Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-94 Clear
ID Title
CVE-2026-53951 Path Traversal in CVE-2026-53951 (CVE-2026-53951)
path traversal in CVE-2026-53951 (CVE-2026-53951). Risk of unauthorized operations or information disclosure. Exploitable via ``trust``.
CVE-2026-55408 Code Injection in CVE-2026-55408 (CVE-2026-55408)
code injection in CVE-2026-55408 (CVE-2026-55408). Risk of unauthorized operations or information disclosure.
CVE-2026-53751 Code Injection in CVE-2026-53751 (CVE-2026-53751)
code injection in CVE-2026-53751 (CVE-2026-53751). Risk of unauthorized operations or information disclosure.
CVE-2026-53511 Code Injection in CVE-2026-53511 (CVE-2026-53511)
code injection in CVE-2026-53511 (CVE-2026-53511). Risk of unauthorized operations or information disclosure.
CVE-2026-43921 Code Injection in CVE-2026-43921 (CVE-2026-43921)
code injection in CVE-2026-43921 (CVE-2026-43921). Risk of unauthorized operations or information disclosure. Exploitable via ``config.php``.
CVE-2026-57572 Vulnerability in kidocode (CVE-2026-57572)
vulnerability in kidocode (CVE-2026-57572). Successful exploitation can lead to full system takeover.
CVE-2026-48614 Code Injection in privilege-escalation (CVE-2026-48614)
code injection in privilege-escalation (CVE-2026-48614). Successful exploitation can lead to full system takeover.
CVE-2026-14791 Cross-Site Scripting (XSS) in CVE-2026-14791 (CVE-2026-14791)
cross-site scripting in CVE-2026-14791 (CVE-2026-14791). Risk of unauthorized operations or information disclosure.
CVE-2026-14752 Cross-Site Scripting (XSS) in CVE-2026-14752 (CVE-2026-14752)
cross-site scripting in CVE-2026-14752 (CVE-2026-14752). Risk of unauthorized operations or information disclosure.
CVE-2026-14749 Vulnerability in CVE-2026-14749 (CVE-2026-14749)
vulnerability in CVE-2026-14749 (CVE-2026-14749). Risk of unauthorized operations or information disclosure.
CVE-2026-14722 Vulnerability in CVE-2026-14722 (CVE-2026-14722)
vulnerability in CVE-2026-14722 (CVE-2026-14722). Risk of unauthorized operations or information disclosure.
CVE-2026-14704 Cross-Site Scripting (XSS) in CVE-2026-14704 (CVE-2026-14704)
cross-site scripting in CVE-2026-14704 (CVE-2026-14704). Risk of unauthorized operations or information disclosure.
CVE-2026-14691 Vulnerability in CVE-2026-14691 (CVE-2026-14691)
vulnerability in CVE-2026-14691 (CVE-2026-14691). Risk of unauthorized operations or information disclosure.
CVE-2026-14655 Cross-Site Scripting (XSS) in CVE-2026-14655 (CVE-2026-14655)
cross-site scripting in CVE-2026-14655 (CVE-2026-14655). Risk of unauthorized operations or information disclosure.
CVE-2026-14656 Cross-Site Scripting (XSS) in CVE-2026-14656 (CVE-2026-14656)
cross-site scripting in CVE-2026-14656 (CVE-2026-14656). Risk of unauthorized operations or information disclosure.
CVE-2026-14634 Cross-Site Scripting (XSS) in CVE-2026-14634 (CVE-2026-14634)
cross-site scripting in CVE-2026-14634 (CVE-2026-14634). Risk of unauthorized operations or information disclosure.
CVE-2026-14633 Cross-Site Scripting (XSS) in CVE-2026-14633 (CVE-2026-14633)
cross-site scripting in CVE-2026-14633 (CVE-2026-14633). Risk of unauthorized operations or information disclosure.
CVE-2026-12252 Code Injection in nltk (CVE-2026-12252)
code injection in nltk (CVE-2026-12252). Successful exploitation can lead to full system takeover.
CVE-2026-11778 Code Injection in wordpress (CVE-2026-11778)
code injection in wordpress (CVE-2026-11778). Risk of unauthorized operations or information disclosure.
CVE-2026-57624 Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
CVE-2026-27436 Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
CVE-2026-14439 Path Traversal in path-traversal (CVE-2026-14439)
path traversal in path-traversal (CVE-2026-14439). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.1.1` or later.
CVE-2026-14407 Code Injection in google (CVE-2026-14407)
code injection in google (CVE-2026-14407). Successful exploitation can lead to full system takeover.
CVE-2026-14383 Code Injection in google (CVE-2026-14383)
code injection in google (CVE-2026-14383). Successful exploitation can lead to full system takeover.
CVE-2026-55794 Code Injection in craftcms/cms (CVE-2026-55794)
code injection in craftcms/cms (CVE-2026-55794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
CVE-2026-58454 Code Injection in CVE-2026-58454 (CVE-2026-58454)
code injection in CVE-2026-58454 (CVE-2026-58454). Successful exploitation can lead to full system takeover.
CVE-2026-8857 Code Injection in CVE-2026-8857 (CVE-2026-8857)
code injection in CVE-2026-8857 (CVE-2026-8857). Risk of unauthorized operations or information disclosure.
CVE-2026-58025 Code Injection in deserialization (CVE-2026-58025)
code injection in deserialization (CVE-2026-58025). Risk of unauthorized operations or information disclosure.
CVE-2026-24249 Code Injection in deserialization (CVE-2026-24249)
code injection in deserialization (CVE-2026-24249). Successful exploitation can lead to full system takeover.
CVE-2026-24248 Code Injection in nvidia (CVE-2026-24248)
code injection in nvidia (CVE-2026-24248). Successful exploitation can lead to full system takeover.
CVE-2026-56264 Code Injection in kidocode (CVE-2026-56264)
code injection in kidocode (CVE-2026-56264). Successful exploitation can lead to full system takeover.
CVE-2026-58449 Code Injection in CVE-2026-58449 (CVE-2026-58449)
code injection in CVE-2026-58449 (CVE-2026-58449). Successful exploitation can lead to full system takeover.
CVE-2026-7873 Code Injection in langflow (CVE-2026-7873)
code injection in langflow (CVE-2026-7873). Successful exploitation can lead to full system takeover.
CVE-2026-10134 Code Injection in langflow (CVE-2026-10134)
code injection in langflow (CVE-2026-10134). Successful exploitation can lead to full system takeover. Exploitable via ``tool_code``.
CVE-2026-58138 Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
CVE-2026-10109 Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
CVE-2026-48192 Code Injection in CVE-2026-48192 (CVE-2026-48192)
code injection in CVE-2026-48192 (CVE-2026-48192). Data can be tampered with by attackers.
CVE-2026-58116 Code Injection in hiyouga (CVE-2026-58116)
code injection in hiyouga (CVE-2026-58116). Successful exploitation can lead to full system takeover.
CVE-2026-37637 Code Injection in CVE-2026-37637 (CVE-2026-37637)
code injection in CVE-2026-37637 (CVE-2026-37637). Confidential information can be exposed externally.
CVE-2026-13749 Code Injection in snowflake (CVE-2026-13749)
code injection in snowflake (CVE-2026-13749). Successful exploitation can lead to full system takeover.
CVE-2026-13570 Cross-Site Scripting (XSS) in CVE-2026-13570 (CVE-2026-13570)
cross-site scripting in CVE-2026-13570 (CVE-2026-13570). Risk of unauthorized operations or information disclosure.
CVE-2026-13567 Cross-Site Scripting (XSS) in CVE-2026-13567 (CVE-2026-13567)
cross-site scripting in CVE-2026-13567 (CVE-2026-13567). Risk of unauthorized operations or information disclosure.
CVE-2026-13558 Cross-Site Scripting (XSS) in CVE-2026-13558 (CVE-2026-13558)
cross-site scripting in CVE-2026-13558 (CVE-2026-13558). Risk of unauthorized operations or information disclosure.
CVE-2026-13557 Cross-Site Scripting (XSS) in CVE-2026-13557 (CVE-2026-13557)
cross-site scripting in CVE-2026-13557 (CVE-2026-13557). Risk of unauthorized operations or information disclosure.
CVE-2026-13556 Cross-Site Scripting (XSS) in CVE-2026-13556 (CVE-2026-13556)
cross-site scripting in CVE-2026-13556 (CVE-2026-13556). Risk of unauthorized operations or information disclosure.
CVE-2026-13554 Cross-Site Scripting (XSS) in CVE-2026-13554 (CVE-2026-13554)
cross-site scripting in CVE-2026-13554 (CVE-2026-13554). Risk of unauthorized operations or information disclosure.
CVE-2026-13536 Cross-Site Scripting (XSS) in CVE-2026-13536 (CVE-2026-13536)
cross-site scripting in CVE-2026-13536 (CVE-2026-13536). Risk of unauthorized operations or information disclosure.
CVE-2026-13504 Cross-Site Scripting (XSS) in CVE-2026-13504 (CVE-2026-13504)
cross-site scripting in CVE-2026-13504 (CVE-2026-13504). Risk of unauthorized operations or information disclosure.
CVE-2026-13500 Vulnerability in CVE-2026-13500 (CVE-2026-13500)
vulnerability in CVE-2026-13500 (CVE-2026-13500). Risk of unauthorized operations or information disclosure.
CVE-2026-13499 Cross-Site Scripting (XSS) in CVE-2026-13499 (CVE-2026-13499)
cross-site scripting in CVE-2026-13499 (CVE-2026-13499). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →