Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-55110 |
|
Vulnerability in CVE-2026-55110 (CVE-2026-55110)
vulnerability in CVE-2026-55110 (CVE-2026-55110). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12084 |
|
Vulnerability in ibm (CVE-2026-12084)
vulnerability in ibm (CVE-2026-12084). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57957 |
|
Vulnerability in CVE-2026-57957 (CVE-2026-57957)
vulnerability in CVE-2026-57957 (CVE-2026-57957). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54753 |
|
Vulnerability in CVE-2026-54753 (CVE-2026-54753)
vulnerability in CVE-2026-54753 (CVE-2026-54753). Confidential information can be exposed externally. Mitigation: upgrade to `22.7.2` or later.
|
| CVE-2026-46608 |
|
Vulnerability in glances (CVE-2026-46608)
vulnerability in glances (CVE-2026-46608). Confidential information can be exposed externally. Exploitable via ``cors_origins``. Mitigation: upgrade to `4.5.5` or later.
|
| CVE-2026-56076 |
|
Vulnerability in CVE-2026-56076 (CVE-2026-56076)
vulnerability in CVE-2026-56076 (CVE-2026-56076). Confidential information can be exposed externally. Exploitable via `POST /agui`.
|
| CVE-2026-54290 |
|
Vulnerability in hono (CVE-2026-54290)
vulnerability in hono (CVE-2026-54290). Confidential information can be exposed externally. Exploitable via ``origin``. Mitigation: upgrade to `4.12.25` or later.
|
| CVE-2026-50088 |
|
Vulnerability in c (CVE-2026-50088)
vulnerability in c (CVE-2026-50088). Confidential information can be exposed externally.
|
| CVE-2026-50087 |
|
Vulnerability in c (CVE-2026-50087)
vulnerability in c (CVE-2026-50087). Confidential information can be exposed externally.
|
| CVE-2026-10056 |
|
Vulnerability in CVE-2026-10056 (CVE-2026-10056)
vulnerability in CVE-2026-10056 (CVE-2026-10056). Successful exploitation can lead to full system takeover. Exploitable via `PATCH /rest/v2/system/settings`.
|
| CVE-2026-46685 |
|
Vulnerability in CVE-2026-46685 (CVE-2026-46685)
vulnerability in CVE-2026-46685 (CVE-2026-46685). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
|
| CVE-2026-9739 |
|
Vulnerability in github.com/googleapis/mcp-toolbox (CVE-2026-9739)
vulnerability in github.com/googleapis/mcp-toolbox (CVE-2026-9739). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.0` or later.
|
| CVE-2026-46431 |
|
Vulnerability in github.com/xyproto/algernon (CVE-2026-46431)
vulnerability in github.com/xyproto/algernon (CVE-2026-46431). Risk of unauthorized operations or information disclosure. Exploitable via ``Origin``. Mitigation: upgrade to `1.17.7` or later.
|
| CVE-2026-8948 |
|
Vulnerability in mozilla (CVE-2026-8948)
vulnerability in mozilla (CVE-2026-8948). Confidential information can be exposed externally.
|
| CVE-2026-8576 |
|
Vulnerability in google (CVE-2026-8576)
vulnerability in google (CVE-2026-8576). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8537 |
|
Vulnerability in google (CVE-2026-8537)
vulnerability in google (CVE-2026-8537). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45021 |
|
Vulnerability in github.com/kumahq/kuma (CVE-2026-45021)
vulnerability in github.com/kumahq/kuma (CVE-2026-45021). Risk of unauthorized operations or information disclosure. Exploitable via ``Origin``. Mitigation: upgrade to `2.13.5` or later.
|
| CVE-2026-44184 |
|
Vulnerability in CVE-2026-44184 (CVE-2026-44184)
vulnerability in CVE-2026-44184 (CVE-2026-44184). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.9.10` or later.
|
| CVE-2026-44895 |
|
Vulnerability in @yoda.digital/gitlab-mcp-server (CVE-2026-44895)
vulnerability in @yoda.digital/gitlab-mcp-server (CVE-2026-44895). Risk of unauthorized operations or information disclosure. Exploitable via `GET /sse`. Mitigation: upgrade to `0.6.0` or later.
|
| CVE-2026-34237 |
|
Vulnerability in io.modelcontextprotocol.sdk:mcp-core (CVE-2026-34237)
vulnerability in io.modelcontextprotocol.sdk:mcp-core (CVE-2026-34237). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.18.3` or later.
|
| CVE-2025-55462 |
|
Vulnerability in eramba (CVE-2025-55462)
vulnerability in eramba (CVE-2025-55462). Confidential information can be exposed externally.
|
| CVE-2020-36851 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-36851)
SSRF in ssrf (CVE-2020-36851). Risk of unauthorized operations or information disclosure.
|