Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-47835 |
|
Vulnerability in CVE-2026-47835 (CVE-2026-47835)
vulnerability in CVE-2026-47835 (CVE-2026-47835). Confidential information can be exposed externally.
|
| CVE-2026-41699 |
|
Unsafe Deserialization in deserialization (CVE-2026-41699)
vulnerability in deserialization (CVE-2026-41699). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41700 |
|
Vulnerability in vmware (CVE-2026-41700)
vulnerability in vmware (CVE-2026-41700). Confidential information can be exposed externally.
|
| CVE-2026-41856 |
|
Vulnerability in vmware (CVE-2026-41856)
vulnerability in vmware (CVE-2026-41856). Confidential information can be exposed externally.
|
| CVE-2026-47838 |
|
Authentication Bypass in org.springframework.security:spring-security-web (CVE-2026-47838)
authentication bypass in org.springframework.security:spring-security-web (CVE-2026-47838). Confidential information can be exposed externally. Exploitable via ``SubjectDnX509PrincipalExtractor``.
|
| CVE-2026-41731 |
|
Unsafe Deserialization in org.springframework.kafka:spring-kafka (CVE-2026-41731)
vulnerability in org.springframework.kafka:spring-kafka (CVE-2026-41731). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41728 |
|
Vulnerability in vmware (CVE-2026-41728)
vulnerability in vmware (CVE-2026-41728). Data can be tampered with by attackers.
|
| CVE-2026-41729 |
|
Vulnerability in vmware (CVE-2026-41729)
vulnerability in vmware (CVE-2026-41729). Confidential information can be exposed externally.
|
| CVE-2026-41727 |
|
Vulnerability in apache (CVE-2026-41727)
vulnerability in apache (CVE-2026-41727). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41730 |
|
Vulnerability in vmware (CVE-2026-41730)
vulnerability in vmware (CVE-2026-41730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41837 |
|
Vulnerability in vmware (CVE-2026-41837)
vulnerability in vmware (CVE-2026-41837). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41732 |
|
Unsafe Deserialization in apache (CVE-2026-41732)
vulnerability in apache (CVE-2026-41732). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41003 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2026-41003)
cross-site scripting in vmware (CVE-2026-41003). Confidential information can be exposed externally.
|
| CVE-2026-41696 |
|
Vulnerability in vmware (CVE-2026-41696)
vulnerability in vmware (CVE-2026-41696). Confidential information can be exposed externally.
|
| CVE-2026-41008 |
|
Open Redirect in broadcom (CVE-2026-41008)
vulnerability in broadcom (CVE-2026-41008). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41706 |
|
Open Redirect in vmware (CVE-2026-41706)
vulnerability in vmware (CVE-2026-41706). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41717 |
|
Vulnerability in vmware (CVE-2026-41717)
vulnerability in vmware (CVE-2026-41717). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40988 |
|
Vulnerability in dos (CVE-2026-40988)
vulnerability in dos (CVE-2026-40988). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40993 |
|
Unsafe Deserialization in vmware (CVE-2026-40993)
vulnerability in vmware (CVE-2026-40993). Data can be tampered with by attackers.
|
| CVE-2026-41694 |
|
Vulnerability in vmware (CVE-2026-41694)
vulnerability in vmware (CVE-2026-41694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41849 |
|
Vulnerability in spring (CVE-2026-41849)
vulnerability in spring (CVE-2026-41849). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41850 |
|
Vulnerability in spring (CVE-2026-41850)
vulnerability in spring (CVE-2026-41850). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41851 |
|
Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41852 |
|
Authorization Flaw in spring (CVE-2026-41852)
vulnerability in spring (CVE-2026-41852). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41855 |
|
Unsafe Deserialization in spring (CVE-2026-41855)
vulnerability in spring (CVE-2026-41855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41853 |
|
Vulnerability in spring (CVE-2026-41853)
vulnerability in spring (CVE-2026-41853). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41854 |
|
SSRF (Server-Side Request Forgery) in spring (CVE-2026-41854)
SSRF in spring (CVE-2026-41854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41841 |
|
Vulnerability in spring (CVE-2026-41841)
vulnerability in spring (CVE-2026-41841). Confidential information can be exposed externally.
|
| CVE-2026-41842 |
|
Vulnerability in spring (CVE-2026-41842)
vulnerability in spring (CVE-2026-41842). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41843 |
|
Path Traversal in spring (CVE-2026-41843)
path traversal in spring (CVE-2026-41843). Confidential information can be exposed externally.
|
| CVE-2026-41844 |
|
Open Redirect in spring (CVE-2026-41844)
vulnerability in spring (CVE-2026-41844). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41845 |
|
Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
|
| CVE-2026-41846 |
|
Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
|
| CVE-2026-41847 |
|
Vulnerability in spring (CVE-2026-41847)
vulnerability in spring (CVE-2026-41847). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41848 |
|
Vulnerability in spring (CVE-2026-41848)
vulnerability in spring (CVE-2026-41848). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41007 |
|
Vulnerability in vmware (CVE-2026-41007)
vulnerability in vmware (CVE-2026-41007). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41838 |
|
Vulnerability in spring (CVE-2026-41838)
vulnerability in spring (CVE-2026-41838). Confidential information can be exposed externally.
|
| CVE-2026-41840 |
|
Vulnerability in spring (CVE-2026-41840)
vulnerability in spring (CVE-2026-41840). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41006 |
|
Vulnerability in vmware (CVE-2026-41006)
vulnerability in vmware (CVE-2026-41006). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41722 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2026-41722)
cross-site scripting in vmware (CVE-2026-41722). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41724 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2026-41724)
cross-site scripting in vmware (CVE-2026-41724). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41723 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2026-41723)
cross-site scripting in vmware (CVE-2026-41723). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40990 |
|
Vulnerability in vmware (CVE-2026-40990)
vulnerability in vmware (CVE-2026-40990). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40989 |
|
Vulnerability in vmware (CVE-2026-40989)
vulnerability in vmware (CVE-2026-40989). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41863 |
|
Path Traversal in org.springframework.ai:spring-ai-anthropic (CVE-2026-41863)
path traversal in org.springframework.ai:spring-ai-anthropic (CVE-2026-41863). Data can be tampered with by attackers. Mitigation: upgrade to `1.1.7` or later.
|
| CVE-2026-41702 |
|
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
|
| CVE-2026-41712 |
|
Vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41712)
vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41712). Confidential information can be exposed externally. Mitigation: upgrade to `2.0.0-M6` or later.
|
| CVE-2026-41713 |
|
Vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41713)
vulnerability in org.springframework.ai:spring-ai-client-chat (CVE-2026-41713). Data can be tampered with by attackers. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2026-41705 |
|
Vulnerability in org.springframework.ai:spring-ai-milvus-store (CVE-2026-41705)
vulnerability in org.springframework.ai:spring-ai-milvus-store (CVE-2026-41705). Confidential information can be exposed externally. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2026-41002 |
|
Vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41002)
vulnerability in org.springframework.cloud:spring-cloud-config-server (CVE-2026-41002). Confidential information can be exposed externally. Exploitable via ``spring.cloud.config.server.git.basedir``.
|