Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53951 |
|
Path Traversal in CVE-2026-53951 (CVE-2026-53951)
path traversal in CVE-2026-53951 (CVE-2026-53951). Risk of unauthorized operations or information disclosure. Exploitable via ``trust``.
|
| CVE-2026-55408 |
|
Code Injection in CVE-2026-55408 (CVE-2026-55408)
code injection in CVE-2026-55408 (CVE-2026-55408). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53751 |
|
Code Injection in CVE-2026-53751 (CVE-2026-53751)
code injection in CVE-2026-53751 (CVE-2026-53751). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53511 |
|
Code Injection in CVE-2026-53511 (CVE-2026-53511)
code injection in CVE-2026-53511 (CVE-2026-53511). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43921 |
|
Code Injection in CVE-2026-43921 (CVE-2026-43921)
code injection in CVE-2026-43921 (CVE-2026-43921). Risk of unauthorized operations or information disclosure. Exploitable via ``config.php``.
|
| CVE-2026-57572 |
|
Vulnerability in kidocode (CVE-2026-57572)
vulnerability in kidocode (CVE-2026-57572). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48614 |
|
Code Injection in privilege-escalation (CVE-2026-48614)
code injection in privilege-escalation (CVE-2026-48614). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14791 |
|
Cross-Site Scripting (XSS) in CVE-2026-14791 (CVE-2026-14791)
cross-site scripting in CVE-2026-14791 (CVE-2026-14791). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14752 |
|
Cross-Site Scripting (XSS) in CVE-2026-14752 (CVE-2026-14752)
cross-site scripting in CVE-2026-14752 (CVE-2026-14752). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14749 |
|
Vulnerability in CVE-2026-14749 (CVE-2026-14749)
vulnerability in CVE-2026-14749 (CVE-2026-14749). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14722 |
|
Vulnerability in CVE-2026-14722 (CVE-2026-14722)
vulnerability in CVE-2026-14722 (CVE-2026-14722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14704 |
|
Cross-Site Scripting (XSS) in CVE-2026-14704 (CVE-2026-14704)
cross-site scripting in CVE-2026-14704 (CVE-2026-14704). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14691 |
|
Vulnerability in CVE-2026-14691 (CVE-2026-14691)
vulnerability in CVE-2026-14691 (CVE-2026-14691). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14655 |
|
Cross-Site Scripting (XSS) in CVE-2026-14655 (CVE-2026-14655)
cross-site scripting in CVE-2026-14655 (CVE-2026-14655). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14656 |
|
Cross-Site Scripting (XSS) in CVE-2026-14656 (CVE-2026-14656)
cross-site scripting in CVE-2026-14656 (CVE-2026-14656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14634 |
|
Cross-Site Scripting (XSS) in CVE-2026-14634 (CVE-2026-14634)
cross-site scripting in CVE-2026-14634 (CVE-2026-14634). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14633 |
|
Cross-Site Scripting (XSS) in CVE-2026-14633 (CVE-2026-14633)
cross-site scripting in CVE-2026-14633 (CVE-2026-14633). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12252 |
|
Code Injection in nltk (CVE-2026-12252)
code injection in nltk (CVE-2026-12252). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11778 |
|
Code Injection in wordpress (CVE-2026-11778)
code injection in wordpress (CVE-2026-11778). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57624 |
|
Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
|
| CVE-2026-27436 |
|
Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
|
| CVE-2026-14439 |
|
Path Traversal in path-traversal (CVE-2026-14439)
path traversal in path-traversal (CVE-2026-14439). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.1.1` or later.
|
| CVE-2026-14407 |
|
Code Injection in google (CVE-2026-14407)
code injection in google (CVE-2026-14407). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14383 |
|
Code Injection in google (CVE-2026-14383)
code injection in google (CVE-2026-14383). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55794 |
|
Code Injection in craftcms/cms (CVE-2026-55794)
code injection in craftcms/cms (CVE-2026-55794). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.0` or later.
|
| CVE-2026-58454 |
|
Code Injection in CVE-2026-58454 (CVE-2026-58454)
code injection in CVE-2026-58454 (CVE-2026-58454). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8857 |
|
Code Injection in CVE-2026-8857 (CVE-2026-8857)
code injection in CVE-2026-8857 (CVE-2026-8857). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58025 |
|
Code Injection in deserialization (CVE-2026-58025)
code injection in deserialization (CVE-2026-58025). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24249 |
|
Code Injection in deserialization (CVE-2026-24249)
code injection in deserialization (CVE-2026-24249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24248 |
|
Code Injection in nvidia (CVE-2026-24248)
code injection in nvidia (CVE-2026-24248). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56264 |
|
Code Injection in kidocode (CVE-2026-56264)
code injection in kidocode (CVE-2026-56264). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58449 |
|
Code Injection in CVE-2026-58449 (CVE-2026-58449)
code injection in CVE-2026-58449 (CVE-2026-58449). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7873 |
|
Code Injection in langflow (CVE-2026-7873)
code injection in langflow (CVE-2026-7873). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10134 |
|
Code Injection in langflow (CVE-2026-10134)
code injection in langflow (CVE-2026-10134). Successful exploitation can lead to full system takeover. Exploitable via ``tool_code``.
|
| CVE-2026-58138 |
|
Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10109 |
|
Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48192 |
|
Code Injection in CVE-2026-48192 (CVE-2026-48192)
code injection in CVE-2026-48192 (CVE-2026-48192). Data can be tampered with by attackers.
|
| CVE-2026-58116 |
|
Code Injection in hiyouga (CVE-2026-58116)
code injection in hiyouga (CVE-2026-58116). Successful exploitation can lead to full system takeover.
|
| CVE-2026-37637 |
|
Code Injection in CVE-2026-37637 (CVE-2026-37637)
code injection in CVE-2026-37637 (CVE-2026-37637). Confidential information can be exposed externally.
|
| CVE-2026-13749 |
|
Code Injection in snowflake (CVE-2026-13749)
code injection in snowflake (CVE-2026-13749). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13570 |
|
Cross-Site Scripting (XSS) in CVE-2026-13570 (CVE-2026-13570)
cross-site scripting in CVE-2026-13570 (CVE-2026-13570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13567 |
|
Cross-Site Scripting (XSS) in CVE-2026-13567 (CVE-2026-13567)
cross-site scripting in CVE-2026-13567 (CVE-2026-13567). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13558 |
|
Cross-Site Scripting (XSS) in CVE-2026-13558 (CVE-2026-13558)
cross-site scripting in CVE-2026-13558 (CVE-2026-13558). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13557 |
|
Cross-Site Scripting (XSS) in CVE-2026-13557 (CVE-2026-13557)
cross-site scripting in CVE-2026-13557 (CVE-2026-13557). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13556 |
|
Cross-Site Scripting (XSS) in CVE-2026-13556 (CVE-2026-13556)
cross-site scripting in CVE-2026-13556 (CVE-2026-13556). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13554 |
|
Cross-Site Scripting (XSS) in CVE-2026-13554 (CVE-2026-13554)
cross-site scripting in CVE-2026-13554 (CVE-2026-13554). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13536 |
|
Cross-Site Scripting (XSS) in CVE-2026-13536 (CVE-2026-13536)
cross-site scripting in CVE-2026-13536 (CVE-2026-13536). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13504 |
|
Cross-Site Scripting (XSS) in CVE-2026-13504 (CVE-2026-13504)
cross-site scripting in CVE-2026-13504 (CVE-2026-13504). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13500 |
|
Vulnerability in CVE-2026-13500 (CVE-2026-13500)
vulnerability in CVE-2026-13500 (CVE-2026-13500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13499 |
|
Cross-Site Scripting (XSS) in CVE-2026-13499 (CVE-2026-13499)
cross-site scripting in CVE-2026-13499 (CVE-2026-13499). Risk of unauthorized operations or information disclosure.
|