Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57281 |
|
Vulnerability in jenkins (CVE-2026-57281)
vulnerability in jenkins (CVE-2026-57281). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11561 |
|
Vulnerability in CVE-2026-11561 (CVE-2026-11561)
vulnerability in CVE-2026-11561 (CVE-2026-11561). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40985 |
|
Vulnerability in CVE-2026-40985 (CVE-2026-40985)
vulnerability in CVE-2026-40985 (CVE-2026-40985). Confidential information can be exposed externally.
|
| CVE-2026-41729 |
|
Vulnerability in vmware (CVE-2026-41729)
vulnerability in vmware (CVE-2026-41729). Confidential information can be exposed externally.
|
| CVE-2026-41719 |
|
Vulnerability in CVE-2026-41719 (CVE-2026-41719)
vulnerability in CVE-2026-41719 (CVE-2026-41719). Confidential information can be exposed externally.
|
| CVE-2026-41717 |
|
Vulnerability in vmware (CVE-2026-41717)
vulnerability in vmware (CVE-2026-41717). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8888 |
|
Vulnerability in dos (CVE-2026-8888)
vulnerability in dos (CVE-2026-8888). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2586 |
|
Code Injection in org.glassfish.main.admingui:console-common (CVE-2026-2586)
code injection in org.glassfish.main.admingui:console-common (CVE-2026-2586). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.0.2` or later.
|
| CVE-2026-2587 |
|
Vulnerability in org.glassfish.main.admingui:admingui (CVE-2026-2587)
vulnerability in org.glassfish.main.admingui:admingui (CVE-2026-2587). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.0.2` or later.
|
| CVE-2026-31380 |
|
Vulnerability in apache (CVE-2026-31380)
vulnerability in apache (CVE-2026-31380). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26462 |
|
Vulnerability in CVE-2026-26462 (CVE-2026-26462)
vulnerability in CVE-2026-26462 (CVE-2026-26462). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8759 |
|
Vulnerability in com.ibeetl:beetl-spring-classic (CVE-2026-8759)
vulnerability in com.ibeetl:beetl-spring-classic (CVE-2026-8759). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41901 |
|
Vulnerability in org.thymeleaf:thymeleaf (CVE-2026-41901)
vulnerability in org.thymeleaf:thymeleaf (CVE-2026-41901). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.1.5.RELEASE` or later.
|
| CVE-2026-41705 |
|
Vulnerability in org.springframework.ai:spring-ai-milvus-store (CVE-2026-41705)
vulnerability in org.springframework.ai:spring-ai-milvus-store (CVE-2026-41705). Confidential information can be exposed externally. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2026-44209 |
|
Vulnerability in banks (CVE-2026-44209)
vulnerability in banks (CVE-2026-44209). Successful exploitation can lead to full system takeover. Exploitable via ``banks``. Mitigation: upgrade to `2.4.2` or later.
|
| CVE-2026-41883 |
|
Vulnerability in org.omnifaces:omnifaces (CVE-2026-41883)
vulnerability in org.omnifaces:omnifaces (CVE-2026-41883). Successful exploitation can lead to full system takeover. Exploitable via ``CDNResourceHandler``. Mitigation: upgrade to `5.2.3` or later.
|
| CVE-2026-42811 |
|
Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811)
vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.4.1` or later.
|
| CVE-2026-40897 |
|
Vulnerability in mathjs (CVE-2026-40897)
vulnerability in mathjs (CVE-2026-40897). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `15.2.0` or later.
|
| CVE-2026-40477 |
|
Vulnerability in thymeleaf (CVE-2026-40477)
vulnerability in thymeleaf (CVE-2026-40477). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40478 |
|
Vulnerability in thymeleaf (CVE-2026-40478)
vulnerability in thymeleaf (CVE-2026-40478). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34714 |
|
OS Command Injection in vim (CVE-2026-34714)
OS command injection in vim (CVE-2026-34714). Confidential information can be exposed externally.
|
| CVE-2026-33943 |
|
Code Injection in capricorn86 (CVE-2026-33943)
code injection in capricorn86 (CVE-2026-33943). Successful exploitation can lead to full system takeover. Exploitable via ``ECMAScriptModuleCompiler``.
|
| CVE-2026-33938 |
|
Code Injection in handlebarsjs (CVE-2026-33938)
code injection in handlebarsjs (CVE-2026-33938). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32695 |
|
Vulnerability in traefik (CVE-2026-32695)
vulnerability in traefik (CVE-2026-32695). Confidential information can be exposed externally. Exploitable via ``tenant.example.com``.
|
| CVE-2026-22738 |
|
Vulnerability in org.springframework.ai:spring-ai-vector-store (CVE-2026-22738)
vulnerability in org.springframework.ai:spring-ai-vector-store (CVE-2026-22738). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.1.4` or later.
|
| CVE-2026-24737 |
|
Vulnerability in parall (CVE-2026-24737)
vulnerability in parall (CVE-2026-24737). Confidential information can be exposed externally.
|
| CVE-2021-45046 KEV |
|
[KEV] Vulnerability in Apache log4j2 (CVE-2021-45046)
vulnerability in Apache log4j2 (CVE-2021-45046). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26134 KEV |
|
[KEV] Vulnerability in Atlassian confluence-serverdata-center (CVE-2022-26134)
vulnerability in Atlassian confluence-serverdata-center (CVE-2022-26134). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-10199 KEV |
|
[KEV] Vulnerability in Sonatype nexus-repository (CVE-2020-10199)
vulnerability in Sonatype nexus-repository (CVE-2020-10199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26084 KEV |
|
[KEV] Vulnerability in Atlassian confluence-server-and-data-center (CVE-2021-26084)
vulnerability in Atlassian confluence-server-and-data-center (CVE-2021-26084). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17530 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2020-17530)
vulnerability in Apache struts (CVE-2020-17530). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|