nginx (CVE-2026-54652). Confidential information can be exposed externally. Exploitable via `GET /api/logs/{service}`.
CVE-2026-60125 Authorization Flaw in CVE-2026-60125 (CVE-2026-60125)
vulnerability in CVE-2026-60125 (CVE-2026-60125). Risk of unauthorized operations or information disclosure.
CVE-2026-56778 Authorization Flaw in CVE-2026-56778 (CVE-2026-56778)
vulnerability in CVE-2026-56778 (CVE-2026-56778). Risk of unauthorized operations or information disclosure.
CVE-2026-56775 Authorization Flaw in CVE-2026-56775 (CVE-2026-56775)
vulnerability in CVE-2026-56775 (CVE-2026-56775). Risk of unauthorized operations or information disclosure.
CVE-2026-54698 Authorization Flaw in CVE-2026-54698 (CVE-2026-54698)
vulnerability in CVE-2026-54698 (CVE-2026-54698). Risk of unauthorized operations or information disclosure.
CVE-2026-50529 Authorization Flaw in CVE-2026-50529 (CVE-2026-50529)
vulnerability in CVE-2026-50529 (CVE-2026-50529). Risk of unauthorized operations or information disclosure.
CVE-2026-12352 Authorization Flaw in cisa (CVE-2026-12352)
vulnerability in cisa (CVE-2026-12352). Confidential information can be exposed externally.
CVE-2026-34047 Authorization Flaw in CVE-2026-34047 (CVE-2026-34047)
vulnerability in CVE-2026-34047 (CVE-2026-34047). Successful exploitation can lead to full system takeover.
CVE-2026-53642 Authorization Flaw in CVE-2026-53642 (CVE-2026-53642)
vulnerability in CVE-2026-53642 (CVE-2026-53642). Risk of unauthorized operations or information disclosure.
CVE-2026-32718 Authorization Flaw in CVE-2026-32718 (CVE-2026-32718)
vulnerability in CVE-2026-32718 (CVE-2026-32718). Data can be tampered with by attackers.
CVE-2026-54765 Vulnerability in traefik (CVE-2026-54765)
vulnerability in traefik (CVE-2026-54765). Data can be tampered with by attackers.
CVE-2026-42331 Vulnerability in CVE-2026-42331 (CVE-2026-42331)
vulnerability in CVE-2026-42331 (CVE-2026-42331). Risk of unauthorized operations or information disclosure. Exploitable via ``gateway_id``.
CVE-2026-55435 Authorization Flaw in github.com/coder/coder/v2 (CVE-2026-55435)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55435). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /api/v2/users/{user}/keys`. Mitigation: upgrade to `2.32.7` or later.
CVE-2026-55428 Vulnerability in github.com/coder/coder/v2 (CVE-2026-55428)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55428). Confidential information can be exposed externally. Exploitable via ``Addresses``. Mitigation: upgrade to `2.29.17` or later.
CVE-2026-53935 Authorization Flaw in github.com/cilium/cilium (CVE-2026-53935)
vulnerability in github.com/cilium/cilium (CVE-2026-53935). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.17.16` or later.
CVE-2026-14536 Authorization Flaw in devolutions (CVE-2026-14536)
vulnerability in devolutions (CVE-2026-14536). Successful exploitation can lead to full system takeover.
CVE-2026-14716 Vulnerability in CVE-2026-14716 (CVE-2026-14716)
vulnerability in CVE-2026-14716 (CVE-2026-14716). Risk of unauthorized operations or information disclosure.
CVE-2026-27780 Authorization Flaw in CVE-2026-27780 (CVE-2026-27780)
vulnerability in CVE-2026-27780 (CVE-2026-27780). Successful exploitation can lead to full system takeover.
CVE-2026-58424 Permanent Fork PR Workflow Approval Gate Bypass
Permanent Fork PR Workflow Approval Gate Bypass
CVE-2026-27775 Authorization Flaw in CVE-2026-27775 (CVE-2026-27775)
vulnerability in CVE-2026-27775 (CVE-2026-27775). Successful exploitation can lead to full system takeover.
CVE-2026-28740 Vulnerability in CVE-2026-28740 (CVE-2026-28740)
vulnerability in CVE-2026-28740 (CVE-2026-28740). Confidential information can be exposed externally.
CVE-2026-27761 Authorization Flaw in CVE-2026-27761 (CVE-2026-27761)
vulnerability in CVE-2026-27761 (CVE-2026-27761). Risk of unauthorized operations or information disclosure.
CVE-2026-46730 Authorization Flaw in CVE-2026-46730 (CVE-2026-46730)
vulnerability in CVE-2026-46730 (CVE-2026-46730). Risk of unauthorized operations or information disclosure.
CVE-2026-54998 Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
CVE-2026-56842 Authorization Flaw in ui (CVE-2026-56842)
vulnerability in ui (CVE-2026-56842). Successful exploitation can lead to full system takeover.
CVE-2026-8079 Authorization Flaw in progress (CVE-2026-8079)
vulnerability in progress (CVE-2026-8079). Confidential information can be exposed externally.
CVE-2026-14340 Authorization Flaw in github (CVE-2026-14340)
vulnerability in github (CVE-2026-14340). Risk of unauthorized operations or information disclosure.
CVE-2026-56152 Authorization Flaw in elastic (CVE-2026-56152)
vulnerability in elastic (CVE-2026-56152). Confidential information can be exposed externally.
CVE-2026-53905 Authorization Flaw in mycomplianceoffice (CVE-2026-53905)
vulnerability in mycomplianceoffice (CVE-2026-53905). Data can be tampered with by attackers.
CVE-2026-53902 Vulnerability in privilege-escalation (CVE-2026-53902)
vulnerability in privilege-escalation (CVE-2026-53902). Data can be tampered with by attackers.
CVE-2026-7663 Vulnerability in langflow (CVE-2026-7663)
vulnerability in langflow (CVE-2026-7663). Confidential information can be exposed externally.
CVE-2026-48286 Authorization Flaw in adobe (CVE-2026-48286)
vulnerability in adobe (CVE-2026-48286). Successful exploitation can lead to full system takeover.
CVE-2026-57953 Authorization Flaw in its-a-feature (CVE-2026-57953)
vulnerability in its-a-feature (CVE-2026-57953). Risk of unauthorized operations or information disclosure.
CVE-2026-57951 Authorization Flaw in its-a-feature (CVE-2026-57951)
vulnerability in its-a-feature (CVE-2026-57951). Confidential information can be exposed externally.
CVE-2026-57950 ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
CVE-2026-13508 Vulnerability in CVE-2026-13508 (CVE-2026-13508)
vulnerability in CVE-2026-13508 (CVE-2026-13508). Risk of unauthorized operations or information disclosure.
CVE-2026-13484 Vulnerability in lfprojects (CVE-2026-13484)
vulnerability in lfprojects (CVE-2026-13484). Risk of unauthorized operations or information disclosure.
CVE-2026-58056 RustDesk gates incoming control messages on per-capability flags rather than on the session's...
RustDesk gates incoming control messages on per-capability flags rather than on the session's...
CVE-2026-53577 Authorization Flaw in kestra (CVE-2026-53577)
vulnerability in kestra (CVE-2026-53577). Confidential information can be exposed externally. Exploitable via `GET /api/v1/{tenant}/executions/{executionId}/file/preview`. Mitigation: upgrade to `1.0.45` or later.
CVE-2026-55188 Information Disclosure in CVE-2026-55188 (CVE-2026-55188)
vulnerability in CVE-2026-55188 (CVE-2026-55188). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-55189 Vulnerability in CVE-2026-55189 (CVE-2026-55189)
vulnerability in CVE-2026-55189 (CVE-2026-55189). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.0-beta.9` or later.
CVE-2026-52779 Vulnerability in CVE-2026-52779 (CVE-2026-52779)
vulnerability in CVE-2026-52779 (CVE-2026-52779). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-44735 Authorization Flaw in CVE-2026-44735 (CVE-2026-44735)
vulnerability in CVE-2026-44735 (CVE-2026-44735). Confidential information can be exposed externally. Exploitable via `GET /api/v3/shares`. Mitigation: upgrade to `17.3.2` or later.
CVE-2026-9640 Authorization Flaw in privilege-escalation (CVE-2026-9640)
vulnerability in privilege-escalation (CVE-2026-9640). Successful exploitation can lead to full system takeover.
CVE-2026-55411 Vulnerability in CVE-2026-55411 (CVE-2026-55411)
vulnerability in CVE-2026-55411 (CVE-2026-55411). Confidential information can be exposed externally. Exploitable via `POST /api/data-sources/decrypt`. Mitigation: upgrade to `3.20.1780-lts` or later.
CVE-2026-54573 Authorization Flaw in privilege-escalation (CVE-2026-54573)
vulnerability in privilege-escalation (CVE-2026-54573). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →