Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-87 Clear
ID Title
CVE-2026-55237 Vulnerability in CVE-2026-55237 (CVE-2026-55237)
vulnerability in CVE-2026-55237 (CVE-2026-55237). Confidential information can be exposed externally. Exploitable via ``next``.
CVE-2026-55661 Cross-Site Scripting (XSS) in tinacms (CVE-2026-55661)
cross-site scripting in tinacms (CVE-2026-55661). Risk of unauthorized operations or information disclosure. Exploitable via ``url``. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-25688 Vulnerability in apache (CVE-2026-25688)
vulnerability in apache (CVE-2026-25688). Risk of unauthorized operations or information disclosure.
CVE-2026-46492 Vulnerability in md-fileserver (CVE-2026-46492)
vulnerability in md-fileserver (CVE-2026-46492). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.10.3` or later.
CVE-2026-42458 Vulnerability in openmage/magento-lts (CVE-2026-42458)
vulnerability in openmage/magento-lts (CVE-2026-42458). Risk of unauthorized operations or information disclosure. Exploitable via ``Import``. Mitigation: upgrade to `20.18.0` or later.
CVE-2026-45314 Vulnerability in open-webui (CVE-2026-45314)
vulnerability in open-webui (CVE-2026-45314). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/channels/webhooks/{webhook_id}/profile/image`. Mitigation: upgrade to `0.9.3` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →