Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-55517 |
|
Vulnerability in deno (CVE-2026-55517)
vulnerability in deno (CVE-2026-55517). Risk of unauthorized operations or information disclosure. Exploitable via ``WebSocket``. Mitigation: upgrade to `2.7.5` or later.
|
| CVE-2026-49401 |
|
Vulnerability in deno (CVE-2026-49401)
vulnerability in deno (CVE-2026-49401). Data can be tampered with by attackers. Mitigation: upgrade to `2.7.14` or later.
|
| CVE-2026-49406 |
|
Path Traversal in deno (CVE-2026-49406)
path traversal in deno (CVE-2026-49406). Confidential information can be exposed externally. Exploitable via ``main``. Mitigation: upgrade to `2.7.12` or later.
|
| CVE-2026-49411 |
|
Vulnerability in deno (CVE-2026-49411)
vulnerability in deno (CVE-2026-49411). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `2.8.0` or later.
|
| CVE-2026-49440 |
|
Vulnerability in deno (CVE-2026-49440)
vulnerability in deno (CVE-2026-49440). Confidential information can be exposed externally. Exploitable via ``options.checks``. Mitigation: upgrade to `2.8.1` or later.
|
| CVE-2026-49402 |
|
OS Command Injection in deno (CVE-2026-49402)
OS command injection in deno (CVE-2026-49402). Successful exploitation can lead to full system takeover. Exploitable via ``spawn``. Mitigation: upgrade to `2.7.10` or later.
|
| CVE-2026-49983 |
|
Authorization Flaw in deno (CVE-2026-49983)
vulnerability in deno (CVE-2026-49983). Risk of unauthorized operations or information disclosure. Exploitable via ``env``. Mitigation: upgrade to `2.8.1` or later.
|
| CVE-2026-49860 |
|
SSRF (Server-Side Request Forgery) in deno (CVE-2026-49860)
SSRF in deno (CVE-2026-49860). Risk of unauthorized operations or information disclosure. Exploitable via ``localhost``. Mitigation: upgrade to `2.8.1` or later.
|
| CVE-2026-49859 |
|
Vulnerability in deno (CVE-2026-49859)
vulnerability in deno (CVE-2026-49859). Risk of unauthorized operations or information disclosure. Exploitable via ``localhost``. Mitigation: upgrade to `2.8.1` or later.
|
| CVE-2026-44726 |
|
Vulnerability in deno (CVE-2026-44726)
vulnerability in deno (CVE-2026-44726). Confidential information can be exposed externally. Exploitable via `POST /v1/charge`. Mitigation: upgrade to `2.7.8` or later.
|