Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: javascript Clear
ID Title
CVE-2026-56359 Cross-Site Scripting (XSS) in CVE-2026-56359 (CVE-2026-56359)
cross-site scripting in CVE-2026-56359 (CVE-2026-56359). Risk of unauthorized operations or information disclosure.
CVE-2026-15033 Command Injection in CVE-2026-15033 (CVE-2026-15033)
command injection in CVE-2026-15033 (CVE-2026-15033). Risk of unauthorized operations or information disclosure.
CVE-2026-60092 Cross-Site Scripting (XSS) in CVE-2026-60092 (CVE-2026-60092)
cross-site scripting in CVE-2026-60092 (CVE-2026-60092). Risk of unauthorized operations or information disclosure. Exploitable via `User-Agent header`.
CVE-2026-58654 Unrestricted File Upload in path-traversal (CVE-2026-58654)
vulnerability in path-traversal (CVE-2026-58654). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-58657 Cross-Site Scripting (XSS) in CVE-2026-58657 (CVE-2026-58657)
cross-site scripting in CVE-2026-58657 (CVE-2026-58657). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.0.0` or later.
CVE-2026-57250 Use-After-Free in CVE-2026-57250 (CVE-2026-57250)
vulnerability in CVE-2026-57250 (CVE-2026-57250). Successful exploitation can lead to full system takeover.
CVE-2026-57252 Use-After-Free in CVE-2026-57252 (CVE-2026-57252)
vulnerability in CVE-2026-57252 (CVE-2026-57252). Successful exploitation can lead to full system takeover.
CVE-2026-57256 Use-After-Free in CVE-2026-57256 (CVE-2026-57256)
vulnerability in CVE-2026-57256 (CVE-2026-57256). Successful exploitation can lead to full system takeover.
CVE-2026-57241 Out-of-Bounds Read in CVE-2026-57241 (CVE-2026-57241)
vulnerability in CVE-2026-57241 (CVE-2026-57241). Risk of unauthorized operations or information disclosure.
CVE-2026-57246 Vulnerability in CVE-2026-57246 (CVE-2026-57246)
vulnerability in CVE-2026-57246 (CVE-2026-57246). Successful exploitation can lead to full system takeover.
CVE-2026-57244 Use-After-Free in CVE-2026-57244 (CVE-2026-57244)
vulnerability in CVE-2026-57244 (CVE-2026-57244). Successful exploitation can lead to full system takeover.
CVE-2026-57243 Out-of-Bounds Read in CVE-2026-57243 (CVE-2026-57243)
vulnerability in CVE-2026-57243 (CVE-2026-57243). Risk of unauthorized operations or information disclosure.
CVE-2026-57242 Use-After-Free in CVE-2026-57242 (CVE-2026-57242)
vulnerability in CVE-2026-57242 (CVE-2026-57242). Successful exploitation can lead to full system takeover.
CVE-2026-57248 Vulnerability in CVE-2026-57248 (CVE-2026-57248)
vulnerability in CVE-2026-57248 (CVE-2026-57248). Successful exploitation can lead to full system takeover.
CVE-2026-57237 Use-After-Free in CVE-2026-57237 (CVE-2026-57237)
vulnerability in CVE-2026-57237 (CVE-2026-57237). Successful exploitation can lead to full system takeover.
CVE-2026-57238 Use-After-Free in CVE-2026-57238 (CVE-2026-57238)
vulnerability in CVE-2026-57238 (CVE-2026-57238). Successful exploitation can lead to full system takeover.
CVE-2026-57240 Use-After-Free in CVE-2026-57240 (CVE-2026-57240)
vulnerability in CVE-2026-57240 (CVE-2026-57240). Successful exploitation can lead to full system takeover.
CVE-2026-13127 Use-After-Free in CVE-2026-13127 (CVE-2026-13127)
vulnerability in CVE-2026-13127 (CVE-2026-13127). Successful exploitation can lead to full system takeover.
CVE-2026-13129 Use-After-Free in CVE-2026-13129 (CVE-2026-13129)
vulnerability in CVE-2026-13129 (CVE-2026-13129). Successful exploitation can lead to full system takeover.
CVE-2026-13126 Use-After-Free in CVE-2026-13126 (CVE-2026-13126)
vulnerability in CVE-2026-13126 (CVE-2026-13126). Successful exploitation can lead to full system takeover.
CVE-2026-13128 Use-After-Free in CVE-2026-13128 (CVE-2026-13128)
vulnerability in CVE-2026-13128 (CVE-2026-13128). Successful exploitation can lead to full system takeover.
CVE-2026-9731 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
CVE-2026-36163 Vulnerability in CVE-2026-36163 (CVE-2026-36163)
vulnerability in CVE-2026-36163 (CVE-2026-36163). Risk of unauthorized operations or information disclosure.
CVE-2026-36162 Cross-Site Scripting (XSS) in CVE-2026-36162 (CVE-2026-36162)
cross-site scripting in CVE-2026-36162 (CVE-2026-36162). Risk of unauthorized operations or information disclosure.
CVE-2026-55408 Code Injection in CVE-2026-55408 (CVE-2026-55408)
code injection in CVE-2026-55408 (CVE-2026-55408). Risk of unauthorized operations or information disclosure.
CVE-2026-55592 Cross-Site Scripting (XSS) in CVE-2026-55592 (CVE-2026-55592)
cross-site scripting in CVE-2026-55592 (CVE-2026-55592). Risk of unauthorized operations or information disclosure.
CVE-2026-56812 Vulnerability in dos (CVE-2026-56812)
vulnerability in dos (CVE-2026-56812). Risk of unauthorized operations or information disclosure.
CVE-2026-13356 Vulnerability in mozilla (CVE-2026-13356)
vulnerability in mozilla (CVE-2026-13356). Risk of unauthorized operations or information disclosure.
CVE-2026-53641 Cross-Site Scripting (XSS) in CVE-2026-53641 (CVE-2026-53641)
cross-site scripting in CVE-2026-53641 (CVE-2026-53641). Risk of unauthorized operations or information disclosure. Exploitable via ``content_html``.
CVE-2026-59710 Cross-Site Scripting (XSS) in CVE-2026-59710 (CVE-2026-59710)
cross-site scripting in CVE-2026-59710 (CVE-2026-59710). Risk of unauthorized operations or information disclosure.
CVE-2026-59711 Cross-Site Scripting (XSS) in CVE-2026-59711 (CVE-2026-59711)
cross-site scripting in CVE-2026-59711 (CVE-2026-59711). Risk of unauthorized operations or information disclosure.
CVE-2026-55430 Vulnerability in github.com/coder/coder/v2 (CVE-2026-55430)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55430). Confidential information can be exposed externally. Exploitable via ``Host``. Mitigation: upgrade to `2.29.17` or later.
CVE-2026-14802 A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
CVE-2026-11766 Vulnerability in wordpress (CVE-2026-11766)
vulnerability in wordpress (CVE-2026-11766). Successful exploitation can lead to full system takeover.
CVE-2026-14631 Vulnerability in webpackjs (CVE-2026-14631)
vulnerability in webpackjs (CVE-2026-14631). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2026-9756 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9756)
cross-site scripting in wordpress (CVE-2026-9756). Risk of unauthorized operations or information disclosure.
CVE-2026-59102 Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
CVE-2026-58579 Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
CVE-2026-58578 Vulnerability in dos (CVE-2026-58578)
vulnerability in dos (CVE-2026-58578). Risk of unauthorized operations or information disclosure.
CVE-2026-8699 Cross-Site Scripting (XSS) in CVE-2026-8699 (CVE-2026-8699)
cross-site scripting in CVE-2026-8699 (CVE-2026-8699). Risk of unauthorized operations or information disclosure.
CVE-2026-55790 Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55790)
cross-site scripting in craftcms/cms (CVE-2026-55790). Risk of unauthorized operations or information disclosure. Exploitable via ``CraftSupportWidget.js``. Mitigation: upgrade to `4.17.16` or later.
CVE-2026-55793 Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55793)
cross-site scripting in craftcms/cms (CVE-2026-55793). Risk of unauthorized operations or information disclosure. Exploitable via ``saveEntries``. Mitigation: upgrade to `5.9.53` or later.
CVE-2026-58592 Out-of-Bounds Write in cpp (CVE-2026-58592)
out-of-bounds write in cpp (CVE-2026-58592). Successful exploitation can lead to full system takeover.
CVE-2026-58032 Cross-Site Scripting (XSS) in CVE-2026-58032 (CVE-2026-58032)
cross-site scripting in CVE-2026-58032 (CVE-2026-58032). Risk of unauthorized operations or information disclosure.
CVE-2026-58031 Cross-Site Scripting (XSS) in CVE-2026-58031 (CVE-2026-58031)
cross-site scripting in CVE-2026-58031 (CVE-2026-58031). Risk of unauthorized operations or information disclosure.
CVE-2026-53907 Cross-Site Scripting (XSS) in mycomplianceoffice (CVE-2026-53907)
cross-site scripting in mycomplianceoffice (CVE-2026-53907). Risk of unauthorized operations or information disclosure.
CVE-2026-12142 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12142)
cross-site scripting in wordpress (CVE-2026-12142). Risk of unauthorized operations or information disclosure.
CVE-2026-14181 Vulnerability in dos (CVE-2026-14181)
vulnerability in dos (CVE-2026-14181). Risk of unauthorized operations or information disclosure.
CVE-2026-56356 Cross-Site Scripting (XSS) in n8n (CVE-2026-56356)
cross-site scripting in n8n (CVE-2026-56356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.123.27` or later.
CVE-2026-56264 Code Injection in kidocode (CVE-2026-56264)
code injection in kidocode (CVE-2026-56264). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →