Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53753 |
|
Code Injection in crawl4ai (CVE-2026-53753)
code injection in crawl4ai (CVE-2026-53753). Successful exploitation can lead to full system takeover. Exploitable via `POST /crawl`. Mitigation: upgrade to `0.8.7` or later.
|
| CVE-2026-48775 |
|
Unsafe Deserialization in langgraph-checkpoint (CVE-2026-48775)
vulnerability in langgraph-checkpoint (CVE-2026-48775). Successful exploitation can lead to full system takeover. Exploitable via ``JsonPlusSerializer``. Mitigation: upgrade to `4.1.1` or later.
|
| CVE-2026-47210 |
|
Vulnerability in vm2 (CVE-2026-47210)
vulnerability in vm2 (CVE-2026-47210). Successful exploitation can lead to full system takeover. Exploitable via ``vm2``. Mitigation: upgrade to `3.11.4` or later.
|
| CVE-2026-47137 |
|
Vulnerability in vm2 (CVE-2026-47137)
vulnerability in vm2 (CVE-2026-47137). Successful exploitation can lead to full system takeover. Exploitable via ``nodevm.js``. Mitigation: upgrade to `3.11.4` or later.
|
| CVE-2026-47208 |
|
Vulnerability in vm2 (CVE-2026-47208)
vulnerability in vm2 (CVE-2026-47208). Successful exploitation can lead to full system takeover. Exploitable via ``localPromise``. Mitigation: upgrade to `3.11.4` or later.
|
| CVE-2026-47131 |
|
Vulnerability in vm2 (CVE-2026-47131)
vulnerability in vm2 (CVE-2026-47131). Successful exploitation can lead to full system takeover. Exploitable via ``ERR_INVALID_ARG_TYPE``. Mitigation: upgrade to `3.11.4` or later.
|
| CVE-2026-44336 |
|
Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
|
| CVE-2025-68613 KEV |
|
[KEV] Vulnerability in n8n (CVE-2025-68613)
vulnerability in n8n (CVE-2025-68613). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-9852 |
|
Vulnerability in c (CVE-2014-9852)
vulnerability in c (CVE-2014-9852). Successful exploitation can lead to full system takeover.
|